Specific Claims

By Larry Seltzer  |  Posted 2006-05-08 Print this article Print

So lets look at some of Yankees specific findings and recommendations.

Yankee believes that the two-way firewall in Vista commoditizes the desktop firewall market. They recommend that existing players not look on it as a growth item in the future. Theres something to this, although third parties have typically combined actual firewall functions and the blocking and opening of TCP ports with IPS functions that are much less threatened by Vista.

This should aggravate what is already a confusing situation, but the third parties will be hurt by calling them firewalls. They need a new name, otherwise Yankee will be right and the fact that Vista comes with a competent firewall will doom them.

There are a number of other desktop IPS products, but most of them are either small-fry specialty products or integrated into what vendors call desktop firewalls or security suites. I dont see a threat worth measuring here, and its perfectly conceivable that the vendors will be able to demonstrate protections that Microsoft doesnt provide with Vista. I dont think a lot of software is sold for this function.

Same thing for teeny categories like Device Control. Some measure of this capability belongs in the OS obviously, but theres still a small living to be made for customers who want greater control.

Certainly Yankee is right that conventional anti-virus software is unthreatened by Vista, even though some of Vistas protections make many viruses less threatening. The claim that Windows Defender will kill off much of the anti-spyware market depends on how good a job it does, but this is fine with me.

The anti-spyware market is a phony creation of security companies; this function should always have been performed by anti-virus software, and I suggest that the category as a separate entity will die off in any event as companies like Symantec add anti-spyware to their anti-virus offerings, which is where they belong anyway.

Yankee is right about what it calls Network Access and Zoning—what everyone else calls NAC. This is a diverse and competitive market. Microsoft has no special credibility in it and bundled agent support is of trivial value.

Yankee then goes on to a series of predictions, some of which are reasonable. For example, Yankee predicts that "Vistas Tighter Security Will Annoy Users"—and induce them to consciously make stupid decisions, akin to driving right past a "WARNING! BRIDGE OUT!" sign. No doubt users will blame Microsoft when they compromise their systems after bypassing security features in Vista that proved tiresome, but theres a limit to what Microsoft can do about these things.

I disagree with Yankee when it says that there is inadequate information for developers to make their programs run in a restricted account environment. In fact, the guidelines are not dissimilar to those of the Windows XP logo program, which also required that programs run in a standard user context. If Yankee is hearing this from developers, I suspect that the developers are actually just unhappy with the guidelines, not ignorant of them.

Yankee recommends that Microsoft backport Windows Defender and Least Privileged Access to XP. Windows Defender runs on Windows XP right now; does Yankee know something I dont know about the future of this program? As for Least Privileged Access, this is a major change in the behavior of the OS and not a reasonable request. Yankee says that an easy-to-use configurator for the DropMyRights tool would do, and it has a point, but there are plenty of third-party tools for this.

"Retire ActiveX—now." Yankees assertion that this is a practical idea just cant be taken seriously. ActiveX is widely deployed and cant be easily dismissed. Microsoft has begun, with certain changes in IE 7, to let enterprises limit ActiveX to a specific whitelist and block out all other controls, but if it were eliminated it would have to be replaced with something just as vulnerable. You have to be able to run native code—even Firefox does.

Yankees overall sense that Vista does some damage to some security aftermarkets, but that Microsoft remains vulnerable (especially on legacy operating systems) is spot-on. I also agree that IT departments would be mistaken to dive head first into Vista, but waiting for 2008 seems like an arbitrary rule to me. The enterprise I ran would have some test groups running it, perhaps on a second computer or under VMware.

Dont expect Microsoft to cut the heart out of a whole class of ISVs—its not something they often do. And in the end, Vista will probably create some new security software opportunities that we havent even realized yet. It happens every time.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. More from Larry Seltzer Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel