Consumer Security Worries
Of particular concern to security vendors are home usersthose who arent savvy when it comes to figuring out what security options are on their systems nor about how to implement them. "If somebody wanted something besides what Microsoft [offered upfront], it was a little circuitous to get to it," Heron said. "For the home user, it was hard to select McAfee if they wanted."The Vista kernel has been dogged by bad drivers. Read more here. But of even greater importance are improvements to kernel APIs. Last year at this time, this was part of the problem: Vistas PatchGuard kernel protection and other technologies were keeping security vendors from having their products work with the kernel. "PatchGuard would be a big road sign saying, Stop," Heron said. To satisfy its critics, Microsoft over the last nine months has developed new kernel access APIs that allow security vendors to have greater visibility into the kernel and to provide self-protection for systems. Heron said he wasnt sure how much of this work will be evident in SP1, but at least some improvement to kernel API access is in fact coming in the service pack, he said. How will this affect Vista users? For one, the same products used today on Windows XPfor example, McAfees host intrusion systemwill once again be able to work on x64 Vista systems. "With SP1 technologies [Vista users] will be able to use, for the most part, all McAfee security technologies," Heron said. McAfee is, in fact, "very pleased" with the way Microsoft has been listening to security industry players, Heron said. "Weve been right upfront with them and given them our perspective on how to do security best in class," he said. That, in fact, is quite a turnaround, given the way Microsoft initially alienated those in the security industry. Heron said hed rather call it an "evolution." "As Microsoft gets smarter and smarter in the areas of operating system security, theyre using wisdom and advice" from those whove been in the industry long term, he said. "Its always a good idea to listen to the wisdom of others," he said. Other security goodies to come in Vista SP1, as quoted from Microsofts white paper on the upcoming release: SP1 will improve the security of running RemoteApp programs and desktops by allowing RDP (Remote Desktop Protocol) files to be signed. Customers can differentiate user experiences based on publisher identity. Adds an Elliptical Curve Cryptography PRNG (pseudo-random number generator) to the list of available PRNGs in Windows Vista. Enhances BitLocker Drive Encryption to offer an additional multifactor authentication method that combines a key protected by the Trusted Platform Module with a Startup key stored on a USB storage device and a user-generated PIN (personal identification number).
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
Eventually, Microsoft plans to ease Security Center into the background, Heron predicts, reducing its presence and allowing security vendors to have their technologies ever more upfront for users to select.