Vista, Antivirus: What If Allchin's Right?
Allchin also made mention of one extraordinary new feature during the conference itself, which we also covered at length in last Thursday’s story. Evidently, it got missed along the way: For viruses that have been designed to root themselves in specific, unmonitored locations within the Windows memory map, Address Space Layout Randomization turns the system kernel into a kind of linear Rubik’s Cube, assembling it in pieces, at random, each time the system boots.
The only disputes we saw about our mention of ASLR last week concerned allegations that Microsoft didn’t actually invent this feature, to which I would respond with an argument I'll borrow from my friends in the Linux community: If it works, who cares?
If it works, is something for which a fair number of our readers -– with good reason -– won't automatically hold out much faith. At the turn of the decade, the vulnerabilities of Microsoft’s operating system and applications were ridiculous, and its explanations and platitudes were worse. But the fortification of the Windows operating system was an absolute must, even for a company that many perceive as not having real competition. If we take the objectives of Linux and Macintosh seriously, then we must acknowledge that Microsoft had no choice but to make the serious effort to re-engineer Windows.
If there were space, I would digress here and discuss this absurd notion that Microsoft is somehow obligated to its competitors to deliver insecure architecture the way it always has, in the name of fairness to those who wish to provide protection against its insecurities the way they always have. But I’ll save that for another time.
In the meantime, it appears that, amid all the turmoil and chaos that the 21st century has brought us thus far, Microsoft-bashing somehow unyieldingly remains a national pastime. So the notion that perhaps this company could get it right -– that it could send malware writers back to the drawing board, or worse, back to hit their parents up for some cash for a new drawing board –- is impossible for some to fathom.
We've come to expect the anti-Microsoft message from the technology press so often now, that we’ll even manage to find it in stories where it wasn’t present to begin with. It’s become a knee-jerk reaction, and with thousands of knee-jerks going on simultaneously, it isn't a pleasant sight.
The prospect of my being able to allow my child to use an operating system complete with failsafes, user access controls, parental lockdowns, and malware-foiling architecture -– never mind who invented it first -- designed to the point where, at least for the next few years, I don’t have to rely upon anyone's third-party, performance-degrading, resource-hogging behemoth of a protection system capable of doing more damage than any virus ever dreamed, is a prospect I look forward to with undaunted enthusiasm.
“My point in bringing up this extreme example,” Jim Allchin wrote on Friday, “was really meant to emphasize that importance of defense-in-depth measures we put in Windows Vista - both the number of defenses and their combined effectiveness.”
Six years ago, when I chaired the Security at the Developer Level conference for COMDEX, I asked panelists from all aspects of the security industry what Microsoft would need to do to change the world's mind with regard to its commitment to providing a fundamentally secure operating system. The responses I received basically boiled down to this:
The kernel must be re-engineered with vigilant process authentication and checks-and-balances. This may have happened. If indeed it has, then I know for a fact that there will be more than a few weary, frustrated, hair-torn individuals who will, with a sense of pride and relief, double-click “Add/Remove Software” and, in so doing, enter a new world. That, in case you're still asking the question in your mind, is the difference.
True, it might not happen. But if it does, we owe Jim Allchin at least a thank-you.