Going Deep: Richard Ward - Engineering security into Windows Vista

Download this episode

Download Video


Richard is an architect on the kernel team on Windows Vista. In other words, everything in Windows builds on top of his team's work. Here Charles Torre has a 52 minute conversation with him about the kinds of things that are being done deep inside Windows from a security perspective. But you'll learn more about the innards of Windows than you might expect from this conversation.



Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      Windows innards--we love to go deep.  So many podcasts and videos... so little time.
    • User profile image
      Hm hm hm very nice interview, Charles!  Going deep does rock.
      Now, this code annotation thing Richard mentioned.. is that something us normal users can leverage, too? I only know about c++ annotation capabilities in team systems so far.

    • User profile image
      Download link seems to point to the stream instead of WMV. :O
    • User profile image
      DigitalDud wrote:
      Download link seems to point to the stream instead of WMV.

      Fixed, but not until the cache expires (we need to work on that...)
    • User profile image
      Great Video - keep this kind of stuff coming.
    • User profile image
      Thanks for posting that video Scobleizer.

      It seems Windows Vista has a few basic improvements in security, including the IPv6 stack but the big thing is UAC. Lets just hope that backwards compatability with administrator accessed programs work without fuss.

      Once again though I'm getting that flipped green video output. It is very strange and rather annoying. Has anyone else noticed this problem with Channel 9 and .NET show videos?

    • User profile image

      Interresting. Try and go to 22 minuts into the interview, and listen to what Charles says.

      Is he really saying, that he is a hacker, or is he just using it as an example?

      Fine video, but a few problems.

      Richard is hard to understand, as he is speaking very low.
      Theres a damn light beside his screen, that makes it hard to see his face.

    • User profile image
      Deactivated User

      Comment removed at user's request.

    • User profile image
      Jeroen Ritmeijer
      When the video is playing inside the browser the volume is quite often too low, even when I crank up the volume on my laptop to the max.

      A workaround for this is to either download the video or view it in 'full screen', which allows you to boost the volume for speech (adjust the frequency, push up 8Khz slider) using the Graphic Equalizer (View / Enhancements / graphic equalizer)
    • User profile image
      Charles wrote:
      DigitalDud wrote: Download link seems to point to the stream instead of WMV.

      Fixed, but not until the cache expires (we need to work on that...)

      Looks like we have a bug in our Postlink update code... I'll fix this on Monday.

      Sorry folks. No download until Monday.
    • User profile image

      I have a question for anyone who can answer it. Why the bloody hell doesn't the protocol mms work in Windows Media Player 10!?!

      It so so very frustrating!

    • User profile image
      Great video!  Really good discussion in this one.

      One of the things that was touched on in the video was garbage collection / managed code at the kernel level of the system architecture.  This is very exciting in the sense that it validates .NET and makes it something that we programmers perceive as the way to program - if the big dogs are doing it and trust it all the way to the kernel, it's good enough for me.

      This isn't going to eliminate the performance problems associated with managed code, though.  In fact, it could exascerbate it.  When talking about these problems, why don't I ever hear people talk about possible hardware solutions to things like garbage collection / memory allocation / etc.  My school is doing research in this area:


      I realize that this is far off, but the discussion was pretty far into the future as well, so I was just curious why I've never heard anyone mention implementing hardware solutions for these problems.

      Although I'm not on the team that is doing this research, I've seen some of the performance improvements they are touting just re-implementing java's GC in hardware and they are impressive.  Is this something Microsoft is investigating?  It seems like if everyone believes in managed code as much as I think they do, then someone should be willing to burn that belief onto silicon.
    • User profile image
      It seemed interesting, too bad I couldn't understand half of what he said. His voice is hard to understand when you are not native Enlish.
    • User profile image
      I have installed VISTA RC1 a few days ago, and created account for the family computer, enabled the parental controls for my kids, a very welcome feature. However these feature do not seem to work in the planned manner, since some websites still reported to be inaccessible after I listed in the accepted box!
      I even had some services fail even the parental feature was turned off, (e.g. Windows live feeds at www.live.com) and the Windows live messenger! The only way that my sone's account could get these to work was to change his account type to administrator! If this feature does not work on such basic components, I wonder how useful it will be?

      Note: When I turned off the parental controls for my son's account, from my admin account, it still reported that "some parental controls" are still active when my son signed in with his account, and asked confirmation to remove these and logoff again!

      In another note, when I accesed the "user" folders from my admin account, this automatically added my user's permissions to these accounts. However this causes repeated warnings on the other standard users, even when programs deleted items in the "TEMP" folders, that these files are shared by other users.

      Perhaps these are still open issues i.e. RC1 hopefully, although I must say that my first impression did hit a low!

      Best regards,


    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.