Scott Field: How secure is Vista, really? - Part I
- Posted: Nov 29, 2006 at 9:26 AM
- 37,587 Views
- 11 Comments
Download
How do I download the videos?
- To download, right click the file type you would like and pick “Save target as…” or “Save link as…”
Why should I download videos from Channel9?
- It's an easy way to save the videos you like locally.
- You can save the videos in order to watch them offline.
- If all you want is to hear the audio, you can download the MP3!
Which version should I choose?
- If you want to view the video on your PC, Xbox or Media Center, download the High Quality WMV file (this is the highest quality version we have available).
- If you'd like a lower bitrate version, to reduce the download time or cost, then choose the Medium Quality WMV file.
- If you have a Zune, WP7, iPhone, iPad, or iPod device, choose the low or medium MP4 file.
- If you just want to hear the audio of the video, choose the MP3 file.
Right click “Save as…”
Scott Field is an Architect who's been working on software security at Microsoft for twelve years. His most recent work has been focused on improving security in general purpose monolithic operating systems, from the kernel to the shell. You've heard a
lot about how Vista is our most secure OS ever. Now, sit back and learn exactly why we feel this accurate. Here we learn how and why Vista will do a great job protecting you from harm from one of the minds behind Vista's overhauled and much improved core security
architecture.
In part 1 of this two part series, Scott takes us through a historical perspective of security at Microsoft and outlines what's new in Vista. In Part 2, we go whiteboarding and dig into the architecture of Vista security. The venerable Jeremy Mazner, technical evangelist and software developer, joins me in conducting this interview.
In part 1 of this two part series, Scott takes us through a historical perspective of security at Microsoft and outlines what's new in Vista. In Part 2, we go whiteboarding and dig into the architecture of Vista security. The venerable Jeremy Mazner, technical evangelist and software developer, joins me in conducting this interview.
Comments Closed
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation,
please create a new thread in our Forums,
or
Contact Us and let us know.
Follow the Discussion
Whitepaper on Vista Security: http://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/WindowsVistaSecurityWP.doc
CredMan (credential manager): http://msdn.microsoft.com/library/en-us/secauthn/security/credentials_management.asp?frame=true
Scott's blog entry on kernel patching: http://blogs.msdn.com/windowsvistasecurity/archive/2006/08/11/695993.aspx
Guidelines on driver installation: http://www.microsoft.com/whdc/driver/install/32-64bit_install.mspx
UAC and the secure desktop: http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx
In relation to patch-guard, is it true that patch-guard, in part, needs to read the number of pulses generated by the clock and can patch-guard be disabled or told in effect not to read the clock?
Will, the patch-guard like technology or technologies, be implemented at the hardware level at some-point in the future?
I think alot of concerns I had with Vista's security had been addressed to some extend in this video.
I realize that Vista is just a snapshot of the roadmap to windows Vienna. The innovations in the security area with respect to Windows OS, will match those of Unix and Linux, and when Vienna comes out, it will be a matter of flavor to run Unix versus Vienna, rather than by security criteria.
The hyperviser technology and virtualization at the kernel level, is one reason I say this. The heuristics code that will check suspecious behavior in the system, will cripple root kits significantly.
I wish MS would have enforced the signed driver policy on 32-bit systems also, and worked with vendors to recompile their drivers and sign them to work in a digitally signed world.
The future is bright for Windows OS because Windows has been hammered for the past 20 + years more than others, and it has not been killed. So what does not kill you , only makes you stronger. I see this applies to windows and its very true.
I also, realize that you cannot make a 100% secure system, because technology is always evolving. But atleast MS is increasing the bar level higher, so that only capable engineers would be able to jump the bar level, and the majority of script kiddies are blocked. This is very cool.
If people had waited 2 more years, we might have had a more secure system than vista. Vista is claimed to be more secure, but its not tested in the wild. So its security is to be verified by how it stands up to hammering by the outside world. Vista's new innovative security features, makes Windows more secure by default than XP (out of the box sense), but not "Secure" in the absolute sense of the word.
So we can watch and see how Vista does, and wait patiently for Vienna.
Again, Thanks for giving us this inside look into Vista's security. You asked alot of good questions, that I myself and I am sure others, have woundered about, and got them addressed at least in part.
Hmm, Good Info. But the abrupt ending was a worry...
It was a long interview. Hard to find the perfect spot to create a part 1 from. We found it, but the window was real small..... We talked about so much and it is all related, technically.
C
D'oh (magoo), I've done it again.
I didn't realise it was a two-parter... [A]
Blue pill was a proof of concept piece of software that ran as a hypervisor.
I went through the video for 20 minutes. Scott field is talking sooo sloww..he reminded me of the guy from the movie "office space". the way he says yeahhhh....("About the TPS report..."). its making me fall asleep. Have to get back to this later
Im sorry but MS lied, I remember seeing a video saying Vista wont get spyware any more, and it does. I went onto a website I new had spyware, the system got infected, and when i tryed to remove the spyware, the computer restarted. After that each time i loged into Vista, it kept on saying explorer has crashed and it restarts explore, doing that in a loop. Thats not a driver problem, its a Vista is not as good as we was told problem
Now ok if i was not in admin mode I would of had to enter a password, but when you get a system from say PC world, its not going to have a admin account stopping you from installing things, as PC world would get loads of phone calls, saying hay i cant install something. So there UAC wont help at all sadly.
It looks like child999 has run into one of the following:
To cut a long story short, his story doesn't add up. He should try again, and if the same thing happens with a release version of Windows Vista, he should write in to Windows Vista support.
Remove this comment
Remove this thread
close