Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Ship New Malware Protection Utility

Posted by CowboyNeal on from the those-who-know-it-best dept.

LadyDarth writes "Microsoft introduced on Thursday a new program called Client Protection that will help to combat viruses, maiware and spyware in the corporate environment. Paul Bryan, product management director in the enterprise security division at Microsoft, said in an interview with BetaNews Wednesday night that Client Protection's aim is to 'make sure people have fewer security products' to concern themselves with. Responding to concerns that it was stepping on its partners toes, Bryan admitted that Microsoft has 'knowledge and an understanding of the capabilities of the operating system' that its partners may not have. But he said that information would not be hidden."

15 of 226 comments (clear)

  1. Great... by samj · · Score: 4, Funny

    more Claria shananigans on the way then?

    1. Re:Great... by Anonymous Coward · · Score: 5, Interesting
      Exactly. Microsoft will always be behind the eight-ball when it comes to spyware protection because of its corporate nature. It will always put profit before protection.

      Some people may claim that Microsoft still allows users to remove the Claria software. For example:
      Windows AntiSpyware (Beta) continues to notify our users when Claria software is found on a computer, and it offers our users the option to remove the software if they desire.

      However, the issue here is not whether or not Windows Antispyware still detects Claria products...the issue is Microsoft's recommendation on said products. While it is true that users still have the option to remove Claria products if they so choose, the fact is that users had the option to keep Claria products on their system back when Microsoft was recommending removal. The insinuation that this change offers users more choice than previously available is tacitly false.

      The real issue here is Microsoft abusing their position of trust within the general computer user community. No, I'm not talking about people like us here...I'm talking about Ma and Pa Computer User...the ones who see a virus or spyware warning and panic. Many of these people rely upon the recommendations offered by the spyware detection/removal applications to decide on how best to manage their systems. By artificially upgrading Claria products from 'remove' to 'ignore', Microsoft is taking unfair advantage of these users' trust.

      Also claimed:
      All software is reviewed under the same objective criteria, detection policies, and analysis process," Microsoft claimed. "Absolutely no exceptions were made for Claria.

      As far as I'm aware, no other spyware removal application has promoted Claria products in this fashion. Until Microsoft publishes these 'objective criteria', and shows how Claria products managed to get upgraded from 'remove' to 'ignore' under them, we will have no choice but to assume more ulterior motives.
  2. Always with the bad grammar by Anonymous Coward · · Score: 5, Funny

    That should be "Microsoft to Ship New Malware, Protection Utility".

    1. Re:Always with the bad grammar by StarvingSE · · Score: 4, Insightful

      Yes, I love how Microsoft likes to constantly jam their own software down our throats through their Windows Update. This is unethical and bad business in my opinion, and I don't know why the rest of the industry won't go up in arms about it.

      Why buy something like Webroot's SpySweeper when Microsoft pops up a window every month claiming that their anti-spyware suite is critical.

      Windows Update should be just that, fix security issues, make windows more stable. Not as a conduit to make sure Joe Computer User always uses 100% Microsoft products.

      --
      I got nothin'
    2. Re:Always with the bad grammar by jokestress · · Score: 5, Funny

      I think there's a typo, too: "Microsoft to Ship New Malware, Protection Futility."

      --
      Evil sig is livE.
  3. Sweet! by jav1231 · · Score: 4, Funny

    Will it clean explorer.exe from my system?

  4. And here it is by Anonymous Coward · · Score: 4, Funny

    Right here :-)

  5. I thought by oldgeezer1954 · · Score: 4, Insightful

    They were supposed to document all api's and make them available. Anyone think he's referring to something else besides hidden api's?

  6. can't make up his mind by timmarhy · · Score: 4, Interesting

    in one sentence he is stating ms knows something about windows that no one else does, in the second he is stating they aren't hiding anything. it can only be one or the other, not both. i'm very inclined to think it's the first. they haven't documented jack shit in order the maintain their strangle hold and put the rest of the industry out of business.

    --
    If you mod me down, I will become more powerful than you can imagine....
    1. Re:can't make up his mind by geekoid · · Score: 5, Funny

      No no, it's not hidden, it's in the basement...with the broken stairs..and no light, in the cabnet marked 'beware of tiger'.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  7. Annother Teling quote by temojen · · Score: 5, Funny

    Client Protection's aim is to 'make sure people have fewer security products'

    Sounds like a monopoly practice to me.

  8. Selling more bandaids is not the answer by starfishsystems · · Score: 4, Insightful
    Yep, Microsoft made the design choices that created the problem. No doubt they'd also like to sell you the solution.

    And Paul Bryan is right when he suggests that it would be a good idea to "make sure people have fewer security products". And the very best way to do that is to switch to a more secure platform. Then you don't need additional security products to solve the problems that should have been solved during platform design. Sheesh.

    --
    Parity: What to do when the weekend comes.
    1. Re:Selling more bandaids is not the answer by starfishsystems · · Score: 4, Informative
      What design decisions are they exactly?

      Fair question, as long as it's not being used as a vehicle to express resentment toward "security experts" for a topic you can't be bothered to understand. That sort of sophistry is the refuge of the ignorant. And as the subject has received widespread attention, it's not as if your question hasn't been answered many times over.

      But assuming that your question is genuine, here is a short, and by no means exhaustive, list of areas is where Microsoft falls down with respect to security:

      • security of supply
      • modularity
      • interoperability
      • containment
      • least privilege
      • security by default
      • verifiability

      Many of these factors are interrelated. When Microsoft engages in illegal monopoly practices, it has the effect of reducing the security of supply to the industry by limiting the number of competing products. It does so by deliberately breaking interoperability with competing products through a strategy which it calls "embrace and extend."

      Another strategy, called "integrated innovation," likewise promotes the questionable virtues of integration at the expense of the fundamental virtue of modularity. Integration is fine for microprocessor chips, but software components are not transistors, and the software engineering problem, as Fred Brooks pointed out, is not about how to efficiently replicate such components. On the contrary, we often need to replace individual software components in order to repair security problems in their design or implementation. Modular systems are thus intrinsically more favorable to security than integrated, monolithic ones.

      Independent of this effect, it's also possible to reason more effectively about security in a modular design than in a monolithic one. The analysis of security between communicating entities has been very well studied, and in a modular system this communication takes place in formally defined ways. The strongest demonstration of this capability lies, again, in how well a module interoperates with others. So when Microsoft attests in court that Internet Explorer can't be removed from Windows, it's acknowledging a basic failure to attend to modularity.

      Security factors such as containment and least privilege are only possible where modularity is already well established and effectively managed. Usually these factors are what people think of as being characteristic of secure design, but they are in some sense derivative of more general security and design factors such as modularity. In any case, from all of the foregoing we can easily predict that problems will arise when bringing them late to a design, as Microsoft has characteristically tried to do.

      Other critical design factors, like security by default and verifiability, require a further degree of commitment to security which Microsoft has a history of actively avoiding. I could cite many examples of these, but surely you can think of some on your own with modest effort.

      --
      Parity: What to do when the weekend comes.
  9. Re:Instead of protection, how about a better OS? by QuantumG · · Score: 5, Insightful

    This comment, and others like it, are completely lame. It is possible to use Windows securely, but most people don't. This isn't Microsoft's fault. You can just keep repeating an argument made by people 10 years ago as if it still applies to today.

    --
    How we know is more important than what we know.
  10. Re:Instead of protection, how about a better OS? by DrEldarion · · Score: 5, Insightful

    Agreed! I've run DOS 5, Win 3.1, Win95, Win98, Win2k, and now WinXP, and I haven't ever picked up a virus or spyware. Up until about a year or so ago, I used IE exclusively, too. Use your computer intelligently, and you shouldn't have problems.

    Bad users will find a way to screw up any system, regardless of OS. (Barring, say, a C64)