Feeds

Longhorn following Unix on security?

Curbs your enthusiasm

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights.

Mike Nash, Microsoft's security business and technology unit corporate vice president, has said Longhorn would accord end-users certain rights and privileges apparently ending the concept that everyone using their PC is also the PC's administrator.

Speaking at Microsoft's Worldwide partner conference on Sunday, Nash indicated the architectural change is part of a move to improve security of desktop systems by limiting the ability for end-users to install applications or for malware to take control of a machine, turning it into a zombie.

The move mirrors techniques used in versions of Unix and Linux to create more limited variations of "the God user" or root account. This account provides a single user with total control of, and access to, an entire system's resources. Sun Microsystems, in particular, has touted very sophisticated user access controls - borrowed from Trusted Solaris - with its new Solaris 10 operating system. These controls let government agencies, for example, store information of different classifications on the same computer, as the OS governs who is authorized to see the data.

"In October 2003 someone asked: 'How come, when I go to a Windows machine, everyone has to be an administrator?'," Nash told conference delegates, referring to an incident at Microsoft's partner conference two years ago.

Nash said a key Longhorn feature would be increased "granularity" in administration capabilities "so people need a lower level of privilege to install applications and printers. When a higher level of privilege is required, we can elevate that. You can use Longhorn in a very effective way without being an admin."

Nash also used his presentation to try to disparage claims the open source method of software development produced more secure systems than Windows. "There's a big theory that with open source and more people looking at the source, this will lead to more secure products. We think our approach delivers more benefits," Nash said.

Among those benefits, according to Nash, is Windows XP Service Pack (SP) 2 which he said means users are up to 15 times less likely to become infected by malware than if they simply use XP SP 1 or Windows 2000 professional. Nash said 281m copies of XP 2 have been distributed during the year since launch.

Nash also trotted out figures from the Microsoft-sponsored Security Innovation study published in June that claimed Windows Server 2003 running SQL Server 2000 SP 3 is more secure than Red Hat's Enterprise Linux 3.0 running MySQL and Red Hat Enterprise Linux 3.0 running the Oracle 10g database.

The study, part of Microsoft's "Get the facts" campaign, claims SQL Server had zero vulnerabilities over the course of the year compared to seven for MySQL and 30 for Oracle 10g.

In a reference to Oracle's "Unbreakable Linux" advertising campaign, Nash said dryly: "Unbreakable? I think not."®

Related stories

Now Microsoft 'decouples' Longhorn from .NET
Indigo not so open as .NET Framework?
Microsoft running late in virtualization
Microsoft sharpens Longhorn for SMEs
Sun plays hide and seek with key Solaris 10 goodies
Sun burns Solaris and Linux staffers
Sun stares down Red Hat with Solaris 10
Security Report: Windows vs Linux

Beginner's guide to SSL certificates

More from The Register

next story
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
'Google is NOT the gatekeeper to the web, as some claim'
Plus: 'Pretty sure iOS 8.0.2 will just turn the iPhone into a fax machine'
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.