Microsoft to Ship New Malware Protection Utility

LadyDarth writes "Microsoft introduced on Thursday a new program called Client Protection that will help to combat viruses, maiware and spyware in the corporate environment. Paul Bryan, product management director in the enterprise security division at Microsoft, said in an interview with BetaNews Wednesday night that Client Protection's aim is to 'make sure people have fewer security products' to concern themselves with. Responding to concerns that it was stepping on its partners toes, Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden."

Great...

[samj]

more Claria shananigans on the way then?

Re:Great...

Exactly. Microsoft will always be behind the eight-ball when it comes to spyware protection because of its corporate nature. It will always put profit before protection.

Some people may claim that Microsoft still allows users to remove the Claria software. For example:

Windows AntiSpyware (Beta) continues to notify our users when Claria software is found on a computer, and it offers our users the option to remove the software if they desire.

However, the issue here is not whether or not Windows Antispyware still detects Claria products...the issue is Microsoft's recommendation on said products. While it is true that users still have the option to remove Claria products if they so choose, the fact is that users had the option to keep Claria products on their system back when Microsoft was recommending removal. The insinuation that this change offers users more choice than previously available is tacitly false.

The real issue here is Microsoft abusing their position of trust within the general computer user community. No, I'm not talking about people like us here...I'm talking about Ma and Pa Computer User...the ones who see a virus or spyware warning and panic. Many of these people rely upon the recommendations offered by the spyware detection/removal applications to decide on how best to manage their systems. By artificially upgrading Claria products from 'remove' to 'ignore', Microsoft is taking unfair advantage of these users' trust.

Also claimed:

All software is reviewed under the same objective criteria, detection policies, and analysis process," Microsoft claimed. "Absolutely no exceptions were made for Claria.

As far as I'm aware, no other spyware removal application has promoted Claria products in this fashion. Until Microsoft publishes these 'objective criteria', and shows how Claria products managed to get upgraded from 'remove' to 'ignore' under them, we will have no choice but to assume more ulterior motives.

Re:Great...

[earnest+murderer]

I can make one up... Because other software was installed on the users pc with the agreement that Claria's software be installed as well.

Removing Claria's software violates that agreement. If that is the case, removal is not the best recomendation.

Last I saw, Claria was pretty above board about their intentions at install time. And it is easy to remove through the Add/Remove programs application. Those two points alone elevate them above the bulk of the software that is removed via Anti-Spyware solutions.

Always with the bad grammar

That should be "Microsoft to Ship New Malware, Protection Utility".

Re:Always with the bad grammar

[Carnildo]

Sort of like the malicious Software Removal Tool they've been sending out via Windows Update?

Re:Always with the bad grammar

[StarvingSE]

Yes, I love how Microsoft likes to constantly jam their own software down our throats through their Windows Update. This is unethical and bad business in my opinion, and I don't know why the rest of the industry won't go up in arms about it.

Why buy something like Webroot's SpySweeper when Microsoft pops up a window every month claiming that their anti-spyware suite is critical.

Windows Update should be just that, fix security issues, make windows more stable. Not as a conduit to make sure Joe Computer User always uses 100% Microsoft products.

Re:Always with the bad grammar

[jokestress]

I think there's a typo, too: "Microsoft to Ship New Malware, Protection Futility."

Re:Always with the bad grammar

[Liam+Slider]

That should be "Microsoft to Ship New Malware, Protection Utility".

See, when I read the article's title I misread it as, "Microsoft to Ship New Malware" which just made so much sense to me.

Re:Always with the bad grammar

[popra]

my teacher calls them uh-oh's...

Re:Always with the bad grammar

[Linker3000]

Or maybe: "Microsoft too Shit, New Malware, Protection Futility"?

Re:Always with the bad grammar

[Ugly+American]

First off, Microsoft mentions in the download details for the malicious software removal tool that it is not a substitute for antivirus software. It simply scans for some of the more prevalent trojans and worms and attempts to remove them. If you look at the Microsoft knowledge base you'll note that all of the malware it currently targets are worms, trojans, or rootkits.

Second, it's amusing to me that you chose Webroot for your example since they offer SpySweeper to MSN dialup customers at no charge. In fact, my dad uses it (rather than the copy of Ad-Aware I installed for him) because it is the "official" Microsoft product.

Re:Always with the bad grammar

[aybiss]

Oh yeah, good old windows/microsoft update.

I fix it on computers every day. Error messages like 'Well, basically something fucked up, error: 0x80DD0007'. Which are nowhere to be found in any help files from microsoft. 'Check your update history' - yeah, it's empty.

When you submit an error lookup from MS update, it takes you to the search page. Hmmm... right so what did I just submit?

Even when it's 'working', it will take about half an hour to do a web update if your automatic updates are already going, regardless of connection speed. Why does verifying a file take soooo long when it was already half downloaded?

The nerve of these idiots, to produce something that is their front line of defense for 'Ma and Pa Computer User', and have it fail so dismally in every aspect of usage, is quite outrageous. The sad thing is people continue to walk into my shop every day with that sad look on their face - the computer is doing something wierd *again*. It is just so frustrating when what is wrong is simply Microsoft's software.

In case you ever have this problem:

1) Scan for spyware, it loves to take over/mess up automatic updates.
2) If enabling the services BITS, Auto Updates, Event Viewer (the only help MS does provide) doesn't work, try deleting everything inside C:\WINDOWS\Software Distribution. You may have to stop the services you just started and kill a few apps in order to release all the files.
3) If this doesn't work, try deleting things in Downloaded Program Files (this is where the auto-update activeX lives). A better way to do this is with Spybot, since it will give you a little bit of info on what each activeX is (they are in directories by COM GUID, yet another piece of good planning by MS).

Anyway, there's my 2c AND some help on how to fix automatic updates. What were we talking about again?

Aaron.

Re:Always with the bad grammar

[TractorBarry]

And furthermore why does Windows update keep telling me to install updates to IE & Outlook Express ?

Sorry I don't want either of them on my Windows box at all. My only use for IE is to run Winders update and that's only becuase you're forced to.

As for Outlook express I'd rather pull my toenails out with red hot pliers than use that pile of ordure.

It's just a shame the EU focused their attention only on Media player. They should force Microsoft (well at least Microsoft Europe edition :) to be split into an OS company and an applications company. That way there'd be an end to their monopoly practices and their product might actually improve due to real competition.

So whilst I may be forced to have a Window box (to run Sound Forge and Logic Audio) I'll be damned if I'm using Microsofts' wretched tools on it. Every single product Microsoft produces has a superior alternative.

Of course, if you don't need to run a spcific Winders only app, a far superior alternative is Ubuntu...

Pah...

Re:Always with the bad grammar

[TheNetAvenger]

But it was from Apple or part of a Linux distribution it would be wonderful and a perfect way to ensure even the casual user had some level of protection.

Just because they use big bad words like Microsoft, doesn't mean it is a bad idea...

Re:Always with the bad grammar

[()2guR]

The dillema is that those other products are trying to fix those same security issues that are causing the problems to begin with. If Windows was more secure, then there wouldn't be as many worms...etc.

Re:Always with the bad grammar

[StarvingSE]

So Webroot is endorsed by Micro$oft, so what? They probably paid M$ a lot of money to get that deal going, and will probably pay off from it.

What you said actually makes the matter works. Joe Computer User will think that the malicious software tool is all-inclusive, because most poeple don't read the MS Knowledge base. They will think this tool protects them from all malware.

The fact is that Windows Update should only be used for critical security updates.

Re:Always with the bad grammar

No, it should be "Microsoft to ship new 'Malware Protection Utility'". It protects malware, like Claria.

Re:Always with the bad grammar

[Ugly+American]

It is a critical security update. There are people out there who just park a windows box on an always-on connection with no kind of protection whatsoever. Left to their own devices, the owners would happily leave their PCs sitting there as part of a botnet forever (with perhaps a little head-scratching over why their computer is so slow.) At least this way there's some chance of getting their computer patched and de-loused.

I'm sure that somewhere out there, there are idiots uninstalling their anti-virus because they've got "this new anti-virus thingee" from Microsoft. My point was that Microsoft does not describe it as being a substitute for anti-virus software and in fact states that an anti-virus is still necessary. They're not trying to drive anyone out of business... well, not with the tool we're discussing, at any rate.

Sweet!

[jav1231]

Will it clean explorer.exe from my system?

Re:Sweet!

[Anyletter]

not just explorer.exe, but also IE. Microsoft plans on eliminating all malware!

Re:Sweet!

[StarsAreAlsoFire]

All it does is call 'Format c: \m'

All clean!

Vista?

[OffTheLip]

Could just be all a rumor...

Re:Vista?

[brian.glanz]

It's real.

Despite the dearth of official links (MS still doesn't 'get' the whole Internet thing, do they?!), we do now have some more authoritative sources coming online.

The reveal was in Munich today, which is part of the reason you might see less if you're only trolling around on American sites (on the U.S. dominated and controlled Web).

As for TFA, Paul Bryan is not even a Real Microsoft Executive, but Mike Nash sure is, and you can catch a couple quotes from him via some trustworthy sources.

From The New York Times, Reuters, Bloomberg News, and the International Herald Tribune: "Nash said he had seen a culture change since Bill Gates said three years ago security would be a top priority. 'I used to be begging people to pay attention to security. Now they get it. Security is part of everyone's job.'"

BG

And here it is

Right here :-)

I thought

[oldgeezer1954]

They were supposed to document all api's and make them available. Anyone think he's referring to something else besides hidden api's?

Re:I thought

[game+kid]

Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have.

I somehow doubt it's a non-API advantage. It's like they're trying to get sued by the government again.

<offtopic>DAMN this slashdot thing is rendering awful. Probably not for non-IE users though.</offtopic>

Re:I thought

[Threni]

Are there really hidden APIs? Wouldn't that be too easy to locate with debuggers?

Re:I thought

[jonwil]

Microsoft has LOTS of undocumented APIs.
Just as an example, RegisterUserAPIHooks and UnRegisterUserAPIHooks in user32.dll which let uxtheme.dll (and the theme APIs) hook into the OS to do global non-client area themeing.

Should they be forced to document these? No, because they are only used by one part of the core OS (uxtheme.dll) to talk to another (user32.dll)

Re:I thought

[Sloppy]

API's, very dangerous. You go first.

Re:I thought

[alexhs]

They were supposed to document all api's and make them available. Anyone think he's referring to something else besides hidden api's?

No, they're referring to all those holes and backdoors they've intentionally put and that "third parties" are yet unaware of. :)

Security

[the+linux+geek]

This is Microsoft "Windows Secure in 2010" Corporation. Is this actually going to help?

Re:Security

[ackthpt]

This is Microsoft "Windows Secure in 2010" Corporation. Is this actually going to help?

I thought it was 2015, it's been moved up? When was this?

"In the year 2010: William Gates Jr. announces to great fanfare, Microsoft Linux! Both of their remaining customers applauded with guarded enthusiasm."

Re:Security

[John+Biggabooty]

There are two anti-malware apps I can personally recommend: Linux and Mac OSX.

Re:Security

[redheaded_stepchild]

Wow, that sounds just like that skit from Conan OBrien...

More MS software?

[sedyn]

Great, more microsoft software that people can exploit.

(of course, I am making assumptions based on the premise that it will be connected to the 'net for updates)

Re:More MS software?

[moro_666]

people should also realize that antimalware/antivirus software is made to get rid of viruses/malware that are *known* and have some code/execution pattern that can be recognized.

if a brand new virus/malware ships out into your machine, the poor antivirus stuff is totally useless.

what's even more tragic is that if most machines will start to use m$ antivirus, then the viruses will concetrate to attack the antivirus stuff at first, making it unusable, and then spread across the whole machine. currently there are about 4-5 pretty solid antivirus programs out there, they are all different and hence it's too hard for a single virus to undertake all of them (since viruses have to be small), but if most users will trust the "superior m$ software", they will be seriously compromised against new attack which is directly aimed at them. even worse, they will have no idea that their machines are affected and the virus/malware can quitly spread on & snatch bank passwords and stuff like that. really scary.

to get even more scary, if we get a "changing" virus which alters it's code/execution pattern on each spreading step a bit, the windows machines will be in big big trouble.

i hope that this attempt from microsoft will not be disabled by a "fun virus" with one registry value change ;) // choose life, choose linux or *bsd

can't make up his mind

[timmarhy]

in one sentence he is stating ms knows something about windows that no one else does, in the second he is stating they aren't hiding anything. it can only be one or the other, not both. i'm very inclined to think it's the first. they haven't documented jack shit in order the maintain their strangle hold and put the rest of the industry out of business.

Re:can't make up his mind

[geekoid]

No no, it's not hidden, it's in the basement...with the broken stairs..and no light, in the cabnet marked 'beware of tiger'.

Re:can't make up his mind

[Antique+Geekmeister]

What Microsoft knows that no one else does is their future development plans. They can pre-develop security software to cope with the latest MS Office or .NET security stupidity, such as the way both of them auto-execute things now, and stop wasting time on developing utilities for features they are about to discard.

Re:can't make up his mind

[pete-classic]

I think you mean leopard.

That's the display department.

-Peter

Re:can't make up his mind

[DeafByBeheading]

I think he meant tiger...

Nice

[Hey+Pope+Felcher+.+.]

. . . as opposed to their malware production utility I suppose?

Instead of protection, how about a better OS?

[ausoleil]

Love them or hate them, a Microsoft OS is at best a Rube Goldberg device of an operating system. I think that is one of the reasons why MS OS's slow to a crawl after a period of time, or at least seem to.

Look at the average Windows system that has not had a rebuild in a year or more. More than likely, the system tray at the right stretches halfway across the screen when it is expanded. There's virus protection, a personal firewall, spam protection, etc. etc. etc.

Now we have another protection racket (err, application) from Microsoft to protect us from what is ultimately Microsoft's fault: an operating system that at it's core was designed in such a way that security was an afterthought.

So, we have words of Microsoft's plans to have more protected kernel. Of course, because it is Microsoft, that means you will need to use Microsoft's apps, or their approved vendors, Microsoft approved hardware, etc. etc. Trusted computing? Sure -- Microsoft can trust you to fill their profit stream after you install their secure OS.

Instead, why doesn't Microsoft use the principles of Occam's Razor and not let applications have direct access to the kernel? Why not have an equivilant of chroot that works well? Why, at the core, give so many holes for applications, good or bad, to wreak havoc on your computer?

Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

Re:Instead of protection, how about a better OS?

[GeorgeMcBay]

The answer to all of your questions is simple.. It is too late to do that stuff and maintain wide compatibility with existing applications. Is maintaining compatbility worth having an OS that has to be kludge-patched? Microsoft believes it is, and since nobody has made as much money as they have selling an OS, who are we to argue they are wrong, from a business perspective (and who are we to demand they have any greater goals than to be a successful business, since that's what they are...a business)?

Re:Instead of protection, how about a better OS?

[QuantumG]

This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault. You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

Re:Instead of protection, how about a better OS?

[DrEldarion]

Agreed! I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware. Up until about a year or so ago, I used IE exclusively, too. Use your computer intelligently, and you shouldn't have problems.

Bad users will find a way to screw up any system, regardless of OS. (Barring, say, a C64)

Re:Instead of protection, how about a better OS?

[linguae]

Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

I love *nix (and BSD, too), but there are ways that Microsoft can make a secure operating system without switching its kernel to a BSD kernel. (Note I left Linux out; there is no way Microsoft is ever going to base their flagship product on GPL'd software). Here are some ways that they can do that:

1. Decouple the Internet Explorer/ActiveX connection. Internet Explorer would be much like Konqueror on KDE if it didn't have that insecure ActiveX giving malware access to the machine.
2. Microsoft should do what OpenBSD did to much of their software; check to see if there are any potential buffer overflows and other security issues created from bad code and replace them with safer functions. OpenBSD created strlcat() and strlcpy() to replace the insecure strcat() and strcpy() functions in C, for example. Removing all of these insecure stuff from their software will help a lot.
3. Windows should also better handle user accounts, in an almost Unix-like manner. Granted, Windows has gotten much better over the years with the "Run As..." command and more applications are aware of adminstrator and limited user account, but there are still some minor flaws that need to be fixed.

I don't think Windows needs a new kernel. I just think that all of its APIs, programs, and functionality should be secured, and very insecure things (like ActiveX) should be removed.

Re:Instead of protection, how about a better OS?

[timmarhy]

i agree you can run windows in a near secure manner. just don't use outlook or explorer, sit behind a firewall, apply 50,000 patches (and hope none of them fuck up your system), turn off all but the core services and never install any software except stuff from sources you really really trust.

but as you said, having to do that just to operate in a near secure manner is OUR fault, not MS's.

Re:Instead of protection, how about a better OS?

[linguae]

Well, it is possible to use Windows securely. I have a Windows XP partition, for example, and I don't get viruses or malware because I take proper precautions (use firewall, use anti-virus/anti-malware, use Windows Update, and don't use IE except for doing Windows Update). However, there are some fundamental flaws built into the software. Internet Explorer has some sort of new flaw discovered every week, because of insecure code. Windows doesn't enforce the distinction between user and administrator accounts in XP Home (which many users use). These effects can be mitigated by staying careful, but let's not lose sight of Windows's main deficiency -- security.

Re:Instead of protection, how about a better OS?

[timmarhy]

I used to work in a tech shop years ago. i used to love it when people would say "i don't get viruses" because it always meant they were infected to the hilt.

The problem is, most people, even technically adapt people, are not capable of protecting themselfs from the host of worms and exploits being used out there today. the blame lies squarely on MS's shoulders.

Re:Instead of protection, how about a better OS?

[QuantumG]

Windows doesn't enforce the distinction between user and administrator accounts in XP Home.

That's news to me man. If you don't put your user account in the administrators group the account has no special privileges. That doesn't mean the user can't download and run trojans that can destroy their user files, but that's no different to *nix. You can't heap everything onto the manufacturer of the software. On the other hand, every OS (except maybe openbsd) has serious local exploits that malware can take advantage of. But nothing short of open sourcing Windows and seeding a massive community to maintain it will fix that.

Re:Instead of protection, how about a better OS?

[QuantumG]

Sigh. No it doesn't. It lies on the people making the worms. Really, it does. I used to be like you. I've slowly come to realise that it's just tall poppy syndrome. Worms exist for Windows not because it is more or less insecure than anything else. They exist because it is the biggest target and therefore people put more time into figuring out how to attack it. If Mac OS X were the #1 operating system we'd see more worms for Mac OS X. If some flavour of Linux were the #1 operating system we'd see more worms for it. If you want an historical validation of this theory, take a look at the first worms that spread across the internet. They were for SunOS 5 and other Unix systems. Does this mean that Apple II's and C64s were more secure than Unix systems? Of course not. I means that Unix systems were a more attractive target, and that's what the malware writers went for.

Re:Instead of protection, how about a better OS?

No, you ass, it's neither our fault nor MS's fault. We have to operate in a secure manner because there are people out there who make lots of money trying to exploit us.

Do you lock your car? Do you lock your house? Is that Ford's fault, the government's fault, your fault? Or is it simply because it's the smart thing to do given the fact that there are malicious people in the world?

Re:Instead of protection, how about a better OS?

[eealex]

So just like Windows Firewall it just makes somehow default to the system and making the giant monster even bigger? Very good, people are finding their computer runs slower and buy a brand new computer with Vista preinstalled...

Re:Instead of protection, how about a better OS?

[Spoing]

This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault.

While you're right, Microsoft does make it exceeding difficult to do the right thing. You can not secure a single Windows system in the span of an hour or two...unless you have already done the work and have a pretty good custom tool kit and you know your environment.

You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

In some ways, it still applies. I can't blaim most people for getting screwed on a regular basis. Microsoft doesn't help to solve the problem much by using default settings that are nuts. Sure, the defaults are starting to match unix-style security, but if you want security like unix why not just use that!

Re:Instead of protection, how about a better OS?

[JacksBrokenCode]

If somebody steals your car because you didn't lock the doors, is that the manufacturer's fault?

And if you were told that Ford F150s are involved in vastly more accidents than Volvos, would you be surprised? Could you then declare that Volvos are more safer/stable because they don't get wrecked as often?

Volvos have a reputation of safety partly because they are safe cars and partly because their reputation brings safety-conscious people into their dealerships - people who aren't as likely to get in accidents regardless of what make/model they drive. Windows has the widest desktop distribution on the planet and also has the most computer-illiterate people using their desktops.

Someone who is inclined to research a Linux build, find it, download it, and install it themselves is probably not likely to wire money to some Nigerian royal accountant who out of the goodness of his heart is going to make you a millionaire. But for each nerd who does that, there are 50 little grannies whose Dell came with Windows pre-installed. If Linux was more than 3% of the worldwide desktop market and non-computer-savvy people used Linux we'd be seeing a lot more malware aimed at Linux. And there *will* be malware that penetrates Linux - NO system is ever 100% safe. So STFU with your FUD about Windows and consider the possibility that they have the hardest market of all, a market that the open-source geeks don't seem to think is worth anything: non-techno-savvy people who just want their computers to work.

Re:Instead of protection, how about a better OS?

[QuantumG]

You're the second person to mention patches. We're not talking about individual security bugs. We're addressing the claim that Windows isn't secure by design.

Re:Instead of protection, how about a better OS?

[mmurphy000]

If somebody steals your car because you didn't lock the doors, is that the manufacturer's fault?

That would be a fine analogy if the attacker came in through an advertised feature of the program (e.g., user fails to set a password, and somebody walks by and starts using their PC).

When the attacker comes in through bugs in Windows, your vehicle analogy needs to change:

If somebody is able to disable your car from remote by exploiting bugs in your radio and engine on-board computer, is that the manufacturer's fault?

I'd say the answer is yes.

Re:Instead of protection, how about a better OS?

[CastrTroy]

First Flaw. Windows makes your initial user account as administrator by default. Secondly, if you don't use NTFS, and there's a few reasons why you may want to, such as incompatibility with other operating systems, windows won't stop programs from overwriting almost all your files with garbage.

Re:Instead of protection, how about a better OS?

Damn straight. I inherited a Windows ME for my work 'puter and it is as fast if not faster than many of the new XP machines (which I build but only do so much to keep them from getting fucked up). All this even after removing 128 of the 256 megabytes of memory for a coworker's home system (hmmm could thing I am the IT guy 'cause that kind of thing is wrong). And, yes, I run globs of programs at once, but all programs that I execute. Windows ME rocks!

Re:Instead of protection, how about a better OS?

[GaryPatterson]

That's partly true, but it's still much harder for a worm or virus to spread on OS X. It's true that there would be more attempts, and there'd probably be a few actual forms of malware for OS X out there, but the OS itself hinders their spread, not just the obscurity of it. The system doesn't allow processes the same freedom that Windows used to.

I say used to, because WinXP SP2 restricts apps a lot more than previous Win varieties. That's a good thing, and a good step for Microsoft to have taken. SP2 is full of good things for security, and I'm a big supporter of Microsoft's movements in that area.

It's not the last step though. The OS itself should be their concern, not tools such as malware utilities. That's just a band-aid solution, when in reality they need to operate.

There's a reason that there are zero viruses for OS X, and it's not as simple as security through obscurity. Even a recent cash prize for writing one has gone unclaimed. Mac users shouldn't be complacent, but OS X is very secure out of the box.

Re:Instead of protection, how about a better OS?

[QuantumG]

Sensible defaults really is something Microsoft needs to work on, but it hardly makes Windows insecure by design which is the claim people always make. As for NTFS and programs overwriting your files with garbage, what's that got to do with security and how is it any different to *nix? Sure, it'd be great if program access to the filesystem could be constrained, but I havn't seen any OS that provides this capability.

Re:Instead of protection, how about a better OS?

[CastrTroy]

Yeah, MS always has had bad default rights. Remember the default sa account in sql server up to and including 7.0. The default password was empty. What kind of system even allows blank passwords. In *nix, the default file system since the beginning, has not allowed users to overwrite everything including system files. You could overwrite files in your own user account, but the system is pretty useless if you can't do that. With FAT(32), there are absolutely no permissions on files whatsoever. Anybody can overwrite any file. Provided it's not in use. Yes, you could probably run linux on FAT(32), But either everything on the mount point would be executable, or nothing would be. Neither of these options are good.

Re:Instead of protection, how about a better OS?

[QuantumG]

The reason the prize went unclaimed is because, like most security prizes, the people running it were scumbags who kept changing the rules after they made the offer. They then pulled the offer because someone was about to win it and claimed they were responding to overwhelming public pressure. You want a virus for Mac OS X? Send me a Mac and I'll make you one. Seriously. Courier a Mac to me and I'll have it ready for you in a week. If I don't complete the task I'll courier the Mac back to you. Otherwise I get to keep the Mac. Ok?

Feel free to check my qualifications. I know what I'm talking about.

Re:Instead of protection, how about a better OS?

OK...

"I go under the nick QuantumG, previously Quantum of VLAD and I do absolutely nothing in the vx scene except possibly lurking on irc and annoying people"

Re:Instead of protection, how about a better OS?

[QuantumG]

But that's not a fair analogy because there is no computer system that can stand up to it. Yes it is Microsoft's fault, but it's also the rest of the software industry's fault because we simply don't have the ability to make secure software. Maybe oneday we will, but until then, stop dreaming.

Re:Instead of protection, how about a better OS?

[QuantumG]

vx = virus exchange. Basically stamp collecting for computer geeks.

Re:Instead of protection, how about a better OS?

[JacksBrokenCode]

Ok, and if the car came with no features, no windows, no radio, no padded seats, no radio antennae, no... and it was impossible to be stolen, would anyone want to buy it?

MS seems to run into trouble because they try to incorporate too many features. Most of the "features" are bloat for the /. community but still provide a value for Gertie Grandma. Out-of-the-box networking functionality, remote assistance, etc. "Features" that help non-nerds connect to their yahoo e-mail account that would be described by most readers of this board as security gaps.

On another note... it cracks me up that the *nix fanboys rip MS for poor security all the time and then rip them for releasing a tool to help secure their OS. MS can't even win for trying to fix its own mistakes.

Re:Instead of protection, how about a better OS?

[dotgain]

So if you win, you get to keep a Mac. And if you are, as I suspect, full of shit - you lose nothing but your own time.

Hard to ignore someone when they but their balls on the line like that...

Re:Instead of protection, how about a better OS?

[abb3w]

I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware.

Quibble: you haven't ever detected a virus or spyware. There's a lamentably large difference.

Re:Instead of protection, how about a better OS?

[ausoleil]

Try reading the comment next time.

I said that Microsoft is always having to come up with protection schemes, add-ons, etc. to secure their OS. Why not seal the kernel and execution environment? That argument is as germaine tonight as it was in 1996.

Re:Instead of protection, how about a better OS?

[dotgain]

Do you lock your car? Do you lock your house? Is that Ford's fault, the government's fault, your fault? Or is it simply because it's the smart thing to do given the fact that there are malicious people in the world?

I wondered how long it would be until I saw a stupid analogy.
A computer is not an example of something you need to "lock when you leave it" as is a car or a house. Your computer can be compromised while you're sitting at it "guarding it" as you would think.
You don't get the occasional security advisory from Ford explaining that their locks were vulnerable to a buffer overrun.
Sure you can lay the blame with those that attack us, but what's the point? They're not going to do anything about it. WE'VE got to stop them. The Users AND Microsoft. Fuck the blame, they only way you're going to be able to trust your system is if you can trust who made it.

Re:Instead of protection, how about a better OS?

[QuantumG]

A Mac Mini costs $500, you couldn't contract someone to write a virus for Windows, let alone OS-X for that much. I think I'm being more than reasonable. If I fail, you get your Mac back and you get a valuable piece of amunition in your quest to tell the world how impervious Macs are to virus attack. I'm only willing to do it because you're an idiot if you think it's hard to make a virus for a Mac. It's just a computer, like every other computer. There are viruses for other unixes, what makes you think Darwin is somehow special?

Re:Instead of protection, how about a better OS?

[StarsAreAlsoFire]

Only time I've ever had a virus scan show positive was at uni, when my room-mate ran a virus and it infected non-executable files on my network folder.

I only use online scans -- such as Trend Micro -- and those almost never.

Not only is it possible, it isn't very hard. Just make sure you are behind a firewall (a NAT is a helpful bonus), and you dodge most of those happy worms etc. Then CATCH A F(*^&ING BRAIN and don't run stupid shit off the net unless you have a good reason to trust it.

Re:Instead of protection, how about a better OS?

[QuantumG]

Why not seal the kernel and execution environment?

Because then you don't have a computer, you have a toaster. People need to install new programs and device drivers. Otherwise their general purpose computer becomes an appliance. The corporate method of security is to restrict these operations to administrators who are trusted to install software from trusted sources only. Guess what? These corporations use Windows. So what's your big plan for how to secure the operating system for people who don't have a dedicated administrator? Don't say education, because that's hardly Microsoft's problem.

Re:Instead of protection, how about a better OS?

[supabeast!]

This argument isn't lame. Sure it's possible to drastically reconfigure Microsoft's horrible default security settings to something secure, and add-on some third party products to deal with all the glaring bugs that Microsoft often fixes at a snails pace. But for Microsoft to sell antiviral/antispyware software to consumers who aren't IT professionals and don't have the time and knowledge to implement fixes all the problems caused by Microsoft's pathetic default security setup is grossly unethical. It's like a bank leaving its vault unlocked and guarded only by an unarmed guard, and then selling robbery insurance policies to customers who have valuables stored in the vault. If any other OS vendor tried this they'd be ripped apart by the press and customers would flee immediately, the only reason Microsoft can pull it off is that consumers are used to Microsoft's monopoly, and know that as long as Microsoft continues to buy off politicians in both of America's major political parties, it isn't going to change.

Re:Instead of protection, how about a better OS?

[QuantumG]

What's hard? Run software as a non-administrator. Just like you do on a linux box. People complaining about Microsoft being insecure whilst they're running untrusted apps as administrator are just brain dead.. end of story.

Re:Instead of protection, how about a better OS?

[drsmithy]

Now we have another protection racket (err, application) from Microsoft to protect us from what is ultimately Microsoft's fault: an operating system that at it's core was designed in such a way that security was an afterthought.

This made me suspicious that you had no idea what you are talking about.

Instead, why doesn't Microsoft use the principles of Occam's Razor and not let applications have direct access to the kernel?

And this confirms it. You are clueless.

Re:Instead of protection, how about a better OS?

[dotgain]

I think I'm being more than reasonable.
I don't. And you're certainly not being more than reasonable.

Two things:

• I don't want you to write a virus for a Mac, much less contract you to do so.
• When you "put your money where your mouth is", you do just that.

I'm sure we're all talking about a virus that's going to be able to transmit itself upon any unwilling user automatically. If you're thinking you're going to write some app that just deletes what it can and email it to people saying "check this out!", you lose your bet.

If you're good enough to write a virus that can do that, you don't even need one Mac. You've got thousands connected right now.

You probably are a good programmer, I'm not saying otherwise, but I don't think giving you a Mac will in turn give you the insight to crack its OS. Hell do I have to give you a Linux box so you can prove you can infect me in a week, or do you have one handy? I'm on 222.152.8.103 if you're quick!

Re:Instead of protection, how about a better OS?

[drsmithy]

The problem is, most people, even technically adapt people, are not capable of protecting themselfs from the host of worms and exploits being used out there today. the blame lies squarely on MS's shoulders.

Running a Windows machine sans viruses, worms and other malware is trivial for technically adept users.

Re:Instead of protection, how about a better OS?

[QuantumG]

Oh, I see, you don't even know what a virus is. No wonder Mac users think they are invincible.

Re:Instead of protection, how about a better OS?

[drsmithy]

You can not secure a single Windows system in the span of an hour or two...unless you have already done the work and have a pretty good custom tool kit and you know your environment.

s/Windows/Linux/

Re:Instead of protection, how about a better OS?

I have had it up to here with this response. How do you know every last Linux box in the world isn't infected RIGHT NOW? Oh, you and everybody else who runs Linux haven't DETECTED a virus? Well you know...

Re:Instead of protection, how about a better OS?

[clcobra]

The problem, Windows OS is not designed correctly. The solution, change OS End of story

Re:Instead of protection, how about a better OS?

[lordofthechia]

(Worms for Windows) exist because it is the biggest target

Bah, it's the old Cardboard box vs safe argument... It goes like this: "People who keep their valuables in cardboard boxes are at risk because everyone uses a cardboard box to keep their stuff in. If everyone kept their valuable in safes they would be equally at risk since then safe cracking would become more common place." Nobody can argue that a virus or worm couldn't be written for a Mac or Linux for that matter (just like no safe is uncrackable), what is argued though is that for an equal amount of work expended in securing your Windows machine vs securing virtually anything else you end up a lot more secure system with a non-microsoft product.

So how secure is windows by default with no user intervention? How does a Mac compare? Granted Windows 2000 and XP are a great improvement over the good ol' 9x series but c'mon? How many security products did you have to install on your PC (that it did not come with) in order to get it secured?

Windows may be the biggest target, but it's also the easiest, like breaking into a cardboard box (ok, maybe XP is more like a pressboard box...). At least with other OS's and the speed with which security patches are made available we would see the security bar raised to the point where most malicious folks would just give up while trying to break into them.

Re:Instead of protection, how about a better OS?

"Bad users will find a way to screw up any system, regardless of OS."

I think the point should be how easy it is for users to screw up a windows machine.

Proper user restrictions,which linux enjoys, makes things far simpler for anyone trying to administer their home computer.

To any M$ fanboys who want to argue with me, let your teenage cousin get on your comp for a couple of days, then you'll finally get what I'm talking about.

Re:Instead of protection, how about a better OS?

[QuantumG]

If you actually knew anything about safe cracking you might have had more luck coming up with an analogy that wasn't just rediculous. For example, you might have compared Lockwood safes to, say, Pregex safes. Lockwood safes are very easy for an experienced safe cracker to get into, whereas Pregex safes are a bitch to get into. Chances are that a sophisticated crew of thieves will easily get into a Lockwood safe on-site and run away with your jewels. Whereas if they run into a Pregex safe they're likely to try hitting it with a sledge hammer and when that doesn't work they'll either have to carry the damn thing out with them or just go home empty handed. Which is the better safe? Given infinite time and resources a Lockwood safe will win any test you want to throw at it but the largely unknown Pregex safe will actually protect your jewels from real thieves.

Re:Instead of protection, how about a better OS?

[lordofthechia]

"If you actually knew anything about safe cracking"

Why no, I'm not nor did I insunuate that I am an expert at safe cracking. Though I do believe that by making an analogy too highbrow you kinda miss the point (after all you're trying to present something in simpler terms). And let's face it Pregex and Lockwood would sound more like counties in England than safe brands to most folks.

So which safe is better in your analogy? Are you saying Pregex safes are better because they're unkown? You say that "Given infinite time and resources a Lockwood safe will win any test you want to throw at it" but you also say "Pregex safe will actually protect your jewels from real thieves." So if Pregex will protect you from real thieves (who one would assume would be the ultimate test of a safe's effectiveness) how is it that a Lockwood safe will "win any test". Great analogy if your goal is to confuse the hell out of someone!

BTW, how is a "card board box" a "rediculous" analogy for win 9x (just click cancel to log in and have access to all the files on the system!).

Re:Instead of protection, how about a better OS?

[QuantumG]

See the other thread where I ask the all wise Slashdot crowd how Windows is not designed correctly and no-one can give me a straight answer. Windows has better security than Linux. For fuck sake, it has ACLs whereas Linux does not. The fact that the vast majority of people who use Windows run everything as Administrator does not make Windows insecure. Just as everyone running programs as root on a Linux box would not make Linux insecure.

Re:Instead of protection, how about a better OS?

[QuantumG]

just click cancel to log in and have access to all the files on the system!

Uhhh, it's a PC. If the attacker has physical access you have no chance of preventing them from accessing the system.

The point of my "analogy" was to indicate that you can't make broad statements about which is more secure. That's the nature of security.
 

Re:Instead of protection, how about a better OS?

[ozmanjusri]

Sigh. No it doesn't. It lies on the people making the worms.

You're mixing up blame and responsibility. The people making the worms are to blame for the world being too hostile for Windows to be a good choice of operating systems, particularly for people who don't know much about computers.

Microsoft is responsible for making Windows secure enough so that people who don't know much about computers can use it safely in that hostile world. They're the only ones who can have resposibility. They are the only ones who have the source code.

MS have admitted responsibility - that's what all their focus on security is about. It's only the shills and astroturfers who don't get it.

Re:Instead of protection, how about a better OS?

[GaryPatterson]

I don't believe that viruses are impossible to write for OS X, just that they're harder to spread than on Windows.

There's no need to rise to a challenge I didn't set, or to jump up with your qualifications at a moment's notice.

Re:Instead of protection, how about a better OS?

No offense intended, but that's a stupid comment. Most of the posters on Slashdot ARE my teenage cousin.

Re:Instead of protection, how about a better OS?

[QuantumG]

But that has nothing to do with the operating system and everything to do with the behaviour of the people who use those systems. Mac users don't run every stupid little executable attachment they get sent. They don't download random programs off the internet and run them. They don't warez stuff, or put up with software that is DRM infested by running cracks. Linux users don't either. Hell, Amiga users don't either. It doesn't indicate anything about the security or non-security of the operating system.

Re:Instead of protection, how about a better OS?

[FireFury03]

Oh, I see, you don't even know what a virus is. No wonder Mac users think they are invincible.

Strictly speaking, a virus is a lump of code that embeds itself in a legitimate executable. When that application is executed, the viral code is loaded into memory and modifies other legitimate executable files, embedding itself in them too. Usually the infected executable works as you would expect and the viral code isn't noticable until the payload kicks in. A simple method of embedding a virus is to just append it to the end of the executable and insert a jump at the start of the program to execute the viral code before starting the legitimate application.

Under a Unix OS a virus can't spread very far unless it's executed as root since most of the executables on the system aren't writable by non-root users. And if the sysadmin wants to be more paranoid, he can mount all the filesystems the normal users have write access to as noexec. Root accounts are usually only used where absolutely necessary so the window of opportunity for huge infection is small. Also, since most stuff executes as non-root, the viral payload should only be able to damage a single user's data.

I'm fairly sure there hasn't been an actual virus written in a good few years.

Most of what the media call "viruses" are really trojans or worms (or a hibred of the two).

Trojans rely on user-stupidity and the tradition of doing most things as non-root limits the window of opportunity and the damage they can do.

Worms rely on security holes in services - Windows has a history of having more known and unpatched security holes than other operating systems. I'm afraid the "Microsoft is only targetted because there are more Microsoft systems out there" doesn't pull much weight when you compare IIS and Apache security problems - there are way more Apache servers than IIS servers out there yes IIS has a much worse security record.

I'm happy that Microsoft is starting to address the security problems but they have a long way to go - much of their software is fundamentally flawed and I despare every time I see Microsoft talking about a new malware scanner they're working on, etc. The anti-malware companies have no choice but to produce band-aid solutions to deal with the security holes, but MS is in the position of being able to fix the fundamental problems instead of producing utilities to work around them.

A good analagy would be a double-glazing company that knows full well that a slight breeze in the wrong direction will cause the windows to break because of a design flaw, but rather than fixing the flaw they just ship the windows with a free board to nail over them when it happens (with the possibility that they might start charging for that bit of wood in the future).

So whilest I'll admit that Unix type operating systems _do_ have security weaknesses, they're nowhere near as bad as Microsoft's effort.

Re:Instead of protection, how about a better OS?

[QuantumG]

We used to have a mailing list for unix virus experimentation. The order of the day was to "follow the user to root". If a user runs an application they don't trust with their user account and later does an su (or sudo) to root you should be able to aquire root privileges. Many techniques were developed to achieve this. Which brings up the biggest problem with the unix security model: the operating system enforces permissions for users, but not for programs. There have been attempts to address this in the security community. Capabilities is the biggest effort. On a desktop operating system, a security model that focuses on assigning permissions to users is absurd - there's often only one user on the system.

Re:Instead of protection, how about a better OS?

[GaryPatterson]

What? Mac users are all perfectly law-abiding software users, none of whom are given to the same behaviour as PC users?

I've used both from the very early days, seen many users of all flavours and they're just the same people, doing the same things. Mac users might like to be thought of as more enlightened, but we're just computer users.

And as for Amiga users... hm. I though *I* was on a niche platform..! I kid, I kid!

I've honestly never seen an argument like yours before. That Mac users are more secure because they're nicer people. I'm... a bit astounded.

Re:Instead of protection, how about a better OS?

[catman]

For fuck sake, it has ACLs whereas Linux does not.

What do you know that I don't?

man 5 acl

NAME
          acl - Access Control Lists

DESCRIPTION
          This manual page describes POSIX Access Control Lists, which are used to
          define more fine-grained discretionary access rights for files and direc
          tories.

It came with the vanilla install, no patching required. It's been a few years since I reconfigured and compiled a kernel, even.

I'll admit that I don't know about the design of Windows. But based on experience from my workplace, with a few interested Linux users and a few hundred uninterested Windows XP Pro users whose desktops are maintained by MS professionals, it sure looks like the Linuxes are a lot more secure.

I think it's very, very accurate to say that Running a Windows machine sans viruses, worms and other malware is trivial for technically adept users.

Running a Linux machine sans viruses, worms and other malware is trivial for even naive users, if the installation and setup was done by someone with a minimum of savvy.

Re:Instead of protection, how about a better OS?

[halleluja]

This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault. You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

But it does.

Microsoft promised security is high on their list, yet have offered no adequate solution.

Besides, your argument that most people don't copulate with Microsoft safely is weak; many MS products are targetted at common end-users with no intricate knowledge at all (proof: read any Ballmer statement).

Re:Instead of protection, how about a better OS?

[zogger]

I saw a variation on this once in meatspace. I was working a jewelry show. Up the elevator comes this security guard detail hauling a lockbox. A few minutes later, mixed in with the crowd coming in was a tiny old geezer carrying, yes, a shoebox. Both the guards and the old dude go to the same booth eventually. Inside the shoebox was 7 figures of stones, inside the lockbox with the guards was bupkis. I understand this scene gets changed a lot too (potential example, next time a young lady with a baby carriage maybe, whatever, maybe after that the stones come in with the decorative plants, etc), just the one time I saw that variation.

Re:Instead of protection, how about a better OS?

[Cro+Magnon]

Mac/Linux email clients also don't automatically run attachments. They don't hide extentions so you think a .exe is a .jpg. And though many people will type in an Admin password, that's still better than not having to type it. I agree that the Mac would get malware if it had 90% market share; no OS can protect against stupidity. But Windows is still far worse on security than those other OSs.

Re:Instead of protection, how about a better OS?

[tehshen]

It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault.

If you have to download/install/configure a virus scanner, spyware scanner, firewall, making a limited user, and changing the default settings just to make it secure, why do Microsoft keep saying that "Windows is easy to use"?

Re:Instead of protection, how about a better OS?

Those two experiments have a noticable difference in sample size. There's a difference between one person not seeing, and lots of people not seeing.

Posting A/C, because I'm busy helping with the cleanup resulting from being an increase in observer sample size. I got "lucky" when I checked a spot I normally hide an automated backup script from user attention; I wasn't expecting to find an occupant in my little cave. We've spent the last three days trying to find how and where they got in, but the package did some cleanup after itself. AV and Patch application seem to have been working — the IT guy who missed the initial pitch is damn competent — and we're about to have to increase observer set again with a commercial forensics team. We're suspecting an exploit not formally disclosed yet. =(

Re:Instead of protection, how about a better OS?

[megame]

1. Decouple the Internet Explorer/ActiveX connection...
Internet Explorer is application hosting IE ActiveX control (which is actual IE), but this is beside the point.
IE7 does this by disabling ActiveX - you can re-enable them for the ones that need these funcionalty.

2. Microsoft should do what OpenBSD did to much of their software; check to see if there are any potential buffer overflows and other security issues created from bad code and replace them with safer functions.
They did this prior to XP SP2. They also have a lots of new security checks in new C/C++ complier(s).

3. Windows should also better handle user accounts, in an almost Unix-like manner. Granted, Windows has gotten much better over the years with the "Run As..." command and more applications are aware of adminstrator and limited user account, but there are still some minor flaws that need to be fixed.
Ok - this is a hard question for Windows users - and it commes down to 'yes I do know that I should not work under Admin by my programs don't run then' - in MS perspective you can't brake 1000's of applications by forcing users to run as non-admins. So - in Vista UAP does all that Unix-like systems do+it can create false registry and filesystem so that programs which require Admin accounts can run without damaging the system.

Re:Instead of protection, how about a better OS?

[jimcooncat]

Running a Windows machine sans viruses, worms and other malware is trivial for technically adept users.

Don't plug it into a network or phone line, and don't insert any media. Be careful what you type on the keyboard. No problems.

Re:Instead of protection, how about a better OS?

[SCHecklerX]

It *IS* microsoft's fault for making this difficult to do by default. Granted, it is the application developers who today STILL don't write their apps to be multi-user aware who are mostly at fault...but how were they able to get away with that model in the first place? Microsoft standards.

Contrast this with my linux systems where ALL apps are multiuser-aware (and hence work properly) and always have been. Need an example? Ok. I can run two X11 sessions on the same box, at the same time, with the same monitor/keyboard/mouse, but from different user accounts, and all settings for each user's suite of apps is perfect. s Normally, no, you wouldn't do this (well, maybe if you share a computer and want to quickly flip to your account), but it demonstrates my point.

It's just a different philosophy that microsoft was late to adopt, and therefore many software vendors are way behind the curve, even today. This makes it very difficult to properly run a secured windows system, even though it is technically possible.

Re:Instead of protection, how about a better OS?

GNU

Re:Instead of protection, how about a better OS?

[compro01]

much of microsoft's mess is decade old good intentions. it uses the same basic OS core for both bussiness and home user use. the problem is that 99.9% of home users aren't equiped to be their own IT department. it also doesn't guess at the fact that software on a computer way be transient. it leave it up to the program to remove itself when asked, which isn't much help when the companies don't want it removed.

Re:Instead of protection, how about a better OS?

[CODiNE]

I haven't ever picked up a virus or spyware. Up until about a year or so ago, I used IE exclusively, too.

So what you're saying is you got a virus about a year ago. Because you were insecure.

The fact that you didn't get one until then is simply a matter of luck.

Re:Instead of protection, how about a better OS?

[freeweed]

I can't speak for OSX, having never used it, but OK. Write me a worm that infects my "out-of-the-box", default, no firewall in front, Linux install. I'll even set up a few different ones, say Knoppix, Ubuntu, and Red Hat 9 (hey, everyone claims Windows' issues are because it's "older", and I can't speak with authority as to a default Fedora setup these days).

Go for it. Good luck. Let me know when you've managed to infect a machine that does not, by default, listen on any network ports at all. It'd sure be fun watching you try.

See, Windows listens on many ports. Most of them, needlessly. All of them needlessly, considering a risk/benefit analysis. These options should be disabled by default, especially for home users, and only turned on WHEN DESIRED. It took Microsoft until what, 2004 (?) before they finally put a firewall in front of their machines by default. A software firewall. Potentially exploitable as well. See, a properly secured OS would just NOT LISTEN ON THESE PORTS, instead of opening them up and putting another layer of software "protecting" them.

The only way you'll ever get in to my machines is by finding a vulnerability in the network stack, and really, you'll never prevent this sort of issue, on any OS, regardless of software firewall, anti-malware software, virus scanner, or anything. Notice that we haven't seen a worm do this since Morris, because a TCP/IP stack is typically far more robust than the applications lying beneath.

Oh, and for more fun, I'll let you try this in another 10 years, and I won't patch a thing during that time. Again, short of a vulnerability in the network stack, you won't get in. On a Windows box, you have that avenue of attack, plus the firewall software, plus whatever applications are listening for network traffic.

Sometimes, things are simply more secure by design. Notice what worms have been exploiting for the past decade or so. It sure ain't buffer overflows in the TCP/IP stack.

Re:Instead of protection, how about a better OS?

[Vitriol+Angst]

That's like saying Tom DeLays proof of innocence based on how many times he has been indicted.

The repeated accusations are only a sign of repetition. Or frustration. Or a conspiracy to accuse.

So the fact that Microsoft has most of the viruses and trojans and security failures and Tom DeLay has most of the benefits of corporate donations that somehow fell into his hands is not necessarily proof of guilt.

But it isn't completely lame. Completely lame is saying "how could this be significant if people have been saying it for ten years" as if you were making a point. Now that, is completely lame.

I'm not bashing MS by comparisons to DeLay -- just the absurdity of the comment.

Re:Instead of protection, how about a better OS?

[QuantumG]

I didn't say anything about worms you cocksmoker. If you don't know the different between a worm and a virus, don't fuckin' talk about them. Jesus.

Re:Instead of protection, how about a better OS?

[Spoing]

Actually, I did not mention patches. I didn't even intend to imply patches. OK?

Annother Teling quote

[temojen]

Client Protection's aim is to 'make sure people have fewer security products'

Sounds like a monopoly practice to me.

Re:Annother Teling quote

[bill_mcgonigle]

Sounds like a monopoly practice to me.

I don't think you need the Sherman Antitrust Act to combat this'business strategy'.

Re:Annother Teling quote

[Daktaklakpak]

Client Protection's aim is to 'make sure people have fewer security products'

Maybe what he meant to say was Client Protection's aim is to 'make sure people have fewer secure products.'

Selling more bandaids is not the answer

[starfishsystems]

Yep, Microsoft made the design choices that created the problem. No doubt they'd also like to sell you the solution.

And Paul Bryan is right when he suggests that it would be a good idea to "make sure people have fewer security products". And the very best way to do that is to switch to a more secure platform. Then you don't need additional security products to solve the problems that should have been solved during platform design. Sheesh.

Re:Selling more bandaids is not the answer

[QuantumG]

What design decisions are they exactly? Can you be more specific or are you just repeating some rambling that some security "expert" you heard said.

Re:Selling more bandaids is not the answer

[starfishsystems]

What design decisions are they exactly?

Fair question, as long as it's not being used as a vehicle to express resentment toward "security experts" for a topic you can't be bothered to understand. That sort of sophistry is the refuge of the ignorant. And as the subject has received widespread attention, it's not as if your question hasn't been answered many times over.

But assuming that your question is genuine, here is a short, and by no means exhaustive, list of areas is where Microsoft falls down with respect to security:

• security of supply
• modularity
• interoperability
• containment
• least privilege
• security by default
• verifiability

Many of these factors are interrelated. When Microsoft engages in illegal monopoly practices, it has the effect of reducing the security of supply to the industry by limiting the number of competing products. It does so by deliberately breaking interoperability with competing products through a strategy which it calls "embrace and extend."

Another strategy, called "integrated innovation," likewise promotes the questionable virtues of integration at the expense of the fundamental virtue of modularity. Integration is fine for microprocessor chips, but software components are not transistors, and the software engineering problem, as Fred Brooks pointed out, is not about how to efficiently replicate such components. On the contrary, we often need to replace individual software components in order to repair security problems in their design or implementation. Modular systems are thus intrinsically more favorable to security than integrated, monolithic ones.

Independent of this effect, it's also possible to reason more effectively about security in a modular design than in a monolithic one. The analysis of security between communicating entities has been very well studied, and in a modular system this communication takes place in formally defined ways. The strongest demonstration of this capability lies, again, in how well a module interoperates with others. So when Microsoft attests in court that Internet Explorer can't be removed from Windows, it's acknowledging a basic failure to attend to modularity.

Security factors such as containment and least privilege are only possible where modularity is already well established and effectively managed. Usually these factors are what people think of as being characteristic of secure design, but they are in some sense derivative of more general security and design factors such as modularity. In any case, from all of the foregoing we can easily predict that problems will arise when bringing them late to a design, as Microsoft has characteristically tried to do.

Other critical design factors, like security by default and verifiability, require a further degree of commitment to security which Microsoft has a history of actively avoiding. I could cite many examples of these, but surely you can think of some on your own with modest effort.

Re:Selling more bandaids is not the answer

[QuantumG]

Ha! Most of your argument sounds like you're arguing for Windows, not against it. Modular vs Monolithic, hmmm, where have I heard this before.. oh yeah. Linus vs Tanenbaum.

I could cite many examples of these, but surely you can think of some on your own with modest effort.

No. And that's the specific question I asked. What part of the fundamental design of Windows is responsible for its apparent bad security? That's your claim, that the fundamental design of Windows is rotten and therefore we have to throw out the whole apple, so tell us already. Stop skirting around.

Re:Selling more bandaids is not the answer

Forgive me if I'm wrong, but here are some points that cause me some reflection:

Isn't ActiveX the most prevalent vector for remote infections of Windows boxes?

Doesn't ActiveX have to be enabled to pick up patches from Microsoft?

Wasn't IE (with ActiveX enabled by default) embeded into the Windows Operating system?

And worse, ActiveX lacks any sandboxing. Any security against attacks/abuse must be individually implemented for each control by the programer.

This is from MS own site:
An ActiveX control can be an extremely insecure way to provide a feature. Because it is a Component Object Model (COM) object, it can do anything the user can do from that computer. It can read from and write to the registry, and it has access to the local file system. From the moment a user downloads an ActiveX control, the control may be vulnerable to attack because any Web application on the Internet can repurpose it, that is, use the control for its own ends whether sincere or malicious.

I understand Microsofts need to tie the internet to the Windows platform. Bully for them. But they could have at least done some sort of sandboxing considering they own the source. I am not a security expert, but to me, the whole ActiveX fiasco seems like a rush job to get a lock-in feature out the door without any regard to consequences.

IE a crappy design.

Re:Selling more bandaids is not the answer

[AlexMax2742]

Easy example. Micorosft Windows likes to assume, for the most part, that all software is inherantly good, that it's something that you want to run on your computer. Since limited access user accounts in Windows XP are so damn limited, and you don't have a lot of control over what they can and can't do, most people don't even bother with them and run in privilaged accounts 100% of the time. Heck, it's the default, even in Windows XP, for the primary user account to be privilaged. It's like running as root 100% of the time.

On the other hand, Unix assumes that all software it out to murder your machine. It's unheard of for someone to use their system as root 100% of the time, because 99% of non-setup activities can be done as an unprivilaged user. Any potentially damaging piece of software can't spill over and harm the operating system, about the worst it can do is damage that local users data.

Because of this fundamental design philosiphy difference, it's the reason why Windows is so damn vulnerable to viruses, spyware, malware, and other nasty things. However, it's also the reason that certain tasks that were pretty simple in Windows are a major pain in the ass in Unix. An ease-of-use tradeoff for security.

On a third hand, from what I have read, operating systems like OS-X seem to marry the philosiphy of not running as a privilaged user with ease of use quite nicely.

Of course, this is only the begining. Netscape introduced us to Javascript, a way of creating dynamic content. Microsoft decided to pull a trump card and say "Hey, we will allow OUR scripting to do stuff that yours can't by tying into the windows API itself.". In a perfect world, that would be absolutely brilliant, since it would essentially turn web pages into programs. However, in our non-perfect world, does giving a web page access to vital API's seem like a good idea? At all?

It seems that Microsoft's philosiphy seems to be to put flexability over security. And of course, I mean flexability within their own product lines, not flexability as in being able to use it well on anything other than Microsoft products. A Word document can contain VBScript. A IE web page can be a virus scanner. But all of this comes at the price of security from bored teenagers or overseas malicious mega-marketing firms.

Re:Selling more bandaids is not the answer

[QuantumG]

Presumably you've heard of sudo right? Have you ever noticed how it doesn't require you to enter your password every time you use it? Before sudo aquiring root privileges when a user would su was pretty hard. In fact, it was almost as hard as exploiting a suid binary. Now it's really easy to jump to root using sudo. All you have to do is use ptrace to inject code into the user's shell in memory (in the case of GNOME running sudo, that's even easier) and then execute a malicious sudo command after the user has started their own sudo command. The credentials are good for more than one sudo so the user doesn't need to enter their password again.

So where's the rash of viruses for linux exploiting this hole? Oh, there isn't, because linux users don't actually download and run untrusted software. Therefore any argument about how linux is impervious to viruses is just stupid as there are no programs for the virus to infect.

Re:Selling more bandaids is not the answer

[QuantumG]

done some sort of sandboxing

Oh yes, I forgot the whole magic sandbox idea. ActiveX is a great example of how IE is insecure. It's a great reason to disable ActiveX for untrusted domains. It also has absolutely nothing to do with the security of Windows.

Re:Selling more bandaids is not the answer

It's a great reason to disable ActiveX for untrusted domains. It also has absolutely nothing to do with the security of Windows.

I think it does. My reasoning is that when MS intentionally embeds IE into the OS and makes the default behaviour of its ActiveX to be open and exposed, you have a glaring security issue. And according to MS, IE is at this point inseperable from the OS.

So how do you not see ActiveX's failure (security wise) as not contributing to the poor security of Windows?

Re:Selling more bandaids is not the answer

[catman]

The sudo/ptrace hole was closed a few years ago. There was another vulnerability that opened for a DOS attack, closed a month ago.

I'm no expert, but to me it looks like possible virus infection routes are closed too fast after discovery for the malware writers to exploit them. If you do know of any way to root a Linux system without local access, the Right Thing to do is publish on bugtraq, not gripe about it on /.

Re:Selling more bandaids is not the answer

You're being an asshole to people who are trying to politely answer your questions.

Re:Selling more bandaids is not the answer

[frankie]

Modular vs Monolithic, hmmm, where have I heard this before.. oh yeah. Linus vs Tanenbaum.

Intentionally trying to derail the conversation by confusing the topic is really really obnoxious. Either you're monstrously clueless or you know damn well that starfish is talking about modularity at the service/application level, where 90+% of actual system code exists.

p.s. Even in your own terms, Windows is at least as monolithic as *nix from a theoretical perspective, and substantially moreso in practice. W2MFL.

Re:Selling more bandaids is not the answer

[Vitriol+Angst]

I think it would be more honest for Microsoft to make a secure, reliable OS, and then send you notices every month to sent them $10 or you operating system will self-destruct. This would end some of the confusion and people would know what they were spending their money on. It would also save taxpayers from having to hire FBI agents to track down hackers. Just pay Microsoft their protection money, and nothing bad will happen.

The big expense is in all this wasteful pretense...
We have the best OS and you must buy it.
Customer purchases "the best OS that you just gotta have if you want the slightest chance of being employed or not made fun of at parties."
Customer gets online, gets info stolen, computer breaks and needs repair and files need to be recovered --lost work and productivity ensues.
Virus company product purchased.
Virus company bounty pays hacker to produce new variant.
Spam company pays hacker for new zombie trojan.
Customer gets online, gets info stolen, computer breaks and needs repair and files need to be recovered --lost work and productivity ensues.
Customer upgrades Virus software to "professional version" and installs firewall product/service based on the advice of an expensive consultant.
Customer has spent two weeks becoming painfully educated and feels stupid and ashamed.
Full employment is promoted.

Often, because we are squeamish about just accepting protection rackets, extortion, and graft, we waste a lot of money and energy trying to put the beard of legitimacy to the knuckles of the business entrepreneurs.

I approve of Microsoft putting virus protection companies out of business. They just shouldn't sell this product without the OS. In fact, they should sell this product as PART OF THE OS -- just like Apple.
Of course, if people had to pay $300 up front for every Windows PC just to keep it protected, they might think it wasn't as cheap a product as they were lead to believe. And if every speed test were based on computers after they were owned for 6 months and had acquired 12.3 viruses/trojans with 2.4 security packages running (or not) then people might understand about the "actual, real life" speed of computers.

Re:Selling more bandaids is not the answer

[starfishsystems]

Kind of a radical sentiment, but I find it hard to find fault with it.

Rackets like protection, extortion, and graft have a common strategy of manipulating the mark into a situation in which it appears compellingly less expensive to submit than to escape. Blackmail, drug addiction, and even domestic abuse are also subject to this sort of manipulation.

It seems that such despicable activities express a recurring potential in human relationship. There's always that risk whenever the strong are in a position to dominate the weak. We have to acknowledge that in some parts of the world, and at some periods in history, they have formed the primary basis for commerce.

But our industry is not yet in such a helpless position. We could institutionalize graft, but I think that would only be a temporary and symptomatic relief which gives the exploitation more time to invade systemically.

Take those ROI studies that Microsoft has been funding. Notice what they're really saying? It costs more to leave Microsoft than to just keep on paying the graft, as if that were an advantage. On the much superior ROI of not going along with Microsoft in the first place, they are conspicuously silent.

Re:Selling more bandaids is not the answer

[Vitriol+Angst]

"starfishsystems"
That is the main problem with Monopoly power -- it can become indistinguishable from Extortion.

Try being a startup by providing computer solutions OTHER than Microsoft. It used to be a pretty hard-sell. I don't know about the current market. But as much as I was trying to be funny, I think I hit on what was really bothering me about "Microsoft" charging for "protection". Of course, other platforms build it in -- so they have to charge.

But, at least the consumer needs to factor in a better idea of "real costs" in owning a computer. Windows PCs have a low cost of entry. However, it ends up being about $220 a month per employee at my company when you add up the network license, exchange client access, support, proxy and virus protection. Possibly a lot more than that figure that I don't know about. On the Macs, there aren't any of those fees -- except the exorbitant exchange client fee, and the MS software charge for every computer -- whether it uses MS software or not.

Re:Selling more bandaids is not the answer

[starfishsystems]

But as much as I was trying to be funny, I think I hit on what was really bothering me about "Microsoft" charging for "protection".

You might like to know that John Dvorak wrote yesterday about the Microsoft Protection Racket

So does that mean...

[mars_rover]

So does that mean it will protect mt PC from Windows Vista?

Could be ok...

[zegebbers]

It depends on how intrusive it is. If it's something like windows xp firewall that was activated in SP2, then it could be useful for lots of users who wouldn't know to install something like adaware or spybot s&d.

Re:Could be ok...

[snib]

As long as you could turn it off... if it's anything like Windows firewall, I will certainly be turning it off. Microsoft themselves said that Windows firewall is mid-grade at best and they suggested a third-party one.

So...

[nemik]

So which distro will it be?

Links?

[OneByteOff]

Anyone have any "Official" links, I can't find anything on Microsoft's site, MSDN Subscriber Downloads or via Google.

At this point I call bull, especially since if it was a Microsoft announcement it would be easy to find. . .

I sure hope it's not another Cow!

[ackthpt]

That Anti-Spyware thing is a mother of a memory and CPU hog. Also a real drag on startup.

I have to wonder, if anything Microsoft creates really is just insanely resource dependent because they don't know any other way.

"We defeat spyware by using up all the available memory and denying it resources!"

Re:I sure hope it's not another Cow!

[BCW2]

Tried M$ anti-spy for about 2 months, since I'm a tech at a white box store I'm always looking for better tools. It's junk that I now remove from customers computers, Ad-Aware and Spybot are still better. As for M$ products being memory hogs, I didn't know that anyone in Redmond could even spell memory management, much less do something about it. Hell 90% of all Windows crashes from 3.0 - 98 can be traced to the never fixed, sub-moronic 1MB memory limit in DOS.

Re:I sure hope it's not another Cow!

[King_TJ]

Well, before you go bashing Microsoft on this one, it's worth noting that "MS Anti-Spyware" is actually just a product purchased from Giant Software, and re-branded with the Microsoft logo. Giant Anti-Spyware was highly rated as being an effective "one stop removal tool" for viruses in corporate settings - and not long after it was release as version 1.0, Microsoft bought it from them.

(There's actually a strange licensing deal going on with the product too, because apparently, Sunbelt Software already licensed a version of Giant Anti-Spyware that can grab update signatures from a central server on a corporate network and allows centralized administration. So right now, Microsoft holds all the rights to the original single-workstation version, while Sunbelt holds the network/corporate LAN version rights. But once Sunbelt's license expires, who knows if they'll be able to do anything further with the product, or if Microsoft will just force them to discontinue selling it? Right now, Sunbelt's product has to download updates from the same server the MS Anti-Spyware uses.....)

But in any case, this product in it's current incarnation has practically no Microsoft developers' code in it.

MS Protection Utility == Malware?

[Eternal+Vigilance]

I thought the headline meant that MS was shipping another "Protection Utility" that was, in reality, malware.

And my response to that was "This is news?" :->


"Evil men obsessed with ambition and unburdened by conscience must be taken very seriously" - George W. Bush

Define: Malware

[Paraplex]

Hopefully MS can rid my computer of any that nasty questionable software, backup DVD or CD data or anything the FBI doesn't approve of.

Re:Define: Malware

you mean, anything your corporate masters dont approve of?

Cutting to the Core

[ackthpt]

Instead of protection, how about a better OS?

You could simply have summed it up as "Better Development Practices"

Many of the loopholes are left between divisions, which get along with considerable friction. There was supposed to be, as part of the Trusted Computing initiative, a real effort underway to get department heads to work better together. Who knows how successful that's been. Seems I already saw something about Vista worms or virii already making the rounds. If true then these people really are a bunch of crackpots.

Re:Cutting to the Core

[Hey+Pope+Felcher+.+.]

. . . please stop spreading FUD.

Vista worms/virii were an example of a conceptual virus on a beta command shell for a beta OS.

The words potential, and beta strike me as interesting concepts.

Re:Cutting to the Core

[YU+Nicks+NE+Way]

They weren't even worms, unless all shell scripts are a worm. The whole thing was purer FUD than you even realized.

Literally, these "viruses" were the equivalent of

#!/bin/sh
cd /
/bin/rm -rf .

Re:Cutting to the Core

[Bad+D.N.A.]

"The whole thing was purer FUD than you even realized."

Perhaps, but is FUD the right term?

How do these things start in the first place?

My guess is that they all begin from a heuristic point of view and then those that show promise get developed.

Re:Cutting to the Core

[YU+Nicks+NE+Way]

In this case, the "virus" was a shell script which...functioned as a shell script. Calling that a virus is FUD.

Misread....

[tktk]

Heh,

Malware Protection Utility was misread as Malware Production Facility.

My mistake.

Re:Misread....

[BCW2]

You mean that Windows isn't malware?

...that includes

[grumpyman]

Mozilla, opera, firefox, apache, tomcat...etc. Java will be removed and replaced by ActiveX-based emulation.

Propaganda or Topic for Discussion?

[Anti-Trend]

This isn't trolling or trying to start a flame-war (intentionally anyway), but an honest observation about the current topic. I'm honestly not sure to think about /. anymore. It seems that I see more and more "C'mon guys, MS isn't that bad, really!" stories all the time (and follow it up with a little anti-*nix FUD). Frankly, I'm getting pretty sick of it. Most of us here are professional IT or IS guys, and we know MS all too well. Some of us even have some *nix experience to help contrast MS from, IMHO, how a multi-user OS should be built. Anyway, am I the only way who feels this way or what?

-AT

Re:Propaganda or Topic for Discussion?

If you take slashdot at all seriously then you are a fool. Slashdot is hated by most decent tech forums for the simple reason that is has always been full of uninformed and arrogant loudmouths, brainless zealots and outright trolls. Hell, at one of the better tech forums that I frequent, trolls and zealots there are often told to "go back to slashdot!" That says something about how much of the world views slashdot.

The only reason to visit slashdot nowadays is to read it at -1 and have fun trolling the zealots. Really, I don't know how you can take slashdot at all seriously. This place is really no different then a million AOL hosted forums.

Re:Propaganda or Topic for Discussion?

---------
"This place is really no different then a million AOL hosted forums."
---------

Here is my version of why you come here.

You are a rightwing ideologist who likes to whine about welfare and how hard you work to support them (as if no one else works). Anything that remotely strikes you as community based is automatic grounds to be jumbled into what you vaguely define as un-American, subversive or pinko. You think like this because you live in guilt and if you don't have enemies your life becomes an excercise in futility.

      Even the lowest of the alleged low have a say here and that just doesn't sit well with your elitest viewpoint. Slashdotters and open source types may not be the best communicators-- but in the end they know their stuff. You know this-- so no matter what you like to whine about as your morality du jour-- it is superceded by your interest of the amazing level of USEFUL intellect that inhabits this little corner of cyberspace.

    If not-- there are a million other channels for you to tune into and preach the genius of "Atlas Shrugged". Personally I think Wales and Greenspan does if much better service than yourself.

Have I got a deal for you!

[M00NIE]

Hi, my name is Joe Blo and I'm selling the most whizbang awesome bowl you EVER saw complete with a sparkling handle, twirligig, whistle for those of you who like music, buttons, knobs and switches for only $32693.99

But wait, there's more! Act fast and for only another $292.99 I'll throw in the bottom part so your bowl will actually hold something! (no warranty is given on "bowlsealer add-in®" product - void where prohibited)

Buy now and I'll throw in the installation free!

Knowledge and Understanding

[telstar]

Knowledge and Understanding doesn't imply that they've got secret hooks that they're using. Let's face it ... if you build something, you probably know it better than anyone else, including what's good and what's bad ... and where potential problem-spots are. I don't think it's too far fetched to assume that Microsoft is likely to have a better understanding of their software since they created it. It's just the way it is.

That's not to say that other firms haven't taken steps beyond where Microsoft has traditionally gone in order to sell products to secure Windows ... certainly many have, and will continue to do so.

Re:Knowledge and Understanding

[oldgeezer1954]

"what's good and what's bad ... and where potential problem-spots are. "

Then why don't they fix them instead of ripping consumers off for more money.

Re:Knowledge and Understanding

[timmarhy]

they have a better understanding because it's closed source and no fucker is allowed to see it or disclose anything about it. period

Obligitory

[mrwiggly]

The idea that Bill Gates has appeared like a knight in shining armour to lead all customers out of a mire of technological chaos neatly ignores the fact that it was he who, by peddling second-rate technology, led them into it in the first place.

Douglas Adams

What?

[eosp]

Didn't we already have this in the form of the "deltree" utility? Oh yeah, they took that out.

Re:What?

[George+Beech]

nah, they just took it out, try rmdir /s/y C:\
just as fun

Was I the only one...

[Mr.+Mikey]

who glanced at the title and saw "Microsoft to Ship New Malware"... and didn't find the title unusual or remarkable?

...new Malware Protection

[Fantasio]

An offer you cannot refuse !
( ....visions of Ballmer as the Godfather )

Finally!

We have a menu entry Start -> Uninstall Windows ?

Colonectomy

[Doc+Ruby]

I think you mispunctuated "Microsoft to Ship New Malware : Protection Utility".

Don't you mean...

[game+kid]

"I'm gonna make an offer you can't refuse!!! Woo! I LOOOVE THIIIS COOMPANYYYEEE!!1!oneplusetotheipi "

"Microsoft to Ship New Malware Protection Utility"

What, are they shipping a CD that uninstalls Windows?

*ducks, sees my karma going down the drain*

Scary title

Why the hell would I want a utility that protects malware? That's just so Microsoft...

Offers of protection ?

[Pop69]

Don't those usually draw charges under your RICO Act ?

And yet another one...

[Poltras]

Give them the monopoly. It's just sincerely fair to only and solely use Microsoft products on Microsoft Windows computers, since:

Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have.

right! right?

Anti-trust or Anti-MS

[ninja_pirate]

I'm sure this latest offering by MS will bring out cries of "MONOPOLY!!", but you gotta give the guys some slack. Die-hard linux geeks always point out Window's utter lack of anything useful pre-installed, but when Microsoft tries to add value to their OS, everyone is quick to point out that Microsoft is trying to muscle competitors out of its business.

Introduced !

I call Bull,

It is not Introduced, it is announced...there is a big difference, according to this site http://www.microsoft.com/athome/security/spyware/s oftware/enterprise/default.mspx it is not available until later this year/next year

I know it's early...

[brouski]

46 replies as of this post, a good 75% look to be the same trollific MS bashing that passes for wit on /. these days.

Re:I know it's early...

You are new here, aren't you?

Genius!

[Douglas+Simmons]

Put yourself in the eyes of Joe Cubicle or look at it from the perspective of your typical housewife. Mal/*ware invade your machine nonstop, but odds are, as you have no idea what an OS is (let alone alternatives), your anger is directed at the virus writers, not MS. Or, and I see this all the time, when the crap piles up and your system slows down because you're running ninety programs on boot up, you do not realize that your processor still crunches math at the same rate it did when you bought the computer; instead you just toss your box out and be a good consumer and buy a fresh box. Intel's gotta be giving MS some kickbacks.

So, given that it is the hacker who is demonized for costing businesses billions and not the shitty programming, Microsoft can actually get away with selling virus protection programs, directing people to partners' sites who sell anti virus ware, or in this case bundling it with their next OS and marketing the software with the edge of having this high security from the evil doers. The whole deal works out great for the chip makers, the programmers, earnings reports, and of course the gross domestic product. This is capitalism at its best my friends. One more thing I gotta say, get your net install iso of debian (i386 arch)here.

Re:Genius!

[Ziviyr]

MEPIS is an easier install for the "oh, the hardware is still fine?" crowd.

Don't forget to try out knoppix on a boot-off-of-cd-only basis if you're system is just fine for now. You might need it later to recover files from an unbootable windows.

Re:Genius!

[IWantMoreSpamPlease]

I'm not so sure-

I do IT work, have for the past 6+ years. In the past year or so, I've started to see people, who, once infected, start asking if there are alternatives where "crap like this doesn't exist"

It is slow to start, but every revolution must have a beginning.

And don't forget, coming to a desktop near you:

Solaris: not yet distributed by google.

Why not make it part of AntiSpyware?

[snib]

Why can't they just make one tool that protects against spyware, malware, viruses, etc. so the average home user doesn't have to concern themselves with it? That's not to say force it with the OS, but make it one program instead of having two or three running at once (God knows antispyware is a resource hog on its own..)

How about...

Microsoft shipping a version of Windows that isn't security broken by design? How about a version of Windows designed for a secure environment rather than an advertising platform?

Oh the Irony...

Shouldn't they fix the holes that lets malware/viruses in before selling us a product to do just that? It's like, you ask for cheddar, and they give you swiss, but for a few dollars more they'll throw in some extra curds and some yellow food coloring...

This leaves a bad taste in my mouth.

Am I alone?

[stemcell]

Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden

Am I the only person who wishes that they would hide some of their flaws. Maybe the ones that let people delete all my stuff!

Question

Microsoft introduced on Thursday a new program called Client Protection that will help to combat viruses, maiware and spyware in the corporate environment.

What is maiware?

Malware.

[bejiitas_wrath]

It is so easy to put malware on a Windows machine. I do not know how they will fix it.

Windows Longhorn is supposed to fix the problem, but if the system directories where readable & writable only by the Administrator, like with Debian, then it would be more secure.

You only need to put a trojan in a fake download and you can get the Windows users easily. They are so stupid, they click and download any cool software wherever from. They are so stupid. Windows needs Linux styled security, since the users of Windows cannot be trusted to look after the security of their own machines.

Let me get this straight

Microsoft now wants to charge people for protection against the security holes that Microsoft put in the product in the first place? Suuuuuuure... that will give them a real incentive to fix the problem for all the customers who aren't paying extra! "Trusted Computing" indeed!

Microsoft to ship...

[atomic-penguin]

Microsoft to ship new Malware Production Utility, codename Vista.

Vista, Microsoft's innovative new Malware Production Utility, allows partners and advertisers to easily create Malware with their "easy to use" software development toolkit and utilities.

Vista is guaranteed to provide you with a lower standard of security, and the slow system response you have come to expect from the Microsoft product line. Microsoft claims Vista will increase your chances of a "sensitive information leak", while providing the end user with a lower Total Cost of Ownership (TCO) than Linux. Microsoft expects Vista will be ready for production, and will begin shipping August 2010.

As much as y'all love to throw rocks at MS,

[museumpeace]

you ought to wait and see what they throw at themselves. Yes, they know their internals better than symantec, MacAfee etc etc and yes, they know what those internals will be 4 years from now. But given the way Microsoft has of leaving holes, if not doorways, in what should be functional partitions between operating system kernal, applications, communications stacks, languages, debug/development environments and user privelege management, I would bet ANY solutuion that really worked better than the confederation of antivirus and antispyware I now run would either add complexity to the the user's experience or reduce some of the functionality that was based on execution that could jump through those holes and doors.
Go ahead Microsoft, impress me.
We just have to see their product. [and yes, it I too see it as a way to reduce market share for AV vendors.]

Re:As much as y'all love to throw rocks at MS,

[ravind]

I've seen the MS AntiSpyware, and even though it's still in beta (looks like they're learning from Google) it works well enough to impress me.

Re:As much as y'all love to throw rocks at MS,

[suman28]

That's because you have forgotten that they purchased one of the best anti-spyware company on the market (Giant) and slapped their name on it. How soon we forget.

What does Bill Gates Dad have to do with this?

[hackwrench]

You do realize that the Bill Gates of Microsoft is Bill Gates III, don't you?

Re:What does Bill Gates Dad have to do with this?

[qzulla]

Sure. And the point is????

qz

Re:What does Bill Gates Dad have to do with this?

Strike III?

*shrug*

No no it's correct

[commodoresloat]

This is a utility that protects malware from virus scanners and the like.

Welcome, New /. Overlords!

[BattleHawk]

Have you ever considered that maybe, just maybe, Slashdot is going to be acquired by Microsoft?

That is before it get's Google'ized!

I, for one, welcome our new /. overlords!

I didn't care for the old /. bias in favour of *nix.

I think an honest forum with both pro and con is a benefit to all parties.

More Software Deals...

[michaelzhao]

I hope Microsoft will not strike further deals with Spyware companies. The regular Microsoft Anti-Spyware actually excludes a certains spyware (I cannot remember the name) because the spyware company struck a deal with Microsoft to not include the software in the scan.

Microsoft will probably not be so brazen as to sign deals with Malware companies in their corporate software.

Bandaids have their use

[ravind]

They stop the immediate bleeding.

There is an immediate problem that needs an immediate solution. If you want to tell your customers to just deal with the spyware while you design the next generation, secure by design, operating system, then I'd love to see how long you stay in business.

Unwinnable Situation

[ytsejammer]

The entire thing is a catch 22.

On one hand, you have an easy to use OS that is prone to malware and spyware when not administered correctly.

On the other hand, you have an OS with a higher learning curve that is less prone to malware and spyware, but that requires the same level of expertise as it does to keep a Windows system free of the garbage that can easily plague a system.

In either case, it is up to the user to be more knowledgable about the product their using. I'm not going to pretend that I don't use Windows, but I can honestly say that in the year and a half since I last formatted, I still have yet to find any spyware, malware, or virii hiding on my system ... my system tray is still as bare bones as it was after installing Windows ... and, my computer still runs just as well and as fast as it did after reformatting. Now, with a CS degree, I consider myself slightly more knowledgable than the average user, but this doesn't negate the fact that it is possible to run Windows without compromising your system. You just have to have a clue as to what you're doing and know better than to visit questionable sites and click 'yes' to every dialog box that pops up and wants to install 'XXX Dialer' on your system.

I don't know if there is an easy solution, other than to make Linux or OSX or another more secure operating system more simple to use - and you can go ahead and tell me that your Grandmother runs Linux and has no problems, but the ordinary computer user is looking for more than a glorified Internet/Email machine.

Could Windows be more secure? Yes. Definitely.

Could Linux be easier to use? Yes, and just as equally so.

Re:Unwinnable Situation

[kf6auf]

I don't know if there is an easy solution, other than to make Linux or OSX or another more secure operating system more simple to use - and you can go ahead and tell me that your Grandmother runs Linux and has no problems, but the ordinary computer user is looking for more than a glorified Internet/Email machine.

OS X is simple to use; the reason it hasn't become more widespread is the (seemingly - depending on what you want) more expensive hardware.

Could Windows be more secure? Yes. Definitely.
Could Linux be easier to use? Yes, and just as equally so.

Is Windows becoming more secure? I'm not really sure; SP2 is better, but no better than a $20 firewall.
Is Linux becoming easier to use? Linux is leaps and bounds ahead of where it was three years ago and still improving.

Re:Unwinnable Situation

[Pecisk]

First your argument is fallancy itself - because there is example that operational system for easy to use, done right, could be cause of much less security problems. And guess what - it is NOT Linux (yet, but it is getting there), but OS X. I working on it in my work and believe me - it is no brainer to ask user his password to install any software. It doesn't install anything automaticly, but it is so easy to use that when I have to use Windows, I think...no way I can do this to myself.

I'm not Windows basher, I don't care about Microsoft for some 4 years already, but please get your facts right - it is NOT catch 22. Microsoft have blew Windows design for security for last ten years and only with Windows Server 2003 it got it right. So, no excuses.

M$ now software reviewer???

[goarilla]

so ms is now gonna say to users whats good and whats evil???
god damn it man if there is somebody they r really good at it is selling bullshit so if M$ Vista says dc++ is bad software most [users] will deleat them, if it says firefox is bad most [users] will delete them. This maybe sounds a lil bit foolish but i have friends with only one PC at their house the so called family PC. Where mother and father will believe all the things the operating system MS wil say to them thus that would ultimately leave my friend without one decent app coz daddie told him it attracts spyware and bring viruses in the home!

just like the mafia

[spir0]

Isn't this what the mafia did? Beat people up, have their businesses burned down, and then offer protection for a 'moderate' fee..

1. Beat people up
2. Offer them protection from bullies
3. Profit!

And in related news...

[slashname3]

In a related news story a small number of early adopters of Microsofts new malware protecton utility reported problems installing something called grub on some systems. The vast majority of users reported initial confusion with new menus and utilities being loaded on their systems. The renaming of Word to oowriter probably caused the most confusion. Most users were already familiar with Firefox having switched to this more secure browser in the past from Internet Explorer.

Rumors are that the new malware protection utility may actually be based on linux. This is seen as a surprising move by Microsoft since linux was long considered an upstart rival to Microsoft.

Early reports are that systems using the new malware protection utility indicate that systems are more secure and require fewer reboots.

A Malware Detector on Windows...

[ozTravman]

Hmm I wonder what a Windows Malware detector scan will reveal.. Malware Detected: Microsoft Windows Microsoft Office Microsoft Internet Explorer Please please the repair button to format the hard drive and install Linux.

TCO Not Mentioned Much Anymore....

[Thunderbird1]

Is it just me? Or has there been less mention of TCO between MS v Linux...

Selling suckers the disease and the cure

Why don't they just suck it up and fucking rewrite Windows from the ground up to not be such a Mickey Mouse piece of non-secure shit?

I mean, really.

Linux is shit

You mean install linux, the biggest piece of shit software for the desktop?

Yah, linux is so much better. There is a good reason why they have 1% of the desktop market. When it takes an hour just to get mp3s working you have a perfect OS. Or have to enter the command line just to access windows files. Not to mention nothing is intuitive. I want to change something on an icon so I right click on it in linux and what happens? Nothing.

Linux is 10 years behind XP. Just give up and go to apple already, you're never going to catch up.

Call it what it is -

[Itsik]

Protection money. The last time I heard mob members were arrested for these practices.

what's wrong w/ this picture?

"Responding to concerns that it was stepping on its partners toes, Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden." So MS was aware of further methods to enhance security that 3rd party security application developers perhaps could have used, and MS didn't share that info or do anything about it...until now? Only now, just as their competing (read: not free) security application is about to hit the market? I guess MS's customers (users), the ones that suffer security exploits by using Windows, don't count when it comes to the greater glory of MS product positioning strategies.

hey buddy!

Sure is a nice computer you got here. Wouldn't want anything - bad - to happen to it, now would we?

I tell you what, I like you. For a modest sum we'll make sure nothing bad happens, like this!

(sober, mydoom)

You capice?

*slap slap* good.

TRUST M$.....Right

I would not want to let M$ secure my machine; I do not trust them; with third party security software at least I know that I can block M$ from calling home without my knowing of it. An attacker would just need to hide as a M$ process that has network rights to get through the defense. Rootkit anyone? I want to know about any traffic which is going out of my machine even if it is M$ calling home to do something supposedly good for my machine.
After all their history of poor security why should we think they can get it right now?

new malware protection

[Squigley]

Would it happen to be called Firefox? That product seems to stop most malware I find.

Great business plan

[HangingChad]

1. Create largely insecure OS product
2. Sell customers "value added" security tool
3. Profit!!!!

I think all this demonstrates is that to MSFT you're not just a customer, you're a revenue stream! And MSFT users just keep taking it. It's amazing.

Re:Great business plan

[chrisnewbie]

That should not be the main concern. The main concern is them buying known ad company and removing them from their anti-spam list or other security programs.

But i guess it can happen in any anti-spam or removal tool. There's always someone there to pay extra money so they can be removed from the list. So is there a really good one out there?

sidestep the problem

[pixel+fairy]

run the windows network behind a linux box without a default route(so they cant talk to anything outside the local network).

anyone who wants to access the internet can run apps off the linux box with X11. make an alias to a bat file on the users desktop for the icon, (you can set properties and change the icons on an alias, as opposed to the bat file itself) they click on the big blue 'e' and they dont need to know that firefox is actually running from a differnt machine and only displaying in front of them.

ive been doing this recently in various ways, usually involving ssh (putty or openssh). a few years ago it was with just the ssh and xfree86 that came with cygwin. there are many X servers for windows, ill let you figure out which X server you like. putty is actually kinda slow (but otherwise, great), all the openssh for windows projects i see are repackaged bundles of cygwin, but they work.

and, of course, theres NX...

the easiest way to do sound is simply plug the speakers into the linux box. i guess you could use esd (theres a java one and the NX one, see above) or some similar noise redirector but so far, no ones asked for noise, and speakers in the linux box work fine for my own use, so i havent really looked into it.

if you want to make uploads/downloads easy, just use samba to make a shared folder.

the included openssh and X11 on a mac way outperforms any X server ive tried on windows, even the big apps feel local over ssh over wifi(802.11g).

of course, this is for "knowledge worker" offices and the like. its the last thing youd want in a design / fx / game studio for example. users in such environments tend to take care of themselves anyway.

but for networks where this does work, security is pretty tight...

laptops

[pixel+fairy]

laptops are still an issue...

Maiware?

[Vila,+Bob]

Surprised it's made it this far without the proofreading community commenting on maiware.

amiguity

[sgt+scrub]

"a new program called Client Protection"

And, I've already been asked if this will run on Linux.

Which Brings Up An Important Question

[EXTomar]

Bad users will find a way to screw up any system, regardless of OS.

Isn't this the fault of the engineering in the product then? If this was "something else", like a manufactured product, we'd be screaming blood murder that the part failed due to bad engineering. A properly engineered thing takes into account, as much as feasibly possible, the ways it will be stressed and abused to make it as robust as possible. People buy manufactured things assuming most of the time it is going "to work until it is broken". But not on Windows! We assume the brokenness is built in. In fact we plan on it by buying up all of these security products. What in the world??! How did we end up here?!?

What a loopy situation: We as consumers are happily buying something that is expected to not work as described. Why can't Microsoft engineer Windows to be far more fault tollerant? Heck why are we even assuming they can build a security product if they can't make Windows more fault tollerant??

Abuse is knowingly using the system in a way that is destructive. If someone accidently clicks a link in an email and downloads who knows what, that is not abuse unless anyone wants to show how "click links" is outside the normal course of actions on a modern desktop OS. So why is this the user's fault instead of Microsofts?

We know what to do....

[Shotgun]

Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system'

Then why the hell do that make it so easy for the typical user to get owned? "We know how to defend against all this virus stuff, we've just chosen not to." What kind of foolish admittance of felonious lack of due diligence is THAT?!

For the 20year sysadmins trying to do damage control and convince us how secure this glorified interrupt handler is, I said TYPICAL user.

Their current protection utility

[sheddd]

Could use some work

But they've has this for years...

[Autonomous+Crowhard]

It's called fdisk.

I'm just quoting what you said

[freeweed]

Worms exist for Windows not because it is more or less insecure than anything else. They exist because it is the biggest target and therefore people put more time into figuring out how to attack it. ... If some flavour of Linux were the #1 operating system we'd see more worms for it.

Your words. Worms. W. O. R. M. S. You claimed Windows has worms because it's more popular, I refuted this claim.

And calling people a "cocksmoker", whatever that means, is surely a way to pretty much destroy any credibility as a professional you may be trying to claim here. Next time try actually attempting to answer the argument.

Re:I'm just quoting what you said

[QuantumG]

Oh, sorry, I thought you were replying to another post. Yes, ok, I retract that statement. Worms exist for Microsoft products because they're crap riddled messes of hammered shit. BTW, I aint claiming to be a credible professional, although I am. My comments on Slashdot are part of my recreation, not my job.