Feeds

Christmas shopping: Vista over XP?

Security pros have their say

Reducing security risks from open source software

Anti-Virus vendors

Carmen Maierean (BitDefender product manager): Microsoft Vista from a security standpoint is above Microsoft XP mainly because of the new rights management system which will prevent unauthorised applications from running with administrator privileges. Nevertheless, the customer has to take in consideration that the newly developed operating system will not protect him from malware and hackers and a proper integrated security solution is required. BitDefender is working on a new version that will support Microsoft Vista and plans to ship it at the beginning of the next year.

Mikko H Hypponen (F-Secure's chief research officer): Vista won't be out for the consumer market during this Christmas season. So people can't buy Vista computers for Christmas even if they wanted to. If you want to buy a system with fairly few security issues, get a machine which runs Ubuntu, OSX, FreeBSD or SuSE...

Ryan Sherstobitoff (Panda Software's product technology officer): Windows XP and Windows Vista differ in regards to their security architecture. Windows Vista does not ship until January 30th, 2007. Therefore, Windows XP will be the pre-dominant operating system during the Christmas shopping season. Some manufacturers may have Vista as an OEM on some systems which will be available to consumers; however, most major anti-malware security products will not be compatible with Vista during the first period of December and [most AV companies] have indicated specifically to have support after the release. It is recommended a user purchase a system with Windows XP with the intention to upgrade to Vista.

Carole Theriault (Sophos' senior security consultant): For the average home user, Vista is a good option. There are some excellent security enhancements in it that will make it far more difficult for hackers and malware writers to attack these machines. Of course, there may be some niggles in the initial release, but even so, it will be far more secure than XP.

Vista may be of concern to those users who would like to use old applications (some of them will not run in Vista by default), but users need to balance the pros of having better integrated security versus running older applications. XP users who feel cautious about running Vista initially will want to make sure that they run SP2 on their machine. SP2 offers far better security than running XP alone.

Laura Yecies (general manager of Check Point's consumer division - ZoneAlarm): We wouldn't advise consumers to center their computer purchase around an operating system. If you purchase a Windows XP system, you can always choose to upgrade later. Either way, with XP or Vista, you'll still want a good independent software solution to protect you from today's attacks. While Vista marketing touts increased security, we also expect a new OS be analogous to waving a red cape in front of a bull...hackers won't be able to resist the challenge. That may result in even more vulnerabilities for a consumer to patch.

Olga Kobzareva (Kaspersky's head of corporate communications): From a security point of view, of course Windows Vista has several improvements which make it more secure than Windows XP SP2. But still there can't be any 100% safe operating system, and we have to remind the users that migrating from XP to Vista doesn't mean there's no need for antivirus software. Windows Vista will still need separate antivirus solutions to be installed.

David Perry (Trend Micro's director of global education): Microsoft tells us that Vista will have the best security ever, but a lot of that security will come not from the Vista OS itself. Much of the new security is tied to the 2007 release of applications like Outlook and Internet Explorer (inside Microsoft these are commonly called the "2k7" releases). Our testing (at Trend Micro) shows that, with proper Internet Security software, Vista is actually safer.

The end user really can't lose right now -- any modern name brand computer you buy right now will come with a free upgrade to Vista -- so you can get that new computer for Christmas, and wait to see how things shake out.

Brian Trombley (McAfee's product manager): From a security perspective, it doesn't matter whether you choose a new PC with Windows XP or Vista. It's critical, however, that you use up-to-date security software and that you enable automatic updates.

Most new computers include pre-installed security software, but that software is out-of-date when you first start the computer. Hence, the security software should be updated right away. If security software is not pre-installed, make that your first priority when you start your computer.

Rowan Trollope (VP of Engineering, consumer business unit, Symantec): It is important for consumers to know that the Vista operating system is not a security solution in and of itself. It has an incomplete set of security features that are not enough to protect users from the fast-evolving threat landscape. No matter which operating system consumers choose this holiday season, they need to implement a complete security solution that protects them from today's evolving security threats.

Symantec's solutions, like Norton Internet Security, provide consumers with the comprehensive protection they need. Norton Internet Security and Norton AntiVirus Vista compatible versions will be available upon Vista's release. Any existing Norton Internet Security or Norton AntiVirus 2006 or 2007 customer will be eligible for a free Windows Vista compatibility upgrade. We currently have a Vista compatible public beta of Norton Internet Security and Norton AntiVirus that consumers can try out.

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.