Linked by Thom Holwerda on Tue 10th Oct 2006 20:41 UTC, submitted by snds24
Windows A senior Microsoft executive has promised that its new operating system will be more secure than ever. Jean-Philippe Courtois, president of Microsoft International, said that beefing-up security was one reason behind delays to Windows Vista. Microsoft has been criticised for flaws in previous systems that left users vulnerable to attacks by hackers. Mr Courtois said Microsoft had done "tons of work to make Vista a fantastic experience when it comes to security".
Thread beginning with comment 170604
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: never
by n4cer on Tue 10th Oct 2006 22:49 UTC in reply to "RE[2]: never"
Member since:

While I won't debate that it will be a better setup by default, there's a big mistake that they've been doing all over Vista... rewritting things from the ground up. there is an article (here: that details the security holes in the networking stack. That alone is going to kill it's security.

Those holes were identified and fixed by Microsoft before they were even publicized. If you examine what the new stack brings to the table, you'd realize the rewrite was warranted.

Here's another problem with Security in Vista: UAC. Frankly that solution has only made things worse, not better. Why? Well, no one pays attention to an alarm that goes off every ten minutes.... And UAC is going to be so much a part of the user's experiance that they will ignore it, and always allow everything through... or worse, disable it. That's BAD from a security standpoint.

Most complaints about UAC are from pre-RC builds, and mainly from power users more likely to perform admin tasks more frequently than average end-users. Many complaints also stem from a lack of understanding of permissions. One of the more common complaints I've seen about UAC is not being able to perform file operations on secondary harddrives without being prompted. The simple fix for this is to enable Write permissions on the drive for standard users, but power users that don't really know what they're doing choose the sledgehammer approach of disabling UAC altogether. UAC isn't the problem. People resisting the transition from running as admin full-time to running as standard user most of the time is the problem.

Something I would love to see Windows bring in some honest to goodness security guys (like this guy: to evaluate, and help design their systems.
is the guy you're looking for, and he's by far not the only security guy at Microsoft. They also have partnerships with several external security firms.

Ah, well, they'd just be told to do it like unix does things anyway. Oh well.

Thank goodness they don't follow that advice.

Reply Parent Score: 4

RE[4]: never
by blitze on Tue 10th Oct 2006 23:29 in reply to "RE[3]: never"
blitze Member since:

Some good points n4cer. Goto take UAC complaints with a grain of salt as most of them are Win Power Users who have f-all idea of security and permissions.

MS is doing a decent job to rectify problems Windows has had in the past and most of them are due to normal users running an Admin account with XP.

That's 6 years of bad user habits to break. Not going to happen without some winging on the end user side but the dust will settle after the 1st year and people will wonder what ll the fuss was about.

Reply Parent Score: 1