Theres Still Life in the Post-Vista Security Aftermaket

Opinion: Yankee's basically right that opportunities remain after Vista ships, even if it misses the point in some areas.

Every new version of Windows brings with it fears about which software aftermarket will get steamrolled by a new Windows feature. The big questions with Vista are about security, and there are some fair ones to be sure.

Some people assume that once Microsoft includes a feature in Windows its curtains for anyone trying to sell a competitive product, but this has proved false more often than not. Personally I still think the whole browser issue was overblown, but certainly the inclusion of Windows Media Player for free has not been the death of competitive products. Many programs included with Windows, like WordPad, Paint, and even the backup and firewall programs, provide only perfunctory capability.

How far should an operating system go with bundled programs? How much money should companies leave on the table for others, or at least, for others to compete for?

The Yankee Groups report on the effect they expect Windows Vista to have on the security aftermarket asks a lot of the right questions. Some of their answers are spot on, and some are ... well, Id say strange.

Yankee is right to put the Reduced Account Privileges at the top of the list for important Vista features, but I still think its of more importance to consumers than to enterprises. Whine as they will to the contrary, enterprises have always had management tools to allow them to lessen the privileges of their users. They have chosen not to for a number of reasons.

84833.gif

Ziff Davis Media eSeminars invite: Join us on May 8 at 2 p.m. ET as security and identity management experts and Sun Microsystems look at how identity management provisioning can help lower TCO and realize ROI payback.

Its true that there are some tasks in Windows XP that require administrator privileges for reasons that are, at best, controversial. Changing a VPN connection, changing the system time, installing a printer and that sort of thing will no longer require admin privileges on Vista.

But the real problem is badly written applications that require access to registry and file system areas that everyone knows programmers shouldnt use. Companies that have relied on such applications for years have at the same time avoided fixing the applications. Running them as limited users on Vista will allow users to bump their credentials on a case-by-case basis or to whitelist them. By the way, this has been possible for some time through the runas command, although doing so somewhat compromises the administrator credentials.

For consumers, on the other hand, restricted accounts will be much more helpful, unless they rely on an application that wont run. The few notorious examples of such programs, Intuits QuickBooks being the most notorious, will have a hard time making excuses for themselves when Vista comes around. Some users, perhaps prodded by lazy support at Intuit, will just ignore the warnings and log in as an administrator, but theres no question that there will be a huge jump in Windows users who are substantially protected against malware by virtue of the limited rights under which they run.

What does this mean for the security aftermarket? It shouldnt mean a lot. None of these protections will make all that malware out there go away, and users will need protection. Even if everything goes well and the attack surface for Vista is small compared to XPs (I do believe this will be the case, and Yankee seems to think so, too), then the need for protection against attack doesnt go away, its just greatly lessened, and the impact of attacks that get through is also lessened.

Next page: Specific claims.