13 September 2006
Vista's Security Questioned by European Commission
Semantec has already addressed concerns about Vista's security protocols preventing other anti-virus and security firms from releasing software that will work with Windows Vista. Now the European Commission has stated that the security features in Vista could cause problems for Microsoft with EU antitrust laws.
The security is created in such a way that makes it hard if not impossible for external security applications to run properly on Vista. Also as it is usually said, two anti-virus programs should not be run at the same time, as they can either miss viruses or be oversensitive in finding a virus in a file that isn't. The inability to remove the security features of Microsoft could cause a similar situation.
Microsoft has stated that making Vista secure is what everyone wanted and that's what they are doing. Their methods behind that are a bit strange by my standards. I guess we all can make a safe operating system by not allowing any applications to run on it. Granted Microsoft has said that 3rd party security software can be installed at kernel level, but it has to be signed. Here's where we have the trouble as well. Signed and certified software for MS products costs money. I'm not going to even hazard a guess as to how much. Then we have open source security software which is free for the taking and is making no profit. How can such software gain the signature for Vista.
Microsoft is as well stating exactly what they did in the US antitrust case when they said Internet Explorer is required for the operation of Windows because of the way the code is written. Now the three main security features of Vista (BitLocker drive encryption, Windows Defender, and Windows Security Center) are all said to be written so deep in the code of Windows that they would be very difficult to remove and Microsoft has no idea of how to do it at such a late date.
Hmm, maybe they should have responded to the EC in March when they asked for the data, not August. Also how can other operating systems have a more modular approach to system design separating the kernel from other parts of the system and still remain secure while Microsoft can't? If any application is written with the code as tangled as Microsoft is stating these security features and Windows are, it is going to have a lot of problems. Their is a reason software design tries to be as modular as possible and why object oriented design has been created and become popular. If you break everything into modules it's easy to find the bugs and easier to fix them as well. It would also be easier to remove such features that prevent competition, like the feature of Vista that makes installing 3rd party security solutions difficult.
More information regarding Microsoft and the EC's current standings can be found here.
The security is created in such a way that makes it hard if not impossible for external security applications to run properly on Vista. Also as it is usually said, two anti-virus programs should not be run at the same time, as they can either miss viruses or be oversensitive in finding a virus in a file that isn't. The inability to remove the security features of Microsoft could cause a similar situation.
Microsoft has stated that making Vista secure is what everyone wanted and that's what they are doing. Their methods behind that are a bit strange by my standards. I guess we all can make a safe operating system by not allowing any applications to run on it. Granted Microsoft has said that 3rd party security software can be installed at kernel level, but it has to be signed. Here's where we have the trouble as well. Signed and certified software for MS products costs money. I'm not going to even hazard a guess as to how much. Then we have open source security software which is free for the taking and is making no profit. How can such software gain the signature for Vista.
Microsoft is as well stating exactly what they did in the US antitrust case when they said Internet Explorer is required for the operation of Windows because of the way the code is written. Now the three main security features of Vista (BitLocker drive encryption, Windows Defender, and Windows Security Center) are all said to be written so deep in the code of Windows that they would be very difficult to remove and Microsoft has no idea of how to do it at such a late date.
Hmm, maybe they should have responded to the EC in March when they asked for the data, not August. Also how can other operating systems have a more modular approach to system design separating the kernel from other parts of the system and still remain secure while Microsoft can't? If any application is written with the code as tangled as Microsoft is stating these security features and Windows are, it is going to have a lot of problems. Their is a reason software design tries to be as modular as possible and why object oriented design has been created and become popular. If you break everything into modules it's easy to find the bugs and easier to fix them as well. It would also be easier to remove such features that prevent competition, like the feature of Vista that makes installing 3rd party security solutions difficult.
More information regarding Microsoft and the EC's current standings can be found here.
Labels: EC, microsoft, security, vista, windows
