Contrary to common belief, Microsoft does not want to sell your family to the lowest bidder. I've never actually had an established opinion on whether or not Microsoft is evil, but most tech-savvy people in my generation seem to think that it is. I have no idea why, as I have yet to see any real proof to support that claim. Their biggest argument is usually that Windows is closed-source. But why is that so bad? If you write something in your notebook, is it your opinion that everyone should be allowed to read that? Doesn't really matter what I say I suppose, since most of these people never budge no matter what. But please, tell me why you think Microsoft is evil. I'd be happy to tell you why you're wrong.

Hyper-v

Two IT Pro Evangelists from Microsoft Sweden, Maria Lundahl and Michael Anderberg (also acting Chief Security Advisor) visited my university yesterday to demonstrate the virtualization features in Windows Server 2008 and the Security Development Lifecycle (among other things). The former is called Hyper-V, and is quite different from most common virtualization techniques. A traditional virtualization application (for example Virtual PC) runs as a normal application on top of the host operating system, and emulates specific existing hardware. The guest operating system is completely unaware of this, and uses its own drivers to communicate with the emulated hardware, which then uses the host's drivers to communicate with the real hardware. Hyper-V is different in that it uses a microkernelized hypervisor.

The hypervisor runs on top of the existing hardware, beneath the host operating system (called the Root Partition), and doesn't emulate actual hardware. Instead, the root OS provides something called synthetic devices. Since these synthetic devices are in no way trying to act like real hardware, they are not bound by its limitations. This would of course not make a big difference if the guest OS (called the Child Partition) was still using "normal" drivers to communicate with what it believes is actual hardware. So it doesn't. Instead, the guest OS is fully aware that it is running virtualized. In Hyper-V, this is called Enlightenment. When an enlightened OS boots, it checks for a hypervisor. If it can't find one, it assumes it's running on physical hardware, and continues normally. However, if it does find a hypervisor, it will use it to communicate with what it knows is the synthetic devices.

Instead of using normal drivers, when a hardware call is made it is relayed to the host OS' VSP (Virtual Service Provider) using something called an VMBus, which connects child partitions to the root partition. This completely removes the device emulation layer, but for obvious reasons it only works on enlightened guests. So what about, say, Linux? That's the really fun part. There is in fact a virtualization application called Xen, which supports Linux (as well as *BSD, OpenSolaris, ...) and uses a very similar technique with a hypervisor of its own. Of course, it's not directly compatible with its Windows counterpart, but using something called a Hypercall Adapter, enlightened Linux guests can run on top of Hyper-V. Not all operating systems support enlightenment though (Windows 2000 for example? don't quote me on that), and for this Hyper-V provides emulated devices as well, just like Virtual PC or Virtual Server does.

I don't have any first-hand experience with Hyper-V, but from what I've heard it looks very promising. I can't wait to try it myself.

Security Development Lifecycle and UAC

The thing Michael Anderberg talked about, Security Development Lifecycle, has to do with how people at Microsoft write their code. To tell you the truth, I don't remember most of the specifics, but in general it's about having secure code in mind throughout the entire development process (which seems perfectly reasonable to me). He also talked about why it often takes a lot of time between when a vulnerability is discovered and when Microsoft releases a patch (testing, testing, and even more testing).

Another thing that came up was the User Account Control (UAC) in Windows Vista. You know, that annoying popup that makes you wanna throw the computer out the window ("You are trying to inflict damage on the computer. Cancel or allow?", or as I've come to see it "Would you like this box to disappear?"). I've always considered it an annoyance myself, but that's probably because I've never really though about why it's there. Since most Windows users always run everything with administrative privileges, if they accidentally execute malicious code, it too will have those privileges. Sure, you might just want to see that flying pig on that cool website (Michael's example, not mine), but have you ever considered what else that pig can do? Maybe it contains a trojan, which will infect your computer as soon as you watch it. This is a big problem if your browser is run with administrative privileges. UAC prevents this by not automatically giving you those privileges even though you have them. That is, they are not granted until you click that "Allow" button. Which shouldn't even have to happen very often, since most of the things people do on a daily basis doesn't require administrative privileges.

Would you like to know more?

Maria Lundahl's blog (in Swedish)
Michael Anderberg's blog (in Swedish)
Windows Server 2008: Virtualization and Server Consolidation
Hyper-V @ Wikipedia
The Security Development Lifecycle (blog)
The Security Development Lifecycle (book)

Disclaimer: I did my best to make sure everything in this post is accurate. If you find an error, please let me know.