The New Vista Operating System and Security
Article by Rick Leinecker, March 25, 2007
For years Microsoft has been plagued with security breaches in their software, for both operating systems and normal consumer software. They've tried very hard to overcome the reputation that has resulted from these breaches. But the press and many of the power computer users at large go out of their way to be hard on Microsoft. It's actually debatable whether their software deserves the reputation of being full of security holes. My opinion is that the real reason they suffer the brunt these criticisms is that they're top dog and everyone guns for the guys at the top. And when most of the world uses your operating system, then most of the world knows when something goes wrong.
Microsoft's new operating system, known as Vista, is an attempt to close the security holes that have been exposed in previous operating systems. Windows Vista is the most secure and trustworthy Windows operating system yet, and it will help organizations achieve their business and computing goal. This article describes the most significant security improvements.
Most desktop computers operate in what's known as administrative mode. Being in administrative mode means that practically anything can be changed, including system-level programs and their behavior. This seems pretty innocuous on the surface. You may say "It's my computer, I should be able to make changes if I want to." Of course, that is absolutely true. But there are many programs that want to compromise your system including malware, viruses, trojans, and spyware. These all rely on administrative rights to perform their processes of compromise, and that's the issue that Vista addresses.
Vista now has most users running in non-administrative mode. To do this, there had to be a slight expansion in what non-administrative users can do such as setting wireless security settings. But overall, by running in non-administrative mode, the bad guys who wrote the compromising software have a much harder time being successful.
Windows Vista will also include Windows Defender, a technology that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive. I've resisted installing any real-time spyware protection until now because until now it has been very intrusive for normal system operation. But Defender has overcome many of the obstacles to being transparent on a computer system, and it comes much closer to the current anti-virus programs in the way it protects without the requirement of much user interaction.
The Vista firewall builds on the firewall that comes with the second Windows XP service pack. It offers all of the protections of the Windows XP firewall, but allows administrators to block applications (such as peer-to-peer sharing or instant messaging applications) from contacting or responding to other computers.
Windows Vista is fairly new, and as such people aren't convinced that they need to buy an upgrade. I do think it might be a good idea to wait, unless you want some of the new features of Windows Vista right away including the extra security protection. I'm going to upgrade the computers in my lab to Vista this summer. That way I can start teaching students about it early in its lifetime.
Vista has made a commendable effort to fix the security holes. But it remains to be seen if they can overcome Microsoft's long-time reputation for having security that is compromisable. I hope so. I think the reputation is undeserved.
That's it for Vista security.