[link] Securing Microsoft Windows 8: AppContainers
There is a surprising lack of good, independent, and technical detail about Windows 8 and Windows Phone 8 architecture.
This paper is very informative and has some technical information about Windows 8 that was news to me.
Recently, we have been conducting an analysis concerning the new Windows 8 security features. There are few documents available in Internet about this topic and no one of them explains the entire implementations in detail.
The paper has been divided in two parts because of the complexity of the topic. Microsoft engineers have done an impressive job by improving their Operating System security. They implemented the so called “mitigations”. The term is used to indicate a new specific security feature that has the aim to make more difficult a possible attack.
Our analysis and tests show that Microsoft engineers have made a great job in creating a Sandboxed environment for their Operating System new applications type. We have seen that it’s possible to create an OS based sandboxed environments even for standard Win32 programs. The main problem is that there no documentation about it. We are wondering why MS doesn’t release a proper documentation about the AppContainer and the Lowbox tokens.
Furthermore we have concluded that in current OS implementation there are only few capabilities available. We hope that Microsoft could release a complete set of capabilities for each Operating system component in the next Windows 8.1 OS.
I developed a simple application able to define an AppContainer package, to create a proper directories and objects, and to launch standard Win32 applications under an OS sandboxed environment.