Microsoft and Sophos bicker over Windows 7 XP mode
Posted on 24 Aug 2009 at 08:54
Microsoft and security company Sophos have become embroiled in a slanging match over security in Windows 7's XP Mode.
The row broke out after Sophos's chief technology officer Richard Jacobs posted a blog highlighting the difficulties involved in managing the security for two operating systems. His central thrust was that the benefits of backward compatibility through XP Mode also exposed the user to unnecessary security threats.
"XP mode is an independent Windows instance, that shares the odd folder and device with the host Windows 7 installation. What it doesn't share is processes and memory," Jacobs wrote.
"So it doesn't share security settings, security software, patches etc. It does not inherit any security from the host. When you use XP mode, you need to patch the copy of XP as well as the host Windows 7. You need to manage settings separately, configure two personal firewalls and install and manage two copies of anti-malware software," he adds.
XP mode reminds us all that security will never be Microsoft's first priority
He followed this up by questioning Microsoft's stance on security: "XP mode reminds us all that security will never be Microsoft's first priority. It will do enough security to ensure that security concerns aren't a barrier to sales, but not so much that it gets in the way of 'progress'."
The comments drew a swift response from Roger Halbheer, Microsoft's chief security advisor for EMEA. In a blog stuffed with statistics, he argued that enticing the upgrade holdouts to switch from XP to Windows 7 was the big win of XP mode and would prove a bigger boon to the security conscious in the long run.
"Which risk is higher? Leaving our customers on an eight to ten-year-old operating system for another few years, or helping them to migrate to a modern one, accepting the drawback with XP Mode?" asks Halbheer on the blog.
This didn't buy any slack from Jacobs though, who took the response as a victory - arguing that Halbheer had missed his point: "The problem is not with the idea of XP Mode, but with the lack of management and the lack of clarity about the costs that users will incur," says Jacobs.
"The key concern is that every Windows 7 PC running XP mode incurs the overheads of securing two PCs. I don't know many IT departments that will be happy to double their workload and costs in the name of security. They're much more likely to stick with native XP and sacrifice any of the other benefits that Windows 7 might have delivered," he concludes.
From around the web
Yes but...
Jacobs is right to highlight the cost of securing both the XP and Win7 portions. However, isn't this an argument against just about any virtualisation using 2 different OSs? You need to patch both host and virtualised OS. (Probably it's not double the cost because the virtualised one can be thrown away if infected).
So isn't it misleading to regard this as an issue with XP mode, as if it were only XP mode that suffers the issue?
By AdrianB on 24 Aug 2009 
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Why virtualisation hasn't slowed the growth of data
- How to make Google AdWords work for your business
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
advertisement
Printed from www.pcpro.co.uk