OCTOBER 2005 MA XIMUMPC 33
S
pyware, viruses, and other
apps that embed themselves
so thoroughly in the innards of
Windows that they’re virtually impossible
to get rid are a huge problem in Windows
XP. Users everywhere are frustrated,
and people have even begun to believe
there’s nothing that can be done about
the erratic behavior caused by spyware.
That’s not the way it should be. One of
the main goals of Vista is to curb the
spread of malware, and there’s a lot of
behind-the-scenes stuff in the new OS
that makes that possible.
FIREWALL
The firewall included with Windows XP
SP2 filters only incoming traffic, which is
a good start. But one of the easiest ways
to tell whether your machine is infested
with malware is to monitor outbound
traffic. That’s what Vista’s firewall does,
and we’re glad it’s turned on by default.
What does that mean for the user?
When an app attempts to connect to
the Internet, whether to send data or
simply to listen for incoming traffic,
you’ll receive a prompt asking if you
want to allow the connection, deny
the connection, or always allow the
connection. The XP SP2 firewall asks
only if your app is trying to listen for
incoming traffic.
VIRTUALIZED
PROGRAM FILES
What about apps that won’t
behave well with limited-user
accounts? Vista will create a
virtual Program Files and Registry
inside the user’s profi le. To the
app, the virtualized areas will
be indistinguishable from the
“real” Registry and Program Files
directory. But because they’re in
the user’s profi le directory, the app
can modify whatever areas it chooses,
without any pesky permissions problems.
Of course, there’s a downside. Any
legacy app you install in the virtualized area
is only accessible to that user account. If,
let’s say, GTA: San Andreas were a legacyapp (it’s not), and both you and your
roommate wanted to play, you’d have to
install it twice, and that would eat almost
10GB of hard drive space. Still, we’d rather
suffer dual-installs of a few legacy apps
than face another 10 years of inadvertent
CoolWWWSearch infections.Security Info
Here’s how Vista will fix the growing problem of malware
User Access Protection requires you to enter
your password when you make a potentially
dangerous change to your system, even if you
have admin rights.The default permissions assigned to all
users present the biggest security problem
with Windows XP. Instead of encouraging
users to run as limited users—users only
able to access data in their directories and
run apps, but not add or remove software
or drivers—XP hands every user admin
privileges by default. That means that
every application an admin-enabled user
runs, like a web browser, also has admin
privileges. Should a user click a virus
attachment or spyware installer, there’s
nothing stopping that app from installing
and insinuating itself deep in Windows.
Even if you want to run Windows XPas a limited user,
it’s virtually impos-
sible if you regularly
play games.
One of Microsoft’s
main goals with
Vista is to fi x the
limited-user account
problem. Vista
also allows you to
temporarily switch
to an admin-level account to install apps
or upgrade drivers, then switch back to
a limited-user account when the task is
done. XP doesn’t do that.Limited Accounts
Anytime a limited user
attempts to do anything
that could compromise
the system, he’ll have
to log on with admin
privileges.INSTALL FROM
AN IMAGE
Perhaps our favorite feature in Vista is the
new image-based installer. The installer
dumps an unspoiled disc image on the
hard drive after a brief preinstall process,
then the OS boots and does Plug and Play
hardware recognition. The best part of
this? You don’t need to press F6 to install
third-party storage drivers off a fl oppy
disc. Instead, you can plug a USB key or
CD-ROM containing the driver into your
rig, and kiss the fl oppy goodbye forever.It’s not security related, but not
having to use floppy disks to install
mass storage drivers will keep us
from going postal and blowing up
the place. Don’t you feel safer?More Vista
Coverage
We’re not done yet. Expect!
another in-depth look at
Windows Vista around the time
Beta 2 ships—toward the end of- As always, stay tuned to
Maximum PC for all things Windows!