Although visual, up-front features like Windows Aero get all the press with Windows 7,some of the more important, if less obvious, changes in this new operating system occur under the hood. For example, Microsoft further componentized its core OS in Windows 7, a change that enables more efficient updating and servicing. The more important under-the-hood work in Windows 7, of course, involves security changes. Whereas Windows XP had to be changed dramatically in Service Pack 2 (SP2) to be more secure, Windows7 was designed from the outset to be as secure as possible, building off and expanding on the work the company first did in XP SP2 and Windows Vista. In this chapter, you examine the new security features in Windows 7 that will affect you in day to day use.
Security and Windows 7
It’s been a tough decade for Windows users. As Microsoft’s operating system entered the dominant phase of its existence, hackers began focusing almost solely on Windows, as that’s where all the users are. As a result, various Windows versions have suffered through a seemingly never-ending series of electronic attacks, security vulnerabilities, and high-profile malware breakouts.
In 2003 Microsoft halted development of its major operating system and application products and began an internal review of its software-development practices. The company reexamined the source code to its then-current projects and developed a new software engineering approach that is security-centric.
Now the software giant will not release any software product that hasn’t undergone a stringent series of security checks. Windows Vista was the first client operating system shipped that was developed from the get-go with these principles in mind. That is, it was architected to be secure from the beginning. Windows 7 continues this trend quite nicely and builds off the work begun in Windows Vista. Is Windows 7 impenetrable? Of course not. No software is perfect; but Windows 7 is demonstrably more secure than its predecessors. And although Windows users will no doubt face awesome security threats in the future, Microsoft at least has the lessons it learned from the mistakes of the past to fall back on. Many people believe that the security enhancements in Windows 7 will prove to be a major reason many users will upgrade to this version. This is completely valid.
We want to expose one myth right now: while proponents of UNIX-based systems like Apple Mac OS X and Linux like to tout the supposed security benefits of their systems over Windows, the truth is that these competitors benefit primarily from security by obscurity. That is, so few people use these systems relative to Windows that hackers don’t bother targeting the minority operating systems.
Consider this: in 2007, the installed base of Windows-based PCs exceeded 1 billion, but the maker of the number-two OS, Apple, claims just 25 million users. That’s right, only 2.5 percent of the Windows user base is using the number-two most frequently used OS on earth. Hackers may be evil but they’re not dummies: they know where the numbers are.
This isn’t a partisan attack on Mac OS X or Linux. Both are fine systems, with their own particular strengths; and as far as security by obscurity goes, it’s certainly a valid enough reason to consider using OS X or Linux instead of Windows. It’s one of the reasons we both use Mozilla Firefox instead of Internet Explorer: in addition to various features that Firefox offers, the browser is hacked a lot less often than IE simply because fewer people use it.
Windows 7’s security features permeate the system, from top to bottom, from the high profile applications, applets, and control panels you deal with every day to the low-level features most Windows users have never heard of. This chapter highlights most of the Windows 7 security features that affect the user experience, starting with those you will likely have to deal with as soon as you begin using Microsoft’s latest operating system.
First, however, take a look at the first thing Windows 7 users need to do to thoroughly secure their system.
Securing Windows 7 in Just Two Steps
Out of the box, Windows 7 includes antispyware functionality in the form of Windows Defender, a two-way firewall in Windows Firewall; a hardened Web browser (Internet Explorer 8); and automatic updating features that keep the system up-to-date, every day, with the latest security patches. Also included are changes to the User Account Control (UAC) feature, covered in the next chapter, making it less annoying and less likely to be turned off, thus reducing your exposure to malware. It would seem that Windows 7 comes with everything you need to be secure.
Sadly, that’s not quite the case. First, Microsoft makes it too easy for users to opt out of one of the most important security features available in the system. In addition, one glaring security feature is missing from Windows 7. You’ll want to make sure you correct both of these issues before using Windows 7 online. Fortunately, doing so takes just two steps:
1. Enable automatic updating: If you set up Windows 7 yourself, one of the final Setup steps is configuration of Automatic Updates, the Windows Update feature that helps to ensure your system is always up-to-date. However, Automatic Updates can’t do its thing if you disable it, so make sure at the very least that you’ve configured this feature to install updates automatically. (Optionally, you can enable the installation of recommended updates as well, but these are rarely security oriented.) We can’t stress this enough: this feature needs to be enabled. If you’re not sure how it is configured, run Windows Update (Start Menu Search and then type windows update) and click Change Settings in the left side of the window. Make sure the option under Important updates Install updates automatically (recommended) is selected.
2. Install an antivirus solution: Many new PCs are preinstalled with security suites from companies such as McAfee and Symantec. While these suites are better than nothing, they’re also a bit bloated and perform poorly in our own tests. We prefer standalone antivirus solutions for this reason. There are many excellent options, including ESET NOD32 Antivirus, which in our own tests has proven to do an excellent job with minimal system impact. You can find out more about ESET NOD32 Antivirus from ESET directly (www.eset.com).
While commercial antivirus solutions are generally more effective, you might be surprised to discover that you can get a perfectly good antivirus solution free, which is perfect for budget-minded students and other individuals. The best free antivirus solution we’ve used is AVG Anti-Virus Free Edition. It’s not quite as lightweight as ESET NOD32 Antivirus, but it’s close. And it’s not as bloated as those unnecessary security suites. Best of all, did we mention that it is free? You can find out more about AVG Anti-Virus Free Edition on the Web (free.grisoft.com).
Security and Windows 7
It’s been a tough decade for Windows users. As Microsoft’s operating system entered the dominant phase of its existence, hackers began focusing almost solely on Windows, as that’s where all the users are. As a result, various Windows versions have suffered through a seemingly never-ending series of electronic attacks, security vulnerabilities, and high-profile malware breakouts.
In 2003 Microsoft halted development of its major operating system and application products and began an internal review of its software-development practices. The company reexamined the source code to its then-current projects and developed a new software engineering approach that is security-centric.
Now the software giant will not release any software product that hasn’t undergone a stringent series of security checks. Windows Vista was the first client operating system shipped that was developed from the get-go with these principles in mind. That is, it was architected to be secure from the beginning. Windows 7 continues this trend quite nicely and builds off the work begun in Windows Vista. Is Windows 7 impenetrable? Of course not. No software is perfect; but Windows 7 is demonstrably more secure than its predecessors. And although Windows users will no doubt face awesome security threats in the future, Microsoft at least has the lessons it learned from the mistakes of the past to fall back on. Many people believe that the security enhancements in Windows 7 will prove to be a major reason many users will upgrade to this version. This is completely valid.
We want to expose one myth right now: while proponents of UNIX-based systems like Apple Mac OS X and Linux like to tout the supposed security benefits of their systems over Windows, the truth is that these competitors benefit primarily from security by obscurity. That is, so few people use these systems relative to Windows that hackers don’t bother targeting the minority operating systems.
Consider this: in 2007, the installed base of Windows-based PCs exceeded 1 billion, but the maker of the number-two OS, Apple, claims just 25 million users. That’s right, only 2.5 percent of the Windows user base is using the number-two most frequently used OS on earth. Hackers may be evil but they’re not dummies: they know where the numbers are.
This isn’t a partisan attack on Mac OS X or Linux. Both are fine systems, with their own particular strengths; and as far as security by obscurity goes, it’s certainly a valid enough reason to consider using OS X or Linux instead of Windows. It’s one of the reasons we both use Mozilla Firefox instead of Internet Explorer: in addition to various features that Firefox offers, the browser is hacked a lot less often than IE simply because fewer people use it.
Windows 7’s security features permeate the system, from top to bottom, from the high profile applications, applets, and control panels you deal with every day to the low-level features most Windows users have never heard of. This chapter highlights most of the Windows 7 security features that affect the user experience, starting with those you will likely have to deal with as soon as you begin using Microsoft’s latest operating system.
First, however, take a look at the first thing Windows 7 users need to do to thoroughly secure their system.
Securing Windows 7 in Just Two Steps
Out of the box, Windows 7 includes antispyware functionality in the form of Windows Defender, a two-way firewall in Windows Firewall; a hardened Web browser (Internet Explorer 8); and automatic updating features that keep the system up-to-date, every day, with the latest security patches. Also included are changes to the User Account Control (UAC) feature, covered in the next chapter, making it less annoying and less likely to be turned off, thus reducing your exposure to malware. It would seem that Windows 7 comes with everything you need to be secure.
Sadly, that’s not quite the case. First, Microsoft makes it too easy for users to opt out of one of the most important security features available in the system. In addition, one glaring security feature is missing from Windows 7. You’ll want to make sure you correct both of these issues before using Windows 7 online. Fortunately, doing so takes just two steps:
1. Enable automatic updating: If you set up Windows 7 yourself, one of the final Setup steps is configuration of Automatic Updates, the Windows Update feature that helps to ensure your system is always up-to-date. However, Automatic Updates can’t do its thing if you disable it, so make sure at the very least that you’ve configured this feature to install updates automatically. (Optionally, you can enable the installation of recommended updates as well, but these are rarely security oriented.) We can’t stress this enough: this feature needs to be enabled. If you’re not sure how it is configured, run Windows Update (Start Menu Search and then type windows update) and click Change Settings in the left side of the window. Make sure the option under Important updates Install updates automatically (recommended) is selected.
2. Install an antivirus solution: Many new PCs are preinstalled with security suites from companies such as McAfee and Symantec. While these suites are better than nothing, they’re also a bit bloated and perform poorly in our own tests. We prefer standalone antivirus solutions for this reason. There are many excellent options, including ESET NOD32 Antivirus, which in our own tests has proven to do an excellent job with minimal system impact. You can find out more about ESET NOD32 Antivirus from ESET directly (www.eset.com).
While commercial antivirus solutions are generally more effective, you might be surprised to discover that you can get a perfectly good antivirus solution free, which is perfect for budget-minded students and other individuals. The best free antivirus solution we’ve used is AVG Anti-Virus Free Edition. It’s not quite as lightweight as ESET NOD32 Antivirus, but it’s close. And it’s not as bloated as those unnecessary security suites. Best of all, did we mention that it is free? You can find out more about AVG Anti-Virus Free Edition on the Web (free.grisoft.com).
No comments:
Post a Comment