By Scott M. Fulton, III,
November 9, 2006
During a telephone conference with reporters yesterday, outgoing
Microsoft co-president Jim Allchin, while touting the new security
features of Windows Vista, which was released to manufacturing
yesterday, told a reporter that the system's new lockdown features are
so capable and thorough that he was comfortable with his own
seven-year-old son using Vista without antivirus software installed.
Allchin's statement came in response to a question about his relative
level of confidence that Vista would be more secure than Windows XP SP2.
In response, he noted there were key security features added to Vista
which could not be added to Windows XP SP2 even though, he said, his
people apparently tried to do so.
Two such features -- namely Vista's new parental controls, and Address
Space Layout Randomization (ASLR), which renders the object code of the
system kernel in memory differently each time to thwart the designs of
malicious code -- render his son's Vista machine comfortable enough for
him to use, even though production-quality anti-virus software for the
unit has yet to be completed.
"I would say that Windows XP SP2 did an amazing job, and I'm proud of
what we did there. But you have to understand, we learned a lot during
Windows XP SP2, and there were things that we couldn't put in that
product," explained Allchin.
"I'll give you an example: It's my favorite feature within Windows
Vista, it's called ASLR (Address Space [Layout] Randomization). What it
does is, each Windows Vista machine is slightly different than every
other Windows Vista machine. So even if there is a remote exploit on one
machine, and a worm tries to jump from one machine to another, the
probability of that actually succeeding is very small. And I wanted to
do this in Windows XP SP2, but we couldn't figure out how to do it. So
then a smart guy here came up with a solution, so we put it in Windows
After summarizing that past statement, Allchin continued, "Please don't
misunderstand me: This is an escalating situation. The hackers are
getting smarter, there's more at stake, and so there's just no way for
us to say that some perfection has been achieved. But I can say, knowing
what I know now, I feel very confident."
"I'll give you an example: My son, seven years old, runs Windows Vista,
and, honestly, he doesn't have an antivirus system on his machine. His
machine is locked down with parental controls, he can't download things
unless it's to the places that I've said that he could do, and I'm
feeling totally confident about that," he added. "That is quite a
statement. I couldn't say that in Windows XP SP2."
Allchin led up to that comment after having recalled the company's
Defense-in-Depth program, which emerged in 2004 as a way to assist
software in defending specifically against viruses, but which evolved
into a comprehensive anti-malware campaign.
As a result of Defense-in-Depth, Allchin told the reporter, Service Pack
2 of Windows XP made it substantially more difficult for malware to get
to the kernel.
"So we've just put up one barrier after another," he said, "so that the
end result is, in the percentages, when I look at the number of
bulletins that we've produced over a period of time for Windows XP SP2,
and I look at what I would expect to take place in terms of, not just
the number, but probably more important, the severity for Windows Vista,
we have been doing measurements of that all along, and it's my opinion
that the severity of the bulletins will be less, as well as the number
will be less.
"That's to be proven, so we will see about that. But I need to say the
following: Windows Vista is something that will have issues in security,
because the bar is being raised over time," Allchin continued. "But in
my opinion, it is the most secure system that's available, and it's
certainly the most secure system that we've shipped. So I feel very
confident that customers are far better off by using Windows Vista than
they are with anything that we've released before."
ASLR would apparently have been a component of Defense-in-Depth, based
on Allchin's comments, had it been compatible with the existing
architecture of Windows XP. In fact, ASLR may help substantiate the need
for such features as PatchGuard, which is designed to draw a kind of
"moat" around the kernel of the operating system, rendering it
inaccessible accept through authenticated communications.
But the evolution of the Defense-in-Depth program, he implied, may have
evolved its implementation in Vista beyond the need for the generation
of antivirus protection that was its original impetus.
Copyright 1998-2006 BetaNews, Inc. All Rights Reserved.
Subscribe to InfoSec News