a secure windows vista

There are quite a few "live" installations Linux that can run directly from a CD or DVD, it seems Microsoft could "do no wrong" by creating an unalterable, dare I say "secure" version of Windows Vista that could run without a hard drive.
Even if such a 'creature' could be created to use a minimal amount of hard drive space, it seems this would prevent viruses from infecting *.exe and other types of files. In one fell swoop dozens or hundreds of potential system exploits could be denied before having a chance to be tested.
This would be in line with Mr. Gates' earlier statements regarding security being a number one priority at Microsoft.
The early days of computing slow (2x, 4x, 8x) drives and smaller memory architectures made such a machine impossibly slow to load and run, but in these days of ultra-fast read ahead caching, front side busing and dual-channel what-cha-ma-jiggys, a "hard disk-less" workstation seems viable.
Imagine the tens of thousands of dollars a corporation could save by performing operating system upgrades by simply swapping out CDs!
~ Dennis C. 11 year support veteran 22 year computer user

How are you going to process automatic updates or service packs? What about drivers from third parties? Storing configuration settings? Unless you are planning to burn a new DVD every tuesday, for each workstation in your company, until the end of time.
But I suppose it would be possible, although unrealistic for all but the smallest of businesses.
I think Windows continues to get closer and closer of forcing read-only access to system files with every release. Now that the file system is required to be NTFS on the system partition, and combined with the new user account protection, and with the requirement of signed drivers on x64, it is much, much harder to modify system files or load malicious drivers.
Granted, you can still give a malicious program permission to wipe out your system ... but at least now you can't blame Windows :)
- JB
Vista FAQ http://www.jimmah.com/vista/

"Jimmy Brush" wrote in message

Granted, you can still give a malicious program permission to wipe out your system ... but at least now you can't blame Windows :)
- JB
Vista FAQ http://www.jimmah.com/vista/

And yet they will. It is human propensity to not accept self-stupidity for a dire consequence.
Do you remember when Audi was faced with the "Unintended-acceleration" issue? The real cause was the pedals were a little close together and people were hammering the throttle instead of the brake. Do you think you could tell a parent who had just run over and killed their own child that they were not able to tell the throttle from the brake? No, you blame anyone else you can. Human nature at its finest.
Microsoft will be blamed for keyboards not being milk-proof as sure as you and I breathe, and this will never cease.

But just because something in unalterable doesn't mean it's secure. There's a million ways to breach security without altering any files at all. Putting the OS on a read-only drive wouldn't accomplish much of anything in terms of security. There's still RAM, where all the dirty work happens, and there still has to be writeable disk storage, where you can store all kinds of other nasties.
Loading common executables at random locations, as Vista does, certainly hides many of the vulnerabilities of having those memory locations be widely known and predictable. Coupling that with hardware DEP in 64-bit processes certainly helps a lot. And there are plenty of other things Vista has along those lines that never existed in earlier versions of Windows.
There's no such thing as a 100% secure computer or network. Never will be, never has been. Even the highest-level top secret government installations in the world know better than that. That's why they have to run intrusion detection systems and everything else to secure they're security. Running Windows Vista from a CD or DVD would do virtually nothing to make their systems more secure, nor ours.

"Dennis the Nerf Herder" <Dennis the Nerf Herder@discussions.microsoft.com> wrote in message

There are quite a few "live" installations Linux that can run directly from a CD or DVD, it seems Microsoft could "do no wrong" by creating an unalterable, dare I say "secure" version of Windows Vista that could run without a hard drive.
Even if such a 'creature' could be created to use a minimal amount of hard drive space, it seems this would prevent viruses from infecting *.exe and other types of files. In one fell swoop dozens or hundreds of potential system exploits could be denied before having a chance to be tested.
This would be in line with Mr. Gates' earlier statements regarding security being a number one priority at Microsoft.
The early days of computing slow (2x, 4x, 8x) drives and smaller memory architectures made such a machine impossibly slow to load and run, but in these days of ultra-fast read ahead caching, front side busing and dual-channel what-cha-ma-jiggys, a "hard disk-less" workstation seems viable.
Imagine the tens of thousands of dollars a corporation could save by performing operating system upgrades by simply swapping out CDs!
~ Dennis C. 11 year support veteran 22 year computer user

Agreed. Wait (not that long) for malware in the form of hypervisors and other virtualization technologies that are memory-resident only and leave no footprint when the system isn't running. We'll see this in the wild in the next year.
"Alan Simpson" wrote in message

But just because something in unalterable doesn't mean it's secure. There's a million ways to breach security without altering any files at all. Putting the OS on a read-only drive wouldn't accomplish much of anything in terms of security. There's still RAM, where all the dirty work happens, and there still has to be writeable disk storage, where you can store all kinds of other nasties.
Loading common executables at random locations, as Vista does, certainly hides many of the vulnerabilities of having those memory locations be widely known and predictable. Coupling that with hardware DEP in 64-bit processes certainly helps a lot. And there are plenty of other things Vista has along those lines that never existed in earlier versions of Windows.
There's no such thing as a 100% secure computer or network. Never will be, never has been. Even the highest-level top secret government installations in the world know better than that. That's why they have to run intrusion detection systems and everything else to secure they're security. Running Windows Vista from a CD or DVD would do virtually nothing to make their systems more secure, nor ours.

"Jimmy Brush" wrote:

How are you going to process automatic updates or service packs? What about drivers from third parties? Storing configuration settings? Unless you are planning to burn a new DVD every tuesday, for each workstation in your company, until the end of time.

Jimmy, I think that many basic drivers are submitted to Microsoft ahead of being released with the O.S. or before they are made available to registered product owners, companies or the public. So Microsoft can evaluate the dependencies of these drivers (or co-dependencies) and roll-up the driver into the next Service Pack update.
Is Microsoft talking about doing away with Service Packs in Vista? Sorry if this question has been asked and answered already. I am a very new forum member.
Many organizations are already downloading SPs and deploying them across their enterprises in automated fashions, so it seems to me that physical disks which could be traded would make tracking deployed copies easier. Nobody gets a OS disk until they turn in an OS disk, and lost disks require the end-user to fill out a form.
Someone else replied the OS isn't the only place to hide a virus, and I understand that, but it seems to be the first place virii tend to get "injected".
CD/DVD burning technology seems to have caught up with the speed people are working at these days, and an OS on a disk means not having to physically take the computer away from the user for 1, 2 or 3 hours to perform updates. I know this is still happening at some companies because as a temporary employee I have seen it. Perhaps those companies are doing things the hard way, but that is what I have seen and it also seems to be inconvenient and labor intensive (eg. expensive).