WinFS Mailbox II

re: WinFS Mailbox II

Lynn — Fri, 16 Dec 2005 23:32:37 GMT

Will server-based WinFS shares support synchronization similar to DFS?

Is there any on going work with the IIS 7/asp.net team to provide solutions in that space?

When will Beta 2 be released? :) (Sorry, had to ask.)

re: WinFS Mailbox II

The Groker — Sat, 17 Dec 2005 03:39:09 GMT

What will be the relationship between WinFS and WSS (Windows SharePoint Services) going forward?

re: WinFS Mailbox II

Myxiplx (mail me on hotmail.com) — Thu, 22 Dec 2005 15:20:19 GMT

I think Chris raises a good point with that first question and I think it's a shame that the recommended approach for secure data is to not store it in WinFS..

I'd love to see WinFS expanded in the future to allow secure storage for applications that require it (and yes, I am aware that I'm asking for a new feature for a product that hasn't even been released yet..)

Now, I'm not a WinFS developer so I've really no idea if this is feasible, but I would have thought that it would be possible for the WinFS security model to be expanded, allowing permissions to be set per application as well as per user. All you need then is for applications and data files to be digitally signed and data could easily be secured. That would make the advantages of WinFS available to many more applications, and personally I would trust that security far more than any 3rd party encryption.

An added bonus would be that this security would apply to more than just the data. The application files themselves could be protected in the same way. You've got guaranteed data and program integrity; nothing that hasn't been properly signed can modify the program or it's data, not even a virus.

re: WinFS Mailbox II

Johan S — Thu, 19 Jan 2006 16:21:50 GMT

If I install WinFS is my whole filesystem going to be WinFS "enable" entirely of just a certain folder? Is the goal to have the entire filesystem WinFS (that is, everything from Windows System files to application program files to be in WinFS)?

re: WinFS Mailbox II

mabster — Tue, 31 Jan 2006 13:37:35 GMT

I have a question about portability of WinFS data.

If I open an application like Word, and type up a document, I can save that document onto a USB key, take it home and keep working on it.

How does this scenario play out in WinFS? Can I have WinFS stores on removable storage devices?

I ask because I have a hobby project which works as a file-based application. It can File|Open and File|Save its data as single files, which users often carry from PC to PC. If I were to port this app to WinFS, how would a user pick up his data from one machine and take it to another (assuming they're not connected - I've read about Rave etc)?

Cheers,
Matt

re: WinFS Mailbox II

Lyle Kopnicky — Fri, 10 Feb 2006 22:22:20 GMT

Where can I get more details about the security model of WinFS? Does it follow the route of the capability security model, or is it based totally on ACLs?

If it is based on ACLs, then any software that executes with my privileges can do anything to any item I have permission to access. Not good. This is what allows viruses to propagate, spyware to operate, etc.

If it is based on capabilities, this gives more fine-grained control, so that a program can only have the permissions I give it.

re: WinFS Mailbox II

Dave Bacher — Wed, 08 Mar 2006 21:54:45 GMT

It would be nice to see security two steps beyond the current NT permission level on NTFS.

Step 1: Application Group

It is likely that Money and Quicken are both using proprietary file formats for their data. It is likely that an end user doesn't care about this. With WinFS, Money and Quicken could easily create a table that the other program could easily read.

The issue is you don't want some spyware program that isn't a member of the application group to access these tables. It would be relatively simple to provide a group (or groups) for applications, exactly how NT/XP handles groups of users now, and to restrict access to tables, rows or columns based on that group.

Similarly, you could forbid "Internet Applications" from accessing "Financial Data" group files, in the process blocking any vulnerability in the web browser, e-mail, etc. from exposing the data from these files.

Step 2: Individual Application

Continuing, an individual application should be able to write data, and tag that data as only being available to it, or to selected other applications.

Both of these would work exactly as the user group security features do - you would assign a SID to the Application Group or Application, thus allowing it to participate (with no changes) in operating system DACL-based security.

This would help a lot in preventing attacks, especially when combined with other factors.

Note that the recommended approach (encrypting data) only works in the presence of an external factor such as a smart card. Even a password based approach is insufficient to adequately protect data from attackers.

The reason I am suggesting this change is that the only thing that is going to kill spyware is to start making it harder to install in the first place.

Consider an trojan attempting to e-mail your contact list. If the trojan is running in the "unassigned applications" application group, it can't get to your contact book, then it is contained and cannot spread.

I would love to see CoCreateObject(Ex) check a DACL also, and to have it follow these same rules in order to cut it off from the world.

For WinFS Mailbox 3

CodeTyro — Wed, 10 May 2006 21:56:51 GMT

I'd like you to write about the transitioning (promotion/demotion - is that the terminology) of alternate data streams in NTFS, to Items; and about the Item extensions.

I guess I'm seeing these as an evolution of metadata in pre-WinFS file system storage and maintenance (everything up to Windows 2003 Server and Windows XP SP2), to whatever OS's we will have in 2007 onwards that will run with a superimposed WinFS layer.

As a part of readiness, what I would like to see is how to build an iFilter to search for text within an ADS (a named one, presumably).

Ian Thomas (gxdata@iinet.net.au)

What s in Store WinFS Mailbox II | Paid Surveys

What s in Store WinFS Mailbox II | Paid Surveys — Sat, 30 May 2009 02:28:53 GMT

PingBack from http://paidsurveyshub.info/story.php?title=what-s-in-store-winfs-mailbox-ii

What s in Store WinFS Mailbox II | debt solutions

What s in Store WinFS Mailbox II | debt solutions — Tue, 16 Jun 2009 03:29:37 GMT

PingBack from http://debtsolutionsnow.info/story.php?id=8654