Microsoft Plans To Sell Anti-Virus Software
EvilCowzGoMoo writes "From the makers of our favorite OS comes: Anti-Virus! Yes you heard me right. According to an article on Reuters.com Microsoft is developing its own brand of anti-virus software. Asked if that would hurt sales of competing products, such as Network Associates' McAfee and Symantec's Norton family of products, Nash (chief of Microsoft's security business unit) said that Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows. My only question is: If they can't seem to patch their OS fast enough, what makes them think they can keep their AV software up to date?"
While I'm not certain that I completely trust Microsoft on this, it might make sense to have the antivirus scanner as a part of the OS. Better low-level access, as well as being able to intercept attempts by something like Outlook to execute arbitrary files. Having a unified place to control such actions might help security.
On the other hand, the major effect might just be to introduce a single point of failure/attack. It's certainly possible to argue that the variety of security software in use makes it harder to attack any given system. For evidence, look at the list of processes that the more sophisticated viruses try to stop.
Background: I do not customarily use an on-demand scanner. On occasion, I have loaded up a scanner because of suspicious behavior. My Windows box (patched up to date, firewalled) has had only one virus, a backdoor program that was installed when my daughter clicked a "video clip" that she received in an e-mail, before she understood what a spoofed address was. So I'm not convinced that antivirus software is as necessary as it is built up to be.
I remember your eyes, on the twelfth of July...
Asked if that would hurt sales of competing products, such as Network Associates' McAfee and Symantec's Norton family of products, Nash said that Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows.
So? The same thing that happened to WordPerfect is likely going to happen to NAV.
I am more afraid that MSFT will purposefully allow holes to exist in its OS so that more and more people will buy their AV software. Perhaps that's a bit paranoid but I certainly wouldn't put it past them.
Surely if they demonstrated that they made an OS vulnerable to the virus of the day, why should they be trusted to make the software that protects against/fixes said virus?
There are also definite shades of Dilbert here, where the employees who write the software are paid for every bug they remove from the software. It sounds outlandish but MS have demonstrated some pretty evil business practices; might it be possible for them to put a vulnerability into Windows that allowed viruses which could only be combatted by MS Virus Scan - it could be done in a way that means Norton or McAfee could be slapped with the DMCA if they knew the encryption to access the bit of Windows affected by the virus, but it would be a triviality for the virus writer to break said encryption since they're not worried about the law. </tinfoil hat>
"Yeah? And how exactly?"
.dll's would "cripple" Windows.
:D
Make it easily and completely removable and publish the API. Again, during the trial, Microsoft claimed that IE could not be removed because removing those
"If they could do that, then they'd have more than 3 apps that held monopoly status. Frontpage? Nope. IIS? Nope. Exchange? Nope. Media Player? Nope. Gee, I guess their monopoly isn't all that strong unless people actually want their stuff?"
So far, they've only been ruled a monopoly in one market. The desktop x86 market (Windows). Like I said, you need to read more.
It was cute how you tried to toss in two server apps (IIS and Exchange). Hee hee.
Oh well, you Microsoft apologists are all the same.
And if they are running a Unix variant that attachment will only run at user level. No low level system modification can be made, so you can then log in as another user (or root) and delete said infected files which should all be in their home dir and not mixed in with 10000 .dll files.
Sigh. How many times do we have to go over this for the slow learners? Two things.
First, all of my important files are in my home directory owned by my user. A virus doesn't need root-level access to destroy everything of importance to me. It's nice that the files in /etc, /usr/bin, etc. are all locked so that my unprivileged user can't destroy them. Who cares? They're safely on a CD here, they're on the Debian site, they're available all over the internet. My own files exist in my directory (and backups). Those are what's important to me.
Second, the modern worm/virus spreads by either remotely exploiting vulnerabilities on other machines or re-emailing itself. Guess what: it doesn't need root privileges for either of those operations. None, nada, zilch.
The only reason a virus would want root privs would be to infect system binaries and spread to other users. This paradigm is mostly dead in the Unix world on 99% or more of the machines in use; everybody has their own machine. Spreading from machine to machine is the game, and that simply doesn't require any privileges.
The bottom line is that if you could trick users into running a Perl script that came through email, which wouldn't be that difficult for a certain percentage of them, you could write a decent worm for Linux. Not a problem now, but when my mother is using Linux, it's a big problem. "But it came from my friend Kate at church and said to save the file and then type this in at the command line..." The extra step will weed out a lot of the real cluebies, to be sure, but with enough of them it'll be a problem.
Do you have ESP?
There is an obvious conflict of interests with Microsoft releasing anti-virus software for their own operating system, but one has to wonder if it is unethical. The two trains of thought I am following are as follows:
Microsoft is not making the viruses that affect their operating system. By making a piece of software to protect their customers from these viruses they are providing a service, this service is not illegal or immoral. What would be immoral is Microsoft abruptly ceasing the release of patches to protect end-users from virus exploits. Many viruses exist only because their is an exploit in the operating system for their taking advantage of. If Microsoft no longer patches these exploits in an effort to make an extra few bucks, they would be acting immorally.
I, however see their anti-virus as a seperate outlet. There are users who don't want to patch their operating system. If you can sell these users anti-virus software which automatically updates its definitions, they won't worry about a need to patch their operating system to protect them from viruses. It will be done through the anti-virus software. Hell, the software can automate Windows Update for them, and patch their system automagically. The rest of us who don't but M$-AV will have to patch the operating system ourselves.
The second train of thought is business oriented. Microsoft is a business, and in the words of my friend James, "...businesses aren't in the habit of accepting a decline in profits." By patching their operating system and allowing persons who do not purchase their anti-virus software to be safe from viruses, Microsoft may not make any profit from their anti-virus software. The conspiracy theorist in me brought the light the idea that Microsoft may actually create exploits or viruses in an effort to help their anti-virus software suceed. This thought is ludacrious. Microsoft would be risking jail time if they created viruses. If they created exploits they would be risking horrible publicity.
Viruses can exist without exploits, macro viruses take advantage of something that cannot be patched, automation. Microsoft just sees an open market and wants to take advantage of it. I see no ethical dilemma at all, just capitalism.