May 10, 2005 4:00 AM PDT
OS makers: Security is job No. 1
- Related Stories
-
FAQ: Getting a handle on Windows Vista
November 29, 2006 -
Apple feeds Tiger to iMac line
May 3, 2005 -
Can Longhorn improve laptops?
April 27, 2005 -
Microsoft: 'Trusted Windows' still coming, trust us
April 25, 2005 -
Apple patches iSync flaw
April 20, 2005
That's the attitude of operating system makers, who aren't just focusing on features such as snazzy graphics and better networking tools when revamping products. Now they're also providing sturdier defenses.
The new generation of OSes includes improvements aimed at keeping data more safe. Microsoft, long the target of hackers' efforts and resulting customer ire, has promised anti-spyware and other tools in the upcoming version of Windows, code-named Longhorn. And while they aren't as aggressive about marketing their security efforts, Apple Computer and Linux-seller Novell recently released updates with an eye to stronger defenses.
What's new:
The next generation of operating systems focuses as much on tough security as it does on whistles and bells.
Bottom line:
Development of better defenses is a response to growing frustration among consumers, who are fending off a rising tide of viruses and fraud threats.
"The OS makers know that their futures depend on the trust that buyers have with their products, and buyers aren't trusting computers today," Forrester Research analyst Ted Schadler said. "We know that people are downloading less music, shopping online less and steering away from online banking because of security fears."
Several high-profile incidents of data theft, such as the ChoicePoint breach, have highlighted the need to protect confidential personal information. Alerts about phishing and other online fraud schemes have further publicized the risks. On top of this, malicious code writers have not let up on sending out traditional PC viruses.
Even though these consumer security threats sometimes take advantage of weak points in technologies other than operating systems, or exploit people's habits, OS makers often bear the brunt of the blame for them, Schadler said.
"(Security) is a problem that consumers are increasingly aware of and angry about, and they want to blame someone," he said. "The OS players are taking notice because they have to."
For Web designer Eugene Abovsky, 23, helping his friends and family members keep their PCs running smoothly and securely in his spare time has become an uphill battle as security concerns multiply. Abovsky works only with Microsoft's Windows, and he said that juggling patches and warding off "malware"--malicous software--have become time-consuming ventures that leave him frustrated with the software giant.
"Microsoft should be ashamed at the level of protection they provide to the average consumer who uses Windows," he said. "Almost all of the Windows computers I deal with in the homes of people I know have been so infested with spyware, malware and adware that they are almost unusable."
For Microsoft, the dominance of Windows and a string of high-profile vulnerabilities have translated into serious headaches around attacks and security. In addition, the company's software has historically come under more attack from hackers than that of its rivals.
To respond to these, Microsoft developed its Trustworthy Computing initiative, launched in 2002, which aims to improve the security and public perceptions of its products. It also issues a monthly bulletin of security patches, and its last significant update to the full version of Windows, Service Pack 2, was centered on security.
The results of those efforts have produced, in Longhorn, an operating system that will more aggressively defend computers, said Greg Sullivan, lead product manager at Microsoft. Among other defensive moves, it actively fights the installation of malicious programs such as spyware and automatically quarantines devices that could have acquired viruses outside home or business networks, he said.
"Clearly we have a very significant role to play in making sure that our platform is one that customers can use safely and securely, and that's
See more CNET content tagged:
defense,
operating system,
security,
malware,
virus
Either way better late than never. I still think though that by default an OS shouldn't install anything other than what it requires to run the OS. Users (or their guru's) can then select before or after installation the extra features they want.
The other OS maker, has never put much priority on security, and time will tell if their next OS is not the same security mess that all the previous ones have been.
is a process driven by risk assessment. You can never do it
perfectly, so you come as close as you can where you need to.
But defining where that need exists has been a najor failure,
partly because of questionable programming techniques, and
partly because the OS developers didn't recognize where they
were leaving security holes.
Windows has been plagued by the MS decisions to make the
Windows OS a marketing tool first and an OS second. Logically,
there s no compelling reason to 'bundle' all sorts of second level
functions into an OS - except to block competitors. That MS
mistake meant that the focus in the development was on
bundling, and many of the subfunctions needed to implement
bundling are also the security holes.
MS can fix the problem by writing a true OS, properly structured,
and properly supported by all the independant apps needed to
achieve MS's view of functionality. That's not going to be
Longhorn/Shorthorn/Airhorn or whatever else comes out as the
next generation Windows, This one is three years and a mindset
change away in good weather. And there also may be a need to
abandon the curretn PC motherboard and processor designs as
being too overloaded for the basic capability. After all, a Pentium
4 is little more than an Intel 8088 on steroids. And no one yet
has taken any responsibility for PC motherboard design control.
You can knock Apple all you want, but Apple knew when to
terminate legacy motherboard, processor, and OS designs and
to move on to more performance
In the meantime, MS can blow all the smoke they want about
their concern for security. And they can issue band-aid after
band-aid to 'ugrade' security. But more holes will constantly
appear. It's the price paid for the MS corporate goals.