Chapter 6. Security Enhancements in Windows Vista


IN THIS CHAPTER

  • Control Panel's Security Settings

  • New Security Center Features

  • Windows Firewall: Bidirectional Protection

  • Thwarting Spyware with Windows Defender

  • New Internet Explorer 7 Security Features

  • User Account Control: Smarter User Privileges

  • More New Security Features

  • Thwarting Spam with Windows Mail's Junk Filter

As the Internet became more popular in the late 1990s and early 2000s, Microsoft's operating systems seemed to become less secure. It's difficult to say whether overall OS security got worse with each new release, but it's not hard to see that a perfect security storm was brewing:

  • Thanks to the Internet, news of vulnerabilities spread quickly and efficiently.

  • An increasing number of malicious users online worked to exploit those vulnerabilities.

  • An increasing number of Windows users got online, most of whom didn't keep up with the latest security patches from Microsoft.

  • An increasing number of online users had always-on broadband connections, which give malicious users more time to locate and break into poorly patched machines.

So even though it might have been the case that each new version of Windows was no less secure than it predecessors, it appeared that Windows was becoming increasingly vulnerable to attack.

To combat not only this perception but also the fundamental design flaws that were causing these security holes, Microsoft began its Trustworthy Computing Initiative (TCI) in 2003. The goal was to make people "as comfortable using devices powered by computers and software as they are today using a device that is powered by electricity."

How is Microsoft going about this? It's a broad initiative, but it really comes down to two things:

  • Reduce the "attack surface area." This means reducing the number of places where an attacker can get a foothold on the system. For example, why run any ActiveX controls that the user or system doesn't require, particularly if that object is potentially exploitable?

  • Help the user to avoid making "bad trust decisions." If the user lands on a phishing website, why not have the web browser warn the user that the site is probably not trustworthy?

Windows Vista is Microsoft's first major opportunity to put these and other TCI ideas into effect. This chapter takes you on a tour of the new and improved security features in Windows Vista.




Microsoft Windows Vista Unveiled
Microsoft Windows Vista Unveiled
ISBN: 0672328933
EAN: 2147483647
Year: 2007
Pages: 122

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net