Welcome to VistaSector. Please read through our news, articles and tutorials for all the information you need about Windows Vista. Visit our sister site MSForums for discussion, and if you fancy a bit of eye candy, check out our screenshot galleries for images of Vista's pleasing aesthetics.Vista SP1 Security
Microsoft held an Internet conference involving 20 security companies, such as Symantec, although there were technical difficulties. The subject of the conference, a Microsoft spokesperson told BetaNews, is Microsoft's intention to invite nearly 150 security products vendors to join it in the development of an open security services API for Windows.
Such an API would not open up PatchGuard, the kernel protection system the company currently plans for Windows Vista, the spokesperson pointed out emphatically several times during our discussion, nor does Microsoft have any plans to ever open up PatchGuard. "Microsoft continues to believe the kernel must be protected from unauthorized access," BetaNews was told. To that end, the company proposes "a process for developing methods for software that works alongside PatchGuard."
Such a process, if initiated, could take several months, by Microsoft estimates, with the goal being to produce the results of this initiative in time for the release of Vista Service Pack 1. Though the spokesperson used the phrase "the SP1 timeframe" to refer to the release of these services, Microsoft declined to attach a time to that timeframe...
However, the spokesperson responded with an emphatic "No!" to suggestions raised yesterday by Gartner analyst Neil MacDonald that the process could consume years of Microsoft's time.
The challenge before participating security partners, BetaNews was told, is to develop a common list of requirements for the type of protection they want to be able to include with their own products. With that list in hand, the vendors could work along with Microsoft to develop an API that would enable them to achieve their individual goals.
Assuming the first stages of negotiations are successful, vendors and Microsoft could conceivably negotiate a timetable for implementing new security functionality, perhaps rolling out service extensions in beta form as they are completed.
The spokesperson declined comment on vendors' relative openness to the idea of revealing their respective product goals and plans, in the interest of developing a common API. Comment was also declined regarding whether vendors may be preparing to make a joint statement following the end of negotiations on this effort, or whether Microsoft plans to make a unilateral statement.
This afternoon's meeting -- the one with the now-celebrated Live Meeting glitch -- was merely one of several such meetings which were scheduled to take place between October 19 and October 23, just prior to Microsoft's involvement in an upcoming RSA security conference.
In all, the majority, if not the entirety, of Microsoft's slate of security partners were invited to participate, apparently weeks ago. This scheduling has been known for some time, the spokesperson said, and was not at all specifically intended to address recent complaints from Symantec and McAfee - again, contrary to reports. In fact, those complaints may not even have been on the agenda.
At the end of Thursday, representatives from all invited security vendors on today's docket were able to attend, BetaNews was told, and no company was locked out, although individual members of some companies may have continued experiencing glitches. A timetable for the patching of Live Meeting, one might suggest, could be the subject of a new round of meetings entirely.
Such an API would not open up PatchGuard, the kernel protection system the company currently plans for Windows Vista, the spokesperson pointed out emphatically several times during our discussion, nor does Microsoft have any plans to ever open up PatchGuard. "Microsoft continues to believe the kernel must be protected from unauthorized access," BetaNews was told. To that end, the company proposes "a process for developing methods for software that works alongside PatchGuard."
Such a process, if initiated, could take several months, by Microsoft estimates, with the goal being to produce the results of this initiative in time for the release of Vista Service Pack 1. Though the spokesperson used the phrase "the SP1 timeframe" to refer to the release of these services, Microsoft declined to attach a time to that timeframe...
However, the spokesperson responded with an emphatic "No!" to suggestions raised yesterday by Gartner analyst Neil MacDonald that the process could consume years of Microsoft's time.
The challenge before participating security partners, BetaNews was told, is to develop a common list of requirements for the type of protection they want to be able to include with their own products. With that list in hand, the vendors could work along with Microsoft to develop an API that would enable them to achieve their individual goals.
Assuming the first stages of negotiations are successful, vendors and Microsoft could conceivably negotiate a timetable for implementing new security functionality, perhaps rolling out service extensions in beta form as they are completed.
The spokesperson declined comment on vendors' relative openness to the idea of revealing their respective product goals and plans, in the interest of developing a common API. Comment was also declined regarding whether vendors may be preparing to make a joint statement following the end of negotiations on this effort, or whether Microsoft plans to make a unilateral statement.
This afternoon's meeting -- the one with the now-celebrated Live Meeting glitch -- was merely one of several such meetings which were scheduled to take place between October 19 and October 23, just prior to Microsoft's involvement in an upcoming RSA security conference.
In all, the majority, if not the entirety, of Microsoft's slate of security partners were invited to participate, apparently weeks ago. This scheduling has been known for some time, the spokesperson said, and was not at all specifically intended to address recent complaints from Symantec and McAfee - again, contrary to reports. In fact, those complaints may not even have been on the agenda.
At the end of Thursday, representatives from all invited security vendors on today's docket were able to attend, BetaNews was told, and no company was locked out, although individual members of some companies may have continued experiencing glitches. A timetable for the patching of Live Meeting, one might suggest, could be the subject of a new round of meetings entirely.