When an operating system is too secure

By Paul Kerstein

There’s an old e-mail that makes the rounds every so often comparing the Microsoft Windows operating system to a car. The gist of it is that if a car ran like the Windows, the automotive industry would be in serious trouble.

Here are a few of the points from the e-mail:

• Occasionally your car would die on the freeway for no reason. You would have to pull to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason you would simply accept this.
• The oil, water temperature, and alternator warning lights would all be replaced by a single “This Car Has Performed An Illegal Operation” warning light.
• The airbag system would ask “Are you sure?” before deploying.

The entire e-mail is pretty amusing–even more for Apple users who don’t seem to suffer the same fate of odd quirks and the sheer number of seemly unexplainable issues.

This brings me to the new Microsoft Vista operating system, due out at the end of this month.

Paul Murphy writes in his blog on ZDnet.com about some of the more extreme security mechanisms on Vista, and questions their effectiveness.

Like the chain e-mail I mentioned, he compares the ability to securely install the new OS to buying a new car.

“Imagine buying a new car that ensured passenger safety by locking out the transmission and defaulting all four disk brakes to full on, thereby allowing buyers to rev the engine and play with the stereo, but not actually to move – unless they first absolve the car maker of any safety responsibilities and then restart the car with all safety devices off.

Now imagine getting your copy of Windows Vista and discovering that you can’t install anything, hardware or software, without jumping through both licensing and security hoops first, can’t run a lot of existing XP software without upgrading applicable permissions to essentially unprotected operation first, and can’t backup anything without either bypassing security at the time of backup, or agreeing that you’ll only recover data on the machine you’re using to write it.”

His real beef is with the User Account Control (UAC) and how it’s going to hamstring the usability of the OS right from the start. Murphy feels that this will likely slow the adoption of Vista on many enterprise and personal systems and wonders how Microsoft will adopt this.

If he’s right, it’s possible that Microsoft will “plan on extending support for XP Service Pack 2, while pushing hard on server based computing for corporate customers.” In the end, he feels it will probably benefit everyone but the customer.

While there’s no denying that security is necessary throughout all aspects of an operating system and the applications that run on it, it’s not supposed to make using it more difficult, is it?