GINA is ignored in GCC and VISTA...

Discussion in 'C++' started by Fabrizio J Bonsignore, Apr 10, 2011.

  1. Why would Microsoft disable steadily all things I like in it, includes
    my best ideas on systems programming and almost drops, l dropped, all
    my expertise in some areas? GINA is one of the best interfaces there
    was, the graphical identification and authetication DLL. It cost me
    several weeks worth of programming in a dual boot system different
    from the compiling system to have it work without raising a blue
    screen of death. But it is not included in the GCC header packages,
    and documentation says Vista and what may come after would drop it
    altogether. Once working there is almost no trace there is a GINA dll
    operating in the system, no system lag, but the dialogs pop up when
    needed. That particular GINA was well connected to peripheral harware
    that also ought to be quite common but is nonexistent in the market,
    unless RAM cards are compared to it. GINA is particularly interesting
    because it activates at kernel boot time, but is not a driver, only an
    interface oriented dll, which gives it a lot of programming
    flexibility without falling into device driver complexities.

    [Incidentally, I had two versions of the GINA file, one version was
    three versions in one, controlled with macros and commenting out,
    waiting for the next component interface to, uh, finally stabilize
    itself; the other version was the clean production version. It was a
    design decision not to use a commercial GUI package but to produce a
    light version GUI framework then fall down to common C /C++ API for
    the graphical interface.]

    Anyone would expect that particular system to have become very
    widespread, but nothing has been seen of it in the last decade. The
    system was working and tested by November 2000. It seemed also to have
    been the only GINA based product in the industry! Maybe Microsoft
    cannot yet understand that, overall, such drops and changes are not
    very welcomed by the industry, represent a cost tantamount to tax
    transferences, impose a burden on users, raise the time cost and
    effort of programming in an already dumped industry and establishes an
    unnecessary monopoly when other companies would have benefitted.
    Without making the system particularly robust yet but actually a chase
    to remain equally inefficient (efficient) despite advances in hardware
    power.

    I think that GINA dlls are indispensible for some companies and even
    for particular, in-house, programmers and users.

    Of course I am interested in recovering the code for that particular
    GINA and get specific information on why a product that ought to yield
    rights and income was not launched into the market, not even for
    chances at reusing the expertise. It does sound like an antieconomic
    **supression of invention** economic crime,

    Danilo J Bonsignore
    Fabrizio J Bonsignore, Apr 10, 2011
    #1
    1. Advertising

  2. [OT] Re: GINA is ignored in GCC and VISTA...

    * Fabrizio J Bonsignore, on 10.04.2011 02:54 trolled as follows:
    [Cross-posted comp.lang.c++ and sci.econ]
    [Snipped group sci.econ]
    > Why would Microsoft disable steadily all things I like in it, includes
    > my best ideas on systems programming and almost drops, l dropped, all
    > my expertise in some areas? GINA is one of the best interfaces there


    Microsoft does at times revoke "technologies".

    E.g. I had a nice analog clock implemented in HTML+Time, it was really cool and
    really simple.

    That clock just stopped working when Microsoft revoked the HTML-Time technology
    (they used automatic updates to remove the support).

    In C and C++ things instead become Undefined Behavior or Unspecified (that is,
    Implementation Defined) Behavior.

    For example,

    int const magic = 'MZ';

    Cheers,

    - Alf

    PS: Fabrizio-troll dear, please do not cross-post to comp.lang.c++ and sci.econ,
    in particular do not do that for an article that is off topic in both groups.

    --
    blog at <url: http://alfps.wordpress.com>
    Alf P. Steinbach /Usenet, Apr 10, 2011
    #2
    1. Advertising

  3. Fabrizio J Bonsignore

    Balog Pal Guest

    Re: [OT] Re: GINA is ignored in GCC and VISTA...

    "Alf P. Steinbach /Usenet" <>

    > In C and C++ things instead become Undefined Behavior or Unspecified (that
    > is, Implementation Defined) Behavior.
    >
    > For example,
    >
    > int const magic = 'MZ';


    AFAIK multi-character literals were always unspecified-value.

    I used them a few times in the past, and recall *never* been able to locate
    actual specification in the copmpilers used (including MS, gcc, sun,
    possibly others). It was just assumed working from experiment, and had some
    unit test that would indicate a behavior change.

    I'm not sure what you mean by instead become'.
    Balog Pal, Apr 10, 2011
    #3
  4. Fabrizio J Bonsignore

    Balog Pal Guest

    Re: [OT] GINA is ignored in GCC and VISTA...

    "Fabrizio J Bonsignore" <>


    > Why would Microsoft disable steadily all things I like in it, includes
    > my best ideas on systems programming and almost drops, l dropped, all
    > my expertise in some areas? GINA is one of the best interfaces there
    > was, the graphical identification and authetication DLL.

    ....
    I read here:
    http://en.wikipedia.org/wiki/List_of_features_removed_in_Windows_Vista
    <quote>
    a.. The GINA library and support for GINA-based authentication has been
    replaced with Credential Providers so that authentication plug-ins are moved
    out of the Winlogon process space to the fullest extent possible in order to
    provide more reliability and consistency.[27][28] Consequently, third-party
    GINA modules must be ported to the Credential Provider model. Credential
    providers however do not allow customization which GINA allowed. For example
    it does not support programmatically using Fast User Switching.[29]
    </quote>

    FWIW to me the gina stuff looked like an easy 'hack-me' engine from the
    start. Even with good intents left too much possibility to mess up, and
    allow a backdoor or just bring instability.

    I don't know the details of the change, but the quote suggests a step in the
    right direction.

    Sure, it possibly puts more burden on plugin writers -- but security related
    stuff is never light, and any shortcuts tend to prove to be fatal, or at
    least high risk. And really hard to evaluate too.

    Certainly same goes with drivers and other elements that execute code at
    kernel level -- in history of windows that area was considerable pain, and
    MS made effort to cover at least something of it (both working on the
    framework and certification workflow).

    ....
    > It does sound like an antieconomic **supression of invention** economic
    > crime,


    Not to me, at least from this story alone.
    Balog Pal, Apr 10, 2011
    #4
  5. On Apr 10, 6:42 am, "Balog Pal" <> wrote:
    > "Fabrizio JBonsignore" <>
    >
    > > Why would Microsoft disable steadily all things I like in it, includes
    > > my best ideas on systems programming and almost drops, l dropped, all
    > > my expertise in some areas?GINAis one of the best interfaces there
    > > was, the graphical identification and authetication DLL.

    >
    > ...
    > I read here:http://en.wikipedia.org/wiki/List_of_features_removed_in_Windows_Vista
    > <quote>
    > a.. TheGINAlibrary and support forGINA-based authentication has been
    > replaced with Credential Providers so that authentication plug-ins are moved
    > out of the Winlogon process space to the fullest extent possible in orderto
    > provide more reliability and consistency.[27][28] Consequently, third-partyGINAmodules must be ported to the Credential Provider model. Credential
    > providers however do not allow customization whichGINAallowed. For example
    > it does not support programmatically using Fast User Switching.[29]
    > </quote>


    Oh, I see... That GINA would serve credentials indeed, at least from
    the support we were using, and that was the knack of the system. In
    any case GINA was graphical and it can support any number of security
    user abstractions. In any case it just adds another API to include in
    a GINA, the CP API, and would be GINA s responsibility or choice to
    use it or not.

    >
    > FWIW to me theginastuff looked like an easy 'hack-me' engine from the
    > start. Even with good intents left too much possibility to mess up, and
    > allow a backdoor or just bring instability.


    It is based on one single KISS assumption: you cannot take the
    computer with you! If you can take a computer with you nothing short
    of full drive transparent encryption will protect your data, and even
    then it is a matter of time and cost, really. Of course a production
    system provides support to glue the GINA in place. It was even a nice
    business model should third party providers get involved. I was using
    a technique taken from a magazine to analyze this system, attack
    trees, (though the team was not really propositive...), which should
    pop out security threats, and GINA change was one of those branches
    that was easy to close.

    > I don't know the details of the change, but the quote suggests a step in the
    > right direction.
    >
    > Sure, it possibly puts more burden on plugin writers -- but security related
    > stuff is never light, and any shortcuts tend to prove to be fatal, or at
    > least high risk.  And really hard to evaluate too.
    >
    > Certainly same goes with drivers and other elements that execute code at
    > kernel level -- in history of windows that area was considerable pain, and
    > MS made effort to cover at least something of it (both working on the
    > framework and certification workflow).
    >
    > ...
    >
    > > It does sound like an antieconomic **supression of invention** economic
    > > crime,

    >
    > Not to me, at least from this story alone.


    The system included passing profiles back and forth! However you call
    them, one thing is the user interface (GINA), another one is the data
    abstraction (here credential provider). Basically these two
    technologies look independent... and do not clash with each other
    either. In fact, it is a three tiered model seemingly: interface,
    [abstraction, physical channel], you are only forcing data format
    (credential) together with the container, so you should be constrained
    only to make your biometrics identification conform to a credential,
    then make it available for a new GINA. GINA may need to do something
    else than force all provider containers to fill any corporate or
    individual need.

    If that is all the information available, I still see no reason to
    sacrifice GINA but only to _ask_ it uses one standard OEM data model
    which is more making a new GINA version than porting the concept to a
    new technology. But I sustain what I said: every revoked technology is
    like supression of an invention if it has some client-income base or
    can produce one because it can be further extended or left in place as
    legacy for companies to abandon it when it becomes economically
    feasible.

    Danilo J Bonsignore
    Fabrizio J Bonsignore, Apr 18, 2011
    #5
  6. On Apr 10, 6:42 am, "Balog Pal" <> wrote:

    > Certainly same goes with drivers and other elements that execute code at
    > kernel level -- in history of windows that area was considerable pain, and
    > MS made effort to cover at least something of it (both working on the
    > framework and certification workflow).


    More to the point. If GINA is working well, MS can limit kernel
    manipulation to GINA time, including installation of third party
    drivers, etc. even in accordance to a Provider Credentials model. One
    simple API call can deal with those, get arguments from the provider
    and even warn the user such and such driver (eg gaming gear) was not
    enabled, etc.

    Danilo J Bonsignore
    Fabrizio J Bonsignore, Apr 19, 2011
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    8
    Views:
    419
  2. Kevin P. Fleming

    C99 structure initialization in gcc-2.95.3 vs gcc-3.3.1

    Kevin P. Fleming, Nov 6, 2003, in forum: C Programming
    Replies:
    2
    Views:
    638
    Kevin P. Fleming
    Nov 6, 2003
  3. Michael
    Replies:
    5
    Views:
    890
    Bjoern Schliessmann
    Nov 3, 2007
  4. ashnin

    GCC 3.4.3 and GCC 4.1.2

    ashnin, Jul 7, 2008, in forum: C++
    Replies:
    1
    Views:
    507
    Michael DOUBEZ
    Jul 7, 2008
  5. bicomplex
    Replies:
    0
    Views:
    161
    bicomplex
    Jan 10, 2008
Loading...

Share This Page