It’s been several weeks now since WinHEC, and we’ve been hard at work on RC1 work for the NetIO networking stack in Windows Vista and Windows Server Code-Name Longhorn. It was really great to meet with so many of the folks who’ve been partnering with us in changing the face of networking!
I was at Black Hat USA 2006 in Las Vegas earlier this month, where I got a chance to talk about some of the work we’ve been putting into the Windows Filtering Platform (WFP) which makes the NetIO stack’s activity more transparent, and provides more direct control over its operation. While I was there, I met Tim Newsham, who is one of the authors of a Symantec report on the security of the NetIO stack in Windows Vista. Their initial work was done on build 5270 where they found a few issues. When they moved to the Beta 2 build of Windows Vista to update the report, they found that virtually all of the issues had been addressed as part of our routine ongoing Security Development Lifecycle (SDL) process! Tim is at iSEC Partners now, a firm that has also done some work with us on the IP security capabilities in Windows. Tim’s colleague Jim Hoagland is still at Symantec, working on an update to the report, and we’ll be helping him out as that develops.
Tim and I both laughed about some of the feedback that followed from their report. For me, it was particularly interesting to read stories where the NetIO stack is referred to as “new”. We’ve had the stack up and running since 2003, so for us it’s already old and familiar. In that time the stack has been maturing and running in a wide variety of environments that, put together, probably equate to several years of operational experience for any other networking stack.
Even more interesting is the little-known fact that several of the security improvements that we shipped for networking in Windows XP SP2 were actually back-ported to XP from the NetIO stack. As a result, what we’re doing in Windows Vista really predates, continues and deepens the security focus that went into Windows XP SP2. We’ve got lots more to come, so stay tuned and, as always, keep the feedback coming.