Vista: Security and encryption
Staff writers
|
Jan 29, 2007 4:41 PM
Will a beefed-up firewall, User Account Control and disk encryption make Vista
a safer choice than XP?
Microsoft could create the prettiest OS in the world, but unless Vista solves the fundamental security problems that have beset Windows XP then history will ultimately deem it a failure. So it’s no wonder that Microsoft has made fundamental changes to the way programs access Vista, while throwing in a whole range of new security technologies to protect against hackers, viruses and even corporate espionage.
Administrators and the UAC
By default, the vast majority of Windows XP user accounts are all-powerful administrators: once logged in, you can do anything to your OS. The problems come when a virus has inveigled its way onto your system: it could change any setting, and the first you might know of it is your computer simply stopped working.
With Vista, Microsoft's intent is for most people to run as a “standard user”. The idea of a non-administrator account isn’t new, but with XP it was labelled a Limited account and many programs simply didn’t run unless you were logged in as an Administrator. The end result was that almost everyone soon switched to Administrator status, even in businesses.
To quote Vista itself, “Standard account users can use most software and change system settings that do not affect other users or the security of the computer.” If they need to make an advanced change that will affect others, such as altering the clock time, they’ll be prompted for the administrator’s password.
If, on the other hand, you’re logged in as an administrator, then you’ll be prompted to press “Continue” whenever you’re about to perform what Vista considers to be a potentially damaging task. This prompt is the outward sign of the UAC, the User Account Control; whenever an icon includes a small Windows shield, you’ll know you’re about to be prompted.
It’s an interesting approach, but we’re not convinced this will succeed in the long term. Far too many people will still log in as administrators, become annoyed by the UAC nagging, and switch them off (which is very easy to do). Also, the lack of meaningful information when you click on Details means many inexperienced users will click Continue by default.
Microsoft desperately needs to add some plain English to this dialog box, and make it context-sensitive, or many people will simply ignore the UAC. However, the new standard user accounts are a big step forward, especially if as many people use them as Microsoft hopes.
All-new Security Center
Microsoft has updated the Security Center it introduced with Windows XP Service Pack 2, with the intention that third-party security software suppliers (such as McAfee and Symantec) will plug their software into it. As standard, Security Center includes a two-way firewall, anti-spyware (Windows Defender) and parental controls.
The firewall is already a step above the one included with Service Pack 2, as it includes both inbound and now outbound protection. Another bonus is the ability to stop particular applications, such as messenger clients. However, our tests have consistently shown that third-party firewalls - including the free ZoneAlarm - are better at repelling threats. Fortunately, you can replace Microsoft’s firewall with your own choice.
It’s a similar story with anti spyware. Webroot’s Spy Sweeper is a far better performer when it comes to blocking, detecting and removing spyware than any version of Windows Defender we’ve yet seen. But you have to pay around $40 for Spy Sweeper, whereas Defender is free, and Defender is still a very good anti-spyware tool. Overall, it’s fantastic to see this built into an OS as standard.
The final inclusion of note is parental controls, which Vista ties in to user accounts. As the administrator, you can control the experience of your “standard users”, from the times of day they can use the PC to which games they play and which websites they visit. You can also choose to track their activities, including websites visited and applications run; it’s intrusive but effective.
Considering all this, it may seem a little strange that Microsoft hasn’t included anti-virus protection as standard. Cynics would argue the main reason for this is Windows Live OneCare - Microsoft’s subscription-based service that provides virus protection along with enhanced spyware, firewall, tune-up software and data backup services. Others believe that it’s to avoid another monopoly legal wrangle.
More controversy comes in Microsoft’s expectations of how third-party software will work with Vista. It wants the likes of McAfee and Symantec to plug their software into the Security Center, so users will always have a uniform interface; the companies want their own “Security Center” software to be able to replace Vista’s offering. There are pros and cons to both solutions, but the end result could be two Security Centers slugging it out for control, which will help no-one.
 |
| Windows Defender fends off spyware, and integrates well with Internet Explorer 7. |
The truth about Windows Vista
Under the skin
Security and encryption
Networking, IPv6 and beyond
Out of the box
Versions and requirements
What Vista might have beenInternet Explorer 7
We provide our verdict on IE7 in Bundled apps, but one thing is certain: it’s far more secure than previous versions. There’s a built-in phishing filter, which will check for sites that are imitating official financial sites (such as banks and even Ebay), and this works in tandem with the Security Status Bar - if IE7 detects a suspicious site, this will turn the URL address field red.
Another important inclusion is how IE handles ActiveX controls. Now, IE will only run controls that have been designed to run on the Internet, counteracting previous problems where powerful ActiveX controls designed for equally powerful desktop programs could perform low-level tasks that destroyed data and settings.
Data backup and restore
For consumers, backup is now much easier - a vital improvement, as securely backed up data is your only true defence against a malicious attack (not to mention hardware failure). Windows Backup brings the kind of automation and flexibility that we’re used to seeing in commercial applications; for example, automatic scheduling is a key part of Windows Backup, and it allows you to back up to optical drives, external hard disks, plus another PC or server on your network.
Another excellent feature is the “previous versions” option. So if you save a new version of a file, then realise you want to go back to that previous version, you can do so simply by right-clicking on its Properties. And as it uses Volume Shadow Copy technology, it only saves the differences and it can save “live” files such as Outlook’s PST file. The same technology also allows System Restore to work more effectively.
Encryption for business
The Business, Enterprise and Ultimate versions will all include a number of extra features to protect companies’ data, including the integration of rights management (so only those employees with the permission to view, edit or print sensitive files will be able to), the introduction of a number of Group Policy options to tie in with Vista’s enhanced encryption settings, far better support for smart cards and USB device control.
For instance, today a company’s approach to USB device protection might be to simply glue up the USB port, which isn’t much use if someone wants to plug in a USB mouse. This last feature uses a new Group Policy that can ban, for example, all USB storage devices, but allow mice and keyboards - and you can apply such settings to individual users, or departments, or the whole network, as you choose.
But the most heralded security feature of all is BitLocker Drive Encryption (although, bizarrely, this isn’t included in Vista Business Edition). This can encrypt the whole hard disk, so that even if someone stole the PC, or just the disk, they couldn’t see that data without a PIN or a USB drive, which acts as the hardware key. It’s designed to work with a Trusted Platform Module chip, but if your hardware doesn’t include this you’ll just need to create a startup key.
 |
| Windows backup is far more polished and effective than under XP. |
Conclusion
We’re certainly a lot more confident about Windows Vista than its predecessor. With six more years of experience on viruses, spyware and (that most dangerous of things) the end user, Vista is inherently more secure than Windows XP. There is a two-way firewall and anti-spyware built into the fundamentals of the OS and, to a large extent, Microsoft has solved the problems created by giving people administrator privileges.
But there are problems. First, the UAC is annoying. Power users will simply turn it off, and virus writers will soon discover this. Second, Microsoft could have made Vista more secure, as Jon Honeyball points out. And most importantly, people - all of us - are stupid. We do irrational things, press buttons we shouldn’t press, and most of us still fall for social manipulation - for example, elaborate phishing scams that near perfectly resemble genuine financial correspondence.
Clearly, this isn’t Microsoft’s fault. We need to understand that computers are powerful tools, and just as we will never build a car invulnerable to crashes, we’ll never build an OS invulnerable to hackers, virus writers and all the other malware creators. With this caveat, we’re willing to give Vista our vote of confidence.
Vista takes the Blue Pill
Microsoft took the unusual step of inviting hackers to target Vista this year, but one researcher – Joanna Rutkowsa from Coseinc in Singapore – already had her hack ready and waiting. “The idea behind Blue Pill is simple,” she wrote in her blog in June, “your OS swallows the Blue Pill and it awakes inside the Matrix controlled by the ultra thin Blue Pill hypervisor...all the devices, like the graphics card, are fully accessible to the OS, which is now executing inside a virtual machine.”
The end result is that a piece of malware could hide inside this Blue Pill virtual machine and Vista (or any other vulnerable OS) would simply not see it – yet the malware would be able to write to the OS’s kernel. From here, virtually any kind of attack is possible.
Microsoft has replied to the attack with the following statement: “Microsoft is investigating solutions for the final release of Windows Vista to help protect against the attacks demonstrated in Joanna Rutkowska’s presentation on August 3, 2006 at Black Hat. It is important to note that the demo started with Joanna logged in to the machine as an administrator. We have made many investments with User Account Control in Windows Vista to allow people to run with standard user privileges. Windows Vista has many layers of defence, including the firewall, running as a standard user, Internet Explorer Protected Mode, /NX support, and ASLR, which help prevent arbitrary code from running with administrative privileges. In addition, we are working with our hardware partners to investigate ways to help prevent the virtualisation attack used by the ‘Blue Pill’.”