GINA is ignored in GCC and VISTA...

[Fabrizio J Bonsignore]

Why would Microsoft disable steadily all things I like in it, includes
my best ideas on systems programming and almost drops, l dropped, all
my expertise in some areas? GINA is one of the best interfaces there
was, the graphical identification and authetication DLL. It cost me
several weeks worth of programming in a dual boot system different
from the compiling system to have it work without raising a blue
screen of death. But it is not included in the GCC header packages,
and documentation says Vista and what may come after would drop it
altogether. Once working there is almost no trace there is a GINA dll
operating in the system, no system lag, but the dialogs pop up when
needed. That particular GINA was well connected to peripheral harware
that also ought to be quite common but is nonexistent in the market,
unless RAM cards are compared to it. GINA is particularly interesting
because it activates at kernel boot time, but is not a driver, only an
interface oriented dll, which gives it a lot of programming
flexibility without falling into device driver complexities.

[Incidentally, I had two versions of the GINA file, one version was
three versions in one, controlled with macros and commenting out,
waiting for the next component interface to, uh, finally stabilize
itself; the other version was the clean production version. It was a
design decision not to use a commercial GUI package but to produce a
light version GUI framework then fall down to common C /C++ API for
the graphical interface.]

Anyone would expect that particular system to have become very
widespread, but nothing has been seen of it in the last decade. The
system was working and tested by November 2000. It seemed also to have
been the only GINA based product in the industry! Maybe Microsoft
cannot yet understand that, overall, such drops and changes are not
very welcomed by the industry, represent a cost tantamount to tax
transferences, impose a burden on users, raise the time cost and
effort of programming in an already dumped industry and establishes an
unnecessary monopoly when other companies would have benefitted.
Without making the system particularly robust yet but actually a chase
to remain equally inefficient (efficient) despite advances in hardware
power.

I think that GINA dlls are indispensible for some companies and even
for particular, in-house, programmers and users.

Of course I am interested in recovering the code for that particular
GINA and get specific information on why a product that ought to yield
rights and income was not launched into the market, not even for
chances at reusing the expertise. It does sound like an antieconomic
**supression of invention** economic crime,

Danilo J Bonsignore

 

[Alf P. Steinbach /Usenet]

* Fabrizio J Bonsignore, on 10.04.2011 02:54 trolled as follows:
[Cross-posted comp.lang.c++ and sci.econ]
[Snipped group sci.econ]

Why would Microsoft disable steadily all things I like in it, includes
my best ideas on systems programming and almost drops, l dropped, all
my expertise in some areas? GINA is one of the best interfaces there

Microsoft does at times revoke "technologies".

E.g. I had a nice analog clock implemented in HTML+Time, it was really cool and
really simple.

That clock just stopped working when Microsoft revoked the HTML-Time technology
(they used automatic updates to remove the support).

In C and C++ things instead become Undefined Behavior or Unspecified (that is,
Implementation Defined) Behavior.

For example,

int const magic = 'MZ';

Cheers,

- Alf

PS: Fabrizio-troll dear, please do not cross-post to comp.lang.c++ and sci.econ,
in particular do not do that for an article that is off topic in both groups.

 

[Balog Pal]

In C and C++ things instead become Undefined Behavior or Unspecified (that
is, Implementation Defined) Behavior.

For example,

int const magic = 'MZ';

AFAIK multi-character literals were always unspecified-value.

I used them a few times in the past, and recall *never* been able to locate
actual specification in the copmpilers used (including MS, gcc, sun,
possibly others). It was just assumed working from experiment, and had some
unit test that would indicate a behavior change.

I'm not sure what you mean by instead become'.

 

[Balog Pal]

Why would Microsoft disable steadily all things I like in it, includes
my best ideas on systems programming and almost drops, l dropped, all
my expertise in some areas? GINA is one of the best interfaces there
was, the graphical identification and authetication DLL.

....
I read here:
http://en.wikipedia.org/wiki/List_of_features_removed_in_Windows_Vista
<quote>
a.. The GINA library and support for GINA-based authentication has been
replaced with Credential Providers so that authentication plug-ins are moved
out of the Winlogon process space to the fullest extent possible in order to
provide more reliability and consistency.[27][28] Consequently, third-party
GINA modules must be ported to the Credential Provider model. Credential
providers however do not allow customization which GINA allowed. For example
it does not support programmatically using Fast User Switching.[29]
</quote>

FWIW to me the gina stuff looked like an easy 'hack-me' engine from the
start. Even with good intents left too much possibility to mess up, and
allow a backdoor or just bring instability.

I don't know the details of the change, but the quote suggests a step in the
right direction.

Sure, it possibly puts more burden on plugin writers -- but security related
stuff is never light, and any shortcuts tend to prove to be fatal, or at
least high risk. And really hard to evaluate too.

Certainly same goes with drivers and other elements that execute code at
kernel level -- in history of windows that area was considerable pain, and
MS made effort to cover at least something of it (both working on the
framework and certification workflow).

....

It does sound like an antieconomic **supression of invention** economic
crime,

Not to me, at least from this story alone.

 

[Fabrizio J Bonsignore]

Why would Microsoft disable steadily all things I like in it, includes
my best ideas on systems programming and almost drops, l dropped, all
my expertise in some areas?GINAis one of the best interfaces there
was, the graphical identification and authetication DLL.

...
I read here:http://en.wikipedia.org/wiki/List_of_features_removed_in_Windows_Vista
<quote>
a.. TheGINAlibrary and support forGINA-based authentication has been
replaced with Credential Providers so that authentication plug-ins are moved
out of the Winlogon process space to the fullest extent possible in orderto
provide more reliability and consistency.[27][28] Consequently, third-partyGINAmodules must be ported to the Credential Provider model. Credential
providers however do not allow customization whichGINAallowed. For example
it does not support programmatically using Fast User Switching.[29]
</quote>

Oh, I see... That GINA would serve credentials indeed, at least from
the support we were using, and that was the knack of the system. In
any case GINA was graphical and it can support any number of security
user abstractions. In any case it just adds another API to include in
a GINA, the CP API, and would be GINA s responsibility or choice to
use it or not.

FWIW to me theginastuff looked like an easy 'hack-me' engine from the
start. Even with good intents left too much possibility to mess up, and
allow a backdoor or just bring instability.

It is based on one single KISS assumption: you cannot take the
computer with you! If you can take a computer with you nothing short
of full drive transparent encryption will protect your data, and even
then it is a matter of time and cost, really. Of course a production
system provides support to glue the GINA in place. It was even a nice
business model should third party providers get involved. I was using
a technique taken from a magazine to analyze this system, attack
trees, (though the team was not really propositive...), which should
pop out security threats, and GINA change was one of those branches
that was easy to close.

I don't know the details of the change, but the quote suggests a step in the
right direction.

Sure, it possibly puts more burden on plugin writers -- but security related
stuff is never light, and any shortcuts tend to prove to be fatal, or at
least high risk.  And really hard to evaluate too.

Certainly same goes with drivers and other elements that execute code at
kernel level -- in history of windows that area was considerable pain, and
MS made effort to cover at least something of it (both working on the
framework and certification workflow).

...


Not to me, at least from this story alone.

The system included passing profiles back and forth! However you call
them, one thing is the user interface (GINA), another one is the data
abstraction (here credential provider). Basically these two
technologies look independent... and do not clash with each other
either. In fact, it is a three tiered model seemingly: interface,
[abstraction, physical channel], you are only forcing data format
(credential) together with the container, so you should be constrained
only to make your biometrics identification conform to a credential,
then make it available for a new GINA. GINA may need to do something
else than force all provider containers to fill any corporate or
individual need.

If that is all the information available, I still see no reason to
sacrifice GINA but only to _ask_ it uses one standard OEM data model
which is more making a new GINA version than porting the concept to a
new technology. But I sustain what I said: every revoked technology is
like supression of an invention if it has some client-income base or
can produce one because it can be further extended or left in place as
legacy for companies to abandon it when it becomes economically
feasible.

Danilo J Bonsignore

 

[Fabrizio J Bonsignore]

Certainly same goes with drivers and other elements that execute code at
kernel level -- in history of windows that area was considerable pain, and
MS made effort to cover at least something of it (both working on the
framework and certification workflow).

More to the point. If GINA is working well, MS can limit kernel
manipulation to GINA time, including installation of third party
drivers, etc. even in accordance to a Provider Credentials model. One
simple API call can deal with those, get arguments from the provider
and even warn the user such and such driver (eg gaming gear) was not
enabled, etc.

Danilo J Bonsignore