So much for the “Upgrade to Vista for improved security” line.

Computer Reseller News held a security bakeoff between XP and Vista and the results were less-than-impressive:

…businesses that migrate their Windows PCs from XP to Vista will get a slightly more secure OS. But as the Finjan reports showed, Vista’s security remains wafer thin.

In the end, both the Vista and the XP test notebooks were almost equally damaged by viruses, trojans and other malware. And because most of the Web sites in the test were able to exploit Vista’s weaknesses, Internet users are just about equally vulnerable with both OSes.

What isn’t mentioned is that most of even the incremental benefit only comes by surrendering yourself to Trusted Computing–essentially, handing the decision of what’s “OK” on your system over to Microsoft and their annoited corporate partners like the MPAA and RIAA. I’ll pass on that, thank you.

Talking to the OS gurus I know, they’re generally less-than-impressed by Vista as well, and not just from a security perspective. Throw in the DRM Nightmare it brings with it, and the story becomes even less compelling in my mind.

However you want to look at it, though, whether from a Dan Geers biodiversity perspective or just as good application of Portfolio Theory, having multiple operating system options is a Good Thing for reducing risk to the computing infrastructure.