Windows Vista: security features make it worth it
I downloaded and installed Windows Vista Ultimate the day it became available on MSDN, so I’ve been using it for about two months now. In this period I’ve used the OS extensively and can conclude that it’s definately worth upgrading from Windows XP, if only for the built-in security features.
The funny thing is, most places I read about people using Vista, they complain about these features and do their best to turn everything off. I don’t really understand this mentality: is it really annoying to have to click on a dialog whenever you attempt to do something that could have a big impact on your system? Most people that turn these features off appear to be the same people that reinstall their OS every time they can’t log into a game server on the internet.
But the sense of control and security these features give you is amazing. For instance, when I started up my computer after installing Adobe Reader, Windows Defender alerted me that it had blocked an application from automatically starting. After clicking the balloon I learned that it was the Adobe Update Manager and before it would be allowed to launch automatically required my consent. And when I started a DivX clip in Windows Media Player I got the request to allow the DivX updater to open a connection to the internet.
Now I don’t really have a problem with these applications running or attempting to update themselves, but it’s good to know that I have complete control over what applications do or don’t run, either at startup or indirectly invoked and whether they open a connection to the outside world or not. This is actually a much saner approach to security than running multiple anti-virus applications in the background to clean up after something has messed up.
In the end though, it’s unclear whether this approach is bulletproof: I don’t know enough about the architecture of Windows Vista to be able to say whether it’s easy to get around these measures. And even when the design is good, the implementation may contain serious flaws that could make it easy for malware to slip through. Regardless of that I do believe that this approach is a correct one and hope to see that it will hold.
Just came across this… a few points…
- from a quick search, it looks like almost everyone is complaining about the annoying/intrusive security
– if that’s representative, then yes, it’s a very bad design
- you didn’t cover how confusing it is for Windows Defender to suddenly tell you that a program didn’t run but not give you a reason why or an easy way to figure out how to solve it
- if I run AV programs in the background, I use good ones that catch things BEFORE they get messed up
- how can you recommend a security system where you don’t know how easy it can be circumvented?
Obviously this isn’t a simple problem to solve but it’s quite obvious that Vista doesn’t do it well.