RSSLonghorn to Clamp Down on Storage
By David Worthington | Published September 10, 2004, 12:04 AM
The next version of Windows, code-named Longhorn, will do away with Microsoft's laissez faire approach to connecting portable storage devices to systems.
Instead of the familiar Plug and Play (PNP), which has seen little change in function since Windows 95, a new technology called "Plug and Play Extensions" will make its debut in Longhorn to allow businesses to regain their rightful jurisdiction over PNP devices.
A consensus has formed among security professionals that the industry's chief concern with PNP devices is portable storage. Unauthorized portable storage devices have been viewed as a growing risk to corporate networks.
"As these drives become smaller, yet have more capacity, organizations are worried that users will use them to steal corporate information," Directions on Microsoft analyst Michael Cherry told BetaNews.
In 2003, Touchtone Entertainment produced a film called "The Recruit" where a rogue agent of the Central Intelligence Agency was able to circumvent the US Military's National Security Systems (CNSS) standards and covertly extract sensitive data from the agency's computers simply by using a USB key storage device hidden in a coffee mug.
Although "The Recruit" was just a movie, it is a tangible example of the type of threats organizations face from a bevy of devices including USB hard drives and key-chain drives. Even seemingly innocuous gadgets like portable music players, media smart cards and digital cameras can pose a risk.
A July 2004 report by Gartner Inc. went as far as to recommend that its clients consider banning such devices, citing the risk of virus infection and the exposure of data.
However, some organizations may want to allow limited use of portable storage devices. To this end Microsoft has taken the interim step of including a registry key in Windows XP Service Pack 2 that changes the permissions on block storage devices to read-only.
When asked for comment, a Microsoft spokesperson declined to elaborate any further.
...that MS addressed the issue of portable storage and network security. Seems like most employees have MP3 players or digital cameras these days. Nice to have some control built into Windows as opposed to having to resort to third-party solutions like SecureNT or GFI's new Portable Device Control.
Interesting note about the registry key in SP2...wasn't aware of that change until reading the link...
Score: 0
|Hmmm… it would appear that some of the previous posters really have their heads up their asses. Did they even read the article?
The article implies that this a security concern from Security professionals and corporations and that it is important enough to implement some way to enforce restrictions. However, the article is not detailed enough to give any indication of how it will be implemented.
At this point in time, one can only speculate on how this security will be introduced. Given Microsoft’s the current direction; I could only assume it would be controlled through group policies.
Also, if this is something that is important to some users or IT organizations, how would implementing Linux which doesn’t have this feature solve the problem?
Score: 0
|And this is open-source's cue to come in and save the day. Come, Linux, and let us make an operating system without gay restrictions like these for the consumer!
Score: 0
|The restriction isn't for the consumer, it's for businesses. It would also help schools deal with their servers being used for mp3 trading.
Score: 0
|And this is your cue to go back to school to learn to read and comprehend...these are restrictions BUSINESSES can enforce on the users on their network...get out of your paranoid hell.
Score: 0
|wonder if they considered or are considering, a home edition, and a pro edition?
Score: 0
|Microsoft makes it, we break it.. and life goes on..
i feel sorry for the average home user that this truelly will stop from useing USB devices easly.. like grandma and the thumbdrive of pics from grandson etc...
Score: 0
|that won't happen. Seems like it'll come enabled by default but there will be registry keys or some sort of lock for corp users if the company so desires.
Score: 0
|LOL another one...I guess you also don't realize this is for businesses to enforce on their users...this isn't something they're doing to hinder the home user.
Score: 0
|