Feeds

Why Vista will take a back seat for a few years

The new waiting game

Mobile application security vulnerability report

Comment Vista is a step forward in security, but many businesses will be stuck with Windows XP for years to come, due to the cost of upgrading, the value of existing assets, and compatibility issues that trump security features.

As I write this, Microsoft is launching the consumer version of Vista in New York, apparently with dancers in tights scaling the side of an office building to form a human billboard. It sounds like the highlight of the launch, which reads in many news reports as a real yawner. It's too bad in a way, because Vista's security architecture makes it a much better product. But there aren't too many consumers lined up to buy Vista.

It's unfortunate that some of the useful features like full disk encryption (BitLocker), license transferability, and support inside virtual machines aren't enabled in the consumer (OEM) version of Vista, but that's a renewed discussion for another time.

I think Vista is a great advancement in safety and security for consumers, but most of those folks don't know what the real differences are. Consumers will just end up with Vista (or perhaps OS X, or even the long shot, Linux) the next time they buy a computer. They'll still need anti-virus, anti-spyware, and all the rest. Consumers who do understand what Vista offers aren't exactly lining up either, because they also know about the heavy hardware requirements, the lack of drivers, no gaming need for DirectX 10 (yet), which is exclusive to Vista, and some of the questionable product activation decisions made by Microsoft.

For businesses it's another story. They do know and care about Vista's security improvements. It really is better. It's a big step forward from Windows XP security, I agree. And if one believes Microsoft's marketing rhetoric, most businesses will be deploying Vista in the next three to six months, right? Not so fast...

Why is it that Windows XP will remain the corporate standard for years to come?

The cost of upgrading from XP (or, why everyone loves Vista)

Computers are assets in a business environment where the cost to maintain them far exceeds the purchase price of the hardware and software. Businesses want to keep costs and expenditures down, but more importantly they want to get the best value from their assets. Computers are only important to a company because of the applications that they run - and compatibility is key here. Unless an enterprise application that's critical to the business' operation requires Windows Vista, what is the business reason to upgrade?

I'm scratching my head on that one. Most businesses will stick with Windows XP for the next few years. Security by itself is not a business reason to upgrade; security and Windows don't exist in a vacuum. And yet, just about every vendor on the planet will now be telling you and your business about the need to upgrade to Windows Vista. Let's take a look a just a few of the reasons why.

Consultants love Vista because it means big consulting dollars to evaluate, plan, test, migrate and implement new desktops and server platforms in business environments. Vista is different enough, in fact, they may even need to raise their rates.

Resellers love Vista because the hardware requirements are very steep, meaning heavy new hardware purchases and new software licenses all around. Hardware manufacturers love Vista and are happy to advertise this fact because it just doesn't run well on old hardware (old = one year old). It doesn't run well at all on any laptop today that isn't high-end, say, anything less than dual 2.0 Ghz processors in a Core 2 Duo with a bare minimum gigabyte of RAM. Ouch. Video card manufacturers really love Vista because, for the first time ever, the majority of the population who don't play games (business users) will still need a high-end video card just to get all the OS features enabled in their word processor and web browser.

IT and security admins love Vista because they will need new training and new certifications to put on their resume. Security vendors love Vista because all customers will still need anti-virus, anti-spam, anti-spyware, anti-phishing, anti-adware, anti-fungal, anti-everything software. Help Desk folks love Vista because it provides long-term job security. And end users love Vista because it means they get some new training and a fancy new computer, albeit one that's faster yet somehow runs slower than the one they had before.

Content producers love Vista. Computer scientist Peter Guttman has a fascinating DRM discussion about how Vista purposely degrades "premium content" and affects what you can do with that content. It also affects system performance, stability, support, and hardware and software costs.

Apple shareholders love Vista because it will drive more folks to the Mac OS X environment than ever before.

Spyware and adware companies love Vista because the Internet Explorer 7 browser still supports ActiveX, an ill-conceived language dating back to the Netscape days. But I'm getting ahead of myself; oops, IE7 and its new ActiveX controls run just fine on Windows XP as well. Criminals are putting their botnet software and keyloggers in many of those "Vista Activation Crack" torrents on the Internet. Even virus writers love Vista, because it gives them fun new challenges to adapt and overcome Vista's security model in potentially trivial ways, like social engineering.

A great many companies and individuals, legitimate or otherwise, are set to make quite a bit of money off the early adopters of Vista. And it's all just to replace existing office technologies such as Windows XP that often perform adequately and do the job today. Of course, today's corporate installs may or may not be secure...

The Essential Guide to IT Transformation

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.