This column might, at first, seem far afield from my usual realm of computer security, but bear with me. For the last few days I've been using the latest CTP release of Windows Vista. The December release, build 5270 (available to a limited number of testers but thought to be a trial run for a public beta 2 release in the next few months), contains most of the cool new features that will ship in the final product, now expected sometime in either August or September 2006. But as I examined each new feature, I started thinking: Microsoft's adding a lot of online stuff to Vista to compete with Google, of course, but Microsoft is also adding new security elements that could dramatically reshape the security software landscape.
New and improved Microsoft Security Center
At first glance, Windows Vista makes security maintenance easy with a more robust Security Center, adding account protection settings and antispyware protection settings. Also, it's now possible to configure automatic Windows Updates from within the Security Center. However, in this build, accessing the Windows Firewall setting still requires using the Control Panel.
Microsoft's adding a lot of online stuff to Vista to compete with Google, of course, but Microsoft is also adding new security elements that could dramatically reshape the security software landscape.
Here's some news: Windows Vista will finally contain--drumroll, please--a two-way firewall. This could offer some serious competition to venerable firewall producer ZoneAlarm, which also offers a free (and very good) firewall. I haven't yet put Windows Firewall to the test--it is still in beta--however, something tells me that ZoneAlarm will remain the superior choice.
Say good-bye to paid antispyware apps
I always thought paying for antispyware protection was just a flash in the pan. Ever since Computer Associates bought PestPatrol and Trend Micro bought Intermute Spysubtract, I no longer see the benefit in paying someone else just to watch my computer for potentially unwanted programs. McAfee and Norton already provide their own built-in spyware protection within their respective Internet Security suites. Now Windows Vista will include Windows Defender (formerly known as Windows AntiSpyware).
Based on its acquisition of Giant Software in 2004, Windows AntiSpyware Beta (soon to be Windows Defender within Vista) has performed rather well on my test machines. But given that antispyware protection isn't yet an exact science, you really should have two scanners on your system. Fortunately, there's also Ad-aware, Tenebril SpyCatcher Express, and Spybot--all recommended and available for free.
Microsoft antivirus within Vista?
One major change within Windows Vista places device drivers and scanners outside the system kernel. So Microsoft is forcing antivirus vendors to redesign their scanning engines. To use antivirus apps on Windows Vista, you'll need to run a new version of whatever software you like to run. Look for Vista-compliant antivirus software editions to hit the market next summer and fall. Hopefully, this will also be an opportunity for antivirus vendors to correct the various buffer overflow issues they've had to contend with recently and perhaps better blend their antispyware engines for faster overall scan performance.
Microsoft's saying to the customer, yeah, we wrote shoddy code, but now pay us an annual fee, and we'll protect you from viruses and other malicious code.
But don't expect to find a free antivirus application bundled within Vista. In June of 2003, after Microsoft announced its acquisition of Romanian antivirus software company GeCad, I predicted that Microsoft would not be entering the lucrative antivirus software market, as doing so might cause lawsuits and antitrust problems for the software giant. Turns out I'm right (kind of). Microsoft will instead bundle its acquisition within a new online pay-for service called Windows OneCare, currently in beta. My personal feeling about this new online service from Microsoft, which promises to monitor your computer's performance and remotely make corrections when necessary, is (not to mince words) that it's extortion. Call it SopranoCare instead--jeez. It's like Microsoft's saying to the customer, yeah, we wrote shoddy code, but now pay us an annual fee, and we'll protect you from viruses and other malicious code.
No longer a strictly Microsoft universe
Not everything to be found within Windows Vista is pure gold, mind you. Some of it is pyrite. Consider the new Windows Photo Gallery. Here, Microsoft includes real-time editing tools that correct for color and brightness, along with a handy autocorrection button for those who just want their photos fixed. What you see is what you get (no delayed processing time), so all the better. Trouble is, for free, you can download Google Picasa and get far more features that are (in my opinion) superior to what Microsoft is offering. Elsewhere within Vista are built-in links to MSN Spaces (Microsoft's blogging site), Media Center (for downloading music and video), and, of course, a new omnipresent desktop search. All of these are awkward nods to Google, and personally, I think Google does it much better.
A similar situation exists within the security space. There are cool security tools within Vista, but the best defense against online miscreants is to diversify. I expect third-party firewalls to remain the norm, along with third-party Internet security suites. The only casualty from Vista, I think, will be the pay-to-play antispyware business, which may have already overstayed its welcome.
Will Microsoft ever become a serious security provider and therefore a threat to McAfee, Symantec, and Trend Micro? Why or why not? Talk back to me.