Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Ship New Malware Protection Utility

Posted by CowboyNeal on from the those-who-know-it-best dept.

LadyDarth writes "Microsoft introduced on Thursday a new program called Client Protection that will help to combat viruses, maiware and spyware in the corporate environment. Paul Bryan, product management director in the enterprise security division at Microsoft, said in an interview with BetaNews Wednesday night that Client Protection's aim is to 'make sure people have fewer security products' to concern themselves with. Responding to concerns that it was stepping on its partners toes, Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden."

19 of 226 comments (clear)

  1. I thought by oldgeezer1954 · · Score: 4, Insightful

    They were supposed to document all api's and make them available. Anyone think he's referring to something else besides hidden api's?

  2. More MS software? by sedyn · · Score: 2, Insightful

    Great, more microsoft software that people can exploit.

    (of course, I am making assumptions based on the premise that it will be connected to the 'net for updates)

    --
    Am I open minded towards open source, or closed minded towards closed source?
  3. Instead of protection, how about a better OS? by ausoleil · · Score: 3, Insightful

    Love them or hate them, a Microsoft OS is at best a Rube Goldberg device of an operating system. I think that is one of the reasons why MS OS's slow to a crawl after a period of time, or at least seem to.

    Look at the average Windows system that has not had a rebuild in a year or more. More than likely, the system tray at the right stretches halfway across the screen when it is expanded. There's virus protection, a personal firewall, spam protection, etc. etc. etc.

    Now we have another protection racket (err, application) from Microsoft to protect us from what is ultimately Microsoft's fault: an operating system that at it's core was designed in such a way that security was an afterthought.

    So, we have words of Microsoft's plans to have more protected kernel. Of course, because it is Microsoft, that means you will need to use Microsoft's apps, or their approved vendors, Microsoft approved hardware, etc. etc. Trusted computing? Sure -- Microsoft can trust you to fill their profit stream after you install their secure OS.

    Instead, why doesn't Microsoft use the principles of Occam's Razor and not let applications have direct access to the kernel? Why not have an equivilant of chroot that works well? Why, at the core, give so many holes for applications, good or bad, to wreak havoc on your computer?

    Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

    1. Re:Instead of protection, how about a better OS? by QuantumG · · Score: 5, Insightful

      This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault. You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

      --
      How we know is more important than what we know.
    2. Re:Instead of protection, how about a better OS? by DrEldarion · · Score: 5, Insightful

      Agreed! I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware. Up until about a year or so ago, I used IE exclusively, too. Use your computer intelligently, and you shouldn't have problems.

      Bad users will find a way to screw up any system, regardless of OS. (Barring, say, a C64)

    3. Re:Instead of protection, how about a better OS? by linguae · · Score: 3, Insightful
      Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

      I love *nix (and BSD, too), but there are ways that Microsoft can make a secure operating system without switching its kernel to a BSD kernel. (Note I left Linux out; there is no way Microsoft is ever going to base their flagship product on GPL'd software). Here are some ways that they can do that:

      1. Decouple the Internet Explorer/ActiveX connection. Internet Explorer would be much like Konqueror on KDE if it didn't have that insecure ActiveX giving malware access to the machine.
      2. Microsoft should do what OpenBSD did to much of their software; check to see if there are any potential buffer overflows and other security issues created from bad code and replace them with safer functions. OpenBSD created strlcat() and strlcpy() to replace the insecure strcat() and strcpy() functions in C, for example. Removing all of these insecure stuff from their software will help a lot.
      3. Windows should also better handle user accounts, in an almost Unix-like manner. Granted, Windows has gotten much better over the years with the "Run As..." command and more applications are aware of adminstrator and limited user account, but there are still some minor flaws that need to be fixed.

      I don't think Windows needs a new kernel. I just think that all of its APIs, programs, and functionality should be secured, and very insecure things (like ActiveX) should be removed.

    4. Re:Instead of protection, how about a better OS? by mmurphy000 · · Score: 2, Insightful
      If somebody steals your car because you didn't lock the doors, is that the manufacturer's fault?

      That would be a fine analogy if the attacker came in through an advertised feature of the program (e.g., user fails to set a password, and somebody walks by and starts using their PC).

      When the attacker comes in through bugs in Windows, your vehicle analogy needs to change:

      If somebody is able to disable your car from remote by exploiting bugs in your radio and engine on-board computer, is that the manufacturer's fault?

      I'd say the answer is yes.

      --
      The Busy Coder's Guide to Android Development
    5. Re:Instead of protection, how about a better OS? by abb3w · · Score: 1, Insightful
      I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware.

      Quibble: you haven't ever detected a virus or spyware. There's a lamentably large difference.

      --
      //Information does not want to be free; it wants to breed.
    6. Re:Instead of protection, how about a better OS? by drsmithy · · Score: 3, Insightful
      The problem is, most people, even technically adapt people, are not capable of protecting themselfs from the host of worms and exploits being used out there today. the blame lies squarely on MS's shoulders.

      Running a Windows machine sans viruses, worms and other malware is trivial for technically adept users.

    7. Re:Instead of protection, how about a better OS? by lordofthechia · · Score: 2, Insightful

      (Worms for Windows) exist because it is the biggest target

      Bah, it's the old Cardboard box vs safe argument... It goes like this: "People who keep their valuables in cardboard boxes are at risk because everyone uses a cardboard box to keep their stuff in. If everyone kept their valuable in safes they would be equally at risk since then safe cracking would become more common place." Nobody can argue that a virus or worm couldn't be written for a Mac or Linux for that matter (just like no safe is uncrackable), what is argued though is that for an equal amount of work expended in securing your Windows machine vs securing virtually anything else you end up a lot more secure system with a non-microsoft product.

      So how secure is windows by default with no user intervention? How does a Mac compare? Granted Windows 2000 and XP are a great improvement over the good ol' 9x series but c'mon? How many security products did you have to install on your PC (that it did not come with) in order to get it secured?

      Windows may be the biggest target, but it's also the easiest, like breaking into a cardboard box (ok, maybe XP is more like a pressboard box...). At least with other OS's and the speed with which security patches are made available we would see the security bar raised to the point where most malicious folks would just give up while trying to break into them.

      --
      Georgia Tech, the leader in Chia(tm) technology.
  4. Selling more bandaids is not the answer by starfishsystems · · Score: 4, Insightful
    Yep, Microsoft made the design choices that created the problem. No doubt they'd also like to sell you the solution.

    And Paul Bryan is right when he suggests that it would be a good idea to "make sure people have fewer security products". And the very best way to do that is to switch to a more secure platform. Then you don't need additional security products to solve the problems that should have been solved during platform design. Sheesh.

    --
    Parity: What to do when the weekend comes.
  5. Could be ok... by zegebbers · · Score: 1, Insightful

    It depends on how intrusive it is. If it's something like windows xp firewall that was activated in SP2, then it could be useful for lots of users who wouldn't know to install something like adaware or spybot s&d.

    --
    Unpretentious Sydney reviews by unqualified Sydney reviewers
  6. Re:Always with the bad grammar by Carnildo · · Score: 2, Insightful

    Sort of like the malicious Software Removal Tool they've been sending out via Windows Update?

    --
    "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
  7. Re:can't make up his mind by Antique+Geekmeister · · Score: 2, Insightful

    What Microsoft knows that no one else does is their future development plans. They can pre-develop security software to cope with the latest MS Office or .NET security stupidity, such as the way both of them auto-execute things now, and stop wasting time on developing utilities for features they are about to discard.

  8. Genius! by Douglas+Simmons · · Score: 3, Insightful
    Put yourself in the eyes of Joe Cubicle or look at it from the perspective of your typical housewife. Mal/*ware invade your machine nonstop, but odds are, as you have no idea what an OS is (let alone alternatives), your anger is directed at the virus writers, not MS. Or, and I see this all the time, when the crap piles up and your system slows down because you're running ninety programs on boot up, you do not realize that your processor still crunches math at the same rate it did when you bought the computer; instead you just toss your box out and be a good consumer and buy a fresh box. Intel's gotta be giving MS some kickbacks.

    So, given that it is the hacker who is demonized for costing businesses billions and not the shitty programming, Microsoft can actually get away with selling virus protection programs, directing people to partners' sites who sell anti virus ware, or in this case bundling it with their next OS and marketing the software with the edge of having this high security from the evil doers. The whole deal works out great for the chip makers, the programmers, earnings reports, and of course the gross domestic product. This is capitalism at its best my friends. One more thing I gotta say, get your net install iso of debian (i386 arch)here.

  9. Re:Always with the bad grammar by StarvingSE · · Score: 4, Insightful

    Yes, I love how Microsoft likes to constantly jam their own software down our throats through their Windows Update. This is unethical and bad business in my opinion, and I don't know why the rest of the industry won't go up in arms about it.

    Why buy something like Webroot's SpySweeper when Microsoft pops up a window every month claiming that their anti-spyware suite is critical.

    Windows Update should be just that, fix security issues, make windows more stable. Not as a conduit to make sure Joe Computer User always uses 100% Microsoft products.

    --
    I got nothin'
  10. Unwinnable Situation by ytsejammer · · Score: 3, Insightful
    The entire thing is a catch 22.

    On one hand, you have an easy to use OS that is prone to malware and spyware when not administered correctly.

    On the other hand, you have an OS with a higher learning curve that is less prone to malware and spyware, but that requires the same level of expertise as it does to keep a Windows system free of the garbage that can easily plague a system.

    In either case, it is up to the user to be more knowledgable about the product their using. I'm not going to pretend that I don't use Windows, but I can honestly say that in the year and a half since I last formatted, I still have yet to find any spyware, malware, or virii hiding on my system ... my system tray is still as bare bones as it was after installing Windows ... and, my computer still runs just as well and as fast as it did after reformatting. Now, with a CS degree, I consider myself slightly more knowledgable than the average user, but this doesn't negate the fact that it is possible to run Windows without compromising your system. You just have to have a clue as to what you're doing and know better than to visit questionable sites and click 'yes' to every dialog box that pops up and wants to install 'XXX Dialer' on your system.

    I don't know if there is an easy solution, other than to make Linux or OSX or another more secure operating system more simple to use - and you can go ahead and tell me that your Grandmother runs Linux and has no problems, but the ordinary computer user is looking for more than a glorified Internet/Email machine.

    Could Windows be more secure? Yes. Definitely.

    Could Linux be easier to use? Yes, and just as equally so.

  11. Great business plan by HangingChad · · Score: 2, Insightful
    1. Create largely insecure OS product
    2. Sell customers "value added" security tool
    3. Profit!!!!

    I think all this demonstrates is that to MSFT you're not just a customer, you're a revenue stream! And MSFT users just keep taking it. It's amazing.

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  12. Re:Always with the bad grammar by TheNetAvenger · · Score: 2, Insightful

    But it was from Apple or part of a Linux distribution it would be wonderful and a perfect way to ensure even the casual user had some level of protection.

    Just because they use big bad words like Microsoft, doesn't mean it is a bad idea...