Windows chief Jim Allchin has urged people to buy Vista for its security features, saying that it will have better protections against phishing attacks, spyware and other malicious code. It's a savvy move on Microsoft's part, as the company's products have borne the brunt of hackers' attentions.But this week, Symantec said that it had poked around in the networking stack of the latest Vista beta and found lots of bugs. It concluded that in the short term, the stability and security of the upcoming operating system would lag that of XP.
The Vista beta code survey comes as Symantec faces competition from Microsoft's ever-expanding interest in security software, both integrated into products and standalone titles. To find out what people on the street make of it, we asked our Vista Views panel, made up of ordinary readers, this question: Symantec researchers say that right now, the networking features in Vista are a security cause for concern. Are you worried?
If Symantec continues to raise concerns, there are two agendas here. As stated, Microsoft continues to find and fix issues. Will Vista be bulletproof? No. But that's what good firewalls are for. And there is a good firewall in Vista. Do we need a new stack and IPv6? My opinion is yes. And my opinion is that the benefits outweigh the (overstated) risks.
Barb Bowman is a product development manager for Comcast high-speed Internet who also writes about technology for the Microsoft Windows XP Expert Zone and the Microsoft Vista community.
I won't be concerned about any reports during this beta phase for Vista. Whether or not there is a new security stack, there is an awful lot of new code in Vista. To focus on vulnerabilities in one area right now is premature. If we find that there are concerns during the Release Candidate phase, that would cause serious concern.
David Dawson is an MCSE, CCNA and team leader in research and development at Community IT Innovators (CITI), an organization providing technology support to socially responsible organizations in the Washington, D.C., area.
Symantec is very unhappy lately with Microsoft, and it wouldn't surprise me if they were trying to make MS as uncomfortable as possible.
Microsoft's plan to market their own security solution is a direct threat to Symantec's profitability. Microsoft and Symantec are involved in an unrelated copyright lawsuit. And finally, many of Symantec's bugs or holes have to do with earlier betas of Vista, and those problems have already been addressed. So why bring this up now? It seems like Symantec's goal is to slow adoption of Vista and thereby maintain a higher share of security revenue.
But whatever motives Symantec might have, Vista security problems are a great concern. We will be wanting to watch this closely for more information.
Gary Knigge is an IT support person at the University of Wisconsin-River Falls, specializing in Windows desktop support for faculty and staff.
Despite Microsoft's assurances and Symantec's research, Vista will likely ship with tons of security flaws, but every operating system ships with tons of security flaws; Windows gets the most attention since it's the most popular operating system. If more people used Mac OS X or Linux, those operating systems would come under closer scrutiny too.
The biggest problem with Vista isn't security flaws but its snail-pace development and resource-hogging system requirements. If people and businesses really want a secure operating system, they should switch to OpenBSD or, for a more mainstream solution, switch to Mac OS X or Linux. To use Vista, you're going to need a new computer and learn new ways of doing things anyway, so the best way to avoid Vista's security flaws altogether is to switch to a better operating system.
Wallace Wang is a freelance computer journalist and author whose books include "Microsoft Office for Dummies" and "Steal This Computer Book."
Symantec needs to find a better business model than fear-mongering and profiting off of insecure operating systems from Microsoft. Symantec should be worried that a more secure operating system means less sales of their less-than-stellar software.
Brian Clarke, a student at Shippensburg University, says he has reinstalled Windows more time than he cares to remember.
Microsoft releasing another product without fixing all the holes is not a big surprise. They need to make sure it is locked tight before just setting it loose on the world. Maybe learn from OS X, if you have to...restart from the ground up and redo the entire OS to make sure it works right with the best available security, THEN think about compatibility with older software. Stop basing all of the software on the previous OS and then expanding.
Kevin Faaborg works in basic hardware and software guidance for a large financial corporation, but he has experience in more computer sales-based jobs.
However, I, personally, will not depend solely on Microsoft's efforts. I think it's essential to install third-party security software. Also, when security vulnerabilities are discovered, Windows must be updated and patched.
Users must not solely rely on Windows to meet their security needs, they need to actively secure thier own computer. Needless to say, Microsoft should still strive for the best security around, and Vista should be a step forward in security.
Brian Lambert is a law student at Southern Illinois University.
Symantec needs to understand that Vista is still in beta form and is being fine-tuned. Granted, if Vista is released without any additional updating to the networking interface, then I would agree with them. Maybe revisit this after Vista is RTM (released to manufacturing).
Jason Klomps of Tucson, Ariz., works in IT support for a call center.
Fair competition between add-on security software companies (such as Symantec) and companies which build some security features into the OS (such as Microsoft) can only lead to more secure companies. Symantec finds possible exploits and oversights in Microsoft's framework, Microsoft responds by filling in the cracks and coming up with better security, and the educated user wins by having a more secure Internet experience.
Finally, there is an inverse relationship between the amount of security a computer can have, and the amount of usability it has. The trick for Microsoft, Apple and Linux (and Symantec, Grisoft, et al.) is to cooperate through the economics of competition to find the best balance of usability and security for their respective consumer markets.
Jesse Hathaway is a student in Athens, Ohio, who is a contributor to Helponthe.Net's Tech Support Guy computer help forums.
What? Windows is insecure? Whoa, this changes everything!
John Kneeland is an undergraduate at the University of Pennsylvania, where he is majoring in international relations and East Asian studies.
Symantec is just spreading FUD to stay relevant. Why are they concerned about the network stack just because it's new? They can't use the argument that "because it's new, it's insecure," when that's exactly the reasoning Firefox uses to say that it is secure. The industry can't have it both ways...except of course, if the "enemy" is Microsoft.
At the end of the day, this is nothing but FUD designed to drum up support for future Symantec security products for Windows Vista. The problem is, there are a number of security features that will make it much more difficult to exploit Windows Vista for malicious purposes. That's a major problem for the future of Symantec. And if Symantec is screaming this loud about problems that don't exist, they must be in real trouble.
Robert McLaws is an IT consultant, community leader and Vista enthusiast. He has been running Vista enthusiast site Longhornblogs.com since 2002.
The Vista Views panel is being brought together by CNET News.com to discover what people on the street think about Microsoft's new operating system.
We're looking for a range of perspectives--from beta testers to business buyers to home PC owners.
Interested in joining the panel pool? Here's how it works:
Whenever key Vista news breaks, we'll e-mail a question to contributors. Sometimes, we'll ask a yes/no question and use the answers for a simple poll. Other times, we'll look for more in-depth feedback on Vista events. It doesn't matter whether you send us two pages or two sentences--we value your comments. And if you don't have an opinion on a particular story, or you don't have time to respond, that's fine too.
The feedback will often reach our readers. Our writers may quote panel remarks in stories. Or we may pull together comments--your two cents--in an article of their own. Occasionally, we'll ask contributors to take part in a weekly podcast to discuss their views with News.com editors and industry experts.
We want to know what our readers think, as Microsoft gets ready for one of its most important launches in years. If you haven't signed up yet, send us an e-mail to firstname.lastname@example.org.
Design: Gautama Swamy
Production: Kristina Wood