Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows Vista current flaws

From: Sean Earp <smearp () mac com>
Date: Wed, 28 Sep 2005 15:45:22 -0700
That is certainly correct for Servers on a production network, but having a single Vista client on a College network 
may actually allow the user to find and report some bugs with Vista that may interfere with the client's usage of 
Applications on your network (for registration and whatnot) so that they can be fixed before Microsoft releases the OS 
to the general public and you have thousands of computers plugged into your network that will not work with the 
existing infrastructure.

As far as the security goes in Longhorn; it is a priority for the development team, with features such as low-rights 
Internet Explorer and User Access Protection (similar to sudo on the Linux side) whereby users are not administrators 
by default, and even admin accounts have reduced privileges.

On the other side of the argument, however, none of the Antivirus programs (at least that I have tried) work with the 
Vista Beta, so if that is a requirement for logging on to your network, he may be out of luck.  

Just my 2 cents...

-Sean

On Wednesday, September 28, 2005, at 03:32PM, Micheal Espinola Jr <michealespinola () gmail com> wrote:


Beta software should not be allowed to run unchecked in a production
environment.

On 9/27/05, Jon Lawhead <samurai () berkeley edu> wrote:

Greetings all,

I work in Network Security for UC Berkeley's residence halls.  We have a list of several "minimum
security standards" that we require all connected computers to meet before being allowed access to
the network (stuff like having a firewall program, antivirus, etc).  One of the standards involves
having the latest patched version of a secure operating system.  I have a user on the network who
wishes to run a (legitimately acquired, or so he says) version of Windows Vista beta version.
Before I decide on this, I wanted opinions on whether or not this is a good idea.  My first
instinct is to disallow any beta operating systems simply on the grounds that they'll be buggy by
definition and may potentially have serious security flaws, but I can't find anything to back this
up.  Just wondering if I could get a few opinions on whether or not this is a good idea.  Thanks!


Jon Lawhead
Network Security Coordinator
Residential Computing
University of California, Berkeley
Previous By Date Next
Previous By Thread Next

Current thread: