Skip to main content

Allchin: Buy Vista for the security

If new features won't get you to upgrade to Vista, security enhancements should, Windows chief Jim Allchin has urged.

Microsoft has already touted the bells and whistles it is putting into Windows Vista, the operating system successor to XP that's due out by the end of the year. There will be flashy new graphics, a spiffed-up user interface and advanced search features. Other changes include improved touch-screen support and a Windows sidebar that can display all kinds of information such as upcoming appointments, just-in e-mail messages and a clock.

But if none of that strikes your fancy, Vista will still be worth getting, thanks to its better defenses against phishing attacks, spyware and other malicious code, Allchin said.

"Safety and security is the overriding feature that most people will want to have Windows Vista for," the co-president of Microsoft's platform, products and services division said in an interview with CNET News.com. "Even if they are not into home entertainment or in any of the specialty areas, they are just going to feel safer and more secure by using it."

That said, Allchin maintained there are plenty of new things to try out in Vista, pointing to a chart filled with added features. In particular, he demonstrated a collaboration tool that uses a "People Near Me" feature, which searches over a Wi-Fi connection for other Vista users nearby and then sets up a peer-to-peer network with them. The tool is meant mostly to enable laptop users to share applications and files, among other things.

But one of the features Microsoft wanted to include was a bit too much for some of its beta testers, the software maker found. It is reversing its plan to add virtual folders that contain all the files that match specific criteria, such as "created by Michelle" or "images," no matter where they are on the PC. Originally, Microsoft wanted virtual folders to replace standard views, which show the physical location of files on a hard disk drive, but it has backpedaled on that decision.

Microsoft is following updated development practices to prevent security bugs and is using new approaches to analyze source code, Allchin said. Additionally, the innards of the operating system are being designed to ward off attacks. "We have put features into the product to double-check itself," he said.

As an example of double-checking, Allchin said Microsoft has marked the OS services to know what network ports they should open and what OS functions they should call. Then, another part of the OS verifies the process. "If we ever find something trying to open a port that the developer said it should not be opening, it is immediately shut down," he said.

Additionally, Vista aims to offer improved security by letting people run their PC with fewer privileges, which control how a particular person can interact with the software. In Windows XP most users have "administrator" privileges, which could be abused by malicious software to install itself on a computer. In Windows Vista, the default will likely be "protected administrator," a new privilege level that Microsoft is introducing with Vista, Allchin said.

If the system is set to protected administrator, people will have to change it to full administrator level to perform certain tasks, such as installing an application. The operating system will warn the person when full privileges are needed.

Microsoft also has updated the security software in Windows Vista to help fend off threats. The firewall has been updated and now looks at incoming as well as outgoing traffic--in XP SP 2 only incoming traffic was watched. Also, Microsoft has made its anti-spyware tool, Windows Defender, part of the operating system.

"The first step is protection from doing things inadvertently or warning you about the level of impact it could have," Allchin said. "Then, if you let something in, Defender is there to (warn you) and you can undo it. If the thing gets in and has really done some awful things, using the equivalent of System Restore in Windows XP you can back up time and undo it," he said. Microsoft doesn't yet have a new name for System Restore, he said.

Comments

Popular posts from this blog

Iran: A Rummy Guide

To borrow a phrase used for Iraq, there are 'things we now know we don't know.'Back in June 2002, as the Bush administration started pushing hard for war with Iraq by focusing on fears of the unknown—terrorists and weapons of mass destruction—Secretary of Defense Donald Rumsfeld explained that when it came to gathering intelligence on such threats, "absence of evidence is not evidence of absence." Elaborating, Rumsfeld told a news conference: "There are things we know that we know. There are known unknowns; that is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know."Now there's a crisis brewing with Iran. And the same basic problem applies: what is known, what is suspected, what can be only guessed or imagined? Is danger clear and present or vague and distant? Washington is abuzz now, as it was four years ago, with "sources" talking of sanctions…