Microsoft Begins anti-virus Software Development

An anonymous reader writes "From the article: Microsoft's announcement that it will enter the AV market next year, with initial trials starting next week, could be a sign of many things to come, says SecurityFocus's Kelly Martin. " Not unexpected, given their recent purchase.

Start the week with a dupe

Microsoft To Offer Virus Defense

Re:Start the week with a dupe

[ThogScully]

What's worse is that the editor clearly did search for past postings regarding Microsoft's Anti-Virus initiatives to find the story that announced their purchase. And apparently that search didn't turn up the past article of which this is a dupe.
-N

Masterplan!

[Libor+Vanek]

1, Sell OS which enables viruses to spread very easily
2, Create AV SW
3, Profit on selling AV SW AND new OS updates! Muhahaha...

Jeez, we're screwed...

Re:Masterplan!

[moviepig.com]

Do airlines try to rent you parachutes?

geez

[Wordsmith]

MS developing anti-virus software to find the same viruses the company's own shoddy programming allowed to propogate is like the Slashdot editors developing a dupe search to find the same duplicates their own shoddy editing allowed to be posted.

Physician, Heal thyself !!

[fluffywuffy]

But don't pass the cost to your patients ...

You meant this?

[Freggy]

1) Sell OS with lots of vulnerabilities enabling viruses
2) Create anti-virus software
3) ???
4) Profit!!!

Re:You meant this?

[Oktober+Sunset]

no its:

1) Sell OS with lots of vulnerabilities enabling viruses
2) Profit!
3) Profit!
4) Profit!
5) Create anti-virus software
6) Profit!!
7) Profit!!
8) Profit!!
9) Profit!!
10) Profit!!
11) ??? (while making profit!!!)
12) Profit!!!
13) Profit!!!
14) Profit!!!
15) Profit!!!
16) Profit!!!
17) Profit!!!
18) Profit!!!
19) Profit!!!
20) Profit!!!
21) Profit!!!
22) Crush competitors
23) Profit!!!!
24) Profit!!!!
25) Profit!!!!
26) Profit!!!!!!
27) Profit!!!!!!1!
28) Profit!!!!!!11!!!
29) Profit!!!!!11!!!!!11!!!!!!!!111!!one!!!1!0ne!!!!!!
etc...

Resistance is futile

[gelfling]

I guess the most depressing aspect of this is that I put almost no credibility in most of the statements MS makes. If they are succesful then it will be a weak middling product that probably focuses on protecting MS OS's and applications exclusively, probably will interfere with everyone else's products and will most likely be several years and several releases late. On the other hand it will probably wind up being 'free' as in you don't have to pay for it directly but because it will be cancerously embedded in the OS it will help keep the price of MS products absurdly high. And last but not least, the list of security patches for the AV tool itself will be extensive. Plus you can figure that it will absolutely crash Firefox and Openoffice.

Re:Resistance is futile

[NoOneInParticular]

I think that in this case the mantra will be "conflict of interest" instead of "anti-competitive". Having one branch of a corporation sell shoddy products security-wise, and having another branch selling the 'fix' sure sounds like a conflict. And to bring anti-competitiveness in as well, they might actually be tempted at some point to put in a bug in the OS, put the fix in the AV software, and put other AV vendors out of business by pointing out that they didn't handly the issue in a timely manner. They've done worse.

Re:Ridiculous!

[It+doesn't+come+easy]

It's just you...

... in other news ...

slashdot.org has announced that they will begin development of anti-dupe software sometime in 2006.

slashdot.org has announced that they will begin development of anti-dupe software sometime in 2006.

slashdot.org has announced that they will begin development of anti-dupe software sometime in 2006.

MSAV?

[jack_csk]

Does it mean our favorite MSAV from DOS 6.22 finally has an update?

Re:MSAV?

[laffer1]

lol.. guess i'm not the only one that remembers Microsoft Antivirus from back in the day...

My first pc, a packard bell (very sad) included dos 6.22 and windows 3.11 for workgroups. Microsoft antivirus had a dos and windows graphical interface and basically did a checksum test on all the files. It created files to remember what it checksum'd in each directory as I recall.

It took forever to scan and obviously didn't catch much and had many false positives. Imagine using tripwire to check for viruses except on a dos partition with nothing to check but byte size and maybe the modify date!

It was credited to symantec in the about box I think.

This is nothing new.. just a comeback!

Goals?

[Sierpinski]

Perhaps instead of "getting into the anti-virus market" maybe they should reconsider how they might make the underlying infrastruture less vulnerable.

There's a reason for user mode and kernel mode. Just because the "system" CAN have full permissions to everything, doesn't mean that it should!

Besides just think of all the money they can make selling books/classes on how to configure their newfound security!

Re:Goals?

[dioscaido]

There's a reason for user mode and kernel mode. Just because the "system" CAN have full permissions to everything, doesn't mean that it should!

And MS has agreed with this since NT4. Remove your user account from the Administrator group and. surprise, your system is fully protected, and spyware/viruses aren't a problem because executables cannot modify system folders or system registry. In fact, Win2k/Xp/2k3 have much richer access implementations than the unix filesystem protection in vanilla linux distribution -- you'll need to get the ACL kernels for matching capabilities.

The real problem is the MS marketing dept, which opted to not confuse Grandma and make accounts Admin by default. Longhorn will make accounts limited by default, and in addition when logged in as admin it will drop priviledges of all apps that don't need admin priviledges (like IE), which is pretty cool.

Re:Goals?

[NetNifty]

"On the bright side, once your OS falls behind so do the number of virus attacks. Win98 is pretty safe now, for instance, because most attacks only work on XP. "

In some cases yeah, but I've had some malware (ok not a virus as such, but close) completely kill a Windows 98SE box's network stack after it got in by trying to "patch" the Winsock libraries and assuming it was XP.

Re:Goals?

[Craig+Ringer]

The ability to run as a limited user is, in my experience, nigh useless. Users will regularly encounter things that require admin priveleges to install, even things like browser plug-ins, and then won't run except as the user they were installed as. This requires temporarily modifying a user's account - always fun - to get them to install and work.

Even better, some apps won't run except as admin because they try to fiddle bits of the registry and/or filesystem they assume they'll have access to, because "everyone runs as administrator". Games are the #1 culprit here, but a large proportion of general use software has that problem too. It's not Microsoft's fault that app developers are idiots, but it still makes the limited privelege accounts nigh useless. Unfortunately, they can't conjure a long history of least-privelege-by-default so they're stuck with breaking compatibility with old apps (90% of users would equate "need to change user account to run program" with "broken OS") or retaining the current braindead defaults.

I do agree with you on the fine-grained priveleges in NT, though I wish they were consistently inherited instead of propagated through the filesystem tree. The issue with ACLs is that unless very carefully administrated they tend to become a hideous and unmanageable rats nest where nobody can clearly state what happens in a given case. This is as true on UNIXes with ACLs as it is on NT. I've always been way happier with the groups-within-groups model, which lets you get 90% of the benefits of ACLs with 10% of the complexity. It never seems to have become all that popular, though :S

Wake me up...

[Vo0k]

...when the first virus spreading over the Microsoft Antivirus system is written...

BTW, will it be free? If not, I'd say, brillant strategy. First sell them system vulnerable to viruses, then sell them protection against them. Microsoft should start charging for security updates downloads too.

Re:Ridiculous!

[QMO]

It is you. You're increasing. I hope you know what it means when a person is increasing.

Much more important point

[say]

The point of this security focus article - if you actually read it - is that MS might be going for a subscription-based licensing in the long run. See, you don't pay for Windows, MS Anti-Spyware and MS Anti-Virus, you pay to subscribe to all these, software upgrades and security patches.

That means MS could: a) make people more aware that they are paying for patches, making it more probable that they will use them; b) be able to roll out new OS upgrades instantly, and avoid having to support WinXP far into the 2020-ies; c) hunt pirates more effectively; and d) make shitloads of cash also on people who don't need cutting-edge updates.

It's really just the RedHat model coming to Windows, and I think there are compelling reasons for Microsoft to make it this way. After all, MS can't live with the fact that many home users still use Win98 (think of all the lost revenue!)

Re:Much more important point

[HuguesT]

Sorry, I'm throwing away all of my mod points just to respond to this nonsense.

This is **NOT** the RedHat model coming to Windows. Redhat's subscription is 100% voluntary. You can still get all of their software, including the Enterprise stuff, without spending a single cent in subscription. Redhat's software is GPL, it is guaranteed to remain Free forever.

With RedHat, you pay if you believe their service actually add value to your business. With Microsoft, if you *don't* pay, your business can't run. Period.

Re:Now we are really

[It+doesn't+come+easy]

All Slashdot posts are redundant by definition, since only certain stories are posted on Slashdot to begin with, and all of the comments are repeats from some earlier post. In about 15 years, the only moderation you will see is redundant...redundant...redundant, cause there will be no new stories by that time. This will be the sign that the Singularity is upon us, as Slashdot posts begin to come from an artificial intelligence faster and faster, then comments, then redundant moderation, then posts, then comments, then redundant moderation, then posts, then comments, then redundant moderation...eventually the virtual world is filled with Slashdot posts moderated redundant...

Such is the fate of mankind.

Is it just me?

[voudras]

or is microsoft getting into the anti-virus market sorta like self fullfilling?

I mean really. I guess they dont make enough money just keeping thier products secure

3 words for you

[FidelCatsro]

Conflict of intrests

Re:3 words for you

[FidelCatsro]

I see this got moderated a troll for some god unknown reason.
Ok i better fill it out a little

Microsoft develop an operating system with bugs which allow worms and viruses and trojans to propagate .
Microsoft then continue to build an anti virus system to either sell with or give away with the system.
It is not a troll its a statment of fact , this is a conflict of intrests .
It would be better if they give it away for free but then that is incredibly anti-competitive and a conflict of intrests still to a lesser degree though.
if they sell it then they are creating a conflict of intrests because fixing bugs in their OS then becomes something which could detract from sale of the anti virus software.
it is a conflict of intrests plain and simple , i do not say this to troll only to point out that this is very much an unethical practice .

Re:3 words for you

[Tibor+the+Hun]

Don't worry about troll mods. These newfangled mods wouldn't know a troll if it bit them in the ass.

You know what scares me?
I thought with Longhorn MS would develop a somewhat virus secure system, that wouldn't need a full fledged AV.
Now, with this they don't have to. It pretty much means, in the Windows world, it's gonna be more of the same with respect to viruses... You're not safe without a good AV product.

Can you see how they're gonna spin this one? "We're so commited to our secure computing initiative, we've developed our own AV product, and made sure it "Just Works" with your current operating system!"

Re:3 words for you

[Evil+Adrian]

Last time I checked, it is legal to compete with other software companies. The only time it becomes illegal is if they use their "monopoly" (monopolies are legal, by the way) to leverage their product unfairly. You're basically declaring them guilty before they've even launched the product -- very stupid.

Offering software to protect consumers... how is that unethical? Oh wait, I get it: it's Microsoft, therefore, everything they do is unethical and wrong. That mind of yours smells squeaky-clean from all the brainwashing.

Do us all a favor, too -- please learn to spell before you respond. Thanks!

Will not be Longhorn compatible

[skingers6894]

Longhorn users won't need this.

See http://www.microsoft.com/windows/longhorn/security .mspx

Imagine releasing anti-virus software on the eve of launching the "most secure version of windows ever".

With MS-AV it will be even MORE most secure.

The solution has been out for some time....

[Himring]

I installed Firefox 1.0 on my brother's computer months ago (6 months?). I checked his system last night with spybot and AVG AV (just installed AVG to see if it would find anything). Absolutely no spyware or viruses at all. Now, my bro does tons of surfing and so does his wife. They do ebay, email and are all-around fairly regular users. Of course, I also installed a software firewall on their XP system.

Microsoft already holds the key to an AV solution, and that is, bury IE so the user can't use it and install Firefox....

wait'n'see

[kd4evr]

how things turn out. It sure takes them Redmond gang a while to come up with anything, when looking at the purchase-company / product-to-market cycle...

People have launched a number of variations on the
"1. massively spread lame s/w w/ vulnerabilites
2. start seling antivirus s/w
3. profit?"
hypothesis. However, this would only turn out to be a correct theory only if the AV s/w worked remarkably well, shifting the virii vulnerability stories focus elsewhere. I wouldn't want to bet a dime on a conspiracy theory or on any type of a silver-bullet solution.

My bet is different - many Redmond products had flaws and some attempts at new niche markets were downright failures. Hence, I'd bet on an AV product that will fit 'normally' into the S win suite, reducing only part of the problems and introducing some (as typical of any s/w) new issues of its own.

A less safe bet, but not to be dismissed, is the ultimate toll-for-disaster scenario, also mentioned times and again in this discussion.

RAV Antivirus

[smilheim]

Remeber that MS purchased the Intellectual Property of GeCad which made RAV Antivirus a few years back.

Different

[mattmentecky]

To offer up a different (aka unpopular and hated) perspective, Microsoft isn't alone in the field of companies that offer up an imperfect product or a product that will break with intention of selling more. And they shouldnt be treated like they are some super new-bread of evil, it has been around for a while.

Technology in industry has come to a point (heck, a while ago) that can produce never-dull razors, lifetime long light bulbs and lifetime appliances (has anyone had a refridgerator/washer/drier last more than 5, 10 years nowadays?) but we see none of these. Why? It benefits a company more to make broken-products or sub-par or eventually-break products than something of quality. Microsoft is no different. I guess thats just Capitalism? More money == 'good'

Re:Different

[Frumious+Wombat]

In some cases, yes, but they're all much more expensive than the disposable alternatives.

Look at the most obvious example of why it's not necessarily a conspiracy keeping these fine products away from you; your computer. IBM, HP, and DEC made some high-end, virtually unkillable, PCs (and two of them still do), but they cost real money. People said that was too much money for a PC, so they bought Dell or Bob's WhiteBoxen instead, and complained when they died early.

It's not that the company loses future sales by not selling you an undullable razor for $50 now, it's that they lose present sales because Bob's FaceScrapers(tm) are only $2.50 at the check-out counter, and that's what the average short-term minded consumer will buy instead. You could use compact fluorescent bulbs, or LED flashlights as examples as well; some people will buy them, but most will say it's too expensive, and instead pony up for another tungsten bulb seven times as often, because it costs less at that moment.

Trite though the statement is, the business world really does run on the maxim, "never attribute to malice what can be adequately explained by stupidity".

Re:Different

[TwinkieStix]

I completely agree. It's all supply and demand. If consumers thought that a longer lasting unit was worth the additional cost, they they would purchase it. It's true that companies are out to make money, but that means that (given competition of course) they need to supply what the consumers demand. It doesn't make them evil.

Now, Microsoft is a different story. They've been found guilty of monopolizing a market sector, and so they need to be more closely watched and perhaps even regulated. This product is close to wiping out the entire anti virus industry, although the likes of Norton and Mcafee are doomed to get much leaner and faster else die from market share loss. At that point, the only anti virus makers left standing will be Microsoft, a new holders on, and perhaps clamAV (open source can't be killed that easily I bet).

So, don't compare Microsoft to Maytag. The washing machine maker is forced by competition to give us what we want (or at least what they think we want until somebody else proves them wrong). Microsoft is only inclined to give us what we want else face competition from Apple or Linux, which is not on their main radar at the moment.

Re:The Register is right when it says...

[Slashcrap]

Dear Mods,

Instead of modding the parent down as "flamebait", why not provide some counter examples?

If you can't then it's hardly flamebait is it?

Microsoft business model

[infernalC]

1. The anti-viral software will be made available for XP, but will be built-in for Longhorn (if Longhorn ever happens - we're still waiting).

2. The subscription cost will be built into the Longhorn price for retail copies.

3. OEMs will have a choice of becoming .dat file distributors or retailing subscriptions to MS' direct service. Distributors will either have to pay massive up-front fees or massive MS taxes. The initial subscription is mandatory (bundled) either way.

4. After you will pretty much be forced to pay for this software, you will quickly realize that it is INCOMPATIBLE with your third-party ftp client, web browser, etc. This thing is gonna be tied to IE (probably intentiontionally crippled).

5. Microsoft, respecting anti-trust laws, will provide an API for you to Microsoftize your Internet applications. The API specs and the library itself will of course be made available for a $10,000 licensing fee and signature on an NDA (Microsoft will disguise this as an effort to protect users' security). The API/library will not be available on OSS-compatible (much less GPL-friendly) terms.

6. Microsoft will sit back as they rape their userbase, who will believe that Microsoft is doing them a favor; even if they don't, vendor lock-in is a beautiful thing.

7. Profit!!!!

Don't tell me you don't see this coming.

Now if they could just fill in the missing step... wait a minute...

Thats rich..

[burritoKing]

Geez,

It's like an electrician setting your house on fire due to some dodgy wiring, and then offering to sell you a fire extinguisher as your house burns down.

Re:Slashdot search sucks

[cr4p]

Really?

No kidding...

[koko775]

It's a rare thing for me to be able to find something I'm searching for, and I often find that my searches come up with irrelevant results. IMO the search needs some rethinking.

Re:No kidding...

[jamie]

We're working on it. Right now Slash just uses MySQL's MyISAM FULLTEXT indexing, which is kinda 2001. It's a cheap solution that we've limped along with for quite a while. But we've rewritten our search code to be modular, anticipating a better solution that we can plug in, once we find one we like. Our top contenders right now are Lucene and Kinosearch.

Cleaning itself

[vanwl]

Cool!!

And the next MS Antivirus not only removes known virus from your computer. It goes one step beyond, stopping the use of potential dangerous ways of infection such as: Firefox, ICQ, Gaim, Winamp, etc... XDDD

I hope they can get rid of this infection I have

[theguyfromsaturn]

My computer at school has been infected with Windows. Maybe they'll be able to remove it.

SELL SELL SELL!

[Big+Nothing]

Note to self: sell all shares in Symantec.

By Comparison

[Horrortaxi]

When Ford makes a car that is defective they do a "recall" and fix it so that it works the way it should have worked in the first place free of charge. What suckers! They could have just sold users the "seat belt upgrade" or "ignition switch that doesn't catch fire." The stockholders must be pissed.

You might be thinking "if a car malfunctions it's a life or death matter but who cares if a computer crashes or gets a virus?" But what if that computer is part of the air traffic control system? Windows (for some reason) is used in a lot of important environments. Sometimes it really is life or death.

The mottos...

[zwilliams07]

Micro$oft Windows: What virus do you want today?
Micro$oft AntiVirus: We charge you extra for locking in.

I wonder if M$AV will uninstall Windows, otherwise it wouldn't be a very good AntiVirus.

Microsoft AV should be better...

[Eric+Damron]

An OS company selling software to protect its OS from malicious software designed to exploit flaws in that OS!

Can you say conflict of interest! Sure you can!

Well at least their AV software should work better than other companies AV software. At least I'm assuming that Microsoft SHOULD know where all the holes are...

Great business model

[tvaananen]

This is a great business model for Microsoft.

First create unsecure software that lets the viruses in, then provide virus protection software, and make the user pay for both. Simply brilliant!