I have been researching the development of Windows Vista for quite some time. Through various interviews on Microsoft's Channel 9 and several white papers, I've found that Vista has been a step in the right direction. In 2003 Microsoft began their initiative of Trustworthy Computing and the implementation of SDLC (Secure Development Lifecycle), where by the top-to-bottom approach to development will always have security in mind.
Vista was in development for 3 years and released builds similar to the practice Linux Distros use, called Community Technical Previews builds- on a frequency as often as monthly- for testers and developers to use. There are over 9000 drivers built for Vista and if 3 years wasn't enough time for developers to prepare for the changes in Kernel and User Mode Driver Framework- it's their fault. The introduction of Least Priveleged Access means that 3rd party developers are going to have to go back to school to learn how to program correctly. User Account Control isn't just a nag screen, it's literally running you in least-priveleged mode until you need elevated priveleges.
As far as hardware requirements, Vista also changed their compatibility campaign to say that all functionality will be retained if you install it on a pc that currently runs XPsp2 but if you want to take advantage of the improved graphics, yes, you do need a more current video card. (but Linux flavors require higher in video cards to run their fluffy guis as well, such as the Beryl gui)
I suggest reading up on MS security
http://download.microsoft.com/download/c...aSecurityWP.doc and learn about changes in the Kernel, ASLR, Bitlocker, IE7, driver framework, EFS, 64-bit computing, driver signing... etc.
I just finished writing a paper for a graduate class on the subject. Good stuff.
We wanted security and Microsoft gave it to us.
Watch this:
http://channel9.msdn.com/ShowPost.aspx?PostID=294410
Previous Topic
Index
