Wednesday 21 January 2015

Opinion: Windows 10 security takes a backseat to new features and applications

Opinion: Windows 10 security takes a backseat to new features and applications

Today’s Microsoft Windows 10 event was a marvel of innovation. From groundbreaking holographic technology to improved productivity applications to a new way to browse the web, Microsoft once again proved itself an ambitious trend-setter in consumer and enterprise technology.


Unfortunately, one aspect went almost wholly ignored during today’s event: despite opening the press conference by claiming Windows 10 would have the best security features available on any operating system, Terry Myerson, Microsoft’s EVP of Operating Systems, never circled back to unveil any application, feature or device to back that claim.


It’s one thing to boldly claim your unreleased operating system will be the best, it’s another to make that claim after your previous disaster of an operating system had oodles of flaws.


Why we should be concerned


Windows 8 was a playground for hackers. Earlier this month, Google dropped a dime on a Microsoft bug that enabled restricted users to grant themselves access to sensitive functions. Prior to that, it was learned that hackers were able to take advantage of Windows 8’s easy-to-access “picture passwords” that were designed to enable users to scroll over an image in a pre-determined pattern to authenticate log-ins. In November, it was learned that hackers were capable of infiltrating web servers, FTP servers and internal networks to command a computer to execute arbitrary code to perform unwanted actions, such as a DDoS attack or malware deployment.


These are just a few of the many security issues that have plagued Windows 8 - recently and at its inception - which is why it was important for Microsoft to get ahead of speculation regarding potential holes in Windows 10.


The skinny on Windows 10


Previously, Microsoft had done a decent job explaining the benefits of Windows 10’s security features, such as teasing tools like identity protection and access control built to withstand phishing attacks, two-factor authentication that requires a PIN or biometric, and a data loss prevention tool that automatically encrypts corporate data based on paths predetermined by system administrators.


Unfortunately, Microsoft also infuriated many of its Windows 10 beta users by collecting keystroke and voice information in order to learn about how users were implementing the operating system. Microsoft was well within its rights to conduct this data collection - it stated it would in its user agreement - but as we’ve seen with previous data collection experiments, users don’t like being spied on and they have a right to be worried about how their data could be exploited if it fell into the wrong hands.


Today would have been an excellent opportunity for Microsoft to begin to set the record straight about how it planned to make Windows 10 the most secure operating system on the market. Unfortunately, all Microsoft did was make an empty claim. Hopefully we’ll learn about Windows 10’s security chops the next time Microsoft takes the stage to tout its features, rather than when it decides to patch an already-exploited bug.
















http://ift.tt/1sZoB9M

No comments:

Post a Comment