USA Today publishes misleading editorial on Windows 8 security - Techist - Tech Forum

Go Back   Techist - Tech Forum > Techist Forum Information > News > Software
Click Here to Login
Thread Tools Display Modes
Old 01-13-2013, 09:39 PM   #1 (permalink)
Destroyer of headlines
Megatron's Avatar
Join Date: Dec 2010
Location: Headlines
Posts: 629
Default USA Today publishes misleading editorial on Windows 8 security

For the second consecutive month, a major news outlet has published a misleading article about the security of Microsoft's latest Windows releases, Windows 8 and Windows RT.

USA Today has published an editorial stating the Windows 8 is susceptible to potentially infected "widely available, consumer smartphone apps" that Windows system administrators need to worry about. The editorial follows an article last month that incorrectly stated Surface with Windows RT was vulnerable to traditional Windows viruses.

The editorial, written by Mark Austin, co-founder of Windows privilege management company Avecto, states the app store in Windows 8 and Windows RT could lead to "a whole new set of vulnerabilities" that organizations using Windows haven't had to face before. Part of Austin's argument revolves around the fact that viruses have been distributed to Android users through apps. Austin's editorial fails to mention that these apps are obtained through third-party locations – not the Google Play Store – and require users to change their settings to allow the installation of unsigned apps.

As with the Google Play Store, apps in the Windows Store are reviewed by Microsoft and scanned for viruses prior to being certified; these apps also require a digital signature from Microsoft. As explained in a Building Windows 8 blog post by John Hazen, a Microsoft program manager for its developer experience team, the digital signature prevents fraudulent apps from running on Windows 8 devices.

"Windows uses digital signatures to ensure the integrity of your app all the way from the Store to installation and even when the app is loaded and running on your customer’s computer," Hazen wrote in the blog post. "If Windows detects that the app no longer matches its digital signature, it guides the customer to download a corrected version from the Store."

According to Austin, however, Microsoft could let "malicious applications to slip through the cracks, ultimately infecting a company's entire network," although he gives nothing to support his assertion. Austin also argues that an app being approved by Microsoft for the app store "does not necessarily make it suitable for business use."

Another aspect of Austin's argument is the recent release of a tool that enabled users to pirate paid apps from the Windows Store. That tool also allowed users to sideload unsigned apps to Windows 8 devices but must be performed each time the machine is booted, as the bypass is only temporary.

Again, however, Austin fails to mention that users would have to use a tool to allow the installation of these unsigned apps that could theoretically be infected with a virus – something that's unlikely for most users, especially business users.

Megatron is offline   Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 09:19 AM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.