DavidOverton.com
This site is my way to share my views and general business and IT information with you about Microsoft, IT solutions for ISVs, technologists and businesses, large and small.  
David Overton's Blog » Windows Vista Security "Guide", why Jim Allchin doesn't use Anti-Virus software for his son and why some people just don't want to have improved security unless you pay them for it.
Windows Vista Security "Guide", why Jim Allchin doesn't use Anti-Virus software for his son and why some people just don't want to have improved security unless you pay them for it.

OK, so I saw that the Vista Security Guide (http://blogs.msdn.com/windowsvistasecurity/archive/2007/01/05/windows-vista-security-guide-1-2-released.aspx) had been updated - it is worth knowing more about the security model in Vista, how we protect against some threats and how it might impact your applications (eg if a non-admin application wants to send UI information to an admin one), Group Policy, Settings etc.

Now, while security is important, so are the basics, like turning on the auto-updates, firewalls and anti-malware software. Well, MS now supplies a great anti-spyware product built into Windows in the form of Defender and the firewall can now be configured on outbound comms as well as inbound if you want, but no AV in the product.  So, you need a 3rd party AV product (or Windows OneCare)... well, Jill Allchin, who delivered the Vista project for all of us does not use one for his son's machine....

http://windowsvistablog.com/blogs/windowsvista/archive/2006/12/19/windows-vista-and-protection-from-malware.aspx

Then having been through all of this, there are some who want to take the great steps forward in Vista that allow Jim to do this and put us back 6 years and have a company that makes money by keeping the fear up and security quality down.  One of the great progresses in Vista, even if you do notice it most when setting up, is the UAC control, so why would you want to outsource it to a programme that can be fooled?  More info at http://www.windows-now.com/blogs/robert/archive/2007/01/10/symantec-anti-uac-product-is-a-very-bad-idea.aspx

ttfn

 

David

Posted Sun, Feb 4 2007 11:36 PM by David Overton
Filed under: , , ,

Comments

TripleII wrote re: Windows Vista Security "Guide", why Jim Allchin doesn't use Anti-Virus software for his son and why some people just don't want to have improved security unless you pay them for it.
on Mon, Feb 5 2007 2:44 AM

I agree that UAC (non admin in general) is a good step forward, and Windows Defender is great since it is built in, however, Defender as a great anti-spyware tool is not accurate.  You will want a layered approach to anti-spyware (like you need today) since no anti-spyware gets all of it.  

http://www.malware-test.com/antispyware.html

Microsoft Windows Defender 1.1 (free): 33.88%

http://www.pcworld.com/article/id,128660/article.html

Tests with the program showed it missed 84 percent of 25 samples of spyware and malicious code

I hope it gets better over time, but at this time, you will want 3rd party anti-spyware as well (or stop installing all those "free" apps).

TripleII

David Overton wrote re: Windows Vista Security "Guide", why Jim Allchin doesn't use Anti-Virus software for his son and why some people just don't want to have improved security unless you pay them for it.
on Mon, Feb 5 2007 8:15 AM

TripleII,

I agree about the multi-layered aproach - Vista is multi-layered, with IE7 protected mode, UAC and Defender as just some of the layers.  

I am 100% for 3rd party ISV solutions to add to these layers.  However, some solutions are better than others and I personally dislike those that want to disable some of those layers.

Having said that, I run e-Trust AV and Defender and not a single piece of spyware has hit my system.

Great links though - I will be watching them carefully

ttfn

David

Add a Comment

(required)
(optional)
(required)
Remember Me?

(c)David Overton 2006-23