Mark Russinovich on Windows Kernel Security

An anonymous reader writes to mention that in the final part of his three part series, Mark Russinovich wraps up his look at changes made in the Windows Vista Kernel by exploring advancements in reliability, recovery, and security. "Applications written for Windows Vista can, with very little effort, gain automatic error recovery capabilities by using the new transactional support in NTFS and the registry with the Kernel Transaction Manager. When an application wants to make a number of related changes, it can either create a Distributed Transaction Coordinator (DTC) transaction and a KTM transaction handle, or create a KTM handle directly and associate the modifications of the files and registry keys with the transaction. If all the changes succeed, the application commits the transaction and the changes are applied, but at any time up to that point the application can roll back the transaction and the changes are then discarded."

learn from biology

[wizardforce]

I wonder if these new "security features" put into Vista no matter how good they at first appear to be, will over time be bypassed, comprimised and made obsolete. The main problem is that security only goes as far as the person using the OS lets it. just look at the UAC- it's annoying, and many people disregard it or shut it off entirely. what now is the security benefit? These features only make VIsta "more secure" because they have not yet been exposed to the wild for sufficient time to be comprimised as thoroughly as prior versions. It is much like in biological systems, for example penicillin was not widely utilized in fungal kindoms and it was thus effective as an antibiotic- once we spread its interactions with bacteria, bacteria developed a resistance. Vista is no different- only this time security threats are the bacteria and Vista is the antibiotic.