Now for the final installation of my review of Vista:
3. Il Cattivo (The Ugly):
While security is something that needs integration into the operating system to be effective, the way it is done in Vista just isn’t the way to expose it to the average user.
The story so far on Windows platforms is that there is a sad proliferation of intrusive 3rd party apps that monitor your computer and “protect it” – usually by at best just halving the performance and often making your system as stable and fun to use as a 1-legged milking stool. In Vista, when trying to run programs, change settings, install apps, etc – you get change constant, intrusive permission dialogs. One after another. So many that during an app install you might click on more security dialogs than on the install dialogs themselves. Microsoft definitely went too far on the ‘more is better’ approach. Why? Not because the dialogs are wrong about things you’re doing could be dangerous, but because the psychological effect it creates completely defeats the protection.
I did some tests with known virus/bot programs and they would catch them trying to install weird services, opening ports – and Vista appropriately opened a dialog to tell you this was happening. In fact, I discovered a shareware app I had occasionally used was infected because it tried to install a service and I found out it carried a bot backdoor. Even though each dialog is correct in indicating the action could be about to let an attack in, these dialogs come up so often and for some of the most minor actions, it is clear that people will simply just start clicking ok by default. I found myself doing that after a week of use.What’s the point of putting this level of security granularity into an operating system if the psychological effect it has is just to turn you into little less than a monkey pounding ‘ok’ all the time?
This model of security is broken because it breaks the flow of using/getting real work done on the computer. The average user just won’t know why they should say no to any dialog. That’s the worst part – that it’s functionally broken because it doesn’t even provide you with the information you need to really answer the question.
All is not lost, this system could be salvaged because it gives you something you didn’t have under XP – programmatic triggering and control on these dangerous events. This system should be like an exception handler. When these warnings are triggered, they should go to a threat manager that can be updated from an online database of known good/bad events which then decides and logs what decisions were/should be made and backs up the state that was changed. That way when you find out that something screwed up your system, you could scan the log and it could be backed out safely. I’ve already mentioned that Vista has a really good system of logging installations and making checkpoints for restoring a previous working/uninfected version. This manager system would work because you often just don’t always know if something is a virus or not until you’ve already installed it, especially with programs you’ve just never used before.
Instead, when you get the cryptic warning that something or the other is getting installed I found you still sit there for a while sweatily trying to decide if you want to take the ‘risk’ or not – with no extra information than that some service is getting installed or permission is changing. Can I update csrr.sys? I don’t know! How can I know? Where do I find out if that’s ok? The average user won’t even know where to begin to look to make sense of these messages. In the end, it’s still the same old crap-shoot like before when you decide to risk the unknown or not. Now you just click on 50 security dialogs before you make that same jump into the dark.
Instead, you should only get dialogs when the manager doesn’t know what to do, allow you to mark the transaction as possibly dangerous, and then recording exactly what was done so it can be easily backed out later when you unwittingly find your computer transferring files to China or sending out Viagra emails. Even better, those changes should be reported/logged at the end of each install: such as this port was opened, this service was installed, etc, so you can later figure out which installer was the offender. (I do give kudos to Microsoft for their boot-time loading manager that tells you all the services/apps/drivers that are being loaded at boot time. Time will tell if they really catch everything in the nightmare flow that is a standard windows boot process.)
Our hypothetical manager should be smart enough and be able to get online updates that tell it that half-life regularly opens port 27015 for online games (and suppresses that as a low-risk item) but if the half-life executable tries to open port 31373 for all incoming/outgoing traffic then it’s probably an infecting Trojan. Unfortunately, you just get told the app is trying to open a port – yes/no? You aren’t told exactly what port is being opened. I could go to a website to read up on whether half-life opens ports and which ones – but the security dialog has blocked opening your web browser. I look it up on another machine and find that ports 27015 and 27016 are ok, but the Vista warning dialog doesn’t tell you which port is being talked to. So, your machine is held hostage till you click Yes or no.
Despite my complaints, I’m totally sold on Vista. After playing with it for about a week, I knew I wouldn’t go back to installing XP Pro – which I was content with already. The visual facelift was very nice and usability much improved. It’s taken some big leaps to re-engage itself. Is it groundbreaking paradigm shift? Naw. But I’m very pleased with Vista – expect me to buy an upgrade copy.