Stan Beer
Wednesday, 04 October 2006 07:42
Opinion and Analysis
Page 1 of 2
It is hard not be a little cynical over what has transpired between the world's two largest security vendors and Microsoft in the past few weeks over the security aspects of Vista. Depending on whose side of the story you want to look at, the arguments sound plausible.
Both McAfee and Symantec appear to have made
valid points with regard to the Vista Patchguard facility, which locks
up the Vista kernel so that it can't be changed.
The two security vendors say that while the idea is good in theory, in
practice it's dangerous unless Microsoft makes an exception for
security vendors such as themselves and gives them access.
The security vendors say that Patchguard has already been breached by
hackers, so unless Microsoft gives them access they can't implement
protection from the inside out. Obviously, there's money to be made for
security vendors here that Microsoft is thwarting by this action.
McAfee and Symantec also ridicule Microsoft's claim that it is not even
giving access to the Vista kernel to its own security team. It's hard
not to be on their side on that one.
However, Microsoft has been consistent in its line for some years while
Vista was under development that a key element of the new system will
be enhanced security. Locking up the system kernel so that it can't be
modified would appear to be consistent with that philosophy - unless of
course it really can be breached easily by hackers, which would make a
mockery of the whole concept.
