Microsoft Addresses Inherent Security of Windows

Two weeks ago, at Comdex Fall 2002, I sat down with Mike Nash, the vice president of Microsoft's Security Business Unit, to discuss various security concerns. Nash deals with the overall security of what he calls the Microsoft environment, which includes not just Windows, but all of Microsoft's core products, including Visual Studio.NET and Microsoft Office. "My job is to make sure that the Trustworthy Computing vision comes true in our product groups," said Nash.

One topic Nash addressed was particularly intriguing. As I've written in the past (see my April 2002 commentary, "Maybe It's Time for a New Platform"), one concern I have with the Trustworthy Computing initiative is that Microsoft designed Windows NT—the foundation for today's Windows versions—in the late 1980s as a small-workgroup alternative to UNIX, and as such, the OS might not be able to respond to today's security requirements. Perhaps, I posited, Microsoft needs to engineer a new platform and stop stacking feature after feature on the aging NT architecture.

Nash, however, disputed my statement. "The NT architecture was designed with a sense of history," Nash said. "And it's all about change and innovation. It's impossible to say that when Dave Cutler was designing NT in the late 1980s he was thinking about the Tablet PC. But it's cool that such sweeping changes can come along, and NT has the versatility to solve today's problems."

Nash says NT is important because of its foundation, which makes it easy to make major architectural changes over time. "Directory services, \[the Encrypting File System\], and other technologies have been added to NT over time," he said. "The great thing about that architecture is that it was designed to let you swap in new components as they became appropriate. It's a modular approach."

The bigger technological concern with security, Nash explained, is that Microsoft didn't originally understand that security is implemented through nonsecurity features. For example, NT's core security subsystem has always been solid, but many of the system's vulnerabilities have emerged from unlikely applications or services because so-called nonsecurity technologies weren't built to be secure. So the company spent $100 million in early 2002 to train developers and improve the core security of Windows .NET Server (Win.NET Server) 2003, which will ship to customers in April 2003. And the company is porting back changes to Windows 2000 and even NT 4.0, where appropriate. "Taking these new ideas and bringing them back to Windows 9x is hard because of its outdated architecture, however," Nash told me. "A key milestone for Windows XP was its convergence of the Win9x compatibility features and device-driver model. There used to be separate driver models for 9x and NT, and each decision was a compromise. Today, convergence gives us the best of both worlds, and a true superset product for end-users."

Naturally, the proof is in the pudding, and it will be months or even years before we see whether Microsoft's Trustworthy Computing initiative bears fruit in the form of more secure products. Naturally, Windows & .NET Magazine will follow Microsoft's progress in making its products more secure.

More About Windows XP Power Management

Last week, I discussed XP's power management schemes and how they might affect a portable computer's processing speed in different usage situations. Several readers wrote to me with more information, including Kevin Campbell, who provided the following chart of power management schemes and processing speeds.

AC     Battery  Power Scheme Name

High   High     Always On
High   Adapt    Home/Office Desktop
Adapt  Adapt    Minimal Power Management
Adapt  Adapt    Portable/Laptop
Adapt  Degrade  Max Battery
Low    Degrade  Presentation

Description of terms:
High: CPU always runs at maximum speed
Low: CPU always runs at low speed
Adapt: CPU speed varies with load (high when busy, low when idle)
Degrade: CPU starts at low speed and performs additional performance reduction as battery discharges

Why couldn't Microsoft have made these options more obvious? In the Power Management UI, for example, the company could have noted how various power management schemes affect the processor. This information is valuable, especially for mobile warriors trying to eke out the last bit of battery life or performance.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.