Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Ship New Malware Protection Utility

Posted by CowboyNeal on from the those-who-know-it-best dept.

LadyDarth writes "Microsoft introduced on Thursday a new program called Client Protection that will help to combat viruses, maiware and spyware in the corporate environment. Paul Bryan, product management director in the enterprise security division at Microsoft, said in an interview with BetaNews Wednesday night that Client Protection's aim is to 'make sure people have fewer security products' to concern themselves with. Responding to concerns that it was stepping on its partners toes, Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden."

10 of 226 comments (clear)

  1. I thought by oldgeezer1954 · · Score: 4, Insightful

    They were supposed to document all api's and make them available. Anyone think he's referring to something else besides hidden api's?

  2. Instead of protection, how about a better OS? by ausoleil · · Score: 3, Insightful

    Love them or hate them, a Microsoft OS is at best a Rube Goldberg device of an operating system. I think that is one of the reasons why MS OS's slow to a crawl after a period of time, or at least seem to.

    Look at the average Windows system that has not had a rebuild in a year or more. More than likely, the system tray at the right stretches halfway across the screen when it is expanded. There's virus protection, a personal firewall, spam protection, etc. etc. etc.

    Now we have another protection racket (err, application) from Microsoft to protect us from what is ultimately Microsoft's fault: an operating system that at it's core was designed in such a way that security was an afterthought.

    So, we have words of Microsoft's plans to have more protected kernel. Of course, because it is Microsoft, that means you will need to use Microsoft's apps, or their approved vendors, Microsoft approved hardware, etc. etc. Trusted computing? Sure -- Microsoft can trust you to fill their profit stream after you install their secure OS.

    Instead, why doesn't Microsoft use the principles of Occam's Razor and not let applications have direct access to the kernel? Why not have an equivilant of chroot that works well? Why, at the core, give so many holes for applications, good or bad, to wreak havoc on your computer?

    Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

    1. Re:Instead of protection, how about a better OS? by QuantumG · · Score: 5, Insightful

      This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault. You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

      --
      How we know is more important than what we know.
    2. Re:Instead of protection, how about a better OS? by DrEldarion · · Score: 5, Insightful

      Agreed! I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware. Up until about a year or so ago, I used IE exclusively, too. Use your computer intelligently, and you shouldn't have problems.

      Bad users will find a way to screw up any system, regardless of OS. (Barring, say, a C64)

    3. Re:Instead of protection, how about a better OS? by linguae · · Score: 3, Insightful
      Gee, sounds like a mind-numbingly simple idea. I guess it has many names, but they all end in "nix." (BSD excepted, but you get the point.)

      I love *nix (and BSD, too), but there are ways that Microsoft can make a secure operating system without switching its kernel to a BSD kernel. (Note I left Linux out; there is no way Microsoft is ever going to base their flagship product on GPL'd software). Here are some ways that they can do that:

      1. Decouple the Internet Explorer/ActiveX connection. Internet Explorer would be much like Konqueror on KDE if it didn't have that insecure ActiveX giving malware access to the machine.
      2. Microsoft should do what OpenBSD did to much of their software; check to see if there are any potential buffer overflows and other security issues created from bad code and replace them with safer functions. OpenBSD created strlcat() and strlcpy() to replace the insecure strcat() and strcpy() functions in C, for example. Removing all of these insecure stuff from their software will help a lot.
      3. Windows should also better handle user accounts, in an almost Unix-like manner. Granted, Windows has gotten much better over the years with the "Run As..." command and more applications are aware of adminstrator and limited user account, but there are still some minor flaws that need to be fixed.

      I don't think Windows needs a new kernel. I just think that all of its APIs, programs, and functionality should be secured, and very insecure things (like ActiveX) should be removed.

    4. Re:Instead of protection, how about a better OS? by drsmithy · · Score: 3, Insightful
      The problem is, most people, even technically adapt people, are not capable of protecting themselfs from the host of worms and exploits being used out there today. the blame lies squarely on MS's shoulders.

      Running a Windows machine sans viruses, worms and other malware is trivial for technically adept users.

  3. Selling more bandaids is not the answer by starfishsystems · · Score: 4, Insightful
    Yep, Microsoft made the design choices that created the problem. No doubt they'd also like to sell you the solution.

    And Paul Bryan is right when he suggests that it would be a good idea to "make sure people have fewer security products". And the very best way to do that is to switch to a more secure platform. Then you don't need additional security products to solve the problems that should have been solved during platform design. Sheesh.

    --
    Parity: What to do when the weekend comes.
  4. Genius! by Douglas+Simmons · · Score: 3, Insightful
    Put yourself in the eyes of Joe Cubicle or look at it from the perspective of your typical housewife. Mal/*ware invade your machine nonstop, but odds are, as you have no idea what an OS is (let alone alternatives), your anger is directed at the virus writers, not MS. Or, and I see this all the time, when the crap piles up and your system slows down because you're running ninety programs on boot up, you do not realize that your processor still crunches math at the same rate it did when you bought the computer; instead you just toss your box out and be a good consumer and buy a fresh box. Intel's gotta be giving MS some kickbacks.

    So, given that it is the hacker who is demonized for costing businesses billions and not the shitty programming, Microsoft can actually get away with selling virus protection programs, directing people to partners' sites who sell anti virus ware, or in this case bundling it with their next OS and marketing the software with the edge of having this high security from the evil doers. The whole deal works out great for the chip makers, the programmers, earnings reports, and of course the gross domestic product. This is capitalism at its best my friends. One more thing I gotta say, get your net install iso of debian (i386 arch)here.

  5. Re:Always with the bad grammar by StarvingSE · · Score: 4, Insightful

    Yes, I love how Microsoft likes to constantly jam their own software down our throats through their Windows Update. This is unethical and bad business in my opinion, and I don't know why the rest of the industry won't go up in arms about it.

    Why buy something like Webroot's SpySweeper when Microsoft pops up a window every month claiming that their anti-spyware suite is critical.

    Windows Update should be just that, fix security issues, make windows more stable. Not as a conduit to make sure Joe Computer User always uses 100% Microsoft products.

    --
    I got nothin'
  6. Unwinnable Situation by ytsejammer · · Score: 3, Insightful
    The entire thing is a catch 22.

    On one hand, you have an easy to use OS that is prone to malware and spyware when not administered correctly.

    On the other hand, you have an OS with a higher learning curve that is less prone to malware and spyware, but that requires the same level of expertise as it does to keep a Windows system free of the garbage that can easily plague a system.

    In either case, it is up to the user to be more knowledgable about the product their using. I'm not going to pretend that I don't use Windows, but I can honestly say that in the year and a half since I last formatted, I still have yet to find any spyware, malware, or virii hiding on my system ... my system tray is still as bare bones as it was after installing Windows ... and, my computer still runs just as well and as fast as it did after reformatting. Now, with a CS degree, I consider myself slightly more knowledgable than the average user, but this doesn't negate the fact that it is possible to run Windows without compromising your system. You just have to have a clue as to what you're doing and know better than to visit questionable sites and click 'yes' to every dialog box that pops up and wants to install 'XXX Dialer' on your system.

    I don't know if there is an easy solution, other than to make Linux or OSX or another more secure operating system more simple to use - and you can go ahead and tell me that your Grandmother runs Linux and has no problems, but the ordinary computer user is looking for more than a glorified Internet/Email machine.

    Could Windows be more secure? Yes. Definitely.

    Could Linux be easier to use? Yes, and just as equally so.