January 30, 2007 4:00 AM PST

Experts: Don't buy Vista for the security

Experts: Don't buy Vista for the security Windows Vista is a leap forward in terms of security, but few people who know the operating system say the advances are enough to justify an upgrade.

Microsoft officially launched Vista for consumers Tuesday. The software giant promotes the new operating system as the most secure version of Windows yet. It's a drum Microsoft has been beating for some time.

"Safety and security is the overriding feature that most people will want to have Windows Vista for," Jim Allchin, Microsoft's outgoing Windows chief, told CNET News.com a year ago. "Even if they are not into home entertainment or in any of the specialty areas, they are just going to feel safer and more secure by using it."

Now that Vista is finally here, pundits praise the security work Microsoft has done. However, most say that is no reason to dump a functioning PC running Windows XP with Service Pack 2 and shell out $200 to upgrade to Vista.

"As long as XP users keep their updates current, there's generally no compelling reason to buy into the hype and purchase Vista right away," said David Milman, chief executive of Rescuecom, a computer repair and support company. "We suggest people wait until buying a new machine to get Vista, for economic and practical reasons."

As in the past, Microsoft faces itself as its toughest competitor. SP2 for Windows XP, which was released in August 2004, marked a significant and much-needed boost in PC security. Since then, Microsoft has released Internet Explorer 7 and the Windows Defender antispyware tool for XP. As a result, the older Windows version is simply good enough for many users.

"Upgrading to Vista is pretty expensive, not only the new software but often new hardware as well," said Gartner analyst John Pescatore. "If you put IE 7 on a Windows XP SP2 PC, along with the usual third-party firewall, antiviral and antispyware tools, you can have a perfectly secure PC if you keep up with the patches."

News.com Poll

Vista: Now or never
How soon do you plan to move to Microsoft's latest OS?

I'm standing in line right now to buy it.
Whenever I buy my next PC.
Windows XP is going to last me a good, long time.
I'm sticking with the Mac--or moving there soon.

View results

Vista is the first client version of Windows built with security in mind, according to Microsoft. That means it should have fewer coding errors that might be exploited in attacks. Vista also includes several techniques and features designed to make it harder to attack computers running Vista and easier to thwart attacks if they do happen.

"Vista is light-years ahead of XP from a built-in security perspective," said Pete Lindstrom, a Burton Group analyst. "But the market will decide whether it is important. Note that there haven't really been significant problems with the operating system lately, and our memories are short."

If most consumers think like Brian Lambert, a student at Southern Illinois University, it doesn't bode well for Microsoft. "The added security alone is not worth the money when comparing Vista with Windows XP SP2," said Lambert, a member of CNET News.com's Vista Views panel.

But Chris Swenson, an NPD Group analyst, thinks that many consumers will prefer Vista's built-in security features over adding defenses to their XP machine.

"A lot of customers will prefer to either buy a new machine with Vista or upgrade a recently acquired XP machine with Vista in order to get at this added layer of protection," Swenson said.

If you are in the market for a new Windows PC because your old computer is outdated or otherwise failing on you, Vista is your best bet, all experts agree. That's even if you're considering buying a Mac, said David Litchfield, a noted security bug hunter.

"If you're looking to buy a new computer, the security features built into Vista tip the balance in its favor over other options such as Mac OS X," Litchfield said. "We've moved beyond the days of lots of bugs and worms. Recent history shows that Microsoft can get it right, as they did with XP SP2. With Vista, they will again demonstrate that."

Litchfield and other security researchers are impressed with the work Microsoft has done on Vista, in particular because the operating system has gone through the company's Security Development Lifecycle, a process designed to prevent flaws and vet code before it ships. Also, Microsoft challenged hackers to break Vista before its release.

Key Vista security features

User Account Control: Runs a Vista PC with fewer user privileges, which dictate how software can interact with the PC. UAC asks for permission to lift security barriers whenever software requires it.

Protected Mode for IE 7: Prevents silent installation of malicious software by Web sites by stopping the Web browser from writing data anywhere except in a temporary folder without first seeking permission. IE 7 is also available for Windows XP, but the protected mode is not.

Address Space Layout Randomization: Loads key system files in different memory locations each time the PC starts, making it harder for malicious code to run.

Windows Defender: Detects and removes spyware. Also available for Windows XP.

Windows Firewall: Blocks attacks from the Net and includes limited outbound protection. Also in XP, but improved in Vista.

BitLocker: Encryption for hard drives. Only in Vista Enterprise and Vista Ultimate.

"To be clear, XP SP2 was a massive leap for Windows security. But XP SP2 was not the systemic, top-to-bottom, scrub-everything experience that Vista is," said Dan Kaminsky, an independent security researcher. "XP SP2 secured the surface. Vista security goes much deeper. It's a far bigger leap."

Kaminsky was among about two dozen hackers asked by Microsoft to try to hack Vista. The exercise took about eight months, and Microsoft paid attention to the feedback, he said. "They did what we asked," Kaminsky said. "The security community spent years bashing Microsoft, and (Microsoft) deserved to get bashed. But they listened."

Robert McLaws, a blogger who writes about Microsoft, is particularly gung-ho about Vista. He recommends that everyone buy a copy as soon as possible. "Security is the No. 1 feature in Vista, and everyone with a computer in the house should go out and buy it," he said.

All the praise aside, Vista isn't flawless. In fact, Microsoft has issued security patches for the operating system even before its final release.

"To think there won't be vulnerabilities and there won't be exploits is inappropriate," said Michael Cherry, an analyst with Directions on Microsoft. "At best, we should see the number of them decline and the time in between them increase."

No software is without flaws, and Microsoft will be the last to deny that.

"While we greatly improved the security of Windows Vista and we believe it is the best system available, I have always been clear that the system is neither fool-proof nor unbreakable; no software I have seen from anyone is," Allchin wrote on a Microsoft corporate blog last week.

Some critics, however, say Microsoft has reserved too many of the security features for the high-end editions of Vista. The operating system comes in five different versions (with a sixth, "Starter" edition designed for developing countries), but only Windows Vista Ultimate--the most expensive one-- includes the maximum level of protection.

Even more, Vista comes to market in an era in which criminals are taking to the Net and looking for profits by breaking into the PCs of unsuspecting Web surfers. Vista is their next target.

"I don't want people to expect that their computer is never going to be compromised because of Vista; that's simply not the case," McLaws said. "The nature of maliciousness on the Internet is changing rapidly. It used to be that nerdy kids were trying to outdo other nerdy kids. Now it is criminals."

See more CNET content tagged:
Microsoft Windows Vista, security, Microsoft Internet Explorer 7, Service Pack 2, Microsoft Windows XP Service Pack 2


Join the conversation!
Add your comment
Ultimate only full security Vista package?
Not true for home use, true for business use. The additional security features in Vista Business and Ultimate are intended for business users whose machines are controlled by the corporate IT department. They provide little to no additional benefit to home users.
Posted by revstar (9 comments )
Reply Link Flag
The main thing missing is the BitLocker encrypted hard drive thats
only available in Ultimate. For the majority of people this won't be
an issue. You will be able to encrypt individual files though.
Posted by rapier1 (2722 comments )
Link Flag
Ultimate full security package?
If you are really concerned about the security on your computer the
only full security operating systems are LINUX or BSD. Pock your
favorite distro and its far more secure than an windows version,
right out of the box.
Posted by Bobxs (6 comments )
Link Flag
"the most secure version of Windows"
MS has been singing this song about every version of Windows. <a class="jive-link-external" href="http://news.cbsi.com/2100-1040-230632.html" target="_newWindow">http://news.cbsi.com/2100-1040-230632.html</a>

Just Google the phrase:
the-most-secure-version-of-Windows -Vista
Posted by rcrusoe (1305 comments )
Reply Link Flag
It's a Marketing spin
But that doesn't mean it wasn't true then nor does it mean it isn't true now.

These pundits forget that XP predates the top to bottom security review and that XP SP2 got only the fixes that could be made as patches. Windows Server 2003 was the first released version of Windows after that review and it's been pretty (but not perfectly) secure but of course it was for server systems and not desktops.

Vista is the first version of Windows for the desktop that incorporates that review and MS has added a lot of additional security since then as well. Will it ultimately prove to be more secure than XP? Probably but only time is going to tell.
Posted by extinctone (214 comments )
Link Flag
"Most secure version of Windows..." Isn't that sort of like "the most chaste ***** on the street corner"?
Posted by samiamtoo (31 comments )
Link Flag

cnet are a joke and so are the "experts" they quote.

vista will be and is as secure as any other operating system.

the reason its insecure is because hackers want to hack it, not because the code of the operating system is less than any other operating system.

if you look at someones home then look at a government building, which is going to be more vulnerable? the home? or the government building?

the govermnet building of course, because its more likely to be attacked than your home, and not because one building has more or less security in place, its merely the fact that its a higher target, making it more vulnerable, not because of the technical aspects of the security.
Posted by sea_net (8 comments )
Reply Link Flag
I Agree
One question: why is CNET so badly anti-microsoft? To make 90-93% of the PC users look like a bunch of idiots? I think this is getting offensive now. They maybe should envisage to change the name of the website, something like www.Ihatemicrosoftamafanboy.com might be more appropriate. Sorry to say that.
Posted by Repère (14 comments )
Link Flag
Flawed Comparison
We're comparing Windows XP to Windows Vista. They are both high profile targets. (Two government buildings, in your analogy.) The question is whether the new building is much better in terms of security than the other. Microsoft says yes, and you should move because of it. Others say no, the move is too much hassle and the security of your old building will do just fine, as long as you keep it up.

CNET News.com
Posted by JorisEvers (48 comments )
Link Flag
Windows is attacked more because hackers are terrorist. As such
when hard targets have too much security to attack they go for soft targets like Windows.

A hacker would love to have the bragging rights for hacking hard target systems like Linux, Mac or BSD but when they are not able to bring about any real damage they give up.

and attack Windows instead.
Posted by slim-1 (229 comments )
Link Flag
Government buildings tend to be more secure because they tend to
have 24 hours security guards. Ingress is channeled through a
checkpoint. Internal monitoring takes place and so forth. Most
homes don't even have a lock on the windows let alone a burgler
alarm. This is part of the reason why *homes* are broken into all
the time while government buildings are generally left alone.

To a burgler homes are the low hanging fruit - and it tends to be
pretty rich fruit as well.
Posted by rapier1 (2722 comments )
Link Flag
so, you really don't know anything about software development then huh?
Wow, your mommy bought you a 'puter for Christmas and now your an expert.

I am so very tired of "experts" telling me that Windows is only insecure because it's the biggest target. All operating systems are not developed equal. All operating systems are not equally stable. All operating systems are not equally secure.

msDos has no security.

Window95 through Windows98 barely had any security and it was an afterthought

Window2000, WindowsXP developed to be compatible back to msDos, security was an afterthought.

Unix is built to be secure and stable and with 30 years of evolution and development, is very much so.

Linux is built on the Unix design model and quickly implements new security features as does Unix. It is also developed with completely open and obtainable source code so anyone can audit the source and submit security or quality flaw fixes.

osX is based on BSD Unix and retains much of the stability and security of Unix though it is a very specialized distribution being for the Apple hardware products.

The default configuration of these OS is not equally secure. The tweaked configuration of these is not equally secure. The way in which they are built is different with different intended outcomes and different areas of importance.

By your logic, my house is isn't insecure because I've left the front door wide open, it's because all the criminals that happen to walk past are looking the other way. That's a load off my mind; I can stop carrying these stupid keys around, leave my doors unlocked and windows open. It's not a government building so naturally, it's completely secure.

By your logic, a hammer isn't weak because it's made of plastic instead of metal. It's week because the big bad carpenter is hitting too many nails.

By your logic, a liar is not a liar because they never tell the truth, it?s because someone pointed out that they are lying.

Let me state this clearly; Windows is insecure because of the way it is designed not because too many people are looking at it.

More eyes is better. More people trying to break your product, thus showing you where the flaws to fix are is better. Quickly addressing those found flaws and getting the patch to home users is better.

BSD Unix has evolved because too many people where trying to break it. Linux has evolved very quickly because too many people where trying to break it. osX is now more secure because too many people tried to break it in Janurary's month of flaws. Microsoft is being forced to make Windows more secure because too many people are trying to break it.

You also have to differentiate between "Hackers" and "Criminals". There is nothing inherently wrong with hacking on a system. A hack may be a way around security (your only recognition it seems), a way of using a program as it was not intended, a project with no clear intended outcome, a unexpected solution to a current problem.

The criminal act is taking that discovered anomaly and using it for personal gain or intended harm. That's not hacking. That's not the actions of a hacker. That's a criminal action just like breaking into someone's home would be.

Before you tell us that the Hackers (our modern day Bogieman it seams) are breaking Windows and that's why it's insecure, not because it had the flaw that could break it in the first place consider a few things.

Hackers are the people that started the computer age. They are the people who started this international network of computers. They are the people who constantly find new ways to user computers. They are the people who first dreamed of computer managed homes and the simple life for all with technology to do our bidding.

They are often anti-authoritarian but what person in there right mind fully trusts there government and authority figures?

Poor Microsoft, they sold a low quality product with very pretty packaging and desktop icons. It?s not there fault that it was developed by unmotivated programmers trying to meet a deadline. It?s the fault of all those bad people out there finding there flaws.

I personally don't care what OS you choose since it's not going on any of my machines. I personally don't care what OS you put me infront of, I'll still tune it to run like an F1 racer or learn it quickly then tune it. When I Game, I have to run Windows.
Posted by jabbotts (492 comments )
Link Flag
That is a complete lie.
"Its (sic) insecure is because hackers want to hack it, not because the code of the operating system is less (secure) than (that of) any other operating system."

That is completely idiotic drivel. It's insecure because it's fundamentally a 20-year-old legacy operating system that's been continually patched and bastardized. Microsoft knows it needs to continue to support all of the Win32 applications out there -- that's why people still use Windows instead of migrating to something better. So Microsoft can't really re-write the operating system from the ground up to provide robust security.

The number of Windows viruses is completely disproportionate to its market share. Research from Sophos PLC has shown that 68 viruses have affected the Mac while 97,467 have affected Windows. Of those 68, most are a decade old or older and don?t directly affect OS X," Digit Magazine reports.
Posted by gw188397 (45 comments )
Link Flag
I disagree
Windows is hacked more often because it is easier to hack than
any other operating system in wide use.

If just being a big target was the criteria for being sucessfully
hacked then Apache web servers, which outnumber Microsoft IIS
servers on the Internet two to one, should be the most hacked.
But they aren't.

Attackers, for the most part, go for the low hanging fruit.
Posted by rcrusoe (1305 comments )
Link Flag
Damned if they, damned if they don't
What a joke. Microsoft spends nearly six billion dollars locking down Windows and it's still not good enough for the pundits.
Posted by WJeansonne (480 comments )
Reply Link Flag
...at least if you have Windows...
Windows has a flawed architecture. It doesn't matter how much
lipstick, perfume and eyeliner you put on a pig's face... it's still a

Posted by Penguinisto (5042 comments )
Link Flag
Because it is a smoke screen. They didn't do anything except
make a market for their new security "Live" package by pushing out the competition.

As usual Microsoft attacks competition rather than looking at it as a benefit.

I would not want to be in a business with no competition. How would you now how to run your company?
Posted by slim-1 (229 comments )
Link Flag
it's not how much money you spend
They could spend 10 million dollars "locking down" Windows and accomplish nothing simply through poor planning. They may choose to leave known issues open to allow for some more important feature of the system.

It's nothing to do with how much money they spent. As well summarized by a comment earlier, between winXP kept up to date and Vista as is currently, there is not enough improvement of security to drop the amount of money they are asking per license. The better advise is to wait until you have to buy Vista with your next hardware upgrade or at least give it six months now that it's released while they get the initial list of patches for it written.
Posted by jabbotts (492 comments )
Link Flag
Microsoft spent six billion dollars...
trying to figure out how to retro-fit security into a legacy operating system that is essentially a cobbled-together hack.
Posted by gw188397 (45 comments )
Link Flag
Typical WJeansonne fartbomb
WJeansonne, what is your angle? You drop these little jems into the
comments section and then keep on going. Do you ever come back
to respond to your critics? Are you the Microsoft shill many now
believe you are? Well, what say you?

Have a nice day!
Posted by lesfilip (496 comments )
Link Flag
Investment with a guaranteed return..
Six Billion that Microsoft has spent, will be surely paid off, whether Vista is good or bad. Although most review feel lukewarm about Vista, but face the reality, Windows XP got exactly the same review five years ago, and let's see where they are today. Not so soon, most probably after Service Pack 1, especially for business users, that's why Microsoft has been busy planning for it.

Microsoft keeps people doubt to upgrade instantly, mostly because of previous version of Windows, which are Windows 98/ME which have a bad security feature, stability (bluescreen of death, hang), and so on. But since Windows XP, all of those weaknesses are much better, although surely not the best. But, guess what, it's enough for most of the users worldwide, at least 90%. So, what do you think about Windows Vista?
Posted by Gunady (191 comments )
Link Flag
look at the polls you looooozers!
vista will be the usual flop, with more bugs and heartache on the
way-----buy it and see!
Posted by richb12 (3 comments )
Reply Link Flag
As irony may have it, that hilarious Mac ad is playing as I read this article. I wanna c++ GUI hand book!
Posted by M_K_Higa (43 comments )
Reply Link Flag
They buy Vista for the curiosity
Ther are no less than 4 options now for running Windows apps
on Macs and those who use the latest boxes from Apple are the
ones buying Vista, as they use either Apples' own Boot Camp,
Parallel Desktop for the Mac, VMWare's Fusion or CodeWeaver's

The best box for running Vista is the Mac.

Oh, and with CrossOver, I understand that Windows apps can
run without any of Microsoft's OSes.
Posted by pritchet1 (20 comments )
Reply Link Flag
Is fine as far as MS is concerned. They really don't care what
hardware you run their software on. That Apple switched to an intel
x86 architecure probably made them deliriously happy because
now, with all of those Macs now able to run Vista and XP they have
so many more people to sell to.
Posted by rapier1 (2722 comments )
Link Flag
Corrupt Blogers
I don't know if it is funy or sad. Robert McLaws says that "every one with a computer should buy Vista now". I bet he doesn't, because his brand new laptop, courtesy of Microsoft, must have Vista already. I don't know why they bother to continue to give their opinions. It's worth less than zero.
Posted by mvaiks (4 comments )
Reply Link Flag
The numbers don't work
Don't buy Vista, just get use XP and the current Anti Virus/Firewall commerical apps you can buy.

So, how much are those AV/Firewall Suites? $50? $100? $200?

How many issues do you have with these third party apps?

I know we here, have sunk lots of time in reviewing AV/Spyware products.

We have had some (Zone Alarm) that breaks IM, blue screens left right and center (KL1) not found.

Anti spyware apps that make some systems unbootable.

I have seen people say it needs huge amouts of horsepower.

Yet I sit here writing this on a Dell 150 with its intergrated Intel video, and 1gb of ram. And it runs fine.

Sadley as most people know, every single time Microsoft has come out with a new OS, people say why change. We saw this with DOS to Windows 3.11, why change it will break games.. DOS games are the best. Why change from 3.11 to 95 who can trust Plug and Play to get the drivers right and miaximize system potential. Then 95 to 98, then 98 to XP.

I have seen the arguements with Linux, vs 3..1 vs 95 vs 98 vs xp, vs Vista. And I use Linux also myself, on one system and Vista on another. Mainly for some tools that I need that I can make better use out of Linux for.

My only main issue with Linux has always been home user, and what is somethings that are simple, be it replacement of a failed video card, or sound card. XP, Vista, open the case put in the video card and away you go. Normaly built in drivers are good enough to start, or if no driver default VGA so you can at least get to the internet to get the right drivers. I know many linux gurus will argue that its easy, do this go to that forum get this or that do this recompile that run this do that. Not easy, for the normal basic home user, not so easy. Although some argue, well I installed it for my 70 year old grandmother and she is fine. Again that is true, did she install it? Although I have spent also many weekends working on a friends computer, after they installed a cool app, and now have a version of a mediaplex spyware that just wont go away. Or the person who got an email, advertising this great AV program that they then installed.

Only to find they now have 700 + virus's and the app wants them to pay $39.99 to clean there previously clean machine.

Vista is a change, and most people struggle with change, they obtain a comfort level, and they like that comfort level.

I know we here, are rolling out Vista to over 900 desktops and most of those as I said are dell 150's or 270's. And, we have yet to run into any major hurtles.
Posted by wolivere (780 comments )
Reply Link Flag
Everybody should have a hardware firewall
Regardless of what OS you're running, you're an idiot if your computer is directly connected to the Internet. You can buy a consumer hub/firewall (which will also network your home computers) for about $30, and it's more effective than any software AV/Firewall.
Posted by vm019302 (85 comments )
Link Flag
Apples to Apples today not yesterday
Have you ever noticed how next years car is the most Fuel Efficent? Well crap Ford or Toyota said last years car is the most Fuel Efficent.

If you take Windows 98 and Vista out of the box intodays world which is the more secure? Vista.

If in 1998/99 you took windows 95 or windows 98 out of the box which was more secure? Windows 98

The comparison goes on. So yes today in comparison to its previous versions, which one out of the box is more secure? Vista. Its really not hype its simple reality.

And yes Vista of the home user, its security features are helpful, it prompts you when things are being installed, it prompts you when security levels need to change to accomplish a task. It add's that one extra.. hmm do I need or want to do this.
Posted by wolivere (780 comments )
Reply Link Flag
The problem with Vista...
It seems with each MS OS release, the number of available versions increase. XP had "Home" and "Professional" -- Vista now touts more versions which only adds to consumer confusion. Most will buy Ultimate when they probably don't need all those features. Sort of like buying a Ferrari when all you do is visit your corner grocery store.

Microsoft should realize that their product should conform to a user's system, not the other way around. Do all the bells &#38; whistles in Vista really justify hardware upgrades or the purchase of a new computer?

If you want eye candy, save your money, buy WindowsBlinds or something similar and stick with what works.

MS is home to the individual that predicted spam would be eradicated by 2006. Therefore I should believe everything Microsoft says about Vista, right?
Posted by JAG! (3 comments )
Reply Link Flag
First critics say XP is not secure
and to use another OS such as Mac. Now they say that XP is good enough and not to upgrade to a more secure OS such as Vista.
Posted by bobby_brady (765 comments )
Reply Link Flag
the comparison is winXP to Vista
The comparison has nothing to do with winXP vs any other OS besides Vista.

If you are running winXP and keeping it up to date along with AV and such, the added security in Vista will not make your life better during the next six months is get's fine tuned.
Posted by jabbotts (492 comments )
Link Flag
No the XP critics were correct. In fact I would still say XP is in Beta.
Mainly because they never got the security work out.

The reason. They should have done what Apple did and base of BSD.

Anything else is another band aid.
Posted by slim-1 (229 comments )
Link Flag
Hey I like Pigs or animals
Leave them poor things out of it, okay! Lord knows they have suffered enough on this earth!!
Posted by WJeansonne (480 comments )
Reply Link Flag
Pigs have suffered no more then Windows users
Posted by qwerty75 (1164 comments )
Link Flag
Hello there, are you listening?
So, as I understand this, you will come back to the article to leave a
stupid joke comment, but not bother responding to anyone who
commented on your last post? Well?

Have a nice day!
Posted by lesfilip (496 comments )
Link Flag
Dumb line
"how could run a company without competition"? Uh, duh. Let me count the ways! I'll be back in 100 years with your answer.
Posted by WJeansonne (480 comments )
Reply Link Flag
A company without competition will most like have the same trouble MS does
That is why Linux, Mac &#38; BSD are the best thing to ever happen to Microsoft.

Now they have a chance at making a good OS since they have competing products to reflect on.
Posted by slim-1 (229 comments )
Link Flag
The title should have read simply "Experts: Don't buy Vista"
Don't buy Vista:
- for the security
- for the performance
- for the features
- for the user interface
- for the anti-customer DRM restrictions
- for the anti-customer licensing practices
- for the anti-customer WGA spyware

Even Bill Gates can't come up with a good reason to buy Vista.
Posted by gw188397 (45 comments )
Reply Link Flag
CNET is a joke
CNET has consistently come out as a technology
joke. They do not appear to have a clue about
what they write. The anti-Microsoft bias is
all too obvious.

I belong to the majority that is making Microsoft
successful in the enterprise. In spite of CNET
the actual adoption of Microsoft technology is
very high both in the enterprise and the user

Vista will succeed in spite of CNET!
Posted by jimwhite467 (11 comments )
Reply Link Flag
Thats true Boo CNET
For about 3 years now I have been looking at electronics, laptops, etc. And I have noticed in cnets reviews how they love apple for its prettyness like a bunch of queers while they have always put down Pc's. When in fact Pc is the only logical computer. The same thing is happening now they are putting down VISTA and telling everyone not to buy it because its like a $200 update. Regardless of the added security and what I look forward to the most is its ability to run more complicated software and its ability to handle more extreme hardware. Everyone is fighting over how expensive vista is. When you look at the baby competitor Apple and how you will pay 3 times more for their computer and have to pay $150 a year for upgrades. It makes sense get vista much more reliable than a crApple and you will be able to run all the new demanding software.
Vista Beta Tester, Computer Technitian A+
Posted by Spywell (5 comments )
Link Flag
It's not an anti-Microsoft bias...
if they are simply reporting FACT. If you want to back up your claim of bias, I suggest that you find something they've reported that is factually incorrect. Or perhaps point to articles in other trade journals that counter what's being reported here.
Posted by gw188397 (45 comments )
Link Flag
Ah Calm Down
You're probably just upset because your new version of Vista
Ultimate won't run on your machine like Microsoft promised it
would. Of course people will buy Vista because Microsoft has a
monopoly over the PC market!
Posted by PCCRomeo (432 comments )
Link Flag
Very interesting article about security in Vista and MS OS Users...
Saw this article over on eWeek:

<a class="jive-link-external" href="http://www.eweek.com/article2/0,1895,2088384,00.asp" target="_newWindow">http://www.eweek.com/article2/0,1895,2088384,00.asp</a>

Among early adopters of Microsoft's freshly minted Windows Vista operating system, the strongest reactions so far seem not to revolve around the system's fancy new looks or its handy search facilities, but rather around Vista's knack for asking permission to carry out operations that require administrative privileges.

Vista gets a type of security SOMEWHAT similar to what MAC and Linux users have appreciated for years (decades even), making Vista a bit more stable than its predecessors. Unfortunately early adopters are getting annoyed with it.
Posted by mbjr (64 comments )
Reply Link Flag
Security needs to be unintrusive, easy to use, and fast. Generally
you get to pick two of those at any one time. When it gets too
intrusive users get annoyed and seek to circumvent it and then
they get hit by the problem of opening huge security holes. Like
running as root.

The confirmation screens in vista can be annoyingbut generally
they are there because known exploits can be mitigated by
putting them in place. Unfortunately, its intrusive some people
will eventually disable UAC. Then things just get stupid.
Posted by rapier1 (2722 comments )
Link Flag
Vista's Nine Most Annoying Features

ARTICLE DATE: 01.30.07

By Lance Ulanoff

Microsoft Windows Vista is gonna be with us for a long time. It's a fine operating system, so that's good news. Still, riding shotgun with all of Vista's charms are its many little annoyances. Here are nine that stick in my craw.

1. Who Am I and Who Are You
Windows Vista tries hard to protect us from ourselves. One unintended consequence is that it will sometimes block actions that we purposefully generated?and not even recognize that we selected the option. For example, I decided to try editing a Web page with Microsoft Word (Office 2007) and got a screen that said: "A website wants to open Web content using this program on your computer." Then Vista showed the Office 2007 component and explained that the program will open outside Internet Explorer's Protect Mode. All this would be fine if I weren't the person trying to edit the page.

2. Nested Ability to Change Date and Time
In Windows XP, I can change the date and time by clicking on the time in the System Tray and making changes in the pop-up dialog box. In Vista, I get this really cool clock gadget on my desktop, but clicking its settings icon only brings up a window that lets me change the clock style and set my time zone. That's okay, but when I double-click on the digital clock readout in Vista's System Tray, well, I can't double-click. A single click brings up a calendar and another view of my graphic wall clock gadget. A link in this window offers to let me "Change Date and Time Settings." Unfortunately, clicking on that takes me to yet another window where, you guessed it, I still have to click one more link before I can change the time. And here's the real killer: When I select that option, the User Account Control springs into action, telling me "Windows needs your permission to continue." I select "Continue" and finally, I can set the time and date.

3. Floating Features
I think Microsoft did some great work with the Windows Vista interface (and Microsoft Office's). Aero is truly inspired, but I really don't like how some features float in space. The top of any maximized Internet Explorer, Microsoft Office, Notepad, and, essentially, any other Vista-compliant app is a borderless black bar that contains the typical Close/Minimize/Restore buttons as well as any app-specific elements. The problem is that my eyes tend to cut off anything in that black bar. This leaves me struggling to access common/basic features. This isn't a big deal, but it's certainly annoying.

4. Little Has Changed Deep Down
This is good and bad. You can always drill down in Vista's settings to find familiar controls, but I have to wonder why confusing divisions among the settings for the Windows Desktop ("Color and Appearance," "Desktop Backgrounds," and "Themes") remain. I wish Microsoft had dropped Themes. Opening any of the options in "Personalize appearance and sounds" opens windows that should be familiar to any Win XP user. So clicking on Display Settings brings up the old-fashioned Monitor control window. This being the window where I control my resolution and color depth, I wish Microsoft had added Available Video RAM and a Recommended Settings button.

5. All Programs Confusion
I'm glad Microsoft simplified the nested, fly-out program folders in the Vista Program directory, which is accessible via the Vista icon menu (I still miss "Start"). Clicking on "All Programs" brings up a list of applications and then app folders. Each of the two lists is in alphabetical order, and the folder list does actually include nested folders. Office 2007, for example, has apps under the main folder and then a subfolder for Microsoft Office Tools. This last folder is filled with apps whose names scroll past the Program list window. There's no way to scroll to the right in this window. What happens if the folders go to a fourth level??next: 6 - 9 &gt;

6. Lack of Serial Support
I have a couple of Wacom digitizing tablets. One, a USB-based Intuos, I usually keep at home, and another, an oldie-but-goodie serial-port?based Digitizer II, I usually use in the office. I've used the Digitizer II with every Windows OS since Windows 95. Now, though the tablet is in perfect working order, Wacom isn't supplying Vista drivers. And Vista doesn't notice that the tablet's there. Are there other serial-based peripherals being put out to pasture by Vista and third-party peripheral manufacturers? Tell me about them in the forums.

7. Driver Prep
This operating system has been under development for half a decade, yet some companies still aren't ready for its release. ATI, for instance, has been providing pretty up-to-date and stable graphics drivers for all of its cards, including the Radeon X700 I have in my HP desktop. Unfortunately, it's left out one very important piece: open GL support. No, it's not something everyone would notice, but Second Life fanatics could be in for a rude awakening if ATI doesn't get its act together. I assume a Catalyst update will be ready right around launch, but still, what the heck took them so long? Again, let's start collecting a list in the forums of components and peripherals without adequate Vista driver support.

8. Questions with No Answers
Vista's Problem Report and Solutions is a great one-stop shopping center for reporting problems, keeping track of bugs, and resolving issues. Unfortunately, it doesn't appear to have any real answers. Of the three problems I reported?an issue with AutoPlay Media Studio 4.0 runtime, an outdated driver, and one program-incompatibility problem?none have been adequately solved. The box notes that they've all been reported, but no solutions have arrived. This smartly designed interface only makes Microsoft's inability to solve these issues more glaring than it was in Windows XP.

9. Game Switch
Vista's collection of built-in games still leaves something to be desired (I'd say the Purple Palace Cooking Puzzle game is an acquired taste). Still, I'm glad Microsoft kept old faithfuls such as Solitaire?and, wonder of wonders, it finally added chess. That game works as expected, but there is one small annoyance here: No matter which appearance settings I choose, the black pieces still blend into the black squares and pieces behind them, so I can hardly make out which pieces are sitting on which squares. In one instance, for example, I couldn't see a black bishop in front of a black king. So instead of putting the computer opponent's king in check, my queen was taken by a hidden bishop. (Perhaps this will matter only to former Chess Club members.)
Posted by Llib Setag (951 comments )
Reply Link Flag
6 and 7 are 3rd party issues.

1 is necessary because you can craft javascript to make it look
like a user is pressing buttons on the webpage. So it throws up a

2 this is valid but requiring elevated access to change the date
and time is also a security feature. you need root to change the
time in OS X too.

3 and 9 are basically issues with how this individual is dealing
with the interface. Personally I've not had the same problems
with it as he is.

4 and 5 are valid complaints.

8 is tough to bit_h about being that the software has been
publically available for less than 24 hours now.

Look, Vista, like all OSes has some issues out of the box. OS X
isn't perfect. Linux isn't perfect. I'm not sure why people are
agahst that Vista isn't perfect.
Posted by rapier1 (2722 comments )
Link Flag
Security, Security, Security
What are we talking about!? An OS or a security firm? It's ridiculous that MS is selling yet another version of Windows with features that cover faults of previous one!
Posted by Userzz (1 comment )
Reply Link Flag
XP Server 2003 + Mac OSX 10.1 2001 GUI
= AstlaVista OS 2007...

5 years + 6 Billion $ + Billions in "Vista Frenzy" promotions for

$99 - $299 Vista OS

Mac OSX = $129 ( runs Linux/ Unix/ Windows &#38; Mac OSX on
ONE COMPUTER) Yeah and Macintels are so expensive (not).

Yeah it was worth the long delays &#38; the overpriced recycled OS
to get Vista OS 2007...(not)
Posted by Llib Setag (951 comments )
Reply Link Flag
1st, MS is more than happy if you want to run Windows on a
MacIntel. In fact, I'm sure they are overjoyed that you can do
this. I'm actually looking forward to running Vista on my
MacBook Pro once I actually get the MacBook.

2nd, I've had to pay $129 for every signifcant update to OS X
since I first got it. Shelling out another $129 a year, in addition
to paying for or installing new versions of software that are
suddenly incompatible (every freaking OS X rev seemed to break
the cisco VPN client) gets tiresome after a time.

3rd, You can run multiple varieties of Unix and darwin on the
same box as you run Vista. In fact, if Apple decided to you could
run OS X 10.4 on a the same box as you run Vista. Its the exact
same hardware architecture with the exception of an EFI and
TPM chip. The only reason why you can't is because Apple won't
allow it.

4th, getting equivilant hardware on a Mac is sometimes
impossible and as such price comparisons can be difficult.
Sure, its more that possible to run the *same* hardware on a
MacIntel *but* Apple wants to maintain control of the hardware
environment. Which certainly makes it a lot easier to support -
but necessarily reduces consumer choice. Part of the problem
MS faces is that its trying to run on *everything* and getting
*everything* properly supported in a stable way is extremely

Look, I own a mac. I use it every day all day. I'm using it right
now. Personally, I think these Mac versus PC religious wars are
fundamentally idiotic.
Posted by rapier1 (2722 comments )
Link Flag
$10 bucks says bitlock will be cracked in 3 months
Posted by kyle172 (65 comments )
Reply Link Flag
it already has been six mos ago...
...in front a crowd of Microsoft employees, journalists and security experts at the 2006 Black Hat convention by Joanna Rutkowska who chose not to share her PoC with Microsoft at the time. Yet she proved that the only "significant security improvement" in Vista over XP SP2 is insignificant in fact.
Posted by i_made_this (302 comments )
Link Flag
A security SmokeScreen
No matter how many security features you keep adding to an OS, it is not possible to stop malicious code from executing. How does the OS know a code is malicious or not? Friend or Foe? This kind of concept could disrupt functioning of normal programs such as games.

NetAlter is developing a browser which will offer the best secured environment to be developed. So even if your OS is unsecured, so long as you run applications within this browser, no hacker or virus can get you.
Posted by guyfrom2006 (33 comments )
Reply Link Flag
This comes at too high a price:
<a class="jive-link-external" href="http://www.netalter.com/technology/UniId.htm" target="_newWindow">http://www.netalter.com/technology/UniId.htm</a>
I can this technology as potentially useful in a corporate environment, as an alternative to maintaining several intranets. However, some of the most insidious and malicious entities on today's internet are governments themselves, and this technology plays right into their hands. When it comes to my personal internet business, I will take the risk of black hats gladly in return for anonymity on demand.
Posted by samiamtoo (31 comments )
Link Flag
Don't Buy Vista for the Security...
As I have stated numerous times, I am sticking with XP Pro on my customer built HP PC &#38; XP Media Center on my custom built Dell E-1505. Both of the units have NIS '07 (Norton Internet Security 2007) installed along with and not limited to Ad-Aware SE Plus &#38; Spybot S&#38;D among others.

In addition, Symantec will be releasing Sonar sometime in early February, which will be available via liveupdate.

I wouldn't trust Windows Defender as it's track record is marginal at best.

The bottom line is stick with XP as long as possible. The only time anyone should go to Vista is when it's installed in a pc with SP1.

Any comments would be appreciated.
Posted by Ron3462 (1 comment )
Reply Link Flag
Vista's security lets' third party vendors access to your hard drive.
Vista's fire wall is One Care. If you read the EULA, third party vendors can with Microsoft's approval access your hard drive to read and upload files to their servers. With XP you can stop it with a good fire wall (not xp2 firewall), but with Vista, you don't know what files are being accessed and what information is being uploaded by these third party companies. Microsoft has never released their names or how many third party vendors have the access key. Plus if you read the EULA for Media Player, everything you play on Media Player 11 is shared with at least 9 different vendors and the RIAA or the MPAA could be one of these vendors. Microsoft will not tell us who these vendors are but they are collecting info of all your songs and videos stored in a data file which is then sent to Microsoft that includes your GUID and IP address. It calls out when you load a movie or song. How can you call this security. Bah Humbug. It is my computer, what right does Microsoft have to allow themselves and third party companies to take personal information from my hard drive? There is no way I am upgrading to vista due to privacy concerns. At least with XP it can block all this with a 3rd party vendor firewall.
Posted by renegadesoundwave (1 comment )
Link Flag
Wine Is Not an Emulator.

never has, never will be.

Many windows apps running in wine run faster
then on windows, especially network apps. This
should not be surprising since the bloat of
windows is gone and only a very thin layer for
rerouting OS API calls is added.

Wine is a very solid, efficient system.
Posted by qwerty75 (1164 comments )
Reply Link Flag
White hat hackers lack the skillz
Inviting legitimate hackers to examine the security is like asking
a domestic dog to babysit a child.

It may cause a bit of consternation, but most of the time it will
lack the wildness to do any damage.

But you wouldn't go getting a wolf or dingo (wild
undomesticated cousin of the dog) to do the babysitting, now
would you.

The corollary here is that out in the wild, the black hat wolves
are grinding their teeth on the last shards of Vista's mangled
bones, ready to release an onslaught of botnets once the new OS
has reached critical mass.

And they're not going to let anyone know they can, are they.
Posted by dotmike (154 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.