Manage updates with the Download App
September 18, 2006 11:37 AM PDT
Cisco exec: Windows Vista is scary
- Related Stories
-
Piecing together Windows Vista
November 8, 2006 -
Vista's European battleground
September 18, 2006 -
Chills at Microsoft's security huddle
July 24, 2006 -
Allchin: Buy Vista for the security
January 27, 2006
"Parts of Vista scare me," Gleichauf said at the Gartner Security Summit here on Monday. "Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."
Gleichauf told CNET News.com's sister site ZDNet UK that Cisco views the Microsoft operating system update, set for broad release in January, as a bearer of possible solutions to security problems, but also as a potential trigger of security issues.
Vista's European battleground
"Vista will solve a lot of problems. But for every action, there's a reaction and unforeseen side-effects and mutations. Networks can become more brittle unintentionally," Gleichauf said.
The Cisco executive's remarks come as Microsoft and the European Commission move deeper into a tug-of-war over security features in Vista. The company wants regulators to set clear guidelines as to what it can include in the operating system, but the Commission will say only that Microsoft must abide by its competition rules.
Systems complexity needs to be taken into consideration in any action plan for Vista implementation, he added.
"If you're embracing Vista, it's not going to be 100 percent initially. It's going to create more heterogeneity for a while," Gleichauf said.
Analysts from Gartner have also found that many businesses are nervous about integrating the security features in Vista with their legacy systems.
"Most organizations are cautious about Vista," said Eric Ouellet, vice president for research, security and privacy at Gartner. "(Companies) already have security tools which are being built into Vista. The risk is to go to another system. There's always going to be some hits," Ouellet told ZDNet UK.
"The risk you have to manage is: Is Microsoft going to get it right first time? Maybe yes. But are businesses going to take that risk?" he asked.
Microsoft has not helped to reassure customers by pushing back the release date of the operating system and changing some of the promised features.
"People don't know what's coming down the pike," Ouellet said. "TPM (Trusted Platform Module) is now not fully integrated--you can't rely on the feature and function set. Microsoft's moving the goalposts is definitely adding to the heartburn."
Tom Espiner of ZDNet UK reported from London.
See more CNET content tagged:
Cisco Systems Inc., Gartner Inc., security feature, Microsoft Windows Vista, exec
79 comments
Join the conversation! Add your comment
Cisco Wi-Fi is SCARY!
<a class="jive-link-external" href="http://news.com.com/Cisco+flaw+puts+Wi-Fi+networks+at+risk/2100-7349_3-5929059.html" target="_newWindow">http://news.com.com/Cisco+flaw+puts+Wi-Fi+networks+at+risk/2100-7349_3-5929059.html</a>
Cisco Internetwork OS is SCARY!
<a class="jive-link-external" href="http://news.com.com/New+Cisco+flaw+could+pose+threat+to+Net/2100-1002_3-5853330.html" target="_newWindow">http://news.com.com/New+Cisco+flaw+could+pose+threat+to+Net/2100-1002_3-5853330.html</a>
Cisco Session Initiation Protocol is SCARY!
<a class="jive-link-external" href="http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci1207783,00.html" target="_newWindow">http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci1207783,00.html</a>
Cisco Unity is SCARY!
<a class="jive-link-external" href="http://searchvoip.techtarget.com/originalContent/0,289142,sid66_gci1034991,00.html?bucket=NEWS&topic=299030" target="_newWindow">http://searchvoip.techtarget.com/originalContent/0,289142,sid66_gci1034991,00.html?bucket=NEWS&topic=299030</a>
How about...
Bob Gleichauf is SCARY! He drums up fear through speculation when his own company's products have introduced plenty of vulnerabilities. Bob should lay off the rhetoric and do an analysis - if he can find an actual vulnerability, then perhaps we'd have a reason to be worried - and perhaps it would be fixed. But he has no interest in resolving issues or providing a clear understanding of the paranoia he tries to create - he apparently just wants to damage Microsoft sales. What a goon.
The heck with it! I used Win98SE until less than 2 years ago! It ran like thunder! I'll probably use XP for 4 or 5 years more and then switch to a stable, easy to install, customer friendly version of Linux that will probably be on the market by then!
MS has definitely gone out of their mind! That's what I say! We're soon gona need a CRAY 1 just to run the damn thing!
Doesn't anybody just get the meaning of OS? Like Operating System? Like basic functions? What of it?!
How about:
Cisco Internetwork OS is SCARY!
<a class="jive-link-external" href="http://news.com.com/New+Cisco+flaw+could+pose+threat+to+Net/2100-1002_3-5853330.html" target="_newWindow">http://news.com.com/New+Cisco+flaw+could+pose+threat+to+Net/2100-1002_3-5853330.html</a>
Cisco WiFi is SCARY!
<a class="jive-link-external" href="http://news.com.com/Cisco+flaw+puts+Wi-Fi+networks+at+risk/2100-7349_3-5929059.html" target="_newWindow">http://news.com.com/Cisco+flaw+puts+Wi-Fi+networks+at+risk/2100-7349_3-5929059.html</a>
Cisco Session Initiation Protocol is SCARY!
<a class="jive-link-external" href="http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci1207783,00.html" target="_newWindow">http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci1207783,00.html</a>
How about... Bob Gleichauf shut his trap and quit spreading fear of the unknown through biased speculation? If he can find a flaw, we'll have reason to worry - and there's a chance it'll be fixed. But no... Bob's only goal is apparently to hurt Microsoft sales. He offers no valuable evidence at all. EVERY new system has the possibility of security flaws - CISCO should know this better than anybody. Hey Bob... how about cleaning your own house before suggesting that somebody elses could possibly be dirty. What a goon!
chance it'll be fixed. But no... Bob's only goal is apparently to
hurt Microsoft sales."
Microsoft doesn't need anyone else to hurt their sales. They're
doing well enough on their own.
Shoddy product quality, uninspired new products, and massive,
crippling delays have already pushed many organizations to
Linux and Mac OS X.
What about Vista has taken five years to create and complete?
they've cancelled most of the compelling new features. Are you
telling me it took five years to get DirectX 10 out?
Vista's going to make a splash, alright - into the toilet bowl.
Either way, quit whining.
The OEM's will love to accommodate MS because Vista requires a top of the line system. MS has to ensure Vista runs like crap on yesterdays hardware because hardware sales = windows sales.
Vista will sell anyway, and if it is total crap that just means they can repeat the cycle sooner rather then later.
On client XP systems they have all these services in listening state (eg highly vulnerable to remote attack). This pushes up the hardware requirement and ensures lack of security. They reply by saying they _need_ this stuff in listening state by default and if there is a vuln they patch but don't dissable the services.
fast forward to SP2 and they still leave the services in listening state but now include an added layer, a firewall to stop traffic. Everybody upgrades to the better, more secure product but what happened to the statement they needed the services in listening state? How is adding a firewall rule any easier then turning on a service only after you decide you need it?
Answer, it's not, but running everything requires beefy hardware ($$PC upgrade cycle$$).
MS is their own competition, if they release a perfect product nobody will upgrade and it costs them money.
MS can't do like Apple and include a bunch of cool things for free cause it is against the law for them (monopoly thing), so releasing a crappy products so they can improve on it in another version later is the best strategy they have going for them, intentional or not.
But that wont discourage our chicken littles from making such predictions, or the lazy journalists who publish such predictions unchallenged (*cough*, CNET. How about doing some actual journalism?).
"I hereby wager one million dollars that more security risks will be discovered in the first year of Vista's release than XP & W2K combined.
If you do not wish to participate in this wager, please post your refusal within 24 hours, otherwise you will be deemed as consenting to this wager."
Vista's release will be a paradise for hackers, scammers, organized crime, and terrorists.
Micro$oft can't execute reliable security tests now for the more simple XP & W2K platforms, so there is NO WAY they can deliver a "safer" Vista that is enormously more complex!
Wait - they already have done that - NOW Cisco is starting to worry that nobody will need theoir overpriced pieces of crap. Maybe they can get together with Symantec and drown their sorrows together.
Bill still rocks.
No single solution is perfect and software firewalls are nice, but there are many advantages of using stand alone hardware routers.
"NOW Cisco is starting to worry that nobody will need theoir overpriced pieces of crap."
Considering we're talking about Microsoft it's interesting you mention over priced.
Where you could have a point with "FUD" is that Cisco can benefit from additional Cisco product purchases to deal with potential problems created with a Vista deployment in a large enterprise. Cisco wants CTOs to remember and budget for Cisco while buying into Vista.
"Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."
"Vista will solve a lot of problems. But for every action, there's a reaction and unforeseen side-effects and mutations. Networks can become more brittle unintentionally."
"If you're embracing Vista, it's not going to be 100 percent initially. It's going to create more heterogeneity for a while."
...Does someone want to explain to me what's so amazingly insightful about this that it's newsworthy, other than Cisco throwing barbs and a company they know they're going to be competing hard against in the near future?
I suppose this is CNet's version of linkbaiting, although I wish they'd stick to real news. Leave the linkbaiting to the Register.co.uk, Microsoft Watch & and other industry leeches that make their living off of synthentic media hype.
If the new cybersecurity czar, Gregory Garcia, had any intestinal fortitude at all, he'd call for an investigation into the security of Vista before it is shipped, complete with source vetting by the NSA.
But, as a lifelong industry hack, he'll sit and collect his check and stare out the window.
Roberto
should consider selling or atleast co-operating with Microsoft on
Mac OS 10, under the agreement that the next OS they make be
done as a joint venture.. of course it would be a seperate entity/
OS from Vista and OS 10 but of course be based on OS 10's
current technology and not branded specifically to one company.
It would fulfill so many purposes..
It would cut the cost of R&D for Microsoft.. Guarantee OFFICE as
the no.1 business software (as if their worried about this) but it
would definitely put an end to other competing suites, most
security issues would vanish, and Microsoft can focus more on
Networking and the business side of computing which Apple and
Microsoft have already drawn fine lines with. I simply don't
think Vista is going to sell though.. Why? it already has a bad rap
attached to it and whats worst is, its under the scrutiny
microscope, and its not even 75% full proof so its safe to say it
won't do well in its first two years of existence..
For Apple; they will get the marketshare they want, insure that
their OS technology will survive, because afterall it really is
good), probably sell more computers and give Dell & HP some
real viable competition, guarantee Ilife as the no.1 suite for
handling digital media for the average consumer. Issues of
incompatibility would disappear, I can probably go on and on...
it opens up so many more possiblities.. for both companies.. of
course there will be tariffs on certain aspects on features for the
OS but it will benefit everyone...
Do you remember IBM used to have an OS? That too was sunk by Microsoft short handing IBM and not cooperating as fully as they let IBM believe they would. It may be time for Microsoft to work with a partner but they have burned any they worked with in the past.
Microsoft has really blown this development cycle.
You sure do extrapolate a lot, don't you? Whether Vista is "like"d or not will depend on the public, not you or I.
My point is simple: MSFT dominates now. They may not dominate 10 years hence, mostly due to their own short-sighted policies and coding methods.
After all, Apple was once the dominant, until their own hubris and (at that time) bad practices knocked them way back.
/P
I mean that theme song is incredible and the show is entertaining.
It is a ignorant LCD show.
And Cisco, a network company that now wants o be a security company probably has had more vulnerabilities against their network AND security products than any other vendor I know.
The Cisco Exec cites not one identified security flaw - just "Fear, Uncertainty, and Doubt". This article is not news - it's propaganda.
(and no, I'm not a MS fan either. I just can't stand it when people spew FUD)
position to make any conclusions about his comments at all.
I wish the EU all the success in the world in trying to keep Microshaft abrest of competitive regulations while hoping that the US will catch wind of the fact that Microsoft CAN BE HELD accountable... but one must stand up and be defensive about it!
Something many corporations have given up throughout the years... but which they should not have given up on.
Walt
Articles with pictures:
<a class="jive-link-external" href="http://www.theregister.co.uk/2006/07/19/huangyangtan_mystery/" target="_newWindow">http://www.theregister.co.uk/2006/07/19/huangyangtan_mystery/</a>
<a class="jive-link-external" href="http://www.smh.com.au/news/web/the-riddle-of-chinas-area-51/2006/08/14/1155407679963.html" target="_newWindow">http://www.smh.com.au/news/web/the-riddle-of-chinas-area-51/2006/08/14/1155407679963.html</a>
Google Earth forum post:
<a class="jive-link-external" href="http://bbs.keyhole.com/ubb/showthreaded.php/Cat/0/Number/484568" target="_newWindow">http://bbs.keyhole.com/ubb/showthreaded.php/Cat/0/Number/484568</a>
That's the place in the middle of the desert where the Chinese Army has constructed a scale-model replica of the entire region of Aksai Chin (occupied by China since the 1962 war with India). At 1:500, it's still 700 by 900 meters big ( = several football fields). Next to it is a base with dozens of troop transporters seen coming and going. The duplicate shows everything: rivers, lakes, roads and snow-capped mountains. It's basically a landscape within a landscape.
The problem is that nobody has been able to figure out the function of this thing. The world's biggest miniature golf course, perhaps? China's own Area 51? That's why it's the subject of so much discussion in the blogosphere. The discoverer even had to set up his own blog to handle the buzz: foundinchina.blogspot.com
Any ideas?
Some people are saying that the main thing holding back the Mac is the fact that people dont see it as worth it to write software for a small percentage of the market, but then why is almost every piece of professional software out there available for both pc and mac? You can even play games on linux now. Many people switch away from windows, and like it.
Usually the reason they switch away from windows is something like security or stability, because if they dont need to run too many specialized programs, they never miss it, and when windows represents over 90% of the loosely secured systems on the planet, why bother writing viruses for unix or mac? it can be done, sure, but in practise it isnt, because these jerks like targetting the majority of people.
My main gripes with Vista RC2 that ive seen so far are the 10GB default barebones windows folder size, and the massive amount of folders and files in it (i think its got some 50,000+ files in about 7,000 folders, compared to XP's 2,000 files? in about 700 folders, taking up about 1.2GB).
I used to remove most spyware/viruses manually for the most part, but now that its not going to be easy to determine what belongs and what doesnt, this makes it harder for me. Hopefully i wont need to however, now to changes in access to the kernel, etc, which yes, i believe are long overdue.
The new object oriented shell features are probably a very big step forward for developers, id like to hear more about how it works.
If Mac were able to encourage developers to consider its OS, maybe they wouldnt be stuck with under 5% of the desktop computer market share perhaps? After all, its not like there could be anything WRONG with OS X, its not Apple's fault their product isnt selling, its somebody elses, like (insert company/person name here)'s fault, right?
I worked at a company that did a local newspaper, and they had the strangest mix ive ever seen: mac os 9, 10, windows 95 osr2, 98, 98 se, 2000, xp, linux redhat 6.something, windows 2000 advanced server, SCO OpenServer Unix, SME,...it was atrocious.
They were using a 20 year old COBOL database app running on the SCO Unix server, and for some reason when they upgraded to Mac OS X almost across the board, Mac doesnt have a telnet client that can read the SCO Unix telnet data properly, and linebreaks dont work, so the text-based application interface becomes unusable, whereas a dos box in windows 98 to xp could run it properly on any of the windows systems. THIS is one of the main reasons why you see windows dominating most office environments, because rather than having to upgrade their ancient central server applications, windows products have had a history of good upgrade paths that have acceptable backward compatibility.
Microsoft is changing all that with Vista, and this will make companies not move to upgrade for quite some time, but most companies have known for ages that theyve needed to upgrade their legacy systems, and most are following suit. Most of these programs are moving towards web application driven intranet servers, which are platform independent for the most part.
There havent been a great deal of business applications available for any operating system besides linux and windows, and they both can run on the same hardware and interface with each other fairly well as compared to Apple, and its extremely proprietary, too-good-for-standards stance. Now that Microsoft has been long established as the business leader, theyre able to get away with changing things and forcing the industry to keep up, thats just how it goes. Eventually, the 30 year old hardware these legacy applications run on will fail, and if these people arent encouraged to upgrade, they can end up closing down after they permanently lose their database or are unable to file their taxes thanks to cheap, extremely anti-tech-savvy management.
To everyone who owns a pix. Just put it in the trash can if you run a current Microsoft OS like Vista, which has been out for a year. The only solution is to give more money to Cisco, and buy an ASA. I was told they are giving up on the bugs for the Pix firewalls, and they blamed microsoft. You may need to go to small claims court to get your money back for your PIX firewalls, and also for your time wasted on their broken promises. This time I bought an ASA, but I am not really happy about why I had to buy it. If you use TAC, which is a waste, they will just tell you to buy an ASA and get ANYCONNECT. That is what they told me when i called TAC, althought ANYCONNECT is not even for the product I purchased, (the regular Pix). Also, the newest OS, Pix 7 is not supported on the Pix. Again, they could easily support Pix 7 OS on the pix, but are really dragging their feet hoping you will get frustrated enought and go buy a new firewall. I don't have a lot of time right now, because my firewall is basically down because of TAC, so I had to buy an ASA. Next time I will not buy Cisco. Where is the integrity Cisco?