Windows Vista: New take on security

We want less of this
As application developers start to follow Microsoft’s programming guidelines, we should see these dialogue boxes less often. Today, about half of all Windows applications won’t run correctly without administrator access – and there’s plenty of Microsoft code that doesn’t play by the rules too.

To help with this, Windows Vista’s application compatibility modes can silently spoof applications into thinking they are using system folders by redirecting them to folders within the user’s own account. Microsoft has put a lot of effort into ensuring that administrator rights are required as infrequently as possible.

Security under the surface
In addition to obvious features such as UAC, Vista employs many security techniques you will never see. In certain situations, system memory is allocated in a deliberately random manner: this unpredictability prevents malware from being able to guess where particular portions of code will reside. Microsoft calls its version of this technology Address Space Layout Randomization (ASLR).

A whole list of new Group Policy entries includes the ability to prevent the connection of certain devices, such as USB keys and other removable storage, or requiring the encryption of files stored on them. This is invaluable in business environments where data theft is of concern. The control is granular enough to allow certain types of USB key to install while rejecting others.

Protected booting and encryption
The Ultimate and Enterprise editions of Windows Vista support Bitlocker Drive Encryption. If an unencrypted hard drive is stolen or disposed of without first being securely erased, thieves can gain access to the data stored on it relatively easily.

Bitlocker performs full drive encryption, secure erasure of sensitive data and has the ability to verify at boot time that the hard drive hasn’t been tampered with while the PC was turned off.

By encrypting the entire drive, all files are protected including swap files, hibernation files and memory dumps, which could otherwise be vulnerable to forensic analysis.

If a stolen hard drive is installed in a different computer, Bitlocker, which requires a special security chip on the motherboard called the Trusted Platform Module (TPM), will refuse to decrypt the drive.

Technology such as this always brings with it the worry that users might inadvertently lock themselves out of their own hard drive, especially in the case of hardware failure. To help with these scenarios, Bitlocker has its own disaster recovery console to help rescue such systems.

In business environments, Bitlocker keys can be automatically stored in an Active Directory for recovery purposes.