Did Microsoft Focus Too Much On Security In Vista?
from the so-secure-no-one-uses-it dept
For years, Microsoft's software has had the (in some cases, well-deserved) reputation for being rather insecure -- leading many who were concerned about security to look for alternatives. However, a few years back, Bill Gates made it a focus within the company to change that and to make Microsoft's products much more secure, knowing that it was important to buyers. While some may question how successful Microsoft has been, how ironic is it that some are now claiming that Microsoft's focus on security in Vista is what's hurting adoption of the company's new operating system? It turns out that, while security is important to users, it's not so important that it comes at the expense of other things -- like stability and compatibility. In other words, while focusing on security, Microsoft may have dropped the ball on other features that actually are more important in the buying and upgrading decisions. On top of that, it appears that some people (again, reasonably so) are a bit annoyed that Microsoft is now touting "security" as a major feature of Vista -- as the company is basically admitting that it screwed up in previous products, and you should now pay Microsoft to upgrade away from its own crappy security. Not exactly a strong selling point.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Security my ass!
But is it actually effective? I doubt it!
[ link to this | view in chronology ]
Even Apple stole a few features...
I just find it funny that when MS takes a good feature from Apple, everyone cries foul and bitches about it endlessly. But when Apple steals from MS, its kept quiet... lol
This isn't the only example, btw...
[ link to this | view in chronology ]
Re: Stole a few features??
[ link to this | view in chronology ]
Re: Even Apple stole a few features...
It'll only be a matter of time before the open source lot turns up shouting 'actually, linux did it first!' :P
[ link to this | view in chronology ]
What else is new?
It's amazing what software marketing gets away with.
[ link to this | view in chronology ]
It's ironic
But it appears all the software developers (Microsoft included) continued to write their code in exactly the same old way, assuming that they could get total control of the machine as of right. And so we ended up with the ridiculous situation where even apps like games need administrator privileges to run.
Now, with Vista, Microsoft has been trying to achieve a whole number of things: tighten security, add new functionality, maintain maximum backward compatibility. But these have turned out to be contradictory goals: you simply cannot achieve all of them by building on top of the Dimdows XP base. So the result is that Microsoft has only partially achieved any of them, leaving Vista a confused mess of not-very-strong selling points.
It's not just the security (such as it is) that's the problem: it's the whole package.
[ link to this | view in chronology ]
Vista security
The community has been roasting MS for years now about its security. With XP SP2 and 2K3 SP1, Microsoft started hardening the OS, even at the expense of breaking some legacy issues. Support for Windows ME was abandoned over the security issue alone -- WinME was not designed for the modern threat environment and could not be practically upgraded for it. With the hardening of XP SP2 and 2K3 SP1, the security bar was raised enough that Microsoft started seeing a significant shift in attacks to the applications and plug-ins rather than the OS.
With Vista and Server 2K8, Microsoft got reasonably serious about security. Numerous features were removed from the product because of security issues, the driver model for many drivers was changed, and a lot of internal hardening was done. Parsers were fuzzed and lots of security issues were locked down.
In my mind, the most important security enhancement is one that Microsoft does not talk about -- it is exceedingly difficult to run XP as a normal (non-administrative) user. It is quite straightforward to do so in Vista and reasonably well written apps will do so without a problem. I am running Vista on my home systems with us running as normal users. I use an administrative account for administration. This is the same approach I took 20 years ago, when I was administering Unix systems.
The problem as I see it, is that the community got into a lot of very bad habits (running as administrator / local system) and wants to continue doing so with network-facing applications. You can't really protect such things with VM's, BSD / chroot jails, or other defense mechanisms. You need the application developers to use appropriate least privilege approaches.
Unlike OSX, which is supported only for 2 minor releases (I was a user of OS 10.1), about 3 years; Microsoft supports their users for 7 to 10 years and does not rapidly deprecate legacy support. This is also far longer that the *nix and BSD environments. This makes the legacy problem much greater, as approaches that might well have been appropriate in 1995 are no longer appropriate -- but somebody's LOB app needs it.
[ link to this | view in chronology ]
YES
[ link to this | view in chronology ]
Wow Shock
If you don't like the exttra security turn off the UAC.. I have been running Vista for 6 months and it runs better than XP.
[ link to this | view in chronology ]
Re: Wow Shock
[ link to this | view in chronology ]
Re: Wow Shock
$200 doesn't get you even 1 license of Vista with all the features enabled, but it gets you 5 licenses of Leopard.
[ link to this | view in chronology ]
Re: Re: Wow Shock
But of course that's *after* the initial investment of paying extra for the dedicated Apple hardware.
The laptop I'm using now has similar specs to a 17" Macbook Pro but cost about a third of the price. OK, it's not as cute as the Macbook, but even with the purchase of an additional copy of Vista (it came with XP) it's still more than $1000 less.
[ link to this | view in chronology ]
Re: Re: Wow Shock
[ link to this | view in chronology ]
Same old, same old
And despite the FUD, Vista's security isn't what's been holding it back; once again, it's the usability. Sadly enough, the NT kernel has had a very good internal security model for several major versions, but MS has always left in workarounds so that the programs that weren't up to spec would still work. When Vista eliminated many of these workarounds, the developers of these broken packages threw a fit. Similarly, the UI for managing Windows security (up through and including UAC) has been so clumsy that users would rather not deal with it. OS X does almost exactly the same thing as UAC without being obnoxious.
[ link to this | view in chronology ]
Vista's Swan Song??
[ link to this | view in chronology ]
Re: Vista's Swan Song??
Uh...Vienna (the successor to Vista) isn't slated for release until at least 2010. Vista was released in November of 2006. That's a 3-4 year lifespan. And knowing how Microsoft doesn't always hit their earliest development targets, I'd be surprised to see it by the end of 2010/early 2011. Anyone who knows anything about software development knows that when you ship a version, you start working on the next version. Apple, IBM, Sun, HP, and every other OS vendor out there does the exact same thing. Even the Linux kernel devs work that way. In fact, if I'm not mistaken the Linux kernel guys have a plan for the next several versions of the kernel.
[ link to this | view in chronology ]
Hardly.
Its been 10 months since Vista came out, and the company are starting to look towards their next product line. Thats not 'giving up', its 'everyday business'.
[ link to this | view in chronology ]
It's the second one that bothers people.
[ link to this | view in chronology ]
Re:
It's the second one that bothers people.
Yes, but since in most cases the security-related damage done to a PC is self-inflicted, I'm not sure that's a bad thing. How many people hose their PC by accessing malware sites, installing mysterious "video codecs" that are actually trojans, etc?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It's all your fault
Vista - Microsoft payed attention to it's users for once and this is what happened.
[ link to this | view in chronology ]
Since you've all got it figured out...
[ link to this | view in chronology ]
There's no doubt that they've improved large security problems in the OS. You can do all the fixing you want but if you start with a flawed concept nothing you do out of that will be 100% correct. Microsoft's concept of security is that they need to hide as much as they can from the user and to keep the OS in control of the user. There's something inherently wrong when something is going on with the system such that it responds slowly, the hard disk is being accessed almost constantly but yet the process manager claims that my system is 100% idle.
Some of the biggest security "improvements" in Vista have been less about securing the system from malware and more about DRM control.
Until the improvements focus less on trying to control the user things won't improve.
[ link to this | view in chronology ]
Oh crud dont say that
Ballmer: "Thats right, we released a more secure OS and look, the number of zombie spam bots dropped and so did the spam. Lets see linux do that.."
[ link to this | view in chronology ]
my two cents
[ link to this | view in chronology ]
If I wanted...
[ link to this | view in chronology ]
Vista Security
Think because your shop runs pure Linux means that you don't? Well, your company more than likely does business with companies that are Windows shops, and they wouldn't be in business without Microsoft.
Is Microsoft perfect? No. But I realize I am employed because of them.
You can say what you want about *nix or bsd that has this, or OSX has that. Or *nix is more secure, or OSX is more secure.
The fact remains that there will be more installations of Vista in the hands of noobs than there will ever be installations of *nix, bsd and osx combined for the next 5 years.
As I see it, the security in *nix, bsd and osx is obscurity. For the most part, *nix and bsd are in the hands of people that know what they are doing (at least technically). OSX has obscurity and some decent security built in, but it's more obscurity since there's been security holes that if there were the same number of OSX machines as Windows in the world, would have had the same problems.
None of my friends outside of my industry counterparts even know what Linux is. My parents don't, my neighbors don't. They all know what Vista is though, and in most cases running it.
[ link to this | view in chronology ]
Re: Vista Security
The problem with Windows (always has been always will be) is that the fundamental architecture is flawed. Windows is monolithic unix/linux/mac are modular. Under Windows everything is tied the the kernel, and those things that should not be tied to the kernel such as the browser and media player have been tied to lock in the user.
Currently my profession is in security and I'm having a bear of a time trying to figure out how to prevent one malware from taking down my entire Windows network. It seems that every part of Windows is susceptible to attack. If the File Shares don't get you it is the RPC. Yes I know RPC was invented by SUN but everyone else has pretty much abandon RPC except for Microsoft. I turn off portmapper ASAP on all my Unix/Linux servers. If RPC does not get you it is IE or Outlook, or Media Player or multiple other things that take control of the operating system. With my Linux servers every application (DNS, MAIL, APACHE, etc) runs as chroot. This cannot be done in Windows. When a user logs on as themselves they can ONLY compromise themselves (their little environment) they cannot compromise the kernel.
Obscurity is the why *nix is more secure. *nix is secure because it was written secure from the start. It is modular and well thought through. It is NOT designed by Marketing or driven by sales. Its design is driven by those who really love what they are doing and do it well. *nix does not write a browser nor a media player others do that. *nix writes the OS and only the OS. Gnome/KDE writes the gui interface. Firefox, KDE, Gnome, and others write the browser. Multiple others write the media or the photo editors, or games, or anything else. *nix writes the OS and only the OS as it should be.
2,000,000+ bots don't lie.
[ link to this | view in chronology ]
Need Better Definition of Security
On the issue of security, on several occasions I have had to work on an unbootable windows system. It sure would be nice if I could boot from the Windows CD and work on the computer, but alas, Microsoft seems to have made that impossible. I assume that this was done for "security reasons" to prevent someone from walking around with a CD to get access to your computer. These type of "security" unfortunately is useless anyway and simply makes it harder to work on your computer.
[ link to this | view in chronology ]
Vista is pre-compromised on installation
Vista can't be secured - no operating system with embedded DRM can be secured, since it's a design goal of DRM to remove part of the control of the system from the operator and vest it in a third party. To put it another way: the only way that DRM can work as it's intended to work is to compromise the system, which is of course a fundamental design error. I doubt M$ will abandon this approach, however -- they seem to have their lot in with the copyright cartel, and their users seem willing to tolerate that choice.
It is only a matter of time until malware specifically architected to exploit this gaping hole emerges. (Of course, it may be a while; they are many other more easily-exploited holes so there isn't serious motivation to create it just yet. But if history repeats itself -- and it will -- those holes will slowly be patched over the next several years, at which point it will probably be worth someone's time to take this route.)
[ link to this | view in chronology ]
Security is not the problem...
Personally, having to go through 4 screens and a wizard to get to settings I change multiple times a day (such as the network or display settings) almost drove me batty until I gave up and created my own shortcuts in the quicklaunch.
I've been running Vista since early beta versions, and find the security to be fairly well implemented, perhaps how it should have been done in the first place.
Yes, there are compatibility issues with many LOB apps and old hardware that aren't written with security in mind, but those will eventually be worked out. For example, I was pleasantly surprised when Quickbooks finally created a version that didn't require the user to be an administrator to run it, just to be Vista compatible.
[ link to this | view in chronology ]
I've installed one copy of Vista
[ link to this | view in chronology ]
Vista Security
No reason to toss in DRM security into an OS, no reason AT ALL. Why should an OS want to limit what i can do for simple video output of high def content over a specific medium?
DRM ruined Vista for me. I will not get it because I love media, and do not want to be prevented from watching High Def on my TV that I play from my PC. Simple.
Although I know that is probably beyond the average user, and consequently not considered by the them.
As a previous poster mentioned, anyone sitting here reading techdirt is not your average user.
[ link to this | view in chronology ]
Re: Vista Security
[ link to this | view in chronology ]
Re: Re: Vista Security
> the proper codec installed. Most of my files are AVI/XviD,
Vista facilitates piracy, you see.
You get a legal HDDVD, and if you sneeze by the monitor, the DRM kicks in and reduces the quality.
However, if you play pirated content which has no DRM in the first place, you're fine, DRM won't kick in and won't reduce quality...
[ link to this | view in chronology ]
On Vista Security
The problem with Windows is that users typically run as administrators. In most BSD and *nix distros, they do not.
As I said in my much earlier post, it is quite feasible to have users run as normal users in Vista. This was not really feasible in XP or earlier MS client OS's. It is also feasible on 2K3 and Server 08. Indeed, I am writing this on a notebook that is running Server 08, with me running as a normal user.
The problem is less Microsoft, and more the third party software vendors, who write SW that assume system / administrator permissions - updating drivers, executables, and privledged routines (such as game watchdogs, which have grabbed the debug privledge). If you run such software on *nix systems, you will have equivalent security problems.
[ link to this | view in chronology ]
Re: On Vista Security
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The Users
Here are just two (very common scenarios):
1) 70-year grandpa just wants to check his e-mail and look at the pictures of the kids. He's sick of the endless questions asking him if he really wants to run Outlook and Photo Viewer, so he asks his techie friend to help. His friend then switches Vista to run in admin mode. Problem solved: no more annoying security questions.
2) Users ignore the messages, which comes as no surprise to anyone who watches people work with Windows. It goes something like this:
Vista: Do you want to allow QuickBooks to run?
User: Yes, let me get to work.
Vista: Do you want to allow Canon J234 printer driver to install?
User: Duh, I need to print.
Vista: Do you want to allow Word to run?
User: Geez, yes already.
Vista: Do you want to allow Trojan N32.exe Worm to run?
User: YES! I swear I'm going to throw you out the window if you don't stop with these ***ing questions!
And now the user has purposely allowed Windows to execute a trojan just because he's so fed up with the security questions.
So, how exactly do these "security questions" add "security"? Like a poster said above, this seems more like "security theater": Microsoft added a feature that was highly visible and that they could show off as "doing something", without ever looking at the underlying causes of how users themselves spread worms and viruses.
[ link to this | view in chronology ]