Feeds

Vista security overview: too little too late

But some progress has been made

The Essential Guide to IT Transformation

Spambuster?

Next up, we have the successor to Outlook Express, called Windows Mail. I always considered Outlook Express to be hands down the worst email client ever devised. Windows Mail is a little better. There now are half-decent junk mail controls and, of course, the famous anti-phishing filter. Email memos are now stored as individual files instead of in a database file, which means they can be searched faster, and email contents will show up in the Windows main search, which is either very handy, or a privacy nightmare, depending on what you get up to with your email. This type of storage also makes it easier for you to nuke messages with a wipe utility, either by wiping free space after deleting, or wiping them manually if you have the patience.

However, junk mail controls are awkward. Flagging memos as spam is a hassle; you do this in a list above the preview pane with the right mouse button, and then select from a list of actions. This can be quite tedious if you get a lot of spam, because one can't select several emails for the same action. There really ought to be a junk button that one can use to mark memos as spam and delete them with a single click, as there is with Thunderbird. It would be nice if the default rule for such a junk button were to be blocking the sender, rather than the sender's domain. One can always block a troublesome domain manually if need be.

Interestingly, an email from Microsoft Press Pass - a mailing list of self-congratulatory press releases for tech journos - was automatically flagged as spam. I find it hard to disagree with that call.

Memos can be displayed as HTML with all the risky stuff, such as online images and scripts, blocked. And Windows Mail doesn't give you a hard time about displaying all memos as plain text, which I recommend. Or rather, it displays lightly formatted text; you don't get the raw text as you do with Kmail, so links show up as they would in HTML, with the actual URL hidden. Now, with IE7, such links show up in the status bar as the full URL when you mouse over them, but in Windows Mail they don't. This should be fixed, because otherwise one is stuck relying solely on Microsoft's anti-phishing filter gimmick.

While not security related, I will note briefly that there is no undelete button or Edit menu option to undo a deletion, for those of us who tend to delete first and ask questions later.

Click yes to continue

Data Execution Prevention (DEP) is a feature from XP SP2 that shuts down programs that handle memory oddly, and it is now set to full on by default. It works with address space layout randomisation, a new feature in Vista that loads some system code in unpredictable memory locations to defend against buffer overflow attacks. Both are very good ideas, and should help reduce the impact of malware to some extent.

However, DEP, when full on, may cause a number of applications to crash, or interfere with their installation. I'm betting that a majority of users will opt for the more conservative setting, and this of course means less defense for everyone.

User Account Control (UAC) is another good idea, because it finally, finally, finally allows the machine's owner to work from a standard user account, and still perform administrative tasks by supplying admin credentials as needed on a per-action basis. You know, the way Linux has been doing it forever.

This is one way of helping protect a multi-user system from being loaded with malware by users, and for ensuring that any malware on the system runs with reduced privileges. When you are in a user account, and you wish to perform an administrative task, you will be prompted for the required credentials. Aside from the prompt, the GUI shell will be disabled during this time, to help prevent certain kinds of privilege escalation attacks where the GUI shell or elements of it are spoofed by malicious software.

Of course, it only works if everyone stays out of the admin account as much as possible, and if everyone with an admin password knows better than to install a questionable program with admin privileges. And there's the catch: "Windows needs your permission to install this cleverly-disguised Trojan nifty program. Click Yes to get rooted continue."

So you see that, here again, MS's security strategy involves shifting responsibility to the user.

UAC is all well and good in theory, but here's the problem: it's never going to work. And the reason why it's never going to work is because MS still encourages the person who installs Vista (the owner presumably) to run their machine with admin privileges by default. I was delighted, when I set up Vista for the first time, to be presented with an opportunity to set up a "user" account. But moments later, when I saw that I was not invited also to create an admin account, I knew that the "user" account I had just set up was indeed an admin account. And so it was.

Until MS gets it through their thick skulls that a multi-user OS needs a separate admin account and a user account for the owner, and that the owner should be encouraged to work from a regular user account as much as possible, UAC will never work as intended.

In fact, UAC is the most complained-about new feature of Vista, and most people are disabling it as soon as possible. Why? Because MS still encourages the owner to set himself up as the admin, and work from that account. And when you're running in an admin account, UAC is nothing but a bother. Every time you try to take an action, and this could be as simple as opening something in Control Panel, UAC disables your screen and pops up a little dialog asking you if you really want to do what you just did. A pointless irritant that will cause the vast majority of Vista users to disable UAC, because the vast majority of Vista users will, unfortunately, be running as admins, thanks to MS's stubborn refusal to try to put everyone into a user account to the extent possible.

And once UAC is disabled, all of its security enhancements are lost. Yes, the basic idea is good, but the implementation has been completely bungled.

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.