how do we protect ourselves from kernel exploits? The solution he lays out (and actually forms part of Windows 10) is genius and lays the foundation for some truly interesting innovations down the road
In this final video in the Windows 10 Isolated User mode series Dave takes us through several engineering aspects associated with trustlets. First he describes how lsass.exe (the Local Security Authority Subsystem Service responsible for enforcing security on Windows) now can have a companion process running in the Secure System (LsaIso.exe otherwise known as Credential Guard – tasked with protecting secrets). He then delves into more generic trustlet concerns and how the Secure Kernel in Isolated User Mode deals with these challenges
Until recently Dave managed kernel development for Windows, including Windows 2000, XP, Server 2003, and early phases of XPSP2 and Vista. Dave is currently working on a project to release kernel sources to universities and developing ProjectOZ, an experimental environment based on the SPACE project at UC Santa Barbara, where Dave earned his PhD in Electrical & Computer Engineering.
Dave is a co-author/consultant of a Chinese textbook on operating system principles illustrated with Windows, and for the last several years has taught a short course with Prof. Kei Hiraki at University of Tokyo on Windows Internals, and spoken widely at universities on the architecture of the Windows kernel. Prior to Microsoft, Dave’s experience was primarily focused on UNIX kernels, including several years as Vice President of Software Engineering at Culler Scientific Systems. Dave’s career began in the late 1970s at Burroughs, where he was a computer architect designing hardware and writing microcode for the B1900.
a little tour of multi-threading and how Windows works at a deep level.