Windows - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Windows


Microsoft: XP Dramatically More Secure



 By: eWEEK
2001-10-22
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Windows story.


Rate This Article:
Poor Best
As Microsoft Corp. prepares for the official launch of its Windows XP operating system, enterprise IT managers still have many questions.

As Microsoft Corp. prepares for the official launch of its Windows XP operating system, enterprise IT managers still have many questions. These range from how effectively security issues are being addressed in the product to what benefits Windows XP has over its predecessor, Windows 2000. Jim Allchin, group vice president of Microsofts Platforms Group, spoke to eWeek Senior Editor Peter Galli about these issues.

eWeek: A large number of corporate users who have already upgraded to Windows 2000 or are in the process of doing so wonder what incentive and benefit moving to XP will have for them in the short term.

Allchin: The majority of enterprises still havent moved to Windows 2000, although many are on their way. The difference between the Windows 9x code base and Windows XP is like night and day. Its a totally different experience in terms of the robustness, the security, ease of use, performance and manageability.

While Windows 2000 users already have a huge step-up in terms of reliability, one of the nice things about Windows XP is that it can look like a Windows 2000 system, so the training curve ... for users is not as dramatic as you might think.

Resource Library:

The Remote Desktop feature in XP is also key for corporate users with mobile workers connecting in. Mobile and wireless support is also key. Windows XP supports the 802.1x standard, which is not in the prior system and provides a superior level of wireless security.

The video technology found in Windows Messenger is also critical now. People are traveling less and videoconferencing more. With Windows Messenger, XP does not have to go out and talk to the Internet at all. It allows videoconferencing within a company across remote locations all through the intranet. That is a very powerful business tool that will be used more and make the real-time communications capabilities in XP even more essential.

eWeek: While security seems to be less of an issue with XP than it was with 2000 and the operating systems before that, users still say XP remains vulnerable. What are you telling customers about security issues in XP and how they are being handled?

Allchin: Windows XP is dramatically more secure than Windows 2000 or any of the prior systems. Buffer overflow has been one of the attacks frequently used on the Internet. We have gone through all code and, in an automated way, found places where there could be buffer overflow, and those have been removed in Windows XP.

We have also turned off by default a whole set of things so that users are configured in a minimalist kind of way, making them less vulnerable. We also put a Win XP machine naked on the Internet and let people try and crack it. There have been no entrances and no issues so far.

eWeek: Does Microsofts recently announced Strategic Technology Protection Program have any impact on XP at all, or is it designed only for the server side?

Allchin: While it is heavily for the server, it is also for the client. It goes back over Windows 2000 as well, as we want to support those customers. Win XP already had technology to accept critical fixes in a pretty much automated way. In the future, were going to make this even more simple. Windows XP allows you to be notified when something should be picked up. What were going to do as part of the STPP is create for enterprises a staging server within their company that the fixes come down off the Microsoft server to, and the administrator can then decide which ones should be picked up by the client. That technology is already in Win XP.

eWeek: Some enterprises are saying that, while Security Wizard could have advantages going forward, they remain concerned about automatically installing patches, as these introduce regression errors and other problems. How are you dealing with that?

Allchin: Well, theres no magic in that regard. We test all our security fixes. With all the security fixes weve published over the last 10 years, we go through a regression for every one, we put it on the Microsoft Web site before we publish it to people, we run it in production here, and we feel very confident about the quality of that. ...

The security fixes that we produce dont include other functionality; they are specifically designed to remove a potential intrusion. One of the things the STPP is trying to do is make it easier for customers to deploy this. The problem recently has not been that the fixes are not available; its that service packs have come out, and people havent deployed them. In some cases, customers are sitting there with intrusions detected a year ago, and people are still running in a vulnerable way. So its very, very scary.

eWeek: Many analysts have said there is unlikely to be a huge spike in sales as a result of XP and that theres more likely to be an initial shifting of numbers within Microsofts product groups that picks up over time. Do you agree with that?

Allchin: Yeah, I think so. While its very hard to predict, given the economy and the like, I think the quality of the product will speak for itself and drive adoption, even from Windows 2000. Remember, of the 525 million-odd machines in the world, some 300 to 400 million of them are running the Windows 9x code base. A lot of these are still in businesses. So XP is a great opportunity to improve the customer experience and the industry. If you build a great product, eventually businesses will move over.





  Reader Comments: Microsoft: XP Dramatically More Secure
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Windows Articles          >>> More By eWEEK
 


x}ks⸶I s{cNHB: !;Н[E['f&if˩'okI ydtu$-#I"ftcaQ?sGuޙ'w6{𧍜R(-GFkP+N-˛k:@ 5k99>usM=>;|9|@D%SjN~Cm3gzc_6gڄz29o2 f E63FE ^Q)xyG<iFN\!)̿%ߙ Q_XqDǎK;߃*#x8܉i/DaO؀Ix5ExL#|x\'{͏0{է6ttLB $9"ydZ^ KZPbɥvǩYs(1N,R#wǃSҾ;6OΏ;3$oIJ5<jUU*H j vALzE%Mw'gkr9i>; وla~R|]k׷VG!"wq,E[fT}N} 8y3Dqɝ g/3/r.i"}h8yWTһʆ-jnusIVd]V;7UGZ*w{A*5 @ L^a V835uӅA {>0}sFy#D$h-DAw 0Ixe&3@yGs Lνނ23fC/F|CnHiX^0{@`^@Z89ppyY?0ûDgzs6Gv62-0 eNm;r#Fa A.K))$C[]Pv9B B!\0 V(VzrGBJe'P.o=!đtLR.)΍4aGe-n^ d3C$dQM QP5q5);eڷS K7Bgs݀C/2$\^&6AB1 6d:l';/+X3T7 \P{`CLE7L*Cɥ0$ lu2qn::6pȞc7l`(`RTȅ) KAjAF:,Wfn  (MwC徿;[0P.i^-FgV3y:%[fL:g ppP2Ă3:^S SM5,vFԔfB{- ^=@'K |w9g@m_:r675{uq8X[žtْүxvp :Dh2f ñiH5ϴijiF+eUXȏE}\(*Jel ؑq,YXTر,>1}6Ț$A(Jk>GR&]^%|u73pPU*@BN;4+V G?_ 1U>3 $hDj4e2fL4_0-tt|pE% i4Q* M'h&\3AtQէ턇gHkڸ/|P"Xt^@>^h#KG"Vb`Es V-EN-=`qyTb=Oұ=_%ЧEii}~هF9C!L[PPo?EjZXFpƆZQrTUoV (-)3ޜ0ơ3STr/? 3}h1gs>7_C0t*tȕds|\q ,*lȲ|˘/Tj~L;?r9h3[D@)% R?7~e7qfv9Aخ crF=5=}v>'PR:(`<ѲIXБ1[DG {@nȵ( 5zy@Lt@qHGؽO H4Ji-|zyX>R\jLRC cqe)D ^@zC-3b_@7B^+*6xE‡v1"Qር54Sf;Ow TkO6h)Sp+sJbOW2ET3Ud kC铰Ϥn[.=`zK>'gw&F y*A<˷BgfhKo騙 ب/hyU-Ff038ʅϺ08#՞ysbO:Z\#EpA JǸ}鷋| Z;AS7ѻMkls g4sfDcK6j]+'F&lZ 6Z;k}zGdC\iK-? =V5S9n6= BRӳ(R+H@eiMݓټq:F޿0jiHY0kTrHU m{\ c7ucꮃ*&j|dǶGe7UYVK KPU,UU\z$peﴨcEZ` ЯZd&sC n.E[F 4˷ʨK^ %4eF3/쌸-9DX<ybhA͙r{]wѺLAh seca-aI3)`{qO4c  Cf"SkZ%$< 7Cd',-LGI8~:&.2O&ssM tל`@|7=j#S$7_JIUK U`jZ}'0隆cĵ'JR> KYdI."u>`WC,Y2a'A)h$]1~̮W隿F]I#rѹlK^G+Γ!G7*E!ˁB6='upq)1eڎ6N,$R<8Is)2 RXzקkN,WZXS! }>eQalS돽 /QĚ_f?!|FgG<A(5@IFvW{k D-b#aDrM#=.#hiwDGW"0_ί [JoWȘID{_q+݃Οɢ.7V\ǥIOwq@HDE >_9/gcPIB082 7?xKP .M>Ro4 jYk.NEm펇{-~8 cl9A)B~( [viaE%e9rVdJ)!S;a -*Vj\Z-.yʏxi%: a!]9$y/гO*zUb۽m E;)vb6x}y8b1?ݾne)ܱy7jwh{ ~{j9Л3mI&ԢO q;%zlmH{O,Bj8;=/P.FZTrcqPa8: ˳0q1zp-=4f89ހ.kҺ<81L۠_ |3$?[0;%|&^߆M޻@uS棏f ڝ9|k'NyZz7~(dksfoœc_; >l˭8t砑#TǏɘ&BAW5lko${zY9sJe_.“ɄX^ OFb]0dƛakζ]w5ooo=ȥ 'q=*^ O572]awB%mJˢnz9nZhp;X E%EʁQQ#y∶o!j>b{_ 14+ߙL,*z3\mv[fvÏ9&i @.-v x14Yo aAXy-wh79; 91< ġ[euw+[c“gD`H@3=igA jm9g6:a6r*|BZya8\y1ߊ:"Y1!Qfm!ZP|=ߎ93{K8Wj R*2Kp1)%`PBH|pN7̼V&v Fȕqi+"@ыO-1͟}ޏ'b k4ٮgTgLQ-+}ЩGg T˼#eMH3{lOJTF4;L帤錨m%'lj/0%BK<pgeIU C7OĬ*@ ?ڋy5X83 4hƴ2MARLΕ';3 , mP8}Lo<:1E9c rEC 2K2jbܹ::HfbJ\Pnp<ND ? eVIngUXT0f|]x*bcm=< h,R$J]y,bWpJ!!ڃPpVW:MTףLFa/;_6RWj5,&\"Ft+IJ;0㱁ţ#l@ Y&o~nOT+\NZMZ7'OԮG prYdlޠwx?s X~ D9~NNOxQ҈ݨj%{I?y#S?b@(1 RS9$L\>k[N(_A:,2w *FRP_:I-KjbKz@p$tFIxJD{; A.V< G~܏ER*o2M}.z[3 L/UyH\y9 |dT:ϗjԶ;ġ<1׉OWAϊuJ| ZOzYۖ:/F4AYj/~_T)a}Y TM$H0$H"@N*k;Vz. c~$Fl-Wz^ḽS͂L@XW孤@n#@>ϝ^ںl| Oz%)\5K._i6'8/]S@6wJ,1K)H#Jt@nxҟpnU!'#q|{Zܖ+E,I)?N/;j9sDsO1$a T"*|d^=BUon]­-mUO["ִ ^Nn|6eߕWtf~OԉpkJX$ L\ `3D_Ğ/u7w|a'+I@f%vpC97:q<____eE@W~H6={9p f ,úKcPM,+yMØ^!%WާkE~]H֨|y6wl;/R̚ԟb#,%1 XVv/:IJQ)UEp;xe~Z@' AAv4CRL;4v\)&;:V*j*K0bMÏ"h ±"Ф3xmY'a׷$o`lCf%.$ n'mK鳳Rj[Xc*=XWKZ]؊nDrQ#ƀ%; 9fy[y;_P|>X[i=i<±'Sǵ ǹ3/ N!:aIXO#G/Yꈚi%[YuS}#N X)tE]vU$vƽ`_R^/؃ @xv [`[xe9q9|(iQ====jܣuU-,.t/>(Ѿ&*?$P\ ^1mXRkF5w]E&/]$fMr{f n~RG-SFL+~BvR賔/uITnp]jh XָHdmZXϑZ,Jv4^Cj<"F.𞴮9mYJV\ѨG:g~`Z**5ŹFp>,<9 ]PT<<~Q,턂r1Bדn)ϣG1m-^`wv%Z@/m&8t ꦆjg~Rߊ4, \+sYl'&*f63ZM!.<_%ʘEg9$F P#SC,6I$Aeȅ5T?04\~#n+_ZaQl+Z@klF<ҡ_+qܖiv~1}MMLSp;)*E-%=0hx &̋Ht<.:w.m;=~{LR$'\v! CRY `Oi$|b sy*vFf.D%? IBZ rپ_u=<afHt(M$e`#wf|%ǠTa0{ǾS}j~&KCbOºt,:H@Gy–K\vSO>-F\n\p[Y  ZQ4pBz}eP/1C&sA~b #:- lZXれF ЄGCOs3uϸۧ145@!, ^C. Qχ9 <6vmDR,) 00mZ0br6mP[׹bl Uo%P`qT|8snj]J< |WK,ꯀnvq]@y+DD͂z![C<S)Awf-,<6 lxLla`t.PuG~~2?t6Œ<c\9 o9:jT 1&F cb[7g%I,EVzxNb] $B1Ӝh^L=MWO u|jg =]}>\;\#|h%ۼ66/ Ӟ/Q9luNYPʙŢKs!Yx9K x5" /gEyx&^> L*a^e3DU@ +8[{ac֣ uzzllEg5^LˢWsNN#C(^W&p@a6FQg p!>/'һl皁Iߊ/./23_3ʯ:(Ay/)}^~ 88mg@Iz,?2#L/?i9(u2eF9P9_dmfOw~~}v3 ͠Oˌ_~OP~Q(GFyʻ0{ s?0׃2ː?=/ rqAWU@?Ӈ3߇3?d(%# 埲a|2 )7P~U{A7MF7@7ug+\8=r gs z)W@^d_~*%YFy3Y+f/^+sk3c_?+Qsu;+ť$W 7YKxUy%k{V[M2}c|M(X2oM"!#(yE#BhtoD.b!Ix=0?Mu{l 2پWߕ\*ܪ}:aOkXE 9+8GX%Üf1'0jPb><&1wݥ,e5;H_/<hĽOc{ 篢pmঠǻ݌-0.: 7W]}Vnm;yp#^Xܰ;Yo%P.#"Isgeǃf.ţu>T6V:6a3[ !ÈC/8]\ʹ=Fyރ^V+p3Nlc}x}}ٺ^>C{1k'K[ }g汄:H4wl߽Rk$A^,~S?ưs3nJ# W{0Lӌn; b$UJZR[TJ=\Dݥ(B],U+zT,*g /(@#غ̷x#xC3<;aRq {p+k".<#tbٶ|3 y3+Iٯ[Tsc;ڎx@Vo 7X i gW+ Cxk-ycU 4fɦ:GoĕQ$Sk,|#KфwYCD˸hdУmwhĉiSrO?g b<ӧ3m.Շo%" >oՊ^]'N K X) 5]OoaV!ֆ"V<'B.:N$3&`yBWi`pb9L# Z<0; c LSҡ{˯FEVļw;`3ݸ1쬸E{~ϙIqMdxOf AL Qi|5hOu4j V$ǖ1x05:%z(N6"4΃;.0̦I ůD|݅N,gaHc93'rh.ʹlYmsgqnk?=ocWw.{ۢ'Հ`_4,8t fL~nbWhbD8]+Ġ>'G4WB)&3U\6 I7T`';_Mchu5_ 7쭠F |m'\1PΧ'sE~Pq5;Lh}#Ϙ^&(z ̸6ΐRؿK)Mj5ptwkd9H\=I*4˧MMDfΪْ;j9sL类ä$Vm.V =[n էR۞,`'/]; O 8H2G$!|c"=.(V*Ntx9= |dv/+ 0bŽ%nh|$o \*K%GbF(] MAlC`AR]|eKB$u@g M[aiEQ,c< zAn0$ - i?νE >2| d~_exª~Axh=F=KdM(IS`j2y?Fq:l﯒ASl+6[ !ۂˌJ-Ӭ1s֑¹"UX Hٍb ,~TmrΦ(@PPOWt:y@xtz,nEcuݍ拑ezӍx* cV|JRX}P7(:OOgsZ ._Hv› *r|X^c 0,&09E6<=܈xj{ͺXg)* cyx ^Uf}')VS/-.ȟ$ʓ}E.tqeA @T*7/kwb́ <]VsTO54[;<;NEo;{bhX*ቊoڝ 'uF{/OhI:v]NO;񞞽T7w rF˳p7*Ѡ~oM z'4mEg,(3lW'BV>۽wE^b'e1Rd%rR +w6can؄;"6BJ:6G\Y PQ2*