"The principal reason given for the tremendous under-the-hood changes to Windows unveiled early this year in Vista was the need to overhaul the security model. Indeed, Vista has proven to be a generally more secure operating system, though some vulnerabilities that apply to ordinary software impact Vista users just as much as any other. But now, software analysts testing the latest build 3205 of the beta for Windows XP Service Pack 3 are discovering a wealth of genuinely new features - not just patches and security updates (although there are literally over a thousand of those), but services that could substantially improve system security without overhauling the kernel like in Vista."
To read all comments associated with this story, please click here.
Member since:2005-07-06
Member since:2006-08-29
Member since:2006-02-11
Basically, if some client says it can be trusted, the server just trusts the client?
No. If the client passes that test it just means that the server will allow it to connect whereas before ANY client was allowed to connect. It doesn't mean that it just trusts it to do whatever it wants from then on. The other points of security are still in place. This is just one more layer of added protection.
At least that's how I understand it. As for older and non-windows clients I'm sure this can be switched off by the administrator. It would be foolish of them if there was no way to do that.
Edited 2007-10-11 01:00
Member since:2005-08-17
Yes, it promotes clients to update their machines, but it is not secure. A clients can say that it is secure, but that does not make it secure.
Yes, it's not a security measure for the servers.
It also doesn't protect against a comprimised client.
It's is a preventative measure to make the network as a whole more secure.
Imagine you have road warroir(laptops that rarely enter the office) workers in your company. These laptops tend to be neglicated by IT support because they aren't always in the office. Road warrior laptops tend to be a great way for malicious worm to get behind your border security(firewalls etc.). If these laptops have to get security updates before they can access then network servers then they are at least getting security updates ever time they are in the office. Therefore making them more secure than they were before.
It's also a great way to alert IT to the fact that a computer is not getting updates for whatever reason.
- Jesse McNelis
Member since:
2005-07-06
I totally do not understand this kind of security. Basically, if some client says it can be trusted, the server just trusts the client?
Yes, it promotes clients to update their machines, but it is not secure. A clients can say that it is secure, but that does not make it secure.