Microsoft To Offer Virus Defense

FridayBob writes "According to the New York Times, Microsoft plans to enter the consumer antivirus business with a subscription service next year. Most of us will remember Microsoft's assimilation of RAV Antivirus from GeCAD Software of Romania in 2003." From the article: "Microsoft plans to expand the service beyond its 60,000 employees this summer and offer an open trial for consumers this fall. No date has been set for a commercial introduction, but the executive in charge of the new business said it would ultimately be offered as an annual service by subscription."

Re:Some food for thought

[GeckoFood]

• Popularity is not the cause of security vulnerabilities, shoddy programming is. If software is not popular, you can get away with it not causing many problems because it is a small target (literally security by obscurity). But if it is popular, then poor programming will become evident and it will be a security problem.

While what you have said is correct, one thing that you have not addressed is that, for some virus writers, getting their spooge to spread as far and as wide as possible is the goal. If you wanted to have your creation on as many systems as possible, would you target a less popular system that is as air-tight as a collander, or would you take the time to find a hole in the most in-use system? Now, if the OS is coded correctly, it would be a LOT harder to find security holes in it.

Even the most well-designed and built OSes have some holes and security flaws. Once in a while you hear about a gash in the Linux kernel. Solaris caught hell a while back too. They've tightened up, but you are fooling yourself if you think they are bulletproof. My argument is that, if some system other than Windows were dominant, there would be a lot more focus on finding those flaws. Windows would be no more secure than it is now, but it would not be the primary focus. Attention would be on the bigger target.

Popularity has nothing to do with the security of a system, you're correct there. However, it has a lot to do with how many exploits are found that would not be noticed if someone were not specifically looking for them.

Re:What disease is that?

[bafarmer]

Just because you're too lazy to learn how to troubleshoot a windows box doesn't make it any less usable. Lately I've been using a skill I picked up in kindergarten called 'reading' and I've learned a lot about how to prevent, diagnose, and remove security problems in windows.

Re:Some food for thought

[GeckoFood]

• My only point is that it is certainly possible for an OS to be both popular and secure

I wholeheartedly agree. That MS has made a career of NOT doing this (and has allowed many of their other applications to be equally exploitable, e.g OutLook), is as you've stated, a good case study of what not to do.

Re:"Anti-virus software" != "Fixing vulnerabilitie

[neomac]

What I would like to see is the Justice Department figure out what you've just articulated and take another shot at Microsoft.

When car manufacturers put out a vehicle in which a flaw is discovered, they have to issue a recall. At most only a handful of cars and their owners are actually damaged due to a recalled car's flaw.

When drug companies discover a potential adverse side effect in a medication, they have to recall the drug. At most, only a handful of people are actually physically injured by the medication.

When Microsoft produces an operating system whose security flaws expose MILLIONS of people to data and service theft, cause BILLIONS of dollars in lost business overtime wages, upgrades, and has spawned a multi-BILLION dollar AV industry as a direct result of their slack attitude towards security, how is it they can get away with saying, "sure, we'll fix the problem for another $49.99. Per year."

They should be BANNED from the AV industry the way Arthur Andersen was BANNED from SEC auditing.