Consumer Security Worries

By Lisa Vaas  |  Posted 2007-08-30 Print this article Print

Of particular concern to security vendors are home users—those who arent savvy when it comes to figuring out what security options are on their systems nor about how to implement them. "If somebody wanted something besides what Microsoft [offered upfront], it was a little circuitous to get to it," Heron said. "For the home user, it was hard to select McAfee if they wanted."
Eventually, Microsoft plans to ease Security Center into the background, Heron predicts, reducing its presence and allowing security vendors to have their technologies ever more upfront for users to select.
The Vista kernel has been dogged by bad drivers. Read more here. But of even greater importance are improvements to kernel APIs. Last year at this time, this was part of the problem: Vistas PatchGuard kernel protection and other technologies were keeping security vendors from having their products work with the kernel. "PatchGuard would be a big road sign saying, Stop," Heron said. To satisfy its critics, Microsoft over the last nine months has developed new kernel access APIs that allow security vendors to have greater visibility into the kernel and to provide self-protection for systems. Heron said he wasnt sure how much of this work will be evident in SP1, but at least some improvement to kernel API access is in fact coming in the service pack, he said. How will this affect Vista users? For one, the same products used today on Windows XP—for example, McAfees host intrusion system—will once again be able to work on x64 Vista systems. "With SP1 technologies [Vista users] will be able to use, for the most part, all McAfee security technologies," Heron said. McAfee is, in fact, "very pleased" with the way Microsoft has been listening to security industry players, Heron said. "Weve been right upfront with them and given them our perspective on how to do security best in class," he said. That, in fact, is quite a turnaround, given the way Microsoft initially alienated those in the security industry. Heron said hed rather call it an "evolution." "As Microsoft gets smarter and smarter in the areas of operating system security, theyre using wisdom and advice" from those whove been in the industry long term, he said. "Its always a good idea to listen to the wisdom of others," he said. Other security goodies to come in Vista SP1, as quoted from Microsofts white paper on the upcoming release: • SP1 will improve the security of running RemoteApp programs and desktops by allowing RDP (Remote Desktop Protocol) files to be signed. Customers can differentiate user experiences based on publisher identity. • Adds an Elliptical Curve Cryptography PRNG (pseudo-random number generator) to the list of available PRNGs in Windows Vista. • Enhances BitLocker Drive Encryption to offer an additional multifactor authentication method that combines a key protected by the Trusted Platform Module with a Startup key stored on a USB storage device and a user-generated PIN (personal identification number). Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel