Microsoft Plans To Sell Anti-Virus Software

EvilCowzGoMoo writes "From the makers of our favorite OS comes: Anti-Virus! Yes you heard me right. According to an article on Reuters.com Microsoft is developing its own brand of anti-virus software. Asked if that would hurt sales of competing products, such as Network Associates' McAfee and Symantec's Norton family of products, Nash (chief of Microsoft's security business unit) said that Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows. My only question is: If they can't seem to patch their OS fast enough, what makes them think they can keep their AV software up to date?"

Perhaps It Belongs in the OS

[Jorj+X.+McKie]

While I'm not certain that I completely trust Microsoft on this, it might make sense to have the antivirus scanner as a part of the OS. Better low-level access, as well as being able to intercept attempts by something like Outlook to execute arbitrary files. Having a unified place to control such actions might help security.

On the other hand, the major effect might just be to introduce a single point of failure/attack. It's certainly possible to argue that the variety of security software in use makes it harder to attack any given system. For evidence, look at the list of processes that the more sophisticated viruses try to stop.

Background: I do not customarily use an on-demand scanner. On occasion, I have loaded up a scanner because of suspicious behavior. My Windows box (patched up to date, firewalled) has had only one virus, a backdoor program that was installed when my daughter clicked a "video clip" that she received in an e-mail, before she understood what a spoofed address was. So I'm not convinced that antivirus software is as necessary as it is built up to be.

Re:Perhaps It Belongs in the OS

[yabos]

They shouldn't need a separate program to stop Outlook from doing something stupid. It should just not do something stupid in the first place.

Re:Perhaps It Belongs in the OS

[Xzzy]

> Better low-level access, as well as being able to
> intercept attempts by something like Outlook to
> execute arbitrary files.

Yes, because that's such a major improvement over just fixing Outlook itself. :P Maybe financially that makes sense, they get to sell you Outlook AND the anti-virus, but technically speaking it's just plugging holes in the dam.

The only AV software that Windows needs is Microsoft to stop making so many bloody ways to infect the system.

Re:Perhaps It Belongs in the OS

[NanoGator]

" it might make sense to have the antivirus scanner as a part of the OS. Better low-level access, as well as being able to intercept attempts by something like Outlook to execute arbitrary files. Having a unified place to control such actions might help security."

That works until everybody cries "anti-trust!" Damned if they do, damned if they don't. There's a lot of lightening up that needs to happen.

Re:Perhaps It Belongs in the OS

[colinramsay]

Unfortunately there isn't a program to stop the user being stupid. No matter which e-mail client is used, they all allow attachments, and without a virus scanner screening those attachments, computer illiterate users are going to get virii.

Re:Perhaps It Belongs in the OS

[Teese]

But isn't this a conflict of interest? If MS gets additional revenue from an anti-virus program (especially if that program is a subscription based program), then wouldn't there be internal pressure to make the OS "not as secure" so they can get additional money from there customers? If all of these security initiatives to make the OS more secure pay off, then the kill the market for there own anit-virus products.

Plus it seems odd to make somebody pay more money to overcome some limitations in the original product, kind of like saying "here we sold you a crappy OS, pay us money and we'll protect you from our mistakes! errrrmmmm, but no guarantes, if our anti-virus software doesn't work you can't sue us")

Of course, there is only so much any OS can do from protecting users from being stupid, and I guess that is what the anti-virus software does. But if the anti-virus software can protect customers from being stupid, couldn't the OS too? (thus negating the previous argument of "there is only so much any OS can do from protecting the users from being stupid")

I don't know if bundling the Anti-Virus software would be any better, then you get anti-trust concerns. Plus I think it is extremely important to have multiple Anti-Virus software vendors, if there is only one Anti-Software program (which is what would happen if MS bundled the program with the OS), then it would be a lot easier for virus writers to figure out how to bypass the safe-guards.

Well, those are my rambling thoughts. In conclusion, I guess I think MS should stay out of the anti-virus software market. Maybe they should concentrate on putting better hooks into the OS so that other software vendors could to their jobs better; or better yet, just make the damned OS more secure.

Re:Perhaps It Belongs in the OS

[4of12]

Unfortunately there isn't a program to stop the user being stupid.

True enough. But then it is easier to modify applications and their design than it is to modify human beings and their design (well, at least for now...)

Sometimes products are distributed that haven't been thought out well enough to consider the stupid user problem.

In this case, "convenient features" about Outlook running attachments is colliding with user stupidity, gullibility, etc. [It's like stories of "free baseball night" at the ballgame - "fans" started to throw their free gifts onto the field when play got boring. Somebody wasn't thinking far enough ahead.]

While Outlooks ubiquity might exacerbate the problems that Outlook users experience, other mail clients do not seem to have as many problems as Outlook does and certainly not as widespread an impact.

Careful product design can mitigate the unavoidable problems of "stupid users in a cruel world".

Re:Perhaps It Belongs in the OS

[Suppafly]

Do you think the guys at Valve were stupid?

Well since you asked. Yes.

Re:Perhaps It Belongs in the OS

[Alien54]

Careful product design can mitigate the unavoidable problems of "stupid users in a cruel world".

Two Buttons:

Do What I Say
Do What I mean

Sounds simple enough to me

Re:Perhaps It Belongs in the OS

[silicon+not+in+the+v]

Unfortunately there isn't a program to stop the user being stupid. No matter which e-mail client is used, they all allow attachments, and without a virus scanner screening those attachments, computer illiterate users are going to get virii.

That's one of the best reasons to use something like Yahoo instead of a separate email client. It won't let viruses come in through attachments. When an email has an attachment, the link is to "Scan & Download attachment". It automatically scans first, and if there's a virus found, it just won't let you download it. I think you could get the emails unscanned with POP access, though.

As to this MS virus scanning software, it seems this could easily violate their court issues for anti-competitive behavior(yeah, like enforce that anyway). I guess by selling it completely separately, instead of including it in Windows, they can say that they are competing on an equal footing. It would still seem though, that they have an unfair advantage in knowing how the operating system works more in depth than their competitors. Don't you think there's going to be some information sharing between the Windows dev team and the AV dev team?

Re:Perhaps It Belongs in the OS

[mandalayx]

You're right. There could be a conflict of interest here. Sadly, if you think about it, this is really nothing new. Hang onto your tinfoil hats for a second.

The fear is that MS will simply not work hard to make their OS secure from viruses, thus generating demand for their associatd virus scanner. In a competitive market, consumers would probably switch OS's, but we have the monopoly and such.

But listen to this analogy. Suppose you sell a software product. You want to make more money. So you simply leave out some functional parts of the product and sell it as an additional product--or service.

Isn't that what some companies are doing? Selling software and making money on the service. One can even sell software as a loss leader and make all the money back on the service (see razors and razor blades by Gilette).

Re:Perhaps It Belongs in the OS

[pediddle]

My first day at the University of Washington they packed all the freshmen into an indoor arena for orientation. They also gave all 4000 of us gift bags that included frisbees. I don't need to say what happened next.

College students are stupid enough, and when it comes to computers, most people that use them in their workplaces are even stupider. That said, I agree with you completely that the simplest solution would have been to not give us frisbees in the first place.

Re:Perhaps It Belongs in the OS

[Long-EZ]

wouldn't there be internal pressure to make the OS "not as secure" so they can get additional money from their customers?

You mean Microsoft could actually made Windows LESS SECURE? Holy crap!

What would it do? Network with your security system, wait until you're gone, unlock the doors to your house and use the outside speaker to blast an invitation for burglars to get free stuff?

Re:Perhaps It Belongs in the OS

[westlake]

Outlook and Outlook Express do not let you open attachments by default. This was fixed about two years back, and it is about time that Slashdot took notice.

Re:Perhaps It Belongs in the OS

[slimak]

I STILL cannot understand why it is wrong for Microsoft to release products the compete with existing software. Sure they can have the advantage of knowing more about the OS but tough, they wrote it and marketed it. Putting aside all bias against MS, it seems to me that they should be able to sell/bundle/etc whatever software they want as long as they do not explictly forbid competitor software from executing.

Are Honda engineers allowed to used design information (such as dimensions) when creating additional trim lines or must they "figure out" how to make things fit? (I assume the former, but don't know first hand). Sure there are aftermarket parts that complete with these -- does honda have to share designs with them too?

I am not MS fan or foe, but I know that if I ran things over there my only response to all this would be: "Fine, you don't want competition, then we are discontinuing ALL MS products. Bill has enough money. All you Windows users enjoy XP because you're stuck with it."

Maybe it's the law, but I just don't follow.

Re:Perhaps It Belongs in the OS

[Dog+and+Pony]

Where to begin? Code available via internet, running outlook, not firewalled (enough), not patched (enough) and the list just keeps on going.

Nah, it would be all too easy to answer that question.

Re:Perhaps It Belongs in the OS

[SillyNickName4me]

Outlook still allows running attachments, it is just an extra click to confirm you want to do it really.

The problem with this is that people are too used to clicking yes when asked and will do so here as well.

The only solution is to not allow it at all and to have people take very conscious and specific actuions (which preferably also demand knowing what they are doing before even being possible)

Inserting another click is not a solution. Requiring the user to think does go a long way to solving this.

Thunderbird at least requires you to save it to disk and run it outside thunderbird if it doesn't have a handler defined for a file. It wont allow you to run a random program with the file or run the file itself.

Re:Perhaps It Belongs in the OS

[Sloppy]

No matter which e-mail client is used, they all allow attachments, and without a virus scanner screening those attachments, computer illiterate users are going to get virii.

An email client doesn't need to make executing foreign content so easy and transparent, though. Running a trojan should be harder than clicking on an icon in the attachment list. It should require that the user save the attachment, tell the OS that it's an executable program, and then tell the OS to run it. Automatically launching a trojan inside an email just because the user clicked it, is really weird.

If they are going to keep that horrible UI, then the least they can do is have the subprocess run executables as a nobody-user or otherwise sandbox it where it can't do much harm.

You can write a program that makes it harder to be stupid. Go ahead and write a Linux program that printfs "Ha ha, got you", attach it, and send it to yourself. Now read that email with pine or elm or even Sylpheed. Now look at what all you have to do, to run it. The difference between what you experience in this experiment, vs what an MS Outlook user experiences, shows exactly what Microsoft did wrong.

To fight trojans at the OS level, I would add something like a "potentially hostile" attribute to filesystems; something like "setuid nobody". Internet apps should save things with that bit set, and process loaders and viewer apps should take it into account when loading content, and automatically sandbox themselves. Hostile macro in the word processor document that somebody emailed you? No problem, that process isn't running with all the same capabilities that the user has.

Re:Perhaps It Belongs in the OS

[PlazMatiC]

Outlook still allows running attachments, it is just an extra click to confirm you want to do it really.

Not quite correct. In recent versions of Outlook, executable attachments cannot be opened or saved without messing with the registry. There is nowhere in the configuration interface to alter this behaviour. While I personally find this extremely irritating, I can understand why Microsoft has done it. Much of the bad publicity they get regarding security is caused by users not taking proper measures to protect themselves.

Yes, there are security vulnerabilities in Microsoft's products, but there are also many vulnerabilities in various versions of Samba, OpenSSH, Bind, Sendmail, and many other software packages that are installed on Linux systems. Open Source evangelists seem to have no problem spreading their own FUD about Microsoft software when it comes to security. Take the quote from this article as an example:

My only question is: If they can't seem to patch their OS fast enough, what makes them think they can keep their AV software up to date?

Microsoft does patch their OS quickly. The only problem is that many many people don't install the patches they provide. The vulnerability that CodeRed exploited was patched three months before the worm was released. The only reason it caused so many issues was because of incompetent Windows sysadmins.

Linux is no more secure than Windows. I'm sure if you added up all the vulnerabilities in Windows 2000 and compared them to a list of vulnerabilities in all the software on a standard Linux distribution of the same age, Linux would have at least as many as Windows. The only reason Linux doesn't have the same bad reputation as Windows in terms of security is because there are many less Internet-facing Linux machines around, and the owners of the existing Linux machines are, in general, more competent than those of the Windows PCs. As Linux becomes a more accepted desktop OS, there will be worms attacking Linux machines, and its "secure" reputation will dissolve. Make sure you're ready for it, because it's not going to be pretty.

Disclaimer: I use Linux and Windows at home. I like them both, and I feel they both have their own advantages and disadvantages. I've got no problem using Linux, Windows or DOS for a task if it's the best tool for the job.

Re:Perhaps It Belongs in the OS

[Mudcathi]

Unfortunately there isn't a program to stop the user being stupid.

Clippy tried; alas, Clippy was even more stupid than the damn users.

Re:Perhaps It Belongs in the OS

[vsprintf]

While Outlooks ubiquity might exacerbate ...

I'm sorry, what???

He said, "While Microsoft's desktop monopoly and inattention to security has screwed its own users . . ." But he was being polite about it. HTH.

Re:Perhaps It Belongs in the OS

[SillyNickName4me]

> Not quite correct. In recent versions of Outlook, executable attachments cannot be opened or saved without messing with the registry

Thats helpfull, tho for what I can see, this only works for new installations. At any rate...

> Microsoft does patch their OS quickly. The only problem is that many many people don't install the patches they provide.

While we can argue about if they do patch fast enough, you are definitely right about users not installing their patches.

When comparing Microsoft today to Microsoft 5 years ago, they have made a giant leap when it comes to security. That said, none of their systems was designed to be used by multiple users simultaneously, and the results of that are still deeply embedded in their designs.

> Linux is no more secure than Windows. I'm sure if you added up all the vulnerabilities in Windows 2000 and compared them to a list of vulnerabilities in all the software on a standard Linux distribution of the same age, Linux would have at least as many as Windows. The only reason Linux doesn't have the same bad reputation as Windows in terms of security is because there are many less Internet-facing Linux machines around,

First of all, I'd like to see some statistics on that because I strongly doubt there are more vulnerabilities.

But regardless, your statement is not true. The first reason for Linux being more secure is a stricter seperation between what is considered kernel and what is not.

This doesn't mean Linux or any Unix variation is flawless, they have their own problems, and one of the big ones is still privilege escalation due to setuid binaries/scripts.

Such bugs being exposed to remote attackers however happens a lot less often.

Because Linux and Windows mostly get used in different ways, its kinda pointless to really compare numbers anyway.

If you'd want to look at a situation where things compare a lot better, I'd look at IIS and Apache. While Apache's marketshare is bigger, IIS does have a substantial market, and in many cases they are in direct competition with eachother.

I'd really suggest looking at actually compromised machines over time for those two.

What I do know is that despite IIS having a smaller marketshare, the majority of exploit probes that I get in the logs of my webserver are IIS related.

> As Linux becomes a more accepted desktop OS, there will be worms attacking Linux machines, and its "secure" reputation will dissolve. Make sure you're ready for it, because it's not going to be pretty.

While often brought up, the marketshare argument doesn't match reality at all.

Besides the Apache/IIS example above, I suggest lookign at for example the Amiga platform.

While it has a fanatical group of followers still, and had a much larger group of followers in the late 80s and early 90s, it has never had a marketshare of any significance outside some niche markets.

Yet, viruses and malware are a substantial problem on this platform, and both had reached a maturity level that the PC equivalents took quite a few years to catch up with.

The Amiga platform also contains a few features and was surrounded by a culture that make it extremely vulnerable for particular kinds of malware, esp. bootsector infecting viruses. Disk images and disks being the primary way of exchanging software being a large factor in that.

At any rate, a platform needs to have enough users to allow any kind of succesfull virus or trojan, but beyond that popularity seems to be a minor factor, and ease of infecion seems to be a much larger factor.

Re:Perhaps It Belongs in the OS

[|<amikaze]

When they go to open the attachment called "Jennifer XXX cool.jpg.pif", what do you think they actually mean? Show me some porno! What do they get? Viruses.

Are we going to integrate some kind of porn finder into Outlook, just to keep the users safe?

Re:Perhaps It Belongs in the OS

[OmniVector]

heh that reminds me of a skit from upright citizens brigade.

Baseball park owner: "Last night's marshmallows and lighters night didn't go so well. we didn't see that coming, really. That's why tonight is socks and oranges night! There's nothing harmful people can do with socks and oranges."

Re:Perhaps It Belongs in the OS

[DA-MAN]

In any case OpenBSD has an 8 year track record now: 1 remotely expolitable hole! Windoes cannot match that. Yes there are some gotchas, but it you upgrade your machines when OpenBSD does a major release, something they plan well in advance, you should be safe.

That's why I use DOS, it's track record is untouchable even by OpenBSD. It's got 0 (count 'em, 0) remote root exploits in over 20 years!

Re:Perhaps It Belongs in the OS

[bergeron76]

You said: Outlook and Outlook Express do not let you open attachments by default.

You meant: Outlook XP and Outlook Express XP do not let you open attachments by default.

Unfortunately, it will take several years until those versions become the "most prevalent on the internet" versions. Let's see - 2 years ago means that anyone running Office 2002 or prior is a virus-factory.

Re-post this same message in about 6 years when you can convincingly say that "Outlook" [generically] does NOT let you open attachments by default. I dare surmise that the vast majority of Outlook users are NOT running Outlook XP.

Bonus karma

[SeanTobin]

10 bonus karma points for the first person to write a worm that exploits a vulnerability in Microsoft's AV software!

Re:Bonus karma

[1010011010]

Extra 10 bonus points on top of that if the virus also deletes the Product Activiation data!

"Hello? Microsoft? I need to re-activate Windows and my anti-virus software so I can clean out this virus..."

Re:Bonus karma

[fred_sanford]

10 bonus karma points for the first person to write a worm that exploits a vulnerability in Microsoft's AV software!

MS beat us to it. It's called Outlook.

Re:Bonus karma

[mindfucker]

You say this with the assumption that Microsoft's goal is to keep their customer's computers safe, but it's not.

Their goal is the same goal as any monopolist: makeing you completely dependent on them so that it's more difficult to switch to a competing product. Once you understand that you can begin to understand the rest of their actions.

Business Lesson 101

[stecoop]

what makes them think they can keep their AV software up to date?

It just goes to show you that business isn't about who's right or who's wrong but who can make it sound good.

Re:Business Lesson 101

[peragrin]

Sure just like the last major virus outbreak. The patch was there but you couldn't install it without breaking your non MS apps. Databases, servers, and desktop tools stopped working when the patch was apilied. To top it off it also redid MS networking password file so if you were smart and running Samba on a Linux box for your server, you couldn't apply the patch because you couldn't network any more with your servers.

Now Breaking the Network protcol is something MS can do, but it sucks when security is your priority so your servers are different than the desktops,(meaning a virus can attack one but not the other) Now you can't apply any patches without breaking something useful.

Re:Business Lesson 101

[Grrr]

In every case where there has been a problem with Windows security, it's been AFTER they released a patch for the vulnerability. Every one!

- "Microsoft issued a software patch, MS03-032, on Aug. 20 that was supposed to fix the problem. However, that patch failed to close the hole on Windows machines running Internet Explorer Versions 5.01, 5.5 or 6.0.
On Sept. 8, Microsoft acknowledged problems with the MS03-032 patch and promised to issue a fix as soon as possible. Since that time, no changes have been made to the MS03-032 patch. In the succeeding weeks, hackers moved quickly to take advantage of the company's slow response." ( Computerworld.com )

- "Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.
1) A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files. ...
2) A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.
Secunia has confirmed the vulnerabilities in a fully patched system with Internet Explorer 6.0. It has been reported that the preliminary SP2 prevents exploitation by denying access.
Successful exploitation requires that a user can be tricked into following a link or view a malicious HTML document.
NOTE: The vulnerabilities are actively being exploited in the wild to install adware on users' systems." ( Secunia )

- "The flaw, which is different from RPC DCOM flaw that spawned the Blaster and Nachi worms, makes Windows XP and 2000 servers vulnerable to denial-of-service attacks because of a multi-threaded race condition that exists. A remote attacker could crash the RPC service simply by sending multiple RPC requests. The vulnerability occurs if two threads process the same request, thereby corrupting memory.
Microsoft still has not released a patch for the flaw, leaving nearly every Windows XP and 2000 system exposed to potential exploits. Microsoft may, however, be preparing an all-encompassing RPC patch that would address this issue and previous flaws surrounding the network service, said Gerhard Eschelbeck, chief technology officer with Qualys Inc., at RSA Conference 2004. RPC is a protocol that one program can use to request a service from another program located elsewhere on a network." - ( searchsecurity.com )

- "Attackers are taking advantage of a security hole in Internet Explorer not immediately patched by Microsoft
Security experts have warned that a vulnerability that has apparently been left un-patched by Microsoft is being exploited by attackers "in the wild".
The "object type" vulnerability, which was first acknowledged publicly by Microsoft on 20 August this year, allows an attacker to take control of a system by embedding malicious code in a Web-page. If the Web page is viewed by an Internet Explorer browser - even a fully patched browser - the malicious code embedded in the Web-page will execute, experts say. Despite Microsoft acknowledging the patch doesn't work, it evidently has not yet issued a working fix for the vulnerability.
US-based information security company iDefense released a statement over the weekend claiming the vulnerability is being actively exploited "in the wild".
"Whether you are patched or not, attackers can execute code on your computer at will when you visit a hostile website when using vulnerable versions of Internet Explorer," the statement read.
The relevant Microsoft bulletin was issued on 20 August and last updated on 8 September." - ( ZDnet - but then again, you didn't say "...after

paranoia mode enabled.

[garcia]

Asked if that would hurt sales of competing products, such as Network Associates' McAfee and Symantec's Norton family of products, Nash said that Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows.

So? The same thing that happened to WordPerfect is likely going to happen to NAV.

I am more afraid that MSFT will purposefully allow holes to exist in its OS so that more and more people will buy their AV software. Perhaps that's a bit paranoid but I certainly wouldn't put it past them.

Re:paranoia mode enabled.

[hawkbug]

Exactly - I can see it now:

"There are 10 new holes in Windows XP - but the patches won't be out for weeks, so you'll need to buy the latest AV software from us to protect against it until the latest updates are out."

the illusive second step

[jimi1283]

1) make crappy software with holes in it like swiss cheese
2) sell antivirus software
3) PROFIT!!!

Re:the illusive second step

[Gaewyn+L+Knight]

Sure does present a MASSIVE conflict of interest issue. Let's see... a monopoly... selling stuff to guard their own product from defects.

Reminds me of the Dilbert with the bonus for finding bugs and the comment is "I'm gonna write myself a minivan!"

Integrated AV

[CommanderData]

Maybe Microsoft should just fall back onto it's old standby technique- buy the company. Purchase Symantec and integrate the Norton Anti-virus product directly into the Windows OS!

It would make the net a safer place for the rest of us if they did so...

Ummm

[Gaewyn+L+Knight]

Is this a little like:
"Dr Kevorkian... Heal thyself"?

Extortion?

[davebarz]

Sounds like extortion to me.

They make a buggy OS with holes for viruses, and then require consumers to purchase their own AntiVirus to patch them. This removes motivation for producing a secure operating system because the worse their OS software, the more people will buy their AntiVirus product.

It seems like they're trying to figure out a way to charge for bugfixes and incremental updates to their security model, but instead of just selling those fixes like Apple (10.0, 10.1, 10.2--which I understand also have lots of new features), this model actually discourages production of good product in the first place.

Basically, the question must be asked: If they have the capability to provide such a product which tacks onto Windows, why can't they just incorporate it into Windows and make it part of the OS?

Re:Extortion?

[shystershep]

It would be too bad if something were to happen to this here computer, wouldn't it Rocky?

Why, it sure would, Guido. That's an awfully nice computer. It would be a pity if someone were to, say, surf with IE on it, or open attachments in Outlook, wouldn't it Guido?

Or even Outlook Express, Rocky.

Hey, now -- that's going a little too far. I do got standards, you know? No women, no kids, and no using Outlook Express.

They did this already

[z_gringo]

They used to sell their own anti-virus software, but then they left that market because they felt it was best to focus on their core products, and that other companies who specialized in anti-virus software were better equipped to sell that kind of software.

What has changed since then to make them want to get back in the game?

Re:They did this already

[+CipherDemon]

What has changed since then to make them want to get back in the game?

The bought out an AV company. It was GeCAD, a medium-sized vendor that provided the market's current 'best solution' in terms of price, quality, and reliability for *nix networks. They both acquired AV technology and removed a key market stronghold for the *nix community. Go here for more info.

Re:They did this already

[mpaque]

What's changed?

The revenues of the anti-virus companies have grown significantly. Symantec (SYMC) has FY2004 revenue of US$1,870 million. Just 5 years ago they had revenue of US$632.2 million.

A triple in revenue, above the billion dollar mark, is enough to get even Microsoft interested. They are not inclined to leave money on the table. Selling an anti-virus program, particularly with the now-popular subscription model, is an easy way to add revenue.

"Anti-virus program as a separate product from Win

[Mz6]

This might be one of the things that they SHOULD integrate!

Whew.. OK, I got that out. Mark me as flamebait or troll if you want, but this should be integrated with Windows. Of course, not everyone will agree, but hear me out first. First, let's put aside the comments that they should build more secure software and that they should be more focused on security than features. The problem is that it's already created and we have to deal with what we (and the 95% of others using Windows) have and not what should have been. The reason why it should be integrated is because if it's being developed by Microsoft, for their own OS, you would imagine that they might have a small niche into what these viruses are going to do and how they would affect the OS. They created the OS, they know the code behind it, and could possibly help prevent more of the "stupid" users who open the email with the "cute" bears. Let's also assume that the AV software was well built with a few minor security bugs that are easily fixable (I said ASSUME :)).

Since Windows has reached market saturation, we really do have to think about the people outside of /. that are not as informed as us. They don't know about certain viruses or worms unless it's on CNN and they are ones to infrequently update the OS (and AV definition files) because they don't see anything wrong with the way it's running now. Virus protection needs to be something that's seamless to these users because they just don't know any better.

*Awaiting flame responses....*

Re:A part of the OS

It started with the browser, and it will continue until slashdot itself is considered part of the os.

Re:A part of the OS

[Stargoat]

But that would leave Microsoft even more vulnerable to being sued when holes were found in the OS. A virus that hits because both the OS and the Anti-Virus software were defective and made by the same company? It sounds like a lawyer's wet dream.

Too easy to say this

[AsparagusChallenge]

Conflict of interest.

Will the projected earnings from AV division affect security choices?

Re:A part of the OS

[strictnein]

Ahh! You didn't even read the whole news post! MS isn't going to bundle this!

It's not that you didn't RTFA... I mean... all you had to do is read another sentence or two:

Asked if that would hurt sales of competing products, such as Network Associates' McAfee and Symantec's Norton family of products, Nash (chief of Microsoft's security business unit) said that Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows.

IIRC

[foidulus]

Microsoft actually made an anti-virus programs back in the days of DOS/Win 3.11. My first computer came bundled with it. However, the only virus I ever got back then(Doom2 death), it couldn't remove. Though it did alert me to the fact that the files grew by 666 bytes(they don't write 'em like they used to, do they). It also had this nice little 16 color doctor you could watch as your files were being scanned.

Re:IIRC

[ALecs]

Central Point, actually. MS re-packaged a lot of Central Point's software - from PCTools 8 or 9 I think.

Other news...

[FyRE666]

In other news, Benson and Hedges plan to open their own crematorium franchise; "You go out smokin'!". Rumours also spread of plans by Mc Donalds to open a gymnasium adjacent to each grease restaurant, and Darl Mc Bride, Steve Balmer and Steve Jobs to co-author book entitled "Altruism: The secret to success!! (subtitled: Empowering your workforce with kindness)"...

Re:Other news...

[jafac]

. . . in other news;
Former Oil Company Halliburton executive, now US Vice President lobbies to start a destabilizing war causing oil markets to fluctuate.

Extremely Wealthy President pushes through tax cuts which disproportionately reward the extremely wealthy.

. . . ah, screw it. I could go on all day about these two, but I just don't have the heart anymore.

Seperate, until...

[Alizarin+Erythrosin]

Microsoft said that it would sell its anti-virus program as a separate product from Windows, rather than including it in Windows.

They'll keep it seperate alright... until it's been out for a while and they don't gain any market share away from competitors. Then it'll be silently built in. There, but not enabled. Then it will be enabled by default, but with the ability to disable it. Then it will be so "tightly integrated" with the OS that you can't turn it off or your computer "will not operate properly"!

Hey, it could happen... and has with previous products.

That's been the real plan all along....

[tktk]

1. Create a fertile ground for viruses with Windows.

2. Sell anti-virus software that 'somehow' works the best.

3. Take over the world.

Re:A part of the OS

[`Sean]

Microsoft is developing software to protect personal computers running Windows against malicious software

So, what, it deinstalls Windows for you?

Re:A part of the OS

[1010011010]

Microsoft said that it would sell its anti-virus program as a separate product from Windows ... "for now."

There, is that clearer?

Logical Fallacy...

[bcs_metacon.ca]

There's a problem with the idea of them selling the AV software separately from Windows... they always claimed that they had to bundle IE because browsing the web was an integral part of the OS experience... well... when you're talking about Windows, having AV software & keeping it up to date is even MORE of an integral part of the experience than web browsing!

Trust issues?

[MoonBuggy]

Surely if they demonstrated that they made an OS vulnerable to the virus of the day, why should they be trusted to make the software that protects against/fixes said virus?

There are also definite shades of Dilbert here, where the employees who write the software are paid for every bug they remove from the software. It sounds outlandish but MS have demonstrated some pretty evil business practices; might it be possible for them to put a vulnerability into Windows that allowed viruses which could only be combatted by MS Virus Scan - it could be done in a way that means Norton or McAfee could be slapped with the DMCA if they knew the encryption to access the bit of Windows affected by the virus, but it would be a triviality for the virus writer to break said encryption since they're not worried about the law. </tinfoil hat>

in italy we call this mafia

[Simon+(S2)]

you buy protection from the same people you have to be protected from.

Re:A part of the OS

[ImpiousPunk]

Like all "Great" Microsoft products, they didn't develop anything. They bought someone up and slapped their name on it. http://www.ravantivirus.com/

Holy Shit

[mrpuffypants]

This discussion need a fucking tinfoil Turban over it. Get ready for your conspiracies, folks!

You just need the right OS

[missing000]

Microsoft has had a couple of secure OS's out for years

Pressure for updating AV software

[mshultz]

My only question is: If they can't seem to patch their OS fast enough, what makes them think they can keep their AV software up to date?"

... Because there's a lot more pressure to keep AV software updated as fast as possible. If a user is not happy with the way Norton manages their AV updates, they can switch to McAfee with little inconvenience. But Microsoft is under no direct threat if they wait an extra day, delaying an OS patch, since switching operating systems is a much more serious undertaking.

Microsoft clearly has the resources together to put together a good product- look at Office, for example. They're not idiots, and I'm sure they realize the urgency of issuing timely AV updates. If they made that one of their priorities, they could probably do a very good job at it.

wow.

[ricochet81]

They used to blame AV companies for making virii to generate business, but a company that makes the vulnerabilities in the first place in its OS... wow. let the conspiracies start flowing.

Just wait...

[paranode]

We'll be seeing virus updates that clean and fix the problem before there is even a patch out. What's that? You forgot to renew your yearly subscription? Better pony up or you'll be vulnerable for a long time.

It's just a little scary that a company that is responsible for almost all viruses and worms is now going to benefit financially from such failure to secure their product. They're marketing their shortcomings to you as a new product! What will they think of next?

Increasing sales

[SnarfQuest]

"Hay Balmer, our anti-virus software sales are slipping lately. Let's add remote scripting capability into solitare."

Mac version!?!?!

[hc00jw]

Fantastic! When can we expect a Mac version?

I feel so DIRTY!!!

[Saeed+al-Sahaf]

No problems. No big deal. If you are running Windows either because you have bought into the Microsoft Party Line or for some reason you are required to run Windows, than who better to make a Windows virus killer? Only Microsoft can take advantage of the secret hidden proprietary back-doors and APIs. I mean, look: If your going to sleep with Bill Gates, you're already somewhat dirty, so why not go all the way? Ah, what a visual...

Well, since you asked....

[khasim]

"Yeah? And how exactly?"

Make it easily and completely removable and publish the API. Again, during the trial, Microsoft claimed that IE could not be removed because removing those .dll's would "cripple" Windows.

"If they could do that, then they'd have more than 3 apps that held monopoly status. Frontpage? Nope. IIS? Nope. Exchange? Nope. Media Player? Nope. Gee, I guess their monopoly isn't all that strong unless people actually want their stuff?"

So far, they've only been ruled a monopoly in one market. The desktop x86 market (Windows). Like I said, you need to read more.

It was cute how you tried to toss in two server apps (IIS and Exchange). Hee hee. :D

Oh well, you Microsoft apologists are all the same.

Re:Well, since you asked....

[killjoe]

"Uh okay. I suppose I should just drop everything, shake my pitchfork at MS at every turn, and badmouth every little thing they do? That way I could be cool just like everybody else here."

No just try not to be sycophant for a corporation. Especially if that corporation doesn't give a shit about you, your life, your family, your freedom, your health or any other aspect of your life.

Why waste your time and energy defending a giant rich corporation from slashdoters? What's in it for you? Why not go to a forum where people discuss washers and defend maytag. Maytag is a corporation too and I bet they need your help just as much as Microsoft does.

MSAV

[rfernand79]

They already had one! It was included in MS-DOS 6.2, called MSAV. It sucked anyway.

Meh

[Haydn+Fenton]

Does anybody else find this a bit unfair? (Yeah, I know that's M$'s gameplan, but still)

I mean, the only OS which viruses are a major threat is windows.. and now they're going to sell AV software? That just takes the piss in my opinion.

"Hey Bill, we can't possibly fight off all these viruses, surely we'll start losing customers at some point", "Hey, I know! lets sell some Antivirus software, that way we make yet more money and we can get away with releasing patches at an even slower rate, and we get away with terrible programming"...

Re:Meh

[Short+Circuit]

Too bad your average consumer doesn't know enough about computers to see the irony:

Salesperson: Buy our Operating System!

Customer: OK.

Salesperson: Now buy our Antivirus solution! Without it, hackers will steal your identity.

Customer: Egads! Here! Take all my cash!

Re:Meh

[sprins]

My parent-message is modded as "Funny" but should have been modded "Sad" as this is indeed the bitter irony.

How ironic

[NynexNinja]

Microsoft selling Anti-Virus software is like al-Qaida selling life insurance.

TCO

[tallpaul]

What I wonder is - the cost of Anti-Virus software included in all these "Linux vs Windows TCO" comparisons.

Microsoft themselves making AV software is tantamount to admitting that it is pretty much a requirement that you have AV software in order to run any Windows machine (I know I, and most other systems administrators wouldn't considering running Windows without it). At current market prices for Norton/McAfee, that adds about $40 for the first year (license plus 1 year virus signature updates) + $20/yr afterwards (for virus signature updates). Due to the mfr dropping support, you have to pay $40 every couple of years for a new version also. Admittedly you can get site licenses and buy licenses in bulk which reduces the cost.

Writings on the wall

[neurocutie]

Guess its time to short Symmantec and McAfee stock... the variants are endless, but they all lead to one thing: MS "Antivirus" eventually getting 100% "market share".

Let's see...

MS AV is the most effective AV product because they can put in special hooks in Windows/Outlook to allow better AV protection and detection, but only MS AV knows how to use those hooks, or...

MS^H^HSome hacker can "inadvertently" release a virus of their own that only MS AV can stop (for any number of reasons, indeed, who would know better how to write a nasty virus for Windows but MS itself, and of course the best way to drive MS AV sales is for there to be lots of nasty viruses running around), or...

MS AV is quickest to protect against new viruses because Windows can be altered to add in special virus detection and reporting services that report new virus data directly back to MS, or...

MS AV will include and become the only or the most effective way of getting new patches (ostensibly just against new viri, but in actuality, all Windows bugs), ala Windows Update (for a subscription fee, of course). Free Windows Update may remain, but the MS AV will become the enterprise standard for updating and protecting Windows, (again for a fee, just a way of charging for patches), or...

Given better internal virus detection within Windows, it may be possible to construct a Windows "immune system" that learns how to protect itself. Intimate access to Windows internals required.

Then there is always the, "We changed our minds and decided to bundle MS AV in the next release of Windows (since it was hard to find enough other reasons for customers to see that Windows XXXXP is a value-added proposition for $200 a copy)".

The beginning of the end for yet another sector of the 3rd Windows software/utilities market...

User level virus

[gr8_phk]

"No matter which e-mail client is used, they all allow attachments, and without a virus scanner screening those attachments, computer illiterate users are going to get virii."

And if they are running a Unix variant that attachment will only run at user level. No low level system modification can be made, so you can then log in as another user (or root) and delete said infected files which should all be in their home dir and not mixed in with 10000 .dll files. They should also have to make a little extra effort to get it to run in the first place, which will discourage some percentage of them too.

Re:User level virus

[Trailer+Trash]

And if they are running a Unix variant that attachment will only run at user level. No low level system modification can be made, so you can then log in as another user (or root) and delete said infected files which should all be in their home dir and not mixed in with 10000 .dll files.

Sigh. How many times do we have to go over this for the slow learners? Two things.

First, all of my important files are in my home directory owned by my user. A virus doesn't need root-level access to destroy everything of importance to me. It's nice that the files in /etc, /usr/bin, etc. are all locked so that my unprivileged user can't destroy them. Who cares? They're safely on a CD here, they're on the Debian site, they're available all over the internet. My own files exist in my directory (and backups). Those are what's important to me.

Second, the modern worm/virus spreads by either remotely exploiting vulnerabilities on other machines or re-emailing itself. Guess what: it doesn't need root privileges for either of those operations. None, nada, zilch.

The only reason a virus would want root privs would be to infect system binaries and spread to other users. This paradigm is mostly dead in the Unix world on 99% or more of the machines in use; everybody has their own machine. Spreading from machine to machine is the game, and that simply doesn't require any privileges.

The bottom line is that if you could trick users into running a Perl script that came through email, which wouldn't be that difficult for a certain percentage of them, you could write a decent worm for Linux. Not a problem now, but when my mother is using Linux, it's a big problem. "But it came from my friend Kate at church and said to save the file and then type this in at the command line..." The extra step will weed out a lot of the real cluebies, to be sure, but with enough of them it'll be a problem.

MS patches fast enough, users don't

[darth_zeth]

If they can't seem to patch their OS fast enough, what makes them think they can keep their AV software up to date?

MS is pretty good about putting out a patch every time a vulnerability is discovered, usually with in a few days.

But users never patch their systems. I do tech support for small businesses, and every time MS sends out a Critical update about a security vulnerability, two to four weeks later a virus comes out. And when that happens, we get calls. MOST of the recent worms out there were 100% preventable with a patch, even if you DID open up an email attachment.

If users were smart enough to run Windows updates every once and a while, or set it to auto-update, they wouldn't have a fraction of the problems. When i get a hold of a customer's computer, more often then not there's at least 10 critical updates that need to be downloaded form Windows Updates. (gf's mom's had 21)

So yeah, blame MS for making an OS to begin with, but don't blame MS because users don't take the opportunity to download patches that MS supplies.

An ethical dilemma?

[usermilk]

There is an obvious conflict of interests with Microsoft releasing anti-virus software for their own operating system, but one has to wonder if it is unethical. The two trains of thought I am following are as follows:

Microsoft is not making the viruses that affect their operating system. By making a piece of software to protect their customers from these viruses they are providing a service, this service is not illegal or immoral. What would be immoral is Microsoft abruptly ceasing the release of patches to protect end-users from virus exploits. Many viruses exist only because their is an exploit in the operating system for their taking advantage of. If Microsoft no longer patches these exploits in an effort to make an extra few bucks, they would be acting immorally.

I, however see their anti-virus as a seperate outlet. There are users who don't want to patch their operating system. If you can sell these users anti-virus software which automatically updates its definitions, they won't worry about a need to patch their operating system to protect them from viruses. It will be done through the anti-virus software. Hell, the software can automate Windows Update for them, and patch their system automagically. The rest of us who don't but M$-AV will have to patch the operating system ourselves.

The second train of thought is business oriented. Microsoft is a business, and in the words of my friend James, "...businesses aren't in the habit of accepting a decline in profits." By patching their operating system and allowing persons who do not purchase their anti-virus software to be safe from viruses, Microsoft may not make any profit from their anti-virus software. The conspiracy theorist in me brought the light the idea that Microsoft may actually create exploits or viruses in an effort to help their anti-virus software suceed. This thought is ludacrious. Microsoft would be risking jail time if they created viruses. If they created exploits they would be risking horrible publicity.

Viruses can exist without exploits, macro viruses take advantage of something that cannot be patched, automation. Microsoft just sees an open market and wants to take advantage of it. I see no ethical dilemma at all, just capitalism.

Pay yearly to use your own computer!!!

[Anita+Coney]

We all know that Microsoft has been itching to get us to pay yearly for the use of their OS. This is their attempt to get that gravy train rolling.

Sure, Microsoft's antivirus app will be a separate product. Sure it will not be bundled with Windows. However, I'd bet anything that it WILL be bundled with new computers via special deals to manufacturers.

After a year, those new computer buyers will get messages to pay some money to continue receiving updates.

Once we're used to paying every year (or every month?!) for antivirus updates, Microsoft will start charging us yearly for other updates.

Microsoft will be smart and will start out with a reasonable price. But it won't be too long before we're paying about $80 a year for the right to use our computers.