Sunday, March 19, 2006

Windows Vista: A sense of Deja-Vu?

An article in today's ZDNet had me thinking how often I've heard that the next version of Windows will be more secure. I'm sure if I really exercised my mind I'd remember Microsoft saying something similar about DOS 6.22 or Windows 3.11. EVERY version has been marketed as more secure even when they've left gaping holes open across every platform.

The ZDNet article has some strange claims, does Joris Evers seriously believe more than 75% of Windows boxes are infected with Spyware? While spyware is the biggest security threat to Windows users, grossly exaggerating the problem does nobody any good. The real figure is probably around 15-20%, which is still an outrageous number.

Another weird comment is "
spyware has been able to haunt users of XP." I guess Joris doesn't know anyone running earlier versions of Windows. It was the difficulty of cleaning spyware from Win9x boxes which lead us to declare the death of Windows 98 some months back. A badly infected ME system is in reformat territory, which is pretty well an admission of total defeat from an experienced tech.

Being younger than me, Joris probably doesn't remember the success of Microsoft's earlier attempt at bundling an anti-virus with their operating systems. It doesn't fill me with confidence when the MS Antispyware tool is choosing to ignore some of the notorious spyware programs. While Defender and OneCare will help, they won't be putting Symantec and McAfee out of business yet.

The biggest plus for Vista is that users will no longer be running as administrators by default. This should have been done with Windows XP and if MS had have done this, the spyware plague would probably not have happened. I suspect the reason they didn't was because so many MS apps require admin rights.

If Vista does restrict users by default, then we'll see a lot of older programs not running. The problem we are going to see is some users will get used to giving Admin rights to every dialogue box that pops up. Worse, we'll probably see some vendors recommend changing user rights to administrator level.

This last point is why the average user needs to ignore all the hype about Vista. Even if it gets released on time, it will be this time next year at the earliest before we techs have figured out how to use it properly. The early adopters, as usual, will be our crash test dummies.