Bandaids are supposed to be used for first aid, not preventative maintenance. Here’s a good example of why you need to make security a priority early in the system design cycle.

Today I spent 45 minutes on my handsfree cell-phone while driving (and another 20 minutes on my home phone), helping a friend configure his new laptop PC to work with his wireless network. In the end, I don’t think Vista was actually the root of the connection problem, but it certainly didn’t help. I still don’t know why Vista can’t just recognize the wireless card, recognize the network and ask for the encryption key; then make the connection. It shouldn’t take more than a minute. As Bulldog Briscoe would say on the old “Frasier” sitcom, “This is crap! This is total BS!” Then he would thwak Bill Gates in the forehead with his knuckles…
It’s not just that adding security after the fact leaves an endless list of inherent vulnerabilities in its wake. Bandaid patches and features (trying to put security features into a system after it’s architecture is already designed) make systems less user friendly, and users will tend to avoid using security features that could have helped them to reduce risk, making them more vulnerable. There’s the paradox. It’s going to put a lot of pressure on IT departments to get it right before they deploy systems like Vista. For home users, it is just going to be a mess.

So, there I am waving my hands across my windshield like Tom Cruise in “Minority Report”, trying to will my friend’s laptop to show him the cascade of system options and windows I hope will lead him to the magical options that tell the wireles card that it’s OK to initiate a connection to his home network. Similarly for his “trial” version of internet security software, and his wireless router.

I can’t believe we got it working without me ever seeing his screens, but we did have to set a new MAC address on his wireless card for some reason, and ended up disabling MAC filtering. At least we were able to get wireless security to work.

I cringe at the thought of how many people give up putting any kind of filtering or security on their wireless networks just because it can be virtually impossible to make it work out of the box without someone who has done it before.

My only other experience with Vista was when I had a loaner laptop while mine was in the shop for 2 weeks, and I cursed it every day. At this point, just because I don’t believe it can be any worse, I plan to get a MacBook when my old laptop dies.

Theoretically, Microsoft has put a lot more security into Vista than they have ever done to Windows before. But I can’t see how any of it will get used by most users. All this because security was not a priority when the operating system was designed, not to mention the internet and wireless protocols. As for the internet security software that comes as a “trial” with new PC’s, it’s not an ideal situation. There are still too many things that don’t work with antivirus and firewall software, which leads to these things being turned off just to get basic functionality working.

Let’s keep the pressure on all system developers to make usable security a priority, instead of just adding it as a bandaid with failing adhesive that’s easy to pull off when the system doesn’t work.