Linked by Thom Holwerda on Tue 10th Oct 2006 20:41 UTC, submitted by snds24
Windows A senior Microsoft executive has promised that its new operating system will be more secure than ever. Jean-Philippe Courtois, president of Microsoft International, said that beefing-up security was one reason behind delays to Windows Vista. Microsoft has been criticised for flaws in previous systems that left users vulnerable to attacks by hackers. Mr Courtois said Microsoft had done "tons of work to make Vista a fantastic experience when it comes to security".
Thread beginning with comment 170531
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: never
by markjensen on Tue 10th Oct 2006 21:01 UTC in reply to "never"
markjensen
Member since:
2005-07-26

They have added a lot of new features to the OS that Win Server 2k3 did not and could not do.

An improved firewall with outbound support, UAC and so forth. See here for more details: http://www.microsoft.com/technet/windowsvista/evaluate/feat/secfeat...

Microsoft has made a lot of improvements to the way their software is setup by default, and added in many good ideas that have been out there in the computing world for a while.

Will Vista be uncrackable? Of course not. Will it be more secure? Definitely.

Reply Parent Score: 4

RE[2]: never
by Morgul on Tue 10th Oct 2006 21:19 in reply to "RE: never"
Morgul Member since:
2005-07-06

While I won't debate that it will be a better setup by default, there's a big mistake that they've been doing all over Vista... rewritting things from the ground up. there is an article (here: http://www.osnews.com/story.php?news_id=15399) that details the security holes in the networking stack. That alone is going to kill it's security.

Here's another problem with Security in Vista: UAC. Frankly that solution has only made things worse, not better. Why? Well, no one pays attention to an alarm that goes off every ten minutes.... And UAC is going to be so much a part of the user's experiance that they will ignore it, and always allow everything through... or worse, disable it. That's BAD from a security standpoint.

Something I would love to see Windows bring in some honest to goodness security guys (like this guy: http://www.schneier.com/blog/) to evaluate, and help design their systems. Ah, well, they'd just be told to do it like unix does things anyway. Oh well.

Edited 2006-10-10 21:20

Reply Parent Score: 2

RE[3]: never
by n4cer on Tue 10th Oct 2006 22:49 in reply to "RE[2]: never"
n4cer Member since:
2005-07-06

While I won't debate that it will be a better setup by default, there's a big mistake that they've been doing all over Vista... rewritting things from the ground up. there is an article (here: http://www.osnews.com/story.php?news_id=15399) that details the security holes in the networking stack. That alone is going to kill it's security.

Those holes were identified and fixed by Microsoft before they were even publicized. If you examine what the new stack brings to the table, you'd realize the rewrite was warranted.

Here's another problem with Security in Vista: UAC. Frankly that solution has only made things worse, not better. Why? Well, no one pays attention to an alarm that goes off every ten minutes.... And UAC is going to be so much a part of the user's experiance that they will ignore it, and always allow everything through... or worse, disable it. That's BAD from a security standpoint.

Most complaints about UAC are from pre-RC builds, and mainly from power users more likely to perform admin tasks more frequently than average end-users. Many complaints also stem from a lack of understanding of permissions. One of the more common complaints I've seen about UAC is not being able to perform file operations on secondary harddrives without being prompted. The simple fix for this is to enable Write permissions on the drive for standard users, but power users that don't really know what they're doing choose the sledgehammer approach of disabling UAC altogether. UAC isn't the problem. People resisting the transition from running as admin full-time to running as standard user most of the time is the problem.

Something I would love to see Windows bring in some honest to goodness security guys (like this guy: http://www.schneier.com/blog/) to evaluate, and help design their systems.

http://blogs.msdn.com/michael_howard
is the guy you're looking for, and he's by far not the only security guy at Microsoft. They also have partnerships with several external security firms.

Ah, well, they'd just be told to do it like unix does things anyway. Oh well.

Thank goodness they don't follow that advice.

Reply Parent Score: 4

RE[3]: never
by noamsml on Wed 11th Oct 2006 10:42 in reply to "RE[2]: never"
noamsml Member since:
2005-07-09

1. As for the fresh new code,you have to remember that they've been testing their stuff quite vigorously, so the jury is still out on this one.

2. Unix-esque security is definitely not the ultimate security scheme against modern attacks targeted at home computers. These attacks don't try to harm the system, but instead simply want to run on it and exploit its resources or display advertisements to the user. These activities don't require root access, they just require one security hole in any app the user runs.

Reply Parent Score: 1