Slashdot Mirror
Symantec Brings Complaint Against MS to EU
linumax writes "Symantec has made a complaint against Microsoft to EC anti-trust regulators over the software giant's entry into the security market. The "informal" complaint allows the Commission to consider whether or not an anti-trust case is merited. The Commission is the executive branch of the European Union (EU)." From the article: "The news comes on the day Microsoft announced plans to begin offering business users an integrated anti-virus and anti-spyware product called Microsoft Client Protection. A beta version of this product is expected to be released by year's end. The company is already offering some customers a beta version of its Windows OneCare consumer security software. At issue is Microsoft's plan to bundle its security software with Windows Vista, the next major version of the Windows operating system due next year."
And I the only one that thinks that MS offering anti virus software is very similar to the mafia offering 'protection'?
Makes a lot more sense to bundle security systems with the OS than browsers and media players!
Microsoft has had a looooong-standing relationship with Symantec, going back to the days of the Norton Utilities (Peter Norton was a big pusher of MS products back in 1985/86). What makes this so funny is that slashdotters could have predicted this. How?
Because...Microsoft screws over EVERYBODY who has any business dealings with them.
Everybody
Why shouldn't the maker of the software secure their software?
If Microsoft got their act together and made it impossible for viruses to spread on Windows, and secured the OS totally against external threats, would Symantic have a case against them? Doesnt Symantic depend on a business model that could concievably be made redundant at any point in Microsofts development cycle?
I hate Microsoft just as much as the next guy but this doesn't make any sense. It's as if Firestone were to sue Ford for shipping cars with pre-installed wheels. Afterall you won't get very far in Windows without security.
Why should the consumer be forced to buy a product from a second supplier when the original supplier is willing to add that feature on for free?
Netbooks, they come with Linux or a $3 copy of Windows. Either way, Microsoft loses.
I'd feel a whole lot more sympathy towards Symantec if Norton Internet Security 2005 didn't depend on Internet Explorer.
I'm all for anti-trust laws, but I think this situation is a bit ridiculous -- the complaint is utterly without merit. Symantec and McAfee built their buisness models on Windows being a shoddy, insecure POS. Now, that Microsoft is tightening it down and including a virus scanner, and they are crying foul because it's going to put them out of buisness? I'm sorry, but that's the price they pay for being monolithic, for failing to diversify. Structural unemployment is a bitch.
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
Comment removed based on user account deletion
Microsoft has released a program called MCP. Where did I put my frisbee...
They will never stop until somebody makes the
Maybe they should also file a complaint against Apple for not making Mac OS more susceptible to viruses.
"I came here to have a complaint!"
"Oh, sorry, this is abuse. You want 2a, next door."
Because that's what you'll get... *sigh*
Someone at MS has had a brain bypass.
Surely at some board meeting somebody would have mentioned that the current 15ish AV and security companies are going to create a storm with anti-trust suits etc.
If they thought the Media Player trials were bad they haven't seen anything yet.
You know, I like MS - hell respect them even - but c'mon guys fix the OS before offering something to defend against the vulns and sploits.
We know it's GeCAD antivirus your punting, so when's the last time that came in the top-ten of virus detection products?
Jeez Louise.
Symantec thrives off the existence of viruses (and some people have said symantec has in the past written viruses). A permanent fix to viruses and self replicating programs would be bad for their biz.
M$FT, well they will have no ensure their products are vulnerable if they expect to sell AV and anti keylogger/spyware software.
Bottom line, reminds me of "Alien versus Predator" trailer tagline: "Whoever wins, we lose"!
Windows XP comes with an integrated firewall, which Norton SystemWorks replaces upon installation. Does an integrated virus scan propose some type of insurmountable difficulty for Symantec?
It could slow the spread of malware... IF they keep it updated. A man can wish, can't he?
Microsoft is from... Washington. Symantec is from... California. So why the hell are they suing in the EU?
The answer, of course, is that they'll sue wherever they think they can find a pliable judiciary.
Any OS maker has the right - indeed, the responsibility - to secure their system. Integrating security mechanisms into Vista would be fine, not unlike adding iptables to the Linux kernel or requiring an admin password for all security-related operations in Mac OS X. So if Microsoft were to give this away as part of Vista, they could virtually kill Symantec and I would have no problem with it. After all, Symantec has made a killing on compensating for problems in Windows, and fixing those problems is far from bad business.
But if Microsoft intends to charge for their security products, it's a scam. They'd have a vested interest in building only basic security into their OS, because enterprises will otherwise have no reason to buy the security add-ons. I hope Symantec wins this not because Microsoft's entry into this market is wrong, but because they've done it entirely the wrong and corrupt way.
This is such a good idea! At least for this one, I hope Symantec wins.
My ZooLoo
The question though is if this program is "integrated" into Vista ie not uninstallable and if it makes use of undocumented parts of the Windows api.
Symantec is clearly crapping it's pants. They have recently been attempting to strike fear of impeding virus doom on the OSX platform, especially since their revenues from that part of the market have dried up significantly. If MS offers a product with hooks into it's OS and attractive bundles, it may very well be game over for Symantec.
blah, blah, blah...
M$ could argue that an operating system always has mechanisms to protect itself, and thus an anti-virus defense system must be included. Though I find the argument reasonable, if Syamantec succeeds in stemming Microsoft's efforts here, I believe the browsing bundling issue will be re-visited.
A key function of an OS is to regulate, allocate, and manage the hardware and software resources of the machine. Controlling which chunks of code/processes/threads have access to which other chunks of RAM/filesystem/IO seems core to both an OS and to controlling malware.
Two wrongs don't make a right, but three lefts do.
well. if just symantec could create bug-free software. the antivirus and stuff like that just is like VERY abusive to any system withou 9999Ghz with 999GB ram. I welcome any antivirus from ANY vendor that actually work like it should, even if it's from Microsoft.
Security software is never going away. For example, ever hear of Tripwire?
However, this really does seem like a clear-cut case of product tying to me, though IANAL. And given Microsoft's market power in the workstation OS market, I would argue that it very well might be illegal.
LedgerSMB: Open source Accounting/ERP
This makes no sense to me on several levels. Who would trust MS to make anti-virus software when they're the ones who wrote the software that allowed the viruses in the first place? If MS knows about a virus that exploits a programming error, why don't they just fix the error? Who would trust a company that has a financial motive to write virus-prone code?
Welcome to the land of the free...pay toll ahead...no photography...please open your bag...
Not saying microsoft is the least bit innocent, but this is one of those cases that no matter what they do they are screwed.
A - Do nothing and get blamed for being insecure.
B - Do something, and get accused of illegal practices.
---- Booth was a patriot ----
As my mod points expired yesterday and I love the Tron joke.
Well, Citrix sued MS when Terminal Services came out, partially because MS at that point quickly reneged on or didn't advance past NT 4.0 Citrix' almost unique source code license it had at the time. Eventually they sued, and default Terminal Services is limited to 2 connections to the server. If you want more, you need to buy Citrix.
MS has done this before. Remember all the people who were making pretty big money on selling various DOS defragmentation tools, etc., who bitched when MS essentially licensed one of those products to include with MS-DOS 6.x and/or Windows 95?
At least MS had the verity to actually buy out Visio, probably one of the only 3rd-party products that has actually successfully embraced MS software technology to the point where it made more sense to buy Visio than build their own competitor into Office.
So Symantec/Norton make a name for themselves peddling products designed to keep people safe from security problems in Windows. Between the Customer and Microsoft, Symantec is a third party offering protection. After all these years, Microsoft decides it has the capability/desire to protect customers themselves. I can see why Symantec would be pissed, but it was they who built their house on sand. They based their business model on the combination of unwitting users and Windows flaws, so it's only natural for their business to decrease as users become more informed and Windows becomes more secure. As has been said many times in the People vs. RIAA/MPAA threads around here, The Right To Profit is not guaranteed. Symantec gambled on a product line, and thus far has done very well. The odds are changing though, if Microsoft wants to start protecting people from themselves.
Heck, I remember running Microsoft AV in Windows 3.1/Dos 6.2 days, cleaning the Form virus off various floppy disks. (Don't Copy That Floppy anyone?)
* I don't mean Windows becoming more secure in the traditional sense of locking down, though XP SP2 is a big step up, I mean the manufacturer of the product (Microsoft) providing alternate means of protection without the need for 3rd party products.
Oh, competition is fine so long as their competition is not Microsoft.
Click here or here.
Microsoft also debuted its new financial software titled Microsoft's OneCare: Money.
Microsoft should be dedicating their resources in finding a cure, not a treatment. This presents a big conflict of interest for them, kinda like a coach betting against his own team.
It's more like a construction company offering discount insurance for the buildings they sell.
Click here or a puppy gets stomped!
If it were perfect, then no one would ever buy an upgrade.
... if it were perfect, then no one would ever buy an upgrade.
So, every new "upgrade" has to have fixes for old problems AND the coolest new technology (think "ActiveX").
But no time/effort is spent in making sure that the cool new technology is secure because
And so the cycle repeats, endlessly.
Microsoft selling anti-virus and anti-spyware solutions is like being asked to pay for a bandaid when you have a broken leg. If MS really wants to get into protecting its users from such threats, it should be focusing on the one place that only it has control over: the code.
If it was almost any company other than Symantec one might feel some sympathy. But Symantec's software is awful in my experience, slowing WinXP to a crawl, hectoring the user with FUD and paranoia about "threats" and popping up unnecessary and self-congratulatory windows telling you what it's doing. It's not cheap to purcahse, either. It may be ironic if Symantec gets its comeuppance at the hands of Microsoft but it will be richly deserved, imho.
... oh but ... security left in the sole hands of Microsoft would be the fox in the henhouse all over. One can imagine other companies of any size being asked to pay up for "certification" (by joining, say, an MS Trusted Partner Program) or get put on the AV blocklist, their sites being listed as thoroughly dubious. God knows what their AV scanner would do if it detected a Linux install on the computer.
But
Las qué passoun
tournoun pas maï
Ford isn't the only one using tires. Without Windows requiring anti-virus protection, Symantec is pretty much done.
Favorite quote: "
Ok, so symantec is going after MS for an anti-trust suit? um...WTF? MS used to be notorious for security flaws. They clean up their act, try to pull together a new OS, and try to include decent security.
I'm sorry Symantec, but i don't think they're trying to pull the wool over anyone's eyes and get away with a monopoly. I'd say they are trying to get their act together and get past their notoriety for sucking at security.
Why pay for Norton when it can't find viruses that i need it to find? I'm sorry but i'd rather use bundled MS software, if that fails i'll look for a free alternative, i'm not gonna spend $45 or whatever Norton costs these days to get a half a$$ed virus scan. I made that mistake two years ago, i don't feel like paying them more money for more half baked protection. I'll try what MS has to offer. I think the've made some improvements.
i'll leave you with this thought, MS Anti-Spyware Beta.
-MP
Symantec sucked so much MS cock during the US antirust trial, how could they possibly be surprised getting a hair pulling facial topped off with a cock slap?
I'll side with Microsoft. Norton Utilties hasn't ever been the same since the dos days and early windows days.
I almost hope Symantec dies because of this. Maybe out of its ashes we'll see a new utility company that actually makes utilities like Norton Utilities USED to be. I stopped using them a couple of years ago when I noticed they dropped a few of the old utilities, and didn't give me anything new and useful.
Since Microsoft does not have a decent security model for their OS's, they get infected.
Which is why you need to continuously update the virus signatures.Not many years ago there was a flood of "macro viruses" for Word and Excel. Then Microsoft made a very minor change and asked people if they wanted to run the enclosed macros
The correct approach is to fix the real problem.
The PROBLEM here is that when Microsoft starts shipping its own anti-virus/spyware app, the other companies will all die.
Which means that within a couple years, the ONLY commercial option you will have for anti-virus on Windows will be
Now, to see how much effort Microsoft will be putting into that
Somewhat off-topic here, but perhaps, before Microsoft decide on a name they ought to check just what that sounds like in some of the major English-speaking markets.
(wonder what Symantec means in other languages?)
Ok, I've read through the comments, and I'm frustrated with something: Please, everyone, remember that many viruses do not exploit bugs in the operating system! For everyone who says, "I think this is a conflict of interest for MS", please take note that if Microsoft writes a perfect OS, but some user double-clicks on the ZIP file he received through email, it's still doom for his data.
AV solves not just the problems with bug-attacking viruses, but also idiocy-attacking ones. I.e., if your user can't be trusted to have perfect browsing habits, the AV software can help pick up some of the slack.
-Ant Slayer-
...um has anyone ever installed Linux?, OSX? dont they come bundle with a shitload of software (itunes, iphoto, safari, gimp, firefox) and a whole bunch of others is this a pronlem, i mean really i would love an OS to come ready out the box install and have a plethorea of goodies at my disposal and i would feel much better using microsoft software on a microsoft os. i believe that ol' bill could make it very stable and compatible (duh microsoft knows more about microsoft than symantec) just my 2 cents besides im right anyway
Visit my Forums?
Don't they realize that their only place in a Microsoft world is as a Judas goat for Microsoft?
Look, they helped promote Microsoft, found a profitable niche for products that run on Microsoft by developing the very things that Microsoft themselves ignored (security, anyone?) and, now, Microsoft has decided to do it! That is their proper place in life! They should accept it, die the quick death reserved for all Microsoft collaborators and be happy in the knowledge that this will help Microsoft make even more money.
Why else does anyone develop for Windows?
If Microsoft fixed the security flaws, then Symantic might go out of business because there is no longer a need for their product.
...or... cut development because it isn't bringing in money.
The problem is that by competing with Symantic, the product is still needed, but Symantic will go out of business and Microsoft will end up being the single source for commercial anti-virus software for their desktop monopoly.
Which means that Microsoft can start ratcheting up the pricing for this
Either way, the customers lose. Unless they switch to Linux/Mac.
and make their money on subscriptions to their virus definition update service? (Since without definition updates AV software isn't worth much anyway.) Would the GPL allow this?
The viruses anti-virus software is aimed at exploit gullible people reading their e-mail, not holes in software.
If Microsoft does give this away, then the other anti-virus companies will go out of business.
Which will leave the anti-virus customers with two options:
#1. Use Microsoft's anti-virus software and hope that Microsoft doesn't start increasing the price/actually maintains it.
#2. Move to Linux/Macs.
You're mistaken in the believe that Microsoft is "tightening down" anything. Their products will still be as vulnerable, but now their customers won't have any other vendors for competing anti-virus apps.
Another program to patch! :)
No sig for now.
This is ridiculuos. Why couldn't Microsoft make and sell security software?
Imagine Symantec suing Clam anti-virus developers because they're making GPL-ed anti-virus software for a GPL-ed OS (say, Clam used as Samba A-V scanner).
Fuck off, Sym.
Just not like you think.
This is Netscape all over again. If the DOJ had done their jobs and actually punished Microsoft for breaking the law, perhaps they'd stop doing it. But no, they gave Microsoft a slap on the wrist and let them do it all over again. Maybe the EU will do what the USA won't and actually protect people from the abusive, illegal actions of Microsoft.
Here is the problem. When you break up a company, you immediately get a lot of market turmoil and the customer loses. Many people complained abour rising phone bills after the AT&T divestiture, for example even though in the long run prices have come down.
Instead, just as in AT&T, IBM, and most other antitrust cases, divestiture is mostly reserved as a voluntary option. Instead, a light slap on the wrist and a mutually areed upon settlement is usually where things are done. The reason why this works is something called collateral estoppel. I.e. facts which are necessarily decided as a part of one case can not be re-litigated in another. This means that the first antitrust conviction a business sustains can become a huge liability. Look at the huge number antitrust suits occuring against Microsoft at the moment. Each trial loss would cause them more problems.
So Microsoft is very much hemmed in at the moment by antitrust litigation and I am actually very amused that they would even try something like this, but IANAL.
LedgerSMB: Open source Accounting/ERP
I agree with you there! NIS2k5 is the scum of the earth - I dedicated an entry on my blog to it.
Any technology distinguishable from magic, is insufficiently advanced.
First I bad mouth Windows as bad as anyone and as with my beliefs in it as crap I don't use it. I have used LFS (single boot) for 3 years Linux even years longer and hate the thought of touching Windows but for them to get in trouble for actually putting some work into helping it work better makes me wonder how screwed up this world is.
That the case should be bought to the EU. Do US companies now see Microsoft and the US state to be so closely tied that the US courts aren't worth bothering with?
Hmmmmmm..... Deep fried and look like Squirrel.
Actually, "basic security" comes from educating users about what they should and should not do with their computer systems. Personally, I dual boot Linux and WinXP on my computer (different OSs for different uses) and I have never had a real security related problem with either. I have anti-virus software for Windows but I have never needed it since I don't run programs unless I'm SURE they are safe. Now Anti-Spyware I do use quite amount on Windows but that is a result of having various programs installed that I knew came with spyware such as AIM (but wanted to use anyway, after removing the spyware). There aren't as many programs with spyware that run on Linux, but it would be just as easy to write them.
The only real reason people tend to need anti-virus/anti-spyware software with their windows boxes is because the average windows user tends to be VASTLY less educated about computers than the average linux/osx/whatever user.
I think it's smart that MS bundle anti-malware programs with their software as many users do have problems with this and MS is in the best position (since they write the OS) to provide effective malware protection. You have to realize most people see their computers simply as a household appliances and expect them to work as such. You wouldn't object to a car company offering discounted maintenence would you?
-py
Fight the fall of slashdot by supporting PlayfullyClever in your sig.
We've all heard the anti-trust cases about Internet Explorer and Windows Media Player (did the latter become an actual case? I don't remember), but I think that Microsoft should win this. As someone said before, they, as the OS manufacturers, have the responsibility to secure that operating environment. This goes beyond just fixing bugs in the OS that *some* viruses (viri?) exploit, and into the realm of actually stopping these malicious programs from executing when Joe Bloggs in Accounting opens that email entitled "NUDE PHOTOS OF ANNA KOURNIKOVA!" and subsequently finds the contents of his C: drive disappearing into the void.
If Symantec want to return to the days when their programs didn't suck my computer's resources away, that's fine by me, but if they can't handle this competiton than they will, and should, die off. Let's not forget that just because it's packaged with Windows doesn't mean it will be awesome. I don't use Windows Firewall at the moment, I use ZoneAlarm instead, and I use AdAware and Spybot in addition to MS' anti-spyware program.
The bottom line, as far as I, and by the looks of it many people here, are concerned, is that, unlike the IE and WMP arguments, this is a security issue that Microsoft deserve to be allowed to solve. We didn't wait this long for MS to become this security conscious only to have it blown apart by competitors complaining about anti-trust.
A block of code, sufficiently well-written, is indistinguishable from magick.
Complaints bring Microsoft to YOU.
I use Avast! Antivirus and Zonealarm on my Win2000 computer, and Avast! Antivirus and Windows Firewall on my XP. It is a free download (you have to do a free registration every 15 months) and it works wonders. I was having major problems with Norton, so I searched online and found it, and installed it and liked it better. I dropped Norton even though I had 6 months of updates left on my account.
http://www.avast.com/
Look for Home Edition.
They also sell Professional solutions and server solutions (including Linux and BSD Antivirus solutions for mail servers). The Pro version is for businesses and has more advanced features than the Home version, but for a regular home user, Avast Home Edition, a decent firewall and a decent spyware application works really well.
Mod Parent UP!.
I agree, there is a difference to integrating a web browser into the OS to kill Netscape vs. Adding some security protection to their OS. It is like when XP came out and people cried foul because it added CD burning support and was said it was to kill off adaptec CD Record, No accessing the hardware is the OS's Job I am supprised it took that long for MS to add it to windows. The same for security, customers are complaining about how insecure windows is, and if they tell there customers well you will need to buy an additional product that they will need to pay monthly support to, to keep their product secure it is just not cutting it anymore, Espectially when there are good systems like Linux and Mac OS which have been becoming more and more competitive to Windows every day. When you make your business on improving some ones else's product don't be surprised that the product you are improving will add it to their own product.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
While it is correct that the majority of current infections are via trojans, they are not the only problem. Ubuntu handles the issue of worms by just not running any open ports in a default installation. So Ubuntu will not be hit with anything close to Slammer or Blaster.You are wrong, it does help. SOME people would. But that's because system security is bound by human stupidity.
But the people who are currently being infected because they double-clicked on "sexy.jpg" which was really "sexy.jpg.exe" would have to go through a LOT more effort to accomplish the same on Linux.
#1. Save the attachment. (extra step)
#2. Find where they saved it. (extra step)
#3. chmod it (extra step) warning
#4. Double click it.
#5. Give sudo password. (extra step) warning
So, all of a sudden, all (99.99%) of the *.jpg trojans are dead. Which means that you have to convince someone to actually run an app on their box, which they know is an app. Some people will still fall for that, but not as many as fall for the
In a correctly designed system, the user will KNOW that s/he is running an app (not thinking it is a graphic) and be ASKED for additional authorization.
And that only matters with trojans. Viruses and worms are few and very, Very, VERY far between on Linux systems.
The analogy might make SOME sense if Ford was a convicted monopoly and decided to start manufacturing the tires as well.
The Symantec corporation is trying to locate the owners of the intellectual property collectively known as "Open Source." Particularly with respect to the popular "Linux" series of operating systems, they beleive that building a secure OS is an infringement on their right to protect it. :wq
When Microsoft released WinXP SP2, which integrated with Anti-Virus Products, it took a while for the AV companies to take advantage of these features. Microsoft didn't like this because even though they made all this effort to facilitate better AntiVirus Support, the Companies still churned out their Stand-Alone Crap.
Symantec are up in arms because their dodgy implementation won't be able to compete with MS's Offering
When Konfabulator was superseded by Dashboard in MacOSX, the makers of Konfabulator were up in arms because their dodgy implementation couldn't compete with Dashboard.
OS companies have all these little hooks in their OS so cool features can be implemented, but Third Parties don't take the bait. They develop parallel systems which duplicate existing code simply to get their Corporate Logo up their.
Instead of complaining, Symantec should be Liasing with MS so they can provide a value added service to MCP users. MCP could provide the infrastructure to scan for viruses, but the definitions could come from third parties.
In other news, Trumpet is unhappy about Microsoft's recent announcement that they will include a TCP/IP stack by default in the next version of Windows.
If J.K.R wrote Windows: Puteulanus fenestra mortalis!
Don't you think that the selling of a MS branded Antivirus app would be a tad illeagal?
/. is so fond of (bad) analogies. This would be like a (monopolistic) car company knowingly selling you an auto with a known defect(s) that MIGHT cause the car to randomly explode - and when non-affiliated mechanics have been fixing the issue, the car company promotes the fact that they know more about the car to fix it "better" - instead of doing a recall for free.
* MS sells an OPTIONAL AV protection utility.
* MS continues to allow the OS itself to be vulnerable.
* (perhaps, MS actually writes a virus that affects windows...)
* MS sells more AV software demonstrating that it keeps people's PCs "safe."
What MS should be doing is fixing the problem pro-actively, not retro-actively.
Linux is less "user friendly" if you define "user friendly" as "makes it easy to accidently install applications".
... whether the additional ease of accidentally installing a trojan (Windows) is offset by the ease of keeping them off your system (Linux).
On the other hand, if you define "user friendly" as "works and keeps away trojans" then Linux is more "user friendly" than Windows.
The question is
Will the average Linux user spend less time and effort keeping his/her system clean and functional than the average Windows user? Less time but more effort? Less effort but more time? I believe it will be less time and less effort to keep a Linux system clean. Less time and less effort should equate to a more "user friendly" system, eh?
I know you are all cynical gits but I think this is one anti-trust action that should fail. Why? Because it is intrinsically GOOD that people have anti-virus/anti-spyware bundled with their OS. I don't care too much about other anti-virus company profits. Lets face it, they have been whoring on the back of this problem for long enough. The OS should come with protection and that protection should be free (as in I don't pay over and above after I've bought the OS).
Nope. "Basic security" comes from a decent security model.
... Microsoft.
... look how long the problem has already existed and look how long it took Microsoft to improve IE.
Agreed. Now think a little. Most of spy and virusware is users mistake or downloading software on the net. What does for example spyware differently than usual program. How could system detect spyware if user installed spyware along with some software? By guessing? By counting executables? Spyware has to be corrected by approach that they inteded to go.
Their security sucks, true. Their patching speed is likespeed of hardcore snail race, true. Overexpensed, true. But at least give them a chance to make something (or not, somehow reminds me on yesterdays story where Gates demanded from Sony that they don't ship with Blue-Ray).
As I said, I somehow feel sorry and somehow laugh (and enjoy the fact) because they are getting beaten with their own stick more and more often.
Which is why you need to continuously update the virus signatures.
No I don't, I don't use Windows. It is about 8 years now that I'm running Linux 99% of time. In reality I hate Apple and MS.
The correct approach is to fix the real problem.
In basics, if they integrated those two softwares without GUI and say that they don't exist one could call that correct approach.
The PROBLEM here is that when Microsoft starts shipping its own anti-virus/spyware app, the other companies will all die.
Companies producing this type of software are all more or less producing crapware. So probably you could call this biased. And since "king of the crapware" Symantec is making these claims I'm even more biased.
Which means that within a couple years, the ONLY commercial option you will have for anti-virus on Windows will be
No, they will (not sure if it isn't part of MSDN only) bundle Acrillic, do you think that Photoshop will die? They bundle movie editor, did any movie application die? You can record CDs from Explorer, did Nero die? Frontpage, Dreamweaver? Want more?
Now, to see how much effort Microsoft will be putting into that
And here is the reason why those companies could stay alive. They should just be better.
Signature Pro version 1.13.2-3 release 83.5 beta3try7 after-breakfast edition
Their NAV is the source of more problems on more machines than any other AV software I've ever had to deal with. If Microsoft can do it right, I'm only too happy to give them that chance. Symantec has had many years to get their stuff right and can't forever blame Microsoft for their mistakes.
I personally hope for some sort of rootkit defense. Since MS wrote the kernel, maybe they'll get it done right.
If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
As an IT professional I see both the need for this from Microsoft and the problems that can arise from the SAME company making the software and the software that temporarily fixes said software's problems. If Bush Administration hadn't stepped in and allowed Microsoft to be split up, Bill Gates & Co. could have just started up another entity to compete "fairly" with the likes of Symantec. To state "my opinion" for those who do not wish to read all of this post: Until Microsoft is broken up into separate entities I will not trust them to effectively and faithfully produce secure products if they are allowed to make their own AV software to be bundled with the OS.
What's wrong with it ?
Virus checkers are an example of a product where there is zero (or even negative) network effect. Unlike most other markets where M$ has basically taken over by giving freebies, there is no disadvantage to running a different brand of checker if it actually does a better job. The job itself is important, and "better features and quality" are not just checklist candy, but often the difference between a working PC or not. That's why some folks are prepared to pay big bucks despite there being freebies available.
The only way M$ will lock out the paid virus checker market, is by fixing their OS's default-allow security model.
There is a much, much quicker fix for this. If I was the CEO of Symantec I would have my secretary get Bill on the phone. The conversation would go something like this.
Symantec CEO: Hi Bill how are you today!
Bill: Very good what can I help you with.
Symantec CEO: Bill I will cut to the chase I want you to stay out of the security market.
Bill: Nope we are going to kill Symantec.
Symantec CEO: Ok if you want to be like that we are going to release a immediate update to our suite on monday. With this update we are going to bundle a copy of the new version of Open Office.
Bill: Ok we will take it off the list, have a very fine day, how about a all
expenses paid trip to bermuda.
These CEO's just don't know how to fight fire with fire.
Got Code?
This is way off topic.
That isn't how I remember the AT&T breakup. And I don't think that should be a goal - this is about the market. The market will be fine. People will want stuff. Someone will provide it. Why do we need to still support turn of the century companies?
Here's the thing - would you compete on an equal footing? No consideration of the copper in the ground that you've already payed for, no agreements that should have expired. What the bloody fuck has AT&T done in the last 10 years, except spin off Lucent?
I forget what 8 was for.
They are just pissed off because they did not even get the satisfaction of a courtesy reach around.
SCO, with a simple boot disk that just executes 'dd of=/dev/ad0 if=/dev/urandom', that will take care of all the virus and security issues. After all they did buy a SCO license. This one simple bit of software would make Windows the most secure OS bar none.
MCP?
Microsoft Client Protection?
Or
Master Control Program (mwuhahahahaaa)
Anyone else get a shiver?
You forgot the most important one. The veritas backup software is HUGE. It's just branded Veritas still so people seem to forget Symantec owns them. Symantec saw long ago that eventually the AV market would go downhill (well, in theory, as hardware protection starts to evolve) so they broadened their portfolio. Losing AV really isn't that big a deal to them in the bigger picture, I'm sure they won't let it go without a fight though. It is still quite the cash cow.
Apart from you that is? :-D
How about you define "user friendly" as anything you want just to show that Linux is it?
The MS windows problem is that users often do not know about trojans and how to spot them. Linux just makes it harder to run things accidentally. That doesn't help if a user WANTS to open a trojan. The user friendly part would be helping users understand about trojans and the associated risks in a seamless manner.
By the way, I think you could define Linux as "user friendly" in many more reasonable ways - such as showing how it enables powerful actions to powerful users - things that might be very hard to do in MS Windows systems.
M$FT, well they will have no ensure their products are vulnerable if they expect to sell AV and anti keylogger/spyware software.
RTFA. They're including the software in Windows.
And M$? Are you twelve?
They're still crooks (legally - they're a monopoly) but it's best you actually use illegal things they've done to point that out rather than making shit up.
Actually as part of the anti-trust case (in the US) Microsoft isn't allowed to use undocumented Windows APIs in their products. If their anti-virus product uses it they have to document it on MSDN.
Do the anti-virus companies write the viruses in the first place?
I don't think they do, and I'm not prone to conspiracy theories. But I can't shake the thought.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
Anti-virus and anti-spam ``solutions'' do not a good business make. When your primary objective is to obsolete yourself, how long of a run can one have? Symantec and others have been around a very long time; longer than I could have predicted, especially when there are _real_ solutions to the virus problem and have been for years. The nihilistic I, for one, am happy when our fat Gatesian Overlords bundle away the little fish. Now watching the starvation death of a bigger fish should be quite entertaining :)
FWIW, Symantec has never created an original product; everything they offer was acquired.
- P
I don't have a
What's wrong with it ?
Plenty.
Five cents being about the going price for compromised machines.
I doubt that mere incompetence would be enough to drive the price that low.
As to the exact makeup of that "plenty", that is Microsoft's problem, not mine. What's hilarious is Microsoft claiming to be more secure than Linux.
It is consistently the best-selling software in computer stores, and just thinking of the profit it generates from the continued subscription (which may be only part of the market but with a huge margin) should make any executive cream his pants. I agree they wouldn't let it go without a fight.
Why did you feel obliged to add that disclaimer? Your post was factual as it stood.
If you have factual information, why spice it for the rallied Slashdotters? No moderated opinion is going to sway the balance here anyway.
car companies are no longer able to ship cars with airbags, breaks, seatbelts, or headlights due to anti-trust issues.
Being a linux desktoper, i have to say i feel quite high and dry from all the ISSUES surrounded by windows and i see alot of people arguing that because windows is targetted because its popular. Not the case! Windows is targetted because its an easy one, linux hacks have been around _before_ windows hacks, buffer overflows and every other tricks in the book has been applied to linux and other *nix's since the dawn of the internets popularity. Windows realistically is a new commer into the server market, compare it to the UNIX Os', BSD, and Linux and its got half the maturity (even less for most of these os's). As for desktop this is not the case, windows is the dominator in this respect and always has been. What has happened is the hackers of the internet have found breaking into the desktop has become easy and affective. Microsoft ignorantly enough was not prepared for this, people have been dealing with Virus' on Dos and Windows since 286's and CGA montiors and they were being transmitted on floppy disks and embeeded in versions of Commander Keen or being downloaded off BBS's. What the internet has done is simply made it easier for virus' to spread, thats it and nothing more. Ontop of this hackers have now begun their assult, bringing togeather a real issue for Windows security. Microsoft's philosophy since the 286 and Dos days was, simply just ignore virus's as its the users problem/their fault. Now all the user has to do is visit a website or open an email! and on the server side of things all you to do is just have to have your box plugged in to the internet! (sorry micrsoft but after that pnp flaw alot of servers copped it and your response patch took way too long) and the issue here is that windows is too uniform, with linux this is totally different i.e custom kernels and too many distros to poke a stick at so linux worms are going to have VERY little impact, plus linux admins usually customise their servers in all sorts of configurations, with Windows its simply 2003 server or 2000 server and when worms like the PNP comes out the success rate is much higher. Microsoft has and always has believed that security is the users problem, but all of a sudden they want to make it their problem... 2 questions have arrisen from this for me and they are... How much extra is this going to cost? and what does it do for windows if this is just another free service? Heck writing patches and updating antivirus is a resource and a cost to them... Wheres the catch? I see 2 major contradictions in microsofts usualy behaviour and it makes me question how good is this service really going to be. On the Symantec point of view, they've always got the coporate server market selling custom solutions to large corporations, this move from m$ will affect them considerably but it wont cripple them.
I think this whole discussion revolves around thet there doesn't seem to be a good definition of what a virus is. I mean, there is software that makes use of so-called 'security flaws' in an OS, and wreaks havoc without the user ever having to do anything. This looks to me like something OS makers can fix without releasing extra software. Then there are programs like Britney Spears naked.mpg.exe, which wreak havoc when the user clicks on them. The only thing you can do about that is make sure the user can see the extensions by default (this is also switched off in Mac OSX to my great surprise). Then there are things like self-running attachments (although I think MS has that fixed now), and worms. Obviously some of the things mentioned above can not be protected against by any other means than educating the user and making sure the user knows when he/she is about to do something dangerous. Other things can be fixed in a patch.
My question is: does anyone know a list with definitions of the various threats out there, and what can be done about it?
BTW, I've been running Linux, Windows and OSX for the past 8 years (well not OSX obviously) without anyanti virus software, and I've only had one problem. Am I lucky, or just careful?
-- Cheers!
If Microsoft starts charging for antivirus software, they may under various legislation be seen to ship a defect product that can only be fixed by making an additional purchase. This will open up the field for numerous lawsuits including class action in those countries that have it in their legislation.
However, bundling it for free, they should be in the clear.
The future is in beta
I'm still planning on going through Symantec for AV stuff. I mean, let's face it:
1) It updates regularly and fairly quickly in the face of new threats. MS has let known bugs and security problems go on for how long?
2) It's inexpensive. Sure, I have to buy a new subscription every year, but how much is Vista going to cost me? Even if it's just the XP->Vista upgrade? And considering that I'm not planning on upgrading to Vista, divide the cost of Vista by the cost of the Symantec AV yearly cost, and wow... it's probably going to pay for itself for a few years.
3) I don't trust MS software until a minimum of 6 months to a year after it's been released. MS has a shoddy record when it comes to stability of it's early market software, while Symantec doesn't. I expect the MS security package in Vista to be about as useful as a chocolate hammer. Hell, I'm still at the point where I'm tweaking XP to get the crap I don't want to run to stop running all the time so the things I do want to do run faster.
Kierthos
Mr. Hu is not a ninja.
Now, that Microsoft is tightening it down and including a virus scanner,
Including a virus scanner is not "tightening it down", it's treating a symptom. And it's treating a symptom that Microsoft copied again from someone else.
I'm somewhat sympathetic to Symantec: Microsoft really is doing what they have been doing with other applications before, driving a vendor out of business by bundling their own (often inferior software) with the OS.
If Microsoft wants to tighten down Windows, they need to fix it, not add a virus scanner.
The only odd thing with Norton is how long they have been able to hang on to the beast without getting eaten or squashed. My theory is that Norton AV occupied Microsoft's blindspot. The company just never wanted to acknowledge that it had a problem with viruses. To copy or buy-out Norton would have been to concentrate attention where Microsoft refused to look itself.
What has changed in recent years, however, is that Norton has been so successful in marketing viruses as a threat that comes from the Internet rather than from an insecure OS that most Microsoft users now regard a CPU cycle eating realtime virus scanner as a fact of life rather than a stop-gap patch job. Five years ago the inherent irony of a company selling a product that protects against failures of their own product would have been obvious. Now the average user see the threat as external. Microsoft can now enter the market without ever acknowledging its blindspot.
Remember, consumers buy millions if not not billions of dollars of useless cold remedies every year for an infection that could have been prevented by 20 seconds of handwashing.
No they don't. Because they got to define the criteria for inclusion themselves, there are lots of functions still not documented. Take a look at this page. It's a shame his usage page (linked from the page I just referenced) does not include MS Office -- I personally know of a few APIs that it uses that are dynamically loaded by ordinal , even in post-settlement versions, undoubtedly to obscure the fact.
The MCP is the "Media Communications Processor" that Nvidia developed and Microsoft used for the original Xbox. They refer to it sometimes as MCP-X or XCP, to differentiate it from the regular PC version. I remember joking about that more than 4 years ago. Sorry =(
Just to be on topic, I'd say that the irony here is that, in the movie, Flynn was considered a rogue program (or malware in today's terms), attacking the OS kernel (MCP), who's the bad guy now?
- Otaku no naka no otaku, otaking da!!!
The difference with Microsoft and Linux distributors is that Microsoft is a convicted monopoly in both the US and EU, and no Linux distributor is a monopoly (convicted or not).
Oolite: Elite-like game. For Mac, Linux and Windows
Well Symantec and their products sucks. Norton AntiVirus is the most suckiest anti virus application there is. To be able to install it you need to type those stupid security authentication numbers then activate it over the net. Then when you finaly have installed it, it has an ugly interface that is sluggish and makes the whole computer slow and drains it resources.
:D
And as for Microsoft, they suck too but Symantec does a lawsuit now because they put antivirus in their OS (which might kill Symantec and other vendors), but there are things far more worrying than that such as DRM, Treacherous Computing, patents and such that not much is being done about.
The only good Norton product is Norton Commander.
Wether MS integrate and antivirus software with Vista or not, I hope Symantec gets put out of bussiness.
Microsoft bundles some program (let's say web browser) with their OS. If other program is better, people will use it.
Hah. Tell that to Netscape, Opera, Mozilla.
People won't use other program, because they already have program, that satisfies most of their needs. You can have superior product, but you will have problems entering the market, because other product is included in every package. Microsoft can have broken, inferior product and still dominates the market due to bundling.
Linux distributions don't dominate the market and their bundles are not enforced. Programs are not included by default in every Linux OS. You are free to use Mplayer, Noatun, Totem, Kaffeine, Xine to play your video files. You can use XMMS, Rhythmbox, Amarok, mpg321, cplay to play your audio files.
1. Microsoft provides security software for free.
2. Symantec & al go bankrupt.
3. No more jobs for retired virus writers.
4. Viruses mysteriously disappear.
5. Profit !
And for this to happen, Microsoft doesn't even have to build security software that actually works, it just needs to be free ! Beautiful, isn't it ?
I've seen this happen quite a few times already; why would a US corporation complain to Europe about another US corporation? Why not take legal action in the US itself? Is there a perception that the US political system is already in the pockets of mighty corporations like Microsoft?
nt
> The Commission is the executive branch of the European Union (EU)
The council of the EU is the executive branch. Some executive power is transfered under the control of the council to the commission, i.a. in the field of concurrence.
Back in the dim dark ages of my youth, I installed MS-DOS 5.0 or 6.0 with it's very own AntiVirus product built in : it was totally useless as there were no updates available unless you subscribed, so it was seriously outdated by the time I got my hands on it.
What makes anyone think they're going to do any better this time around?
Micro$oft have touted a subscription model for software in the past, they would probably try it again for this, and I will bet my bottom dollar they will fail again because of the same consumer resistance they struck last time.
Don't blame me, it's usually 2 in the morning when I post
You ask how MS could fix their security model.
.Net apps should not be supported as objects in a browser either for the same reason (Java was engineered to do exactly this). Plugins are different, however, but they should require that the user request and confirm their installation (maybe create a Windows Installer wrapper to handle the plugins).
Windows is built around the "reuse everything, even over a network" (aka OLE/ActiveX) model which is inherently broken. This model does not legitimately recognize an execution barrier at the network interface. To do this, they would need to stop making *everything* dependant on RPC. Isolate RPC such that it is possible to shut it off without breaking core functionality (like copy/paste) in most applications.
Allowing embedded non-sandboxed executable content in a web browser is plain stupid. Even Mozilla makes a (unfortunately porous and attackable) barrier between Chrome and web content in terms of the ability to access XPCOM objects.
As a corollary,
Third, Windows security assumes that the administrator is the full user, that the regular user has no real access to do anything to the system, and that the power users are somewhat inbetween. They should rename these as "Administrator, User, and Limited User" as many applications require at least power user rights to run. This would better balance the needs of the users and administrators while keeping the same capabilities we have today. (In this case, the confusion about what a User is supposed to be able to do means that many people end up running the system with admin privileges unnecessarily).
Fourth, it would be helpful to allow execute without read permissions. I.e. one can execute a script or program wihtout having the right to copy or open it in a hex editor even to look at it (or run it through strings looking for interesting stuff).
Fifth, don't hide extensions in email attachments. I don't mind it when they are hidden on the hard drive, but if they are hidden in the email, it limits the information you have regarding untrusted content. Also confirm before running executable content in a program that can receive it from untrusted sources even if the source appears trusted.
Sixth, allow the administrator to limit the number of network sockets (TCP and UDP) a user may open to a specific number. Set this to something like 10 by default. When these are reached, you could prompt the administrator (or maybe even allow for a configuration option to allow the user to change this if the administrator allows it).
Seventh, impliment some form of MAC similar to SE-Linux. Develop sensible policies which have it turned on by default (i.e. no running executables out of %TEMP%).
These are just the ones that occur to me.
LedgerSMB: Open source Accounting/ERP