Windows 7 Security

Description: This week, Steve and Leo discuss the changes, additions and enhancements Microsoft has made to the security of their forthcoming release of Windows 7.

Leo Laporte: Bandwidth for Security Now! is provided by AOL Radio at
AOL.com/podcasting.

This is Security Now! with Steve Gibson, Episode 197 for May 21, 2009: Windows 7 Security. This show is brought to you by listeners like you and your contributions. We couldn’t do it without you. Thanks so much.

It’s time for Security Now!, the show that covers all things secure and insecure. We actually cover insecurity more than security. Privacy, too. Steve Gibson is here. He is the guru of security and privacy, the man who discovered spyware, coined the term, wrote the first antispyware program. He’s also famous for [SpinRite], still the world’s best disk maintenance utility. And he is here every week talking about security issues, answering questions. Hey, Steve.

Steve Gibson: Insecurity issues.

Leo: It really is.

Steve: You’re right. Security is boring. It’s the insecurity that’s exciting.

Leo: Yes.

Steve: And trying to get there from here, or here from there. Or somewhere.

Leo: So this week, what insecurity will we be discussing?

Steve: The source of the world’s greatest lack of security, Windows.

Leo: Oh.

Steve: We’re going to talk about Windows 7 security, what they have done since Vista in their now more than half-hearted attempt, I mean, I think they’re wholly hearted, to get Windows security cranked up. They’re basically still trying to recover from years of really not giving a damn. And now that they do, they’ve got all these legacy problems. And so they’re continuing to move forward. We’re going to talk about the things in Windows 7 that Microsoft has deliberately continued to work on since the big changes that they made in Vista.

Leo: I’m really liking 7, and I’m hoping – my sense is it’s more secure. But I’m hoping that you will give it at least a qualified thumbs up.

Steve: The short version is: Yes.

Leo: Oh, whew. But we’ll get the long version in a moment. I want – we want details. Yeah, I want details.

Steve: That’s why we have listeners.

Leo: Also I’m sure we have some news and errata from the world of security. So what’s new in the world of security?

Steve: Well, the good news is it’s been a surprisingly quiet week. Only one thing happened that is of potentially substantial note. It is of course with Microsoft. And that is that they’ve been informed of a defect in IIS, their main web server system, in the WebDAV protocol. WebDAV is the technology that essentially uses HTTP to connect to and allow directories to be viewed and modified remotely. So, for example, it’s a way, for example, that people could edit the pages on remote servers. The traditional way has been to use FTP, File Transfer Protocol, where you’d work on a page, and then you’d FTP it up to the server in order to make it go live. WebDAV, for example, is what Jungle Disk uses. It uses that protocol in order to create folders on your local system that are actually files remotely located at Amazon in their S3 service. So it’s a useful and sort of increasingly popular protocol.

Right-click here to download PDF version

Share or Bookmark this post:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • LinkedIn
  • StumbleUpon
  • Technorati
  • Twitter
  • Yahoo! Bookmarks
  • Yahoo! Buzz
«
»

Leave a Reply