Microsofts security doubters remain, spreading rumors that Vistas BitLocker encryption keys are already being cracked, and the news media continues to produce stories criticizing the frequency with which the operating systems UAC (User Account Control) feature presents users with distracting pop-ups. But Fathi said those criticisms arent as much a source of frustration as they are inspiration for his future development efforts. Symantec says Vistas UAC is still too chatty. Click here to read more.Those types of considerations, and planning the security underpinnings of a future generation of Windows productsdelivery date to be determinedhave taken over Fathis day-to-day work, with the developer relishing his ability to spend most of his time with his true passion, building software, rather than sparring with Microsofts partners and fielding a nearly constant stream of questions from a media that often appears bent on discrediting his work. "Im back doing what Ive always done, designing software versus dealing with problems, and not just being focused on security issues," Fathi said. "The next six months are all about planning the next version of Windows and spending time fixing things we didnt fix in Vista." With a sly grin the developer suggests that perhaps as soon as five years from now customers of Microsofts products wont need to worry about OS security at all. Its clear that Fathi isnt serious, given his earlier concession that finding new ways to improve and defend Microsofts products will always be a part of his job, but its not hard to detect that the frustration the executive felt when handling the waves of controversy surrounding the release of Vista, before the product even arrived, has been replaced a much sweeter emotion. The glimmer in Fathis eye as he postulates about his more security-free work of today and the future gives away the feeling he harbors regarding what Microsoft has accomplished with Vista. While the word never crosses his lips, its easy to see what hes driving at satisfaction. At least until the next headline.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
"Headlines are what reporters are after, but we feel that the real message is getting out there that security for end users has been greatly improved," Fathi said. "The great security we have today comes at some cost to the user, such as with the frequency of [the UAC] pop-ups, but we will work with our partners to improve integration for applications security so the system doesnt need to ask users for approval so often."