October 03, 2005
Microsoft's new operating system won't be out until late 2006, but here's a look at some of the new security features expected.
It seems that every time I sit down with Microsoft to discuss Windows Vista, something has been changed or added, which is good. In some cases, something has been removed, which is bad. One and a half years from launch, I understand that beta code changes frequently. Here's my standard disclaimer: the following article is based on the last build from Microsoft, Windows Vista build 5219, released September 2005. It is one more semi-public build later than the Beta 1 currently in limited circulation, but Microsoft is careful not to call it Beta 2, although the code is based on code that will eventually be Beta 2 (got that?).
Like Linux, like Mac...
Microsoft seems keenly aware of its competition. For years, Linux and the Mac OS have designated administrator privileges to a separate user account, not the default user account, so malware has found it harder to infect those operating systems. Microsoft had argued that Windows was easier for everyone to use; Microsoft's user-cum-administrator access within Windows allowed you to make changes within the operating system with ease. But the downside of this convenience is steep; viruses and malicious code picked up over the Internet could also perform changes and could even take over your computer.
In Vista, Microsoft offers something called User Account Protection (UAP). Under UAP, standard users can still install software and make changes within the OS, but they'll first be prompted to enter an administrator password. Even Administrator accounts (like those in XP) will be limited, requiring additional passwords to perform high-level tasks. That might seem a hassle, but there's an immediate benefit to this extra layer of passwords: you'll be prompted before anything rogue attempts to install on your machine. This should reduce the need for anti-spyware applications in the future.
And speaking of restrictions, Microsoft also plans to reduce the amount of kernel-level code in Vista, relocating a number of device drivers and virus scanners that currently write to the protected areas of the system registry. For example, all printer drivers write to the kernel, requiring a reboot. The downside is that if the printer driver ever misbehaves, it'll take down your entire system. Under the new Vista plan, printer drivers, antivirus scanners and other devices will install on the user level only -- not within the OS kernel. As a result, look for new Vista-compatible antivirus products to be released next autumn.
Internet Explorer 7 for Vista
IE 7 for Vista (as opposed to IE 7 for XP SP2, which will be released first) will operate in a restricted mode as well. The browser will be able to write only to the History and Temporary Internet folders; it cannot, for example, upgrade privileges without your Administrator password. This should prevent malware from hijacking your browser and taking control of your PC.
IE 7 will also require you to turn on or off any add-ins, such as the Flash player, and IE 7 for Vista will have built-in anti-phishing technology. Whenever you attempt to access a page that Microsoft determines to contain the potential for ID theft, you'll receive a warning. You may proceed, but at your own risk. The plan here is that users will report suspected phishing sites, and the MSN division of Microsoft will check them out and maintain a database of blacklisted sites. The details of this technology are sketchy, and I suspect this feature will change before the final release.
Hits and misses
One of the really wild ideas being discussed for Windows Vista is self-healing software. The applications and the OS will contain a list of key hash files; if any of the files have changed over time or are missing, the software will automatically reinstall the file upon loading. Also, whenever the OS is updated, Windows Update will check your system for and remove known malware. These are cool ideas, should they become implemented.
Then there are some obvious misses. Microsoft plans to finally roll out its two-way firewall, but once again, the new firewall feature won't be on by default. Given Microsoft's past performance with firewalls, though, I'd say you're better off using a third-party product such as ZoneAlarm instead. Still, providing a two-way firewall shouldn't be such a hassle. Microsoft says it doesn't want the user to experience 'dialogue fatigue' from accepting or denying applications that want to access the Internet. Microsoft will have a whitelist of programs permitted to run under Windows Firewall, but it sounds as though it won't be as thorough as that offered by ZoneAlarm or other major firewall vendors. I remain baffled as to why Microsoft can't seem to get a basic security feature like a personal firewall right.
It's coming: Microsoft antivirus
Also missing will be the much-rumoured Microsoft antivirus application. I wrote a while ago that I didn't think Microsoft would get into the antivirus business, displacing stalwarts such as Symantec and McAfee. It would also open the software giant up to charges of creating a monopoly. Instead, through the aegis of MSN, Microsoft will offer something called OneCare, a protection service that users subscribe to annually. OneCare will manage just about everything on your PC, from backups to disk defragmentation, and will also include Microsoft's GeCad-based antivirus program as part of the service. So OneCare won't really compete with Symantec and McAfee, but I think that's a fine legal distinction.