Slashdot Mirror
Microsoft Beta Includes Built-in Virus Scanner
Ethereal writes "InternetNews.com reports that Microsoft has begun beta-testing a built-in virus scanner for its Windows XP Service Pack 2 (SP2) that will be included in the final product in mid-2004. The tool is among the operating system enhancements the Redmond, Wash., company is developing as part of its Security Center initiative to rebuff viruses, worms, trojans and crackers. Microsoft will also provide free online training to help developers make the most of SP2's security features, Chairman Bill Gates said at today's RSA Security conference. It's the first time the company has offered training with a Windows service pack release."
I bet the anti-virus software companies are really going to like this one.
You install the software, boot it for the first time, run its virus scanner, which uninstalls said software. Nice, Huh?
this next service pack is going to seriously fuck up some software industries... a better personal firewall, a popup killer, and now antivirus, all now bundled with the OS? and free?!
it's good that MS is being proactive (and i don't think they're doing this on purpose -- there is of course legitimate demand for these features), but it's chilling to see how they're capable of slaying entire software industries with the press of a button. this is going to RAPE antivirus/firewall/popup killing companies/industries, even if they have better products -- most consumers, and even a good chunk of small to mid-size businesses, only need a basic virus scanner, for example. and it's pretty fucking hard to compete with OS-preinstalled AND free.
sigh. grab your ankles.
of course this doesn't apply to all software products, but, what's the incentive to create a clever software product anymore, especially a small but ingenious shareware-type app, if all it takes is for MS to assign a couple of lackeys in MS Research to duplicate your product and then preinstall it with the next version of the OS for free? obligatory examples are netscape and winzip but really they're innumerable.
next on death row: spam stoppers, anti-spyware utils...
they really ought to have split MS up.
-fren
"Where are we going, and why am I in this handbasket?"
Will the inclusion of A default Scanner kill Norton and Mcaffee? I think they are now sitting ducks. why buy what comes free with your new computer?
Well.. maybe. Or Maybe not. But Definitely not sort of.
Error! Error! entire system has holes in it for potential viruses. Please change operating systems or send us money immediately!
What happens with these programs? Does both the Windows virus scanner and the 3rd party work at the same time? Or is it something that you can set in the settings, like "default browser".
Interesting!
http://github.com/gbook/nidb
But a good idea, I guess. I'm kind of surprised they didn't get into the anti-virus biz a long time ago. Maybe they felt it would be an admission of weakness or something.
Hexy - a strategy game for iPhone/iPod Touch
Would this be a vioaltion of their anti-trust agreement? Seems like this could really put the hurt on Norton, etc.
This sig has been temporarily disconnected or is no longer in service
Monopolistic overreaching of power, or fantastic move to combat viruses? It doesnt really matter, as MS is going to be both praised and sued for this move, even tho it may turn out to be a great one. You cant satisfy all of the people all of the time.
same thing as releasing security updates. But they can set it up to automatically update with this heading and people are less likely to disable it.
30% Troll, 50% Underrated, 10% Interesting
Score:5, Troll
A single byte of new code spawned from the beast just leads to another potential for 1000 bytes of code to exploit it. When will they learn to remove instead of add?
./revolution
... Microsoft will be including a scanner which can scan for viruses which get in through security holes in their OS?
Ow. I think I just broke my brain.
I love the smell of Antitrust Lawsuits in the Morning.
I bet the anti-virus software companies are really going to like this one.
How long do you think it will take for Symantic, etc to file antitrust against microsoft. 6 months? 12 Months?
How about not making it so easily vulnerable to viruses in the first place. This is like putting a band-aid on a arterial wound. Microsoft needs to get a clue.
If you cannot keep politics out of your moderation remove yourself from the Mod Lottery.. NOW!
Isn't it a really bad idea to have the primary defense mechanism INTEGRATED WITH THE OPERATING SYSTEM? What the hell?
"Faith: Belief without evidence in what is told by one who speaks without knowledge, of things without parallel." - A.B.
- After central point died, MS just didn't bother trying another one
- Another anti virus vendor cried "Anti-Trust!" and MS backed down
- None were ready for Win95 at the time
- MS just didn't care
- Any combo of the above...
I can't help but think though, had MS continued with offering anti-virus software, they MyDoom virus (amongst other worms) might have been a fraction of the attack it was...so sad......in bed
I'm sure the initial product will be free, but something makes me think that MS will be just as eager to charge you a monthly fee for Virus Definition Updates.
So what happens when the virus scanner either deletes a critical windows file or itself cause it _thinks_ it knows what it's doing... I can't wait to see how many fixes come out for this thing.
Even a stopped clock gives the right time twice a day.
What kind of viruses will the scanner delete?
Will we have the choice to turn theirs off?
I mean, Microsoft is so lax with their security updates, I am not sure if they would create a false sense of security. Also, what if Microsoft detects illegal software? Is this a virus? Will we retain control? Is this a premonition of the TCPA?
Well, perhaps this time around, we'll get it for free. However, how much will it cost us in the next versions lisence? Or when we renew corporate agreements? And support agreements? Oh, sure...it's just an extra $50/seat!
I can see the hand writing on the wall now.
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
Dell WinME machines still came preloaded with WinDVD, despite the built in DVD player of WinME. It's all up to Gateway, Dell and such whether to include additional software to match a build in OS feature.
Anti virus software needs to be constantly updated. I'm still waiting for somebody to hack the ability to fake a Microsoft Certificate, so they can use the update mechanism to distribute viruses/worms instead. What are the chances of Microsoft's security measures actually becoming yet another vector for compromising security? Am I the only one that wonders if I'm actually getting Microsoft blessed software every time I run Windows Update?
"Freedom means freedom for everybody" -- Dick Cheney
If there's one software industry I wouldn't shed many tears over the loss of, it's the one whose business model is to profit thanks to viruses.
Get Grisoft.
You probably shouldn't click this.
Microsoft Beta Includes Built-in Virus Scanner
Time to dump your McAfee and Simantec stock as fast as possible.
Isn't that a brilliant scam? (1) Microsoft messes up and makes virus- and worm-prone products. (2) A whole industry develops around the Microsoft flaws like mold on cheese, (3) Microsoft takes over the Microsoft-problem-solving industry.
Brilliant, just brilliant. These guys never cease to amaze me.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
"Holy fucking shit fuck!"
Oh, you are being serious. A company does something to make it's customers happy, and you want government gangsters to split them up because they put someone else out of business? As a consumer, what entitles TrendMicro to my $$$ when I would rather give it to MS (or not give it - service packs are free.
Get a clue. Just because you can write code doesn't mean you understand economics.
Hmm so Microsoft can't add anything to their product because there's another company already doing the same thing for their product. Yea that's really bright. Lets deny MS the right to improve their OS then Linux will be the defacto OS -- but oh wait, gotta rip out the firewall because norton makes one, gotta rip out the browser because that would stomp on opera. Rip out that media player because we gotta make sure REAL makes money, oh lord we can't forget about real.
And splitting up MS wouldn't have done jack squat about this. The OS division would have happilly put in virus and firewall protection and you know why? BECAUSE THAT KIND OF STUFF BELONGS IN THE OS! (WoW). Shoot, we can be grateful they didn't split MS up because then the OS division would be all over the place and wouldn't have to worry about bogus (don't let them improve the product!) BS like this.
Crushing the anitvirus industry in the name of security. Good one. I'm sure Longhorn will have more advanced CD burning capabilities too. Wonder what the folks at Symantec and McAfee think about this?
This guy is way out there
From what I hear, they will be including a never before seen virus definition to help weed out machines on the network that have been infected with that "Linux" virus they've been trying to stop for so long. :)
I've been working with beta builds of SP2 at work, and from looking at it, I am under the impression that what Microsoft is actually including is not actually a virus scanner, but rather integration with 3rd party virus scanners. The last build I tested (2077), complained that I didn't have any virus scanning software installed, and suggested that I remedy the situation. Poking around revealed that it has the capability to work with many existing virus scanning packages, and warn you when your virus definitions are out of date, and possibly even keep them up to date for you. Of course, maybe what I've seen so far is only a prelude to full blown anti-virus software from MS...
Shawn Asmussen
... when it was reported last year by ZDNET / news.com / Network Fusion / pcmag... that Microsoft were to buy a Romanian antivirus company !
Persoanlly I think anti-virus software should run at the router of your ISP. That way PC's are never affected (or rarely).
They will probably avoid all the public relations nightmares surrounding security updates by embedding the security updates in the Virus definition updates. Then, it won't look like the OS is broke anymore.. It'll just be "Virus definition updates" everyday.
Well look,
They have to realize that they are a software company. All of these companies have had a jump on these technologies for a long time. If they are to succeed, their product will simply have to be better than what is included offered at a valuable price to the consumer.
Now, the software business is no different than anything else. In order to reduce risk, you have to diverisfy. If your soul business is personal/firewall and antivirus you will know that you are in a highly competative market(high risk).
If you expect to run a business you will have to design your operations to be able to overcome industry trends or you will fail. There is no sense to cry, its just logical.
Its like a programmer concentrating on 1 language. Sure its great if you know the one language, but when companies don't wanna spend money on developping in that language any more what are you going to do?
Eggs in one basket? Please think.
obligatory examples are netscape and winzip
The ZIP handling features in XP are licensed from WinZip. I'm sure Microsoft is by far and away Niko's best customer.
you geeks are funny. you are all against government intervention until it comes to a company's right to sell its products.
You're bitching because Microsoft finally added a popup blocker, a better firewall, and some AV utils?
If Microsoft didn't include these items, you'd be the same one fucking bitching that they weren't securing their software good enough.
This goes back to Tim Bray's Sharecropper Analogy.
Essentially, the idea is that if you're not developing for an open platform, you're a sharecropper. Your entire existance as a developer is predicated on the fact that you're working for someone else's platform that they own and control. If they decide that they like your product's functionality, they can either buy you out, or simply integrate it into the platform, most likely putting you out of business.
Apple has does this in the past, with Watson & Sherlock, and Microsoft has done this many, many times. Netscape, Winamp, and now Norton & McAfee. Microsoft has a pattern of simply offering a product as an additional download, then tying it into the next version of the OS with no real way to remove it.
What this means for Norton, McAfee, Trend Micro, and the dozens of other AV people is not exactly clear yet. But it's a good possibility that many of their employees will be touching up their resumes once this Service Pack gets released. Unless, of course, they sue MS. Either way, I see this as a major strain on their business relationships with Microsoft.
Not nearly as long as it will take the planet's collective sys admins to deploy SP2!
I am become Troll, destroyer of threads
How long do you think it will take for Symantic, etc to file antitrust against microsoft. 6 months? 12 Months?
How about not making it so easily vulnerable to viruses in the first place. This is like putting a band-aid on a arterial wound.
To make a silly point, that would also put the AV people out of business, except they wouldn't get one last blaze of lawsuit before they went away.
Of course there will still be the hacks that rely on social engineering...
I agree with the poster when he (or she) said Get a clue. Just because you can write code doesn't mean you understand economics.
Anyone who can't see past the words anti and trust are missing the point completely. For too long, McAfee and Symantec have produced inferior, bloated, virus scanners. Combine their personal firewall and anti-spam software, along with one of their anti-virus packages, and you've just blown nearly 32 megabytes of RAM on UI enhancements.
NOD32 works so much better, and in a smaller, less bloated interface. Yes, you also have to pay for it, and it's not a well-known big name company. However, you won't find a better anti-virus package on the planet. Check out their awards here.
If Microsoft wants to bundle this stuff with SP2, then I'm all for it. Free, and forced down your throat so the majority of moronic users stop getting their boxes infected by the latest worm-du-jour.
This is not a free service from Microsoft. It is a free update, but the cost of the service will be built into Windows, either through an update fee or with the Operating System tax that goes directly to Microsoft when you buy your computer.
I think it's the only thing Microsoft can do to "make it right". After all, why should third parties be responsible for tracking viruses and such when it's Microsoft's fault for allowing them to exist in the first place?
I am forever telling my customers to buy antivirus software and making sure that their definitions are up to date, this is an added tax that corporations should never have had to pay. It's rediculous that in order to run a Microsoft product less adept users are forced to pay $40 for antivirus software and then $20 a year to keep getting definition updates. It often seems like an added tax that you're forced to pay even after you've already paid Microsoft for the privilege of using Windows.
So good for Microsoft. They've saved the bulk of their customers that much more money per annum and I think it is well past time they did this.
John the Kiwi
Zonealarm and mcafee are shit (I've seen alot of viruses slip by mcafee), but Symantec really knows their business and I have nothing but respect for them. I trust them far more then MS.
Religion is a gateway psychosis. -- Dave Foley
Excuse me, but "proactive" ? Isn't that just a buzzword that dumb people use to sound important? Not that I'm accusing you of anything like that... I'm fired aren't I?
"The space elevator will be built about 50 years after everyone stops laughing." - Arthur C. Clarke ~1980
Parent is spot-on, and I think the companies mentioned have it coming to them, but I think it's a lot more serious than this, and I don't otherwise think either side is categorically wrong.
My estimate is that 80% or more of the software sold for the Windows platform is 'compensatory': it's stuff you wouldn't dream of having if Windows were as adequate as it should be.
Virus scanners, personal firewalls, trojan eliminators, anti-hacker tools - we're always back to square one: Microsoft let the demons in to start with. As Bill Joy so eloquently put it:
They took systems designed for isolated desktop systems and put them on the net without thinking about evildoers.
Apple Macs come with a built-in firewall, and I don't see anybody complaining over there. They also come with a built-in mail filter, and the same thing applies: no one is complaining. In fact, it all makes good sense.
Your Windows 'cottage industries' are never never never going to enlighten their clients anyway. They're never going to really care for them, and tell them the truth, that the easiest way out of this slaughter that continues every day is to ditch the Microsoft ship. No, they want you to keep using Windows; they want you to keep getting the shit kicked out of you; if you migrated to Unix, they'd be penniless.
The ultimate irony of course is that Microsoft themselves are now mucking with 'compensatory' software - instead of fixing the holes that make such gems necessary in the first place (something they're most likely incapable of doing anyway).
No solutions; just observations. The world goes round.
Problem is, once they start examining traffic for viruses, you get pressure groups wanting them to do the same for child pornography, spam etc. To retain the "common carrier" status they claim to have (im not sure if they have the same protections as telecoms companies to this regard), they need to exercise a hands off approach as much as possible. Also think of the outcry a false positive would bring, the ISPs would be sued of the face of the planet by certain people who think its their goddamn given right to do what they damn well please, damn everyone who gets in the way.
The difference is that McAffee, Norton, et. al. have a vested interest in there being lots of new viruses, which leads me to wonder if they don't also assist in creating them. Microsoft has a vested interest in not having their software be perceived as being susceptible to viruses, so this might actually be a feature best provided by the OS vendors themselves -- much as I hate to admit it.
"Freedom means freedom for everybody" -- Dick Cheney
*Linux has been detected. This can be potentially harmful to Windows. Removing...*
Still, even if Microsoft manages to plug all their holes in the recent SP, there will still be a need for virus protection. Just think of all the viruses that spread very quickly even though they are the type that the user has to intentionally run. I'm sorry, but if you run a file that happens to be a virus you have no one to blame except for yourself. It doesn't really matter what operating system you use, if you run an untrusted execuitable you could be in trouble. It just so happens that a vast majority of the uneducated users end up on Windows, so that is where you see email viruses spreading. I think that by including a virus scanner and moving very quickly on updates, MS may be able to prevent a large amount of viruses that spread in this manner. Of course, there will still be all the users who run earlier versions of Windows and who still don't know enough to not open every file that they get.
SIGFAULT
Has anybody actually been able to try this beta to see if there really is AV software included? The screenshots I've seen of a slightly older build (2077) show that it's only recommending you to install AV, not that it already has it.
So who was the first to bitch about MS's anti-competitive practices with this one? When are you elitist opensource primadonnas* going to realize that MS can build anything it damn well wants to into it's OS? For fucks sake, you cry about MS security, well here's an extra layer of it built into the OS and we're alrady whining about anti-competitive practices. Will you people PLEASE buy some consistancy here???? And WTF are you worried about anyway? If MS is as bad as you say it is, the anti-virus community doesn't have a damn thing to worry about. MS added native file compression to windows. THAT software industry is alive and well. They added native CD burning. THAT industry is alive and well too. Media playback? Check. Firewall? Ditto.
Shut your gob for once. Please.
*Not all open-sourcers, but you know who you are. You probably just modded me down, infact.
You need a FREE iPod Nano
...as MS is going to be both praised and sued for this move, even tho it may turn out to be a great one.
And then again, it might not. One would have to assume that they would do a better job writting anti-virus software than they do writting virus proof software in order believe that this is a good move. Otherwise, everyone will run the bundled AV telling themselves their safe, while hackers (the blackhats) can focus on a single AV program to fool. It just means that the RPC virus needs to disable MSAV before uploading it's payload.
So far there has been a multitude of different virus scanning software on the market designed to eliminate viruses that spread so well because of the monoculture currently inherent in the operating system market. To my recollection, there have also been some viruses that particularly attack and disable Norton AntiVirus because it's the leading anti-virus software on the market.
Now let's make the assumption that the built-in virus scanner becomes the default in over 95% of Windows installations.
Who is going to write a virus that will be automatically removed at the very moment the built in virus scanner has updated its definitions?
That's right, nobody. That's why every new Windows virus will simply disable the market's only virus scanner (or its auto-update facility) upon infection and the user will be under a false sense of security even though his/her system is infected.
Naturally the virus cannot infect computers with updated definitions, but the virus will always have some time to spread in the wild before new definitions are released. If each infection equals one machine with disabled virus protection (and a clueless user who doesn't know how or feel the need to re-enable it), it's not much better a situation than the one we have now.
The Anti-Virus makers have totally missed the entire spyware industry in their AV products, instead recommeding that you buy their whole suite that includes a pop up blocker, anti-spam filter, and firewall-for-newbies product. They then price that suite at three times the cost of the original AV program.
The truth is, it'd be much easier if we just had one program-scanner that'd alert on both viruses and trojan horses, and the better spam products are coming from suppliers who don't have AV products, and firewalls are best built into routers anyway. So... uhm, we don't need the rest of the suite.
Take the core product from the AV companies, and their other products won't have a leg to stand on anymore...
Unless MS choose the easy option and licence the existing AV products, like they did with WinZIP. This way Symantic/Norton could concentrare on the real AV stuff, have some bells-and-whistles premium products and soak up lots of cash for MS doing the retail side for them. In this scenario they'd be the last people to complain.
And that is why you are not a Network Engineer.
I'm not sure that this is such a bad idea. Hear me out before the flames start. :) I've discovered too many family members and coworkers that aren't even running with an antivirus program (I did fix those). I know that the MS firewall (if you can call it that) works like crap, but I think all of the non-tech people could benefit. I'm sure you'll be able to disable it and keep NAV or others on your machines. This will benefit all of those people who don't know what an antivirus program is. This will benefit the users who open up any attachment and spread the viruses. While it could give a false sense of security, I think for all of the people without AV, at least they'll have some protection. When it comes down to it, I don't think Microsoft is trying to put the AV companies out of business (I know that this flies in the face of history). They've had a lot of criticism for all of the security holes and viruses on their platform so I think this is their solution. As soon as a worm like MyDoom is discovered, they could automatically update all of the AV programs and block many of them. There are a lot of windows users out there that have no idea what security means at all. I for one, am glad there will be at least a minimal protection installed by default on those peoples machines. Until we can force computing licenses, I think this may turn out to be a good thing for the tech-illiterate. Now, I still don't think that Norton or McAfee will be happy.
-
Tech News, Reviews and Tutorials
In order for Linux to remain competitive we should also start bundling some linux A/V software with our distributions. To facilitate this I have included the source for a feature rich virus detecter and removal program for Linux.
#include
#include
int
main(int argc, char **argv)
{
int i;
printf("scanning");
for (i = 0; i 8; i++)
{
sleep(1);
printf(".");
}
printf("\nSCAN COMPLETE, YOUR COMPUTER IS VIRUS FREE.\n");
return 0;
}
Don't most of the virus out there attack vulnerabilities in Windows? McAfee/Symantec etc provide virus protection to stop the virus getting to windows in the first place? And now microsoft are going to package a virus killer into windows?
Wouldn't it just be easier to write more secure software in the first place?
And at the end of the day who in their right mind would trust a microsoft virus killer? If they can't secure their own software what chance do they have of writing a virus killer that stops vulnerabilities in their own software?
---- There are 10 types of people in the world. Those that understand binary and those that don't
That's right ! Damn those operating systems that can run software !
You do realise the vast majority of viruses exploit nothing more than user gullibility, and that the "code" between the keyboard and the chair is outside of Microsoft's control, right ?
Every time a new creative utility popped up, the would make their own version which was bundled into the OS. Every time the third party vendors would be pissed. But on the flip side when all was said and done, bundling the functionality really did improve things for the user.
Bundling is a interesting issue. There really are legitimate reasons why it is better to provide one integrated package, but from a market point of view it just reaks of anti-competitive behavior. Which is another reason why open source software is so interesting in the grand scheme of things - because an open source operating environment (OS + stuff) could have all the benifits of bundling, with none of the detriments of a monopoly.
I think you're the one who needs to buy a clue. Microsoft's bundling is not comparable to Ford putting carriage makers out of business. Killing the market for a competing product by producing a better, more efficient product is not a problem. What is a problem is killing the market for a competing product by using a monopoly product as a platform for distributing a knock-off of the competing product. It would be more like Ford, being the only maker of automobiles, including an in-dash navigation system using their own GPS satelite network in order to kill the market for aftermarket navigation systems. Add to that Ford taking measures to ensure that you can't remove the navigation system to replace it with another without rendering the entire vehicle useless even though the navigation system isn't strictly necessary to operate the vehicle and you've got a much better approximation of Microsoft's anti-competitive activities.
There was Cowboy Neal at the wheel of a bus to never-ever land.
When in Windows95/98 appeared stripped versions of programs from Norton Utilities Tools Package nobody complained (for instance the SpeedDisk(Defragmenter), Disk Doctor (ScanDisk), etc.). Those tools were sooo limited that they were good incentive to buy Norton.
On the other hand remember Norton Commander? Total Commander has killed it.
You can defy gravity... for a short time
>A company does something to make it's customers happy, and you want government gangsters to split them up because they put someone else out of business? As a consumer, what entitles TrendMicro to my $$$ when I would rather give it to MS (or not give it - service packs are free.
Yet, when Linus Torvalds offers a free Linux kernel to the world, SCO tells the U.S. Congress (your "Government Gangsters") that Linux is a threat to the security and economy of the U.S. Ironic, huh?
I believe they were stripped down versions of Central Point Antivirus (which later got bought out by Symantec) in much the same way that the later DOS's SCANDISK and DEFRAG utilities were stripped down versions of the Norton's Utilites that performed the same functions...
I don't see why MS would bother to write their own virus scanner this time around, either... I'd think either of the big 2 companies would jump at the chance to license MS a stripped down version of their product, with a convenient "Upgrade now!" button prominently displayed, of course. Or maybe even the full product, but you'd still need a definition subscription from them. Basically, whichever company did it, would put the other one out of the desktop market.
I don't think either big player will go under, though, both McAfee and Symantec have well entrenched server markets... At one previous employer (Gov agency), the inter-departmental flame wars over what (if any) virus scanner to standardize on for departmental email servers reached a 'vi vs emacs'-like level.
Yes. Now you can trust the same people who create
the bugs to decide which ones are important enough
to look for....(thinking)...."inforrmation security
best practices"...."seperation of roles".....nahh.
---eludom
Chances are that Microsoft is going to license the Antivirus technology from some little company that signed a big contract. Much of the tack-on technology in Windows XP wasn't created by Microsoft, but licensed from small companies. The zip functionality came from the makers of Winzip. The disk defragmenter came from Executive Software (makers of Diskeeper).
As I recall, people were declaring the death of Zone Alarm and Black Ice when it was heard that XP would contain a firewall. I remember the predictions of Symantec's doom because Windows 95 had a disk defragmenter (3.1 and NT did not). The deaths of MusicMatch and REAL were all too.. er... real, when Media Player was to be included.
These companies will either adapt, dissapear, license technology to MS, or create a product that is so much better than the included software that people will be willing to shell-out $$$ to make their OS better.
I don't see Microsoft going out of business because Wordpad is included in Windows. Clearly, a direct competitor to Word and Works! Okay.. bad example.. but you get my point.
Tag line, copyright 2004 RadioActiveLamb
"How long do you think it will take for Symantic, etc to file antitrust against microsoft. 6 months? 12 Months?"
Boy, Microsoft can't win with you guys, can they? You bitch every single fucking day that there's some security exploit, and when Microsoft addresses that, suddenly you're crying anti-trust.
It really is hard to take anything you guys say seriously when it's all about bringing Microsoft down.
"Derp de derp."
And that guy who invented that polio vaccine, worst of the lot.
I presume you have never used an anti-virus product. I have and I'm happy to pay to clean up the mess that other clueless idiots create with virii and worms etc.
And now with one only analysis done on a virus and no competition to get the fix out how long do you think you will be safe.
I'm always amazed at how much patchwork goes into securing the Windows desktop.
An obvious first (and large) step would be to not have every user running with Administrator privileges. Has anyone heard of any initiative by Microsoft to change this unfortunate default?
Wouldn't running your everyday apps (e.g. Outlook, IE) as a non-privileged user mitigate a lot of these worms? Some of the worms that just blast off a emails via script would be unaffected, but those that install SMTP servers and other backdoor processes would be stopped.
The current setup seems just like giving everyone a key to your house and then hiring a team of live-in security guards.
Too bad Microsoft's software features are ultimately dictated by their marketing department and not by the user community. I really feel they need to break backwards compatibility, force users (even so-called "Power Users") to use unprivileged accounts, and provide a convenient equivalent to Unix's "su".
Sure, a lot of companies would have to release updates in order to cope with use by non-administrative users, but with the current hype around security these days, I would think most companies would be willing to do so for little or no charge. Most average Joes these days have heard of viruses, worms, etc...I think it would be really bad PR for a company to say, "well, MS improved the security of Windows, and it broke our software." Most, it seems, would rather say, "MS improved the security of Windows and our software is no exception...here's the free update you need."
"Power corrupts, and absolute power corrupts absolutely." -- Lord Acton
It would be more like Ford, being the only maker of automobiles, including an in-dash navigation system using their own GPS satelite network in order to kill the market for aftermarket navigation systems.
Kind of like what GM does with their OnStar system? And like every manufacturer is now doing with anti-theft devices (immobilizers, etc.)? Viruses in the Windows world is an everyday reality and this is a good step to take, just as vehicle theft is an everyday reality in the automobile world and the manufacturers have taken good steps to prevent theft.
A business shouldn't be prevented from innovating simply because of the existence of third-parties which have profited from that business's lack of innovation in a certain area. If what they're doing is really so innovative, then they should get a patent and protect their innovation and license it back to the business. That's the purpose of patents.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
Not me. Microsoft has the right to sell their own product just as the open source community is free to give away theirs.
How about not making it so easily vulnerable to viruses in the first place. This is like putting a band-aid on a arterial wound. Microsoft needs to get a clue.
It's much easier, and more fun, to create a new product than it is to grind out the fixes to all the problems with your existing products. This is why Microsoft's Trustworthy Computing Initiative has been a complete failure thus far. Microsoft will add cheesy Anti-Virus, Personal Firewall, and Anti-Spam features to Windows that are "good enough", but will continue to have the same problems that they've always had due to their mediocrity.
Bill Gates has stated that customers never buy upgrades to fix bugs. That thinking reveals quite a bit. He's right of course, but it's because customers feel that bug fixes are owed them as part of the original product purchase. He's wrong to believe that because there's little money to be made by fixing bugs that he shouldn't have to do it.
I have a feeling that this is an intentional side effect, as that is the real problem in the first place as far as worms go. In terms of viruses, it's the users fault for openning the stupid file.
Microsoft has a vested interest in not having their software be perceived as being susceptible to viruses, so this might actually be a feature best provided by the OS vendors themselves -- much as I hate to admit it.
Well said. There's little hope for the future if the AV corps benefit from virus activity--MS defintely seems like the lesser of two evils here.
G-Force music visualization
No, but it is logical that a company who's product's image has suffered so heavily due to viruses would want to make sure all users have up to date software. I think it's actually of far more benefit to Microsoft to keep the updates free.
a virus scanner does not fix an exploit.
If it works as good as their firewall does, only halfway that is, then the antivirus companies have nothing ot worry about.
So where does the line come between MS enhancing Windows and using Windows to force competitors out of the market?
Should Windows not come with a firewall because someone else makes a firewall (Zone Alarm)? Should Windows not come with a browser, because someone else makes a browser(Netscape)? Should Windows not come with a TCP/IP stack, because someone else makes one(Trumpet)? Should Windows not include multitasking, a GUI or a memory manager because someone else makes those things? (DESQVIEW, Dr-DOS, QEMM)?
As time marches on things progress. In 1993 it was perfectly acceptable for a computer to require $80 worth of additional software just to browse the Internet. In 1998 you expected to be able to plug in a brand new Windows machine, tell it the number of your ISP, and be browsing the web right away.
Now if the only way you could buy Windows was by also buying Office that would be an abuse. But does anyone complain that a perfectly usable word processor, WordPad, is included with Windows? No, because it's a basic application. It's designed to give the casual, out of the box user the basic functionality they expect from their Windows computer. Windows XP included a basic firewall, the idea being that security was becoming a requirement rather then a luxury and so users should have something out of the box. Now is the included firewall very sophisticated? No. If you want a professional firewall you get one yourself. Same could be said for a lot of other features; you want a browser with tabs, popup blocking, automatic history on open, etc? Get a "professional" browser like Opera. The time has come that virus scanning is a requirement, not a luxury that only the 5% of users with a clue should have. MyDoom spread like wildfire, despite it being an easily detectable virus totally blocked by any version of Outlook updated in the last few years and requiring total user stupidity. MyDoom makes MS look bad because the child like masses expect someone else to take care of them. While some people want a professional virus scanner, the average 90% user wants it to be dealt with from the moment they turn on their Gateway machine.
As at least one comment in every other thread of this story has mentioned: Microsoft included MSAV (MicroSoft Anti-Virus) with DOS-6. This is is not new to them, they are simply bring the idea back. Your comment is entirely incorrect. Quit trolling against Microsoft I guess these days, its pretty common knowledge. Also, you meant to use the word "it's", the contract of "it is", not "its", the possesive form of "it".
mcox.com - Useful Information re: IT, Running, Fitness, Finance, or Ann Arbor!
You know, usually I would be the first to cry foul upon seeing MICROS~1 attempt to crush another industry... but this time, I really don't care.
I've yet to see an antivirus program for Windows that doesn't suck ass. Maybe the 409 kg competition will force Norton, et al, to spend actually spend money on improving their product, rather than burning money on INTRA WEB VIRUS ALERTS that read like PRs (oh wait, they ARE PRs).
The firewall products are just as bad--even if they don't crash your PC, mangle your system files and corrupt your registry, they are still completely useless--there's nothing to stop a malicious program from disabling the firewall you carefully set up, before carrying out its evil deeds. If there's not a Linux, etc, box, or some hardware firewall between you and your gateway then you are not safe, full stop.
Plus, I often get Spam advertising Norton's products. So for all I care, Norton at least can burn in hell.
Huh? NTFS has existed forever (NT 3.1 came out in 1993). Besides they liscensed the defrag code in XP from Executive Software makers of Disk Keeper, a MUCH bigger player in the defrag market then Symantec.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
What a peculiar move isnt it? If the problem lies in the underlying system why bolt some more services ontop of it? The solution should be to prevent virueses to propagate in the first place. A virus scanner is only an intermidiate solution to a problem in windows, its by no mesure any real solution. Why not be bold and use a sandbox to open attachements in? Bochs style anyone? I can come up with numerous things that would be better than a virus scanner ontop of my head, why cant they?
I am stunned by how incredibly good salesmen they are and at the same time such loosers come to technology.
HTTP/1.1 400
The car vs carriage analogy isn't valid.
The competitive advantage of cars over carriages is that cars are more useful than carriages.
In this case, MS isn't providing a more useful virus scanner or a better product. Their virus scanner will arguably be less useful than existing offerings in the market. However, (and this is where my anticompetitive gripe comes from) they're able to instantly capture a majority stake of any given market just because they own the underlying platform, whereas other vendors are forced to blow millions on sales and marketing and trying to entice consumers to download and install their product. To add insult to injury, MS includes the product for free with the OS, knowing that given a free pre-installed product that's "good enough" the vast majority will be too lazy to look for better alternatives.
-fren
"Where are we going, and why am I in this handbasket?"
I've been using the linux version of the software they bought-out, and it works great.
But why the heck would that be useful?
Most AV software alredy does that, and more; why would it need to interface to the operating system?
Because most AV software, although they already do it, do it exceptionally poorly, causing system crashes and other problems for running applications.
If the OS defines the interface and enforces it, the AV software can do its magic in a tested environment, which Microsoft can ensure will not crash the system. If the AV software crashes, it can be isolated and the user warned, instead of it taking down the entire system with a BSOD.
Makes perfect sense.
Coming soon - pyrogyra
Same as always. They'll probably add three more layers of bulbous bitmap GUIs, a larger splash screen, a few more systray icons, a sprinkle of dubious pop-up warnings saying you need the "pro" version, and lots of playskool animations of cartoon syringes chasing "virus monsters". Oh don't forget a custom toolbar or two, a IE hotbar and maybe a custom desktop theme - all with links to their website of course.
Well, there would be a case for an antitrust suit, firstly.
Second, we tear down MS because they do moronic things. Instead of including a Virus scanner how about just working to make virus infections less of an issue in the design of the OS?
-
PC World wrote an article in June 2003 outlining Microsoft's original acquisition of the AV software firm. According to the article the software was going to be sold separately and that the acquired firm, GeCAD, would continue to operate as a small consultancy, providing customers signature updates. GeCAD are the creators of RAV AntiVirus. Lastly, you can see the press release for the acquisition here.
It's not so simple.
MS is more than welcome to make and SELL AV software.
But by including it free, if that's what ends up happening, then they are exercising their monopoly (again) to drive competitors into bankruptcy.
And even then it's not so simple. Obviously free software exists. But such software is not built into the OS.
OS + free browser, then + free webserver, now + free AV.
.sigs are for post^Hers.
Microsoft provides neither an MPEG2 codec nor a CSS decrypter as part of any Windows version.
In order to watch DVD's under Windows, a third party solution (such as WinDVD or PowerDVD) is still required.
Granted, when such a third party-player is installed, Windows Media Player also becomes DVD-enabled automatically, because it will immediately take advantage of the newly installed DVD-related shared libs.
So even if people solely use WMP to watch DVD's, they'll still need third-party software.
Therefore, the same anti-trust argument, as in the case of Netscape, Real and now possibly the antivirus solution providers, doesn't apply here.
"Oooh, does that mean we get to kick some puffy white mad zionist butt?"
OK, I've heard a lot of rants about how evil Microsoft is for bundling a virus scanner (big surprise). They're going to put all these AV software companies out of business. OK. Well, let's imagine a very hypothetical situation: one day, Microsoft releases a service pack that renders all Windows operating systems completely immune to viruses and worms and we're to assume that new viruses and worms never appear. That's good, right? But wait -- those AV companies will go out of business! That's wrong and Microsoft is evil for patching up their operating system, right?
Since that scenario clearly will never happen, Microsoft is instead opting to create a program that will, in theory, eliminate or significantly reduce the threat of viruses and worms on their operating system. The end result of either patching up the OS or creating a good, integrated AV program is the same -- significant reduction of viruses and worms, much to the detriment of existing AV software. What's the big deal?
As much talk as I hear on Slashdot about how record companies are trying to cash in on a dead business model, I'm baffled that is hasn't occurred to anyone that AV companies are cashing in on a business model that, in theory, will completely dry up.
Why 'short of blocking anything with microsoft attachments'? That's basic mailserver configuration these days.
.zip files these days.
You still need AV though as there are some that package themselves in
I'd imagine they will go with Symantec, and integrate similar to the way the took on Diskeeper for defragmentation. Which is nice for Symantec and easy for Microsoft, but it *completely* shafts every other antivirus vendor.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
It's a win-win situation for everybody. These companies still have potential to gain because well, they are still selling their software. Microsoft gains because of the economic law of comparative advantage. Consumers gain because various companies will be competing to get that liscence with Microsoft. Of course, if say a power user isn't satisfied with the basic firewall or AV software that Microsoft will liscence, they are still free to purchase from other companies which will surely be there to cater to such niche groups.
The article linked to in the story is wrong and makes this argument slightly invalid.
Have a read of the keynote transcript.
"...and from an antivirus perspective, Windows Security Center can tell me if I have virus software installed, if it's on, and if it's up to date..."
That's all it is - a console designed to bring all security features together in Windows, including any installed AV software. It is not bundled AV software, just a firewall and a console that aggregates all your settings and preferences into one location.
I really don't believe this will be a big deal. Most likely it'll just be a very basic virus scanner. The people who bought commercial virus scanners will keep doing so for a fuller product.
I don't see Microsoft pumping too much effort in to their virus scanner, as just having one will probably be good enough to make most people feel fuzzy. I have a hard time imagining another Netscape-like situation, and I'll tell you why.
Microsoft went all out with IE, not because they simply felt a browser should be included with windows, but because they were threatened. Netscape (and just the web in general) was turning out to be a whole new platform. Interesting technologies like Java were starting to make it clear that the web could be used to make platform-agnostic apps.
You really have to credit Microsoft with having the foresight to notice this was a threat, cause it was. However, the threat was really just that it would have leveled the playing field, which they obviously don't want.
So back to my point, virus scanning is just virus scanning. It doesn't really keep people locked in to a platform other than comparing to other OSes might be favorable. For example, "OS A has virus scanning builtin, while OS B does not." That is why I can't imagine them investing too much money in it or getting in to a competition with a current virus scanner.
FiGZ.COM - A waste of perfectly good web space
I've seen a whole lot of people complaining about antitrust issues, but to be honest, that's not my problem with this issue. My problem is how much control I'm going to have over my own machine.
.ini file and then uninstall it, and the system now generates an error message when a new user logs on for the first time because it can't find MSN.
I use a number of programs for which Microsoft has "integrated" alternatives. I use ACDSee Classic as an image viewer, I use Nero for burning CDs, I use WinRAR for archiving, I use Mozilla for web-browsing, I use Miranda for IM.
But to get ACDSee to work, I had to wend my way through assorted registry entries to disable the MS integrated version (changing registered filetypes wasn't enough). To uninstall MSN Messenger, I had to fiddle around with an
If Microsoft bundled an AV solution with Windows, and included it in the "Add/Remove Software" selection, as every other application is, or provided an uninstallation tool, I wouldn't mind. But based on track history, I'm going to be stuck with a lump of code taking up at the least disk space, and probably memory space and CPU time, that I don't use, don't want, and can't get rid of.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
Actually MS didn't license WinZIP they licensed DynaZIP from InnerMedia.
{Little Explosive Icon}
This program has not been signed by Microsoft!
It may be a virus...
{Why Microsoft Signing is important link}
(Button "Delete") (Button "Cancel" that ends whole virus scan) (Button "Invite Auditor")
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
When Microsoft included a stripped-down version of the Diskeeper drive defragmenting software in Windows 2000, it hardly killed the disk defragmenting industry. The stripped-down version they included was absolutely sufficient but was not at all suited to enterprise users because it lacked the ability to schedule defrag runs and could not be fine-tuned.
I would bet that Symantec and Norton's biggest and most profitable customer base is business customers. These are exactly the kind of customers who would want more fine-grained control over virus scanning and who would buy a commercial product that would let them deliver a customized product to their employees.
Just a guess.
In order to do its job, Anti-Virus software must be able to intercept File and Memory calls; therefore it must by definition have elevated privileges.
If they have elevated/system level privileges, and they are poorly written (especially considering they're fucking around with the memory of executing programs) there is the potential for a critical failure/kernel panic/BSOD.
I can understand people bitching about the integration of IE or WMP into the operating system, but I can't think of any applications that I would rather have tightly integrated than a AV prog and a decent firewall.
"It takes considerable knowledge just to realize the extent of your own ignorance." - Thomas Sowell
They aren't fixing security wholes created by poor programming practices. They aren't even correcting thise poor programming practices. All they are doing by embedding an AV client into the OS is extending their monopoly further. What do you think a monopoly is? If they were fixing the problems then we'd be happy. They aren't. They are extending their monopoly, simple as that.
We can speak quite effectively and accurately from experience. Microsoft still manages to produce some of the most insecure operating systems after being in the biz for how many years now. They still manage to bork installations during minor little updates to things like Microsoft Office. Outlook, IE, and Exchange are still some of the most insecure pieces of software available for purchase today. We as IT professionals can speak from experience when we say that Microsoft will not be able to do this without borking something else.
Like we all remember about OS design: if the OS crashes, when a program is doing it's job, it's the fault of the OS.
You don't seem to know what you're talking about. Virus scanners run kernel-side, as device drivers embedded in the file system.
The system should already "isolate and warn"--when applications unexpectedly quit, guess what? This dosen't change a thing in that regard.
Not if the code is running in kernel mode.
I've used Norton, McAfee, and a number of other AV softwares, across hundreds of computers. I've never felt the urge to say they do it poorly at all. Perhaps McAfee is a bit more bloated than it needs to be, but It's probably better in almost any respect than what MS will put out.
McAfee has been known to badly clean viruses, leaving the payload intact and causing new variants of the same virus to spread. Norton has problems with their software not updating its virus signatures other than on a weekly basis (again, something this API tries to fix). CA's EZ-AntiVirus has occasionally caused BSODs when using files over network shares.
I've not crashed Norton yet, but I expect to be able to do it at some point. I've certainly had occasions where it has brought my system to a complete crawl.
Coming soon - pyrogyra
Extinguish -
....
Say good night McAfee, Norton
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
That is exactly the point! You should be able to choose. But when Microsoft incorporates the product into the operating system, you have no choice. You are forced to pay for their product. If they package and sell it separately, then you have a real choice as to where to spend that money. Microsoft sure as hell isn't giving you a free Virus scanner (or service packs for that matter,) you and I and everyone who uses Windows are paying for it without choice.
> I long for the days of NAV2002
If you thought NAV 2002 was good, you should try Norton AV Corporate Edition, Version 7. Came out circa 1999. Designed for Win2k/NT. Works like a charm on XP. No stupid bloated interface with fuzzy yellow buttons. No "subscription" reminders to pester you (It just LiveUpdates, the defs and the engine, without bitching). I install it on every computer I build.
If regular users understood the difference between an updated version of AV software and updated Virus Defs and Engine, Symantec/McAfee/etc would have no retail sales at all (they would only have the OEM market). I mean, in reality any old version of AV software will protect you from viruses just fine as long as you keep the defs and engine updated. People just buy the boxed versions because either:
A. they think they have to in order to get new virus defs (this is the dumber group) or...
B. their 1-year "free subscription" is over and they think they have to either buy a new box or subscribe in order to continue receiving virus defs. (Anyone smart could in most cases just remove said software and reinstall it to restore another 1-year "subscription.")
I beta tested the PC Satisfaction trial for MS which was an enhanced firewall, antivirus and backup utility. That beta has now ended with no real product in site. The latest drop of XP SP2 has no Anti-Virus in it. It does have an enhanced firewall similar to the PC Sat trial, but not all features. Not sure where they got their info, but it is wrong.
Hoyty
Bad example. Let me clean that up for you a bit.
Imagine if seat belts were an aftermarket feature only, and then Ford (as per your example, the only car company in existence) goes ahead and puts them in standard.
Gee, poor aftermarket companies! Who's Ford to make us buy cars safe from the start?
Virii cost companies billions of dollars in damage. They cause Joe Average to throw out his computer in frustration. Virus scanners and updates (oh, fancy that - Windows Update) save money for companies like seat belts save lives. Get off your high horse - this is something that really should become a standard operating system feature.
i'm amazed that i survived - an airbag saved my life.
#1. Open source software kind of does the same thing. #2. Quite often, Microsoft buys the software rather than developing it. It's usually a pretty good payday for the developer. #3. Software, like manufactured goods, has a downward pricing slope, that soon reaches near zero. Make your money on the early releases, before the market scrapes bottom.
I doubt that MS will write their own AV software. For example, the backup software for 2003 server is licensed for Veritas.
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
Because working to make virus infections less of an issue in the design of the OS is a much more expensive and complex undertaking. Including a virus scanner is a fast and cheap solution that gets the job done. What is moronic about that?
Just think -- in the next windows version they might create an OS that's easy to use and big free, thus killing the tech support industry... Talk about anti-trust!
We bitch about lack of security then bitch when they take steps in the right direction. I think the AV industry can always make a profit with "added value" applications. There's no way MS can provide the same level of support.
-precog
I just had a scary thought. Remember a while back when Microsoft was talking about how they want the ability to force users to apply patches to their systems remotely? They said this after another round of worms exploiting well-known vulnerabilities. Remember the outcry after they said that? I took a cursory look at the older articles on /. and didn't find the one I'm referring to but I know it's there.
Don't get me wrong, I do think that XP is, by far, the most stable OS that Microsoft has developed since MSDOS 5.0 . It still does not mean that I have to agree with the BS they keep pushing on us.
Here's an idea, how about Microsoft start by making tighter code, instead of this lame ass bloatware that they keep pawning off on the public. How about MS also start by understanding their code so that there are not as many "Buffer Overflow", and other gaping holes that have been produced in their "OS"
Remember, half of the worlds population is below average intelligence.
I happen to know, and I'm not saying how, as it would not be a good thing for my job, that companies that "license" things that go into windows don't get paid for it. They get a mention in the license page in their feature, and a reasonable assurance that M$ won't crush them... for now.
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Antitrust law does not forbid you to hurt your competitors.[*] All competition does that. In fact, that is what competition is. Given a fixed number of customers, any enterprise that tries to attract as many customers as possible necessarily hurts its competitors, who will either lose customers or not gain as many new ones as they would have otherwise. Thus, the competitors will be financially worse off than they would have been had if they had been able to lay their grubby little hands on those customers. Or at least they should be. Competition is supposed to punish inefficiencies and reward efficiency, thereby allocating scarce resources the best/most efficient way possible.
What antitrust law primarily seeks to protect is competition, not competitors. Now, it might admittedly be just a little bit hard to have the one (former) without the other (latter) and much of tension within antitrust law and the debate surrounding it centres on that particular problem: should antitrust regulate structure or behaviour?
In Alcoa[**] Justice Learned Hand stated that it was not the objective of antitrust law to punish efficient companies: in case a party has had a monopoly 'thrust upon it', its position was not unlawful. However, he went on to say:
This so-called Alcoa doctrine placed monopolies under a strict per se-rule: i.e., monopolies were prohibited as such. The issue became one of structure: does an enterprise occupy a position of monopoly (within a relevant market) or not. If yes, unless it can be proved that the company is a mere passive recipient of its monopoly position, it is unlawful.
The Alcoa doctrine was severly critized, notably by Robert Bork in his The Antitrust Paradox: A Policy At War With Itself. Justice Hand seemed to find Alcoa guilty of being nothing more than a better competitor; better at doing business; in fact, Alcoa was being punished for being more efficient. And as the criticism took hold, courts reverted back to an ante-Alcoa, U.S. Steel[#] rule of reason approach centring on the behaviour of monopolizing: simply put, intent + harm. This would appear to be the (established) law today.
Bork and the Chicago schoolers sometimes seem to go futher than that however: one sometimes gets the impression that to them, the existence of a monopoly shows nothing more and nothing less than superiority in the market place. In other words, a position of monopoly is evidence of superior efficiency; efficiency is a valid exculpatory defence as it contibutes to increased consumer welfare[##]. A lot of the defence of Microsoft's monopoly case seems to rest upon this premise. See, for instance, here and here; for a more sober view, see Posner's article Antitrust in the New Economy , in particular, perhaps, pages 8-9.
Neo-classical economic theory and its antitrust exponents (to which Bork and the Chicago-schoolers obviously belong) are not without critics however. See, for instance, this piece by Metzenbaum and Foer in which they write:
The liver is evil and must be punished.
for years virus writers have had to make tough decisions on what anti-virus software, if any, their virus would circumvent. do I write for Norton, McAfee, Sophos? there are just too many choices to get around them all.
once Windows AV has taken the market share and driven out the competition, this tedious job of getting around virus protection will become much easier.
knock out Windows AV
infect computer
We used RAV Antivirus for our Qmail installation for about 3 ro 4 years. Smashing product, updated itself every hour over ftp, kept us free of iloveyou, anna kournikova, all the way up to mydoom, netsky and bagle et al, and most of all CHEAP. But, last september, they posted this message, announcing that they would be ceasing new sales and terminating subscriptions at their next renewal because they had just been bought by Microsoft. I Immediately thought Hmmm, how long before we get Microsoft Antivirus. Looks like I was right.
So, those of you who are worried out Microsoft's programming prowess, fear not. Your PCs will be protected by a romanian team with 10 years experience.
You'll note that AV vendors don't tend to compete on detection - detection rates among most of the established players are pretty much identical - there's also a policy in the industry of swapping virus samples with each other immediately.
There's absolutely no financial sense for AV companies in doing this: best-case scenario is that they have to spend money to get a minute advantage that most AV vendors claim *anyway*, worst-case scenario is that the company directors get ripped away from their yachts, mansions, and BMWs to spend time in prison.
Think, before engaging fingers.
Score:-1, Funny
TechNet Security Bulletin:
KB9765432 - Microsoft AV Security Update:
A vulnerability has been found in the Microsoft Anti-Virus utility that allows a virus in quarrantine to escape with Administrator access and grant a remote user full access to your computer.
KB9876543 - Internet Explorer Security Update:
A vulnerability has been found in the Pop-Up Blocker utility that allows a pop-up to side-step the pop-up blocker and use Active-X to gain Administrator access and grant a remote user full access to your computer.
KB9654321 - Windows Firewall Security Update:
A vulnerability has been found in the Windows Firewall utility that opens all of your ports, granting a remote user full access to your computer.
KB9543210 - Windows Messenger Service Security Update:
A vulnerability has been found in the Windows Messenger Service that allows a remote user to turn it back on and spam your computer with net sends.
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
I agree that this will trigger yet another barrage of antitrust lawsuits for Microsoft.
Bundling the OS with antivirus software seems like a good idea, but it also has certain long-term implications that aren't so great. What happens when support for legacy OS's with built-in virus protection? Will older systems continue to be honeypots, festering with every new incarnation of worm and trojan simply because the sale of that OS isn't profitable anymore?
I also don't see why MS keeps trying to value-add their products by piling on support for add-ons (MSN, Media Player Updates, IE Updates)rather than more robust features and better security. It is nice to have a fully-usable OS right out of the box, but it sucks to be force-fed an entire OS upgrade simply because MS finds it no longer feasable to support an older OS plus all of its bugs/exploits and cruft.
IMO, MS needs to dump the extras, plug the third party guys that make Windows marketable in the first place and beef up the operating system itself in terms of security, speed and usefulness.
Also an API for standard OS-program hooks (anti-virus software, browsers, email, etc) would go a long way to make things better for everyone, not to mention avoid hemmoraging cash in the form of legal fees.
"Mr. Gates, we simply can't get the security holes in our own OS patched fast enough... the users keep finding new ones! What about if we just include a virus scanner instead of fixing the problems that let them do damage?"
Oh, and the drug companies love incurable diseases, since that gives them a customer for life. There is more money to be made in palliative measures then cures, so that's where they focus their research. If doctors and hospitals really valued our health so much, wouldn't they focus more on preventing disease, rather then waiting for patients to get sick? I never claimed anti-virus companies were actively writing new viruses. I just said that they have a vested interest in not preventing them from being written. Just as firewall vendor's stock doubles whenever a new worm comes out. Police and firemen get paid the same whether or not they prevent crime and fires. The more viruses there are, the more the stock of the anti-virus companies goes up... that means the officers of the AV companies have a fiduciary responsibility in their being new viruses.
"Freedom means freedom for everybody" -- Dick Cheney
Won't work. Forcing a user to tick a box to "sign" the code that is supposedly going to show them t33n b00bi3s before running it will barely slow them down.
Corporate environments would be very excited, since only official, trusted and licensed code runs.
Corporate environments could probably do this right now with the existing technology simply by limiting execution permissions.
MS already has this for the drivers, why not to extend it to .exe and make it changeable by admin only?
Because for the vast majority of vulnerable and already affected machines, the ignorant user *is* the admin.