EC Watching Microsoft Security Moves

Rob writes "The European Commission is looking into Microsoft Corp's recent moves into the desktop security market, according to Symantec Corp, one of the companies that stand to lose the most if Microsoft leverages its monopoly to compete. We've not filed any official complaint," a Symantec spokesperson said. "We've responded to a request for information from the European Commission... we were not proactive, they came to us." Microsoft announced last week that it will offer an enterprise desktop security package comprising antivirus, antispyware, firewall and centralized administration. That's in addition to its OneCare consumer offering, currently in beta."

Bloatware

[sp3298622]

First Adobe gets hit with integrated PDF creation in the new version of Word, and now Symantec is on the list of features Microsoft is going to incorporate in the next version of Windows. If there is anything they should have learned by now from the success of Linux, the benefits of allowing specialized developers creating software packages they know, understand and excel in doing properly, should have been clear to Microsoft by now. But I guess that's another thing that Microsoft think they can do better than anything else, what's new?

Re:This is just laughable

[Deathlizard]

Microsoft Could easily secure Windows to the point that no malware could infect the machine. You wouldn't like it, however, because you wouldn't be able to do anything on it other than browse the web. Want to install that Program? Sorry, it's not digitally signed! Like that Desktop Wallpaper? Sorry, but it's a Jpeg so it could have a Virus! ETC. If you want a Truly secure OS which doesn't need any type of protection, then you want Palladium. Simple as that.

On the other hand, Not having a secure OS means that now you have to deal with Joe Stupid installing everything Bob Ignoramus sends to him, because Bob Ignoramus would never send Joe Stupid a virus. No Sirree. Now in Joe Stupid's mind. All he sees is PAM_ANDERSON_NUDE_ON_THE_BEACH.JPG.EXE, and thinks to himself, "I wanna see that, and I'm going to click Yes on this big red box that says that this could be a virus, and I'm going to click yes on this other big red warning that says that it isn't signed, and I'm going to put my Admin Password in this box that says I need admin rights to run this file, and HEY it's not Pam Anderson, it's Paypal telling me to enter my password since my account expired, How Nice of them to remind me So I better do that, and Hold Up! This damn Punch the monkey Ad keeps coming up and my machine is running slow for some reason!!!"

Basically, Since Locking the machine Down isn't a good solution, and there's no security patches for the human brain yet, the easiest way to increase security without restricting the PC to the point that it's useless is have these addons to Stop Joe from being too stupid, but allow Joe to install Redneck Rampage Deer Hunter Extreme Machinegun Challenge when he feels like killing something. Frankly Why MS didn't have A virus scanner in XP is beyond me other than MS didn't want to hear Symantec Crying that their business they built on insecure Microsoft Os's is going away because Microsoft Suddenly decided to start securing their OS.

Frankly, The only complaint about this Microsoft Anti virus is that they are going to have definition subscriptions like all the other anti virus apps instead of just turning their AV solution on by default on Vista and allow it to update without having to worry about expiring definition subscriptions.

Whitelisting

[RAMMS+EIN]

``If you want a Truly secure OS which doesn't need any type of protection, then you want Palladium. Simple as that.''

Yes, but there is a right way and a wrong way to do it. The wrong way is to let one company (especially one with a reputation as bad as Microsoft's) control it. The right way is to let people choose lists to trust (much like APT repositories). I actually think that's a good idea.

Coupled with sandboxing (so applications cannot access files they have no business accessing, even if they belong to the same user), and safer programming languages (no more buffer overflows, injection vulnerabilities, and memory leaks), this would provide an enormous boost to security, at the expense of very little usability.

Re:This is just laughable

[Chris+Burke]

And how many million+ lines of code have you written without any security holes? Hmmmm.

I hope that "Hmmmm" is you thinking about the difference between any security holes and many security holes. "The inevitable existence of bugs means all software is equally vulnerable" is such a ludicrous argument it only makes sense if you don't think about it at all. That said:
1) I guarantee I produce fewer security holes than the guy who thought automatically running VB scripts in the preview pane of Outlook was a good idea. I wouldn't have had VB script in email at all... but I forgot design decisions don't matter because all software has bugs.
2) If I wrote the software that helped make "Melissa" a household name, I would have made security my top priority the next day, rather than years later.

Maybe, you are just like everyone else. Bitter and jealous that some young punk like Bill Gates could take a small company and revolutionize the computing world.

You mean everyone else who doesn't buy into the MS revisionist history? The revolutionaries were IBM with the PC and Compaq with their reverse engineered BIOS that created the clone market. MS did have the good fortune and accumen to be at the right place at the right time, but just about any other OS could have been used instead with the same result, and probably would have been better too. MS revolutionized nothing.

Oh, and get rich doing it.

The lesson? Monopolies are more profitable than quality products.