نهاية أن ينهي ثقة و [ويندووس] 7
[إي] حضر سكوت [شرني] فكرة أساسيّة هذا صباح في [رسا] - يتحرّك نحو نهاية أن ينهي ثقة: جهد تعاونيّة. أنا افترضت أنّ ليس كثير من القارئات من هذا [بلوغ] [فميلير ويث] النهاية أن ينهي ثقة قصة. في [نوتشلّ], نهاية أن ينهي ثقة مكروسوفت رؤية ل يخلق آمنة, أكثر يوثق إنترنت. هو رؤية عظيمة, غير أنّ هو أيضا شغل كبيرة أنّ يتطلّب تعهد وبؤرة على ال [فوندمنتلس-فوندمنتلس] أنّ سيساعد سلّمت ال أكثر يؤمّن و [بريفس-نهنسد] صيغ من برمجيّة وخدمات أنّ نحن يتلقّى في أيّ وقت نسلّم. لا [غو يت لون] نحن أيضا. يتطلّب نهاية أن ينهي ثقة تعاون واسعة ضمن الصناعة ومكروسوفت سيستمرّ أن يشارك ممارساتنا جيّدة مع ال هو جماعات من زبوناتنا.
سكوت [تلك بووت] كيف بشدّة نحن يكون نعمل عبر مكروسوفت أن يسلّم تكنولوجيا إبتداعات أنّ يتحرّك الإبرة نحو يوثق كوة, مع أمن يرسّخ في جهاز وهوية [متسستم] (كلمة كبيرة أنّ يعني طريق من يثق الناس الذي هم يقولون هم على الإنترنت). حتّى مع تقدم, يحتاج الناس بعد دفاع قوّيّة [سكريتي تشنولوج] معمّقة وسكوت [تلك بووت] كيف مكروسوفت هوية وأمن تقسيم يكون يسلّم يضمّ هوية وأمن عمل حلول اليوم إلى زبوناتنا. غير أنّ ربّما كان الشيء ممتعة أكثر هو لمس فوق كيف تكنولوجيا إبتداعات فحسب ليسوا كافي. يحتاج إبتداع أيضا أن يحوذ مع سياسيّة, اقتصاديّة وهو يجبر أن يمكّن التغير أنّ يكون حقّا لازمة.
نهاية أن ينهي ثقة رؤية من ماذا يكون يمكن إن نحن بالإجماع نعمل معا, وهو يستطيع ساعدت خاطبت مشاكل [رل وورلد] أنّ يعمّرون وجه يوميّة مثل [إيد] إختلاس, إحتيال متوفّر على شبكة الإنترنات وطفلة أمان. زرت إن أنت تريد أن يعلم أكثر حول نهاية أن ينهي ثقة, http://www.microsoft.com/endtoendtrust أن يجد خارجا القصة كاملة.
![[ويندووس7هرغب]](http://windowsteamblog.com/cfs-file.ashx/__key/CommunityServer.Blogs.Components.WeblogFiles/windowssecurity/Windows7_5F00_h_5F00_rgb_5F00_0EC4F31F.png "[ويندووس7هرغب]"){kind=small}
الآن, [لت'س] [تلك بووت] [ويندووس] 7 والتقدم نحن يكون نجعل أن يسلّم نهاية إلى نهاية ثقة في [ويندووس] منصة. في ي [بلوغ] موقعة بالأمس على كيف [ويندووس] 7 مساعدات يمكّن القوّة عاملة متحرّكة, كتب أنا حول تكنولوجيا مثل [ديركتكّسّ], [بيتلوكر] أن يذهب, و [أبّلوكر]. يلعب كلّ من هذا تكنولوجيا جزء في يساعدنا يمكّن نهاية أن ينهي ثقة, ما إذا هو قوّيّة آلة ومستعملة صحّة هويّة مع [ديركتكّسّ] أو يحدّ برمجيّة جارية على نظامة أن يعرف, يوثق تطبيقات مع [أبّلوكر]. غير أنّ هناك أخرى تكنولوجيا أنّ يساعدنا أيضا:
هيكل قياسيّ حيويّ
بصمة يصبح ماسحات [مور ند مور] عامة في الحاسوب المحمول معياريّة [كنفيغرأيشنس-مي] الحاسوب المحمول أتى معيار مع واحدة. Windows 7 helps ensure that fingerprint readers work well and that they are easy to set up and use. This is accomplished by taking the common code that everyone needs to write and standardizing it in the platform so that biometric hardware vendors can concentrate on the code they need to write to make their device work and not have to worry about how it ties into Windows. This new framework makes logging on to Windows using a fingerprint more reliable across different hardware providers and makes fingerprint reader configurations are easy to modify. This puts the user in control of how they log on to Windows 7 and manage the fingerprint data stored on their PC.
Improved Smart Card Support
Password-based authentication has well-understood security limitations; however, deploying strong authentication technologies like smart cards remains a challenge for many. Windows 7 enhances the smart card infrastructure advances made in Windows Vista through support of Plug and Play. This eases deployment of smart card infrastructures because drivers for both smart cards and smart card readers are automatically installed, without the need for administrative permissions or user interaction. I think this new behavior is going to ease the deployment of strong, two-factor authentication for many organizations.
BitLocker
I’m a big fan of BitLocker, it helps prevent a thief who boots another operating system or runs a software hacking tool from breaking into my laptop if they happen to get a hold of it. This holds true for both the operating system volume (C: drive) and my data volume (D: drive). Most customers I talk to love the encryption protection that BitLocker provides, but many are not aware that BitLocker also does integrity checking of early boot components to help ensure that the system has not been tampered with and that the encrypted drive has not been swapped out to another computer. This integrity checking ties back into the “security rooted in hardware” that is a part of End to End Trust. This integrity checking utilizes a Trusted Platform Module (a smart card like chip on the system motherboard) to help protect the encryption keys utilized by BitLocker. This is true for BitLocker in Windows 7 as well as Windows Vista.
We’ve also listened to feedback and made enhancements to Windows 7 BitLocker to provide a better experience for IT Pros and for end users. One of the simple enhancements we made is to right-click enable the BitLocker protection of a disk volume. Now I can go to Windows Explorer and right click any disk volume, including my removable BitLocker To Go volumes, and encrypt them right there without having to go to the Control Panel.
Another big change was the addition of Data Recovery Agent (DRA) support for all protected volumes. The DRA is a certificate-based data recovery agent that can be utilized to recover the contents of any BitLocker protected volume. Since the group policy settings are separate for Operating System Drives, Fixed Data Drives, and Removable Data Drives, customers have flexibility in how they want to configure their recovery options for the different threats that each separate drive type may experience.
With BitLocker and BitLocker To Go, enterprises can rest assured that their information and data is secure, no matter where their employees are working. I know I feel better knowing my laptop and all of my USB sticks are protected!
Internet Explorer 8
I know folks are more concerned than ever about protecting themselves while online, particularly form identity theft, malware, and other potentially dangerous online threats. I feel like we have done a lot in the platform and the security technologies we have been talking about this week (Firewall, DirectAccess, BitLocker To Go and AppLocker) are a part of the protection equation. But Internet Explorer 8 is also another huge piece of the equation as users spend more time online, in their browsers. IE 8 is the most secure web browser on the market and provides another, vital layer of defense against online threats.
We built upon the phishing protection in Internet Explorer 7 with the SmartScreen Filter, which now adds protection from malware – a threat that is growing significantly faster than phishing.
We also built in support for protecting users against type-1 (or “reflection) Cross-Site Scripting (XSS) attacks. XSS threats try to exploit vulnerabilities in the websites we visit and are quickly becoming one of the most prevalent ways web sites can be compromised. The bad news for you and I is that an XSS attack can help a bad guy steal our usernames and passwords for our online bank accounts or other confidential information. The XSS filter in IE 8 uses heuristics to detect such attacks and, when they are detected, prevent their execution. This should help you and I safe from the most common form of XSS attacks in use today.
Another innovation concerns ClickJacking. While a lot or people have heard of phishing attacks, a new kind of phishing attack called ClickJacking is on the rise. ClickJacking occurs where an attacker’s web page deceives a person into clicking on content from another website without realizing it – so they’re clicking on something that, for instance, buys something from the site, changes settings on their browser, or provides advertisements that these cybercriminals get paid for. ClickJacking Protection in IE is a feature that allows Web site content owners to put a tag in a page header that will help prevent ClickJacking.
I think the IE team has done a great job with the security in IE 8 and love that it puts people in control of their safety and privacy and helps protect them from new online threats. For those of you who are interested, there is a lot more security goodness in IE 8 on the IE blog and via these links:
- IE8 Security Part I: DEP/NX Memory Protection
- IE8 Security Part II: ActiveX Improvements
- IE8 Security Part III: SmartScreen® Filter
- IE8 Security Part IV: The XSS Filter
- IE8 Security Part V: Comprehensive Protection
- IE8 Security Part VI: Beta 2 Update
- IE8 Security Part VII: ClickJacking Defenses
- IE8 Security Part VIII: SmartScreen Filter Release Candidate Update
- IE8 Security Part IX - Anti-Malware protection with IE8’s SmartScreen Filter
Got To Run
I feel great about Windows 7 and the security enhancements we have been able to make. Hopefully as you learn more about the security work that we have put into it, you will reach the same conclusion that I have: Windows 7 is the most robust platform we have ever delivered, it helps support End to End trust, helps keep you and I safe, and was designed to prevent malware from getting onto our PCs to begin with.
There is a lot going on here at RSA and I want to go spend some more time seeing what’s new and exciting. I’ll be back with some of my impressions of RSA in a bit.
Written by Paul Cooke. Read more great feeds at is source WEBSITE
no comments.
Read more articles on Windows Biometric Framework and RSA and SmartScreen and End to End Trust and Clickjacking and otherSoftware and BitLocker and Biometrics and internet explorer 8 and smart card and Security.
- [+] Digg: Feature this article
- [+] Del.icio.us: Bookmark this article
- [+] Furl: Bookmark this article
