Slashdot Mirror
MS to Launch Paid Security Subscription Service
user24 writes "MSN reports that Microsoft 'is launching a subscription service aimed at providing better protection for the Windows operating system, which has been vulnerable to Internet attacks.
Windows Live OneCare will protect up to three computers for about 50 dollars a year.'
From the OneCare website: 'Windows Live OneCare works continuously, automatically, and quietly in the background on your PC, ever vigilant against threats but never in the way, allowing you to have fun and be more productive:'"
Try fixing your operating system first.
They've found the second step!
1. Build buggy OS full of security holes
2. Charge 50 dollars a year to fix said bugs
3. Profit!
I gotta commend Microsoft, planning to make money of things that should be integrated into the system so that the threats never happen in the first place.
Prevention is less profitable than response, thus, they'll never try making a secure system now.
You will be baked, and there will be cake.
Only in the software industry, folks, can you buy a product and then buy another product to make the first product work. I suppose if you are making a bomb that could apply too.
1. Sell insecure operating system
2. Charge extra to make it secure
3. Profit!
Paid protection.. by their programmers from their programmers.
do they break kneecaps if you don't join?
... our new security overlords. Trust us, we're Microsoft.
I used the OneCare beta for quite a while (actually a good product IMHO).. But the subscription service started at the beginning of the month... Slashdot is a little late in reporting it.. On a side note; I did stop using OneCare when I tried to pay for the subscription (reduced rate for beta users) only to see (for the first time) U.S. Only, with international support at some point in the future (a year?). Anyways.. my $0.02
Its funny, Microsoft advertises a free 1 year subscription to eTrust antivirus from CA on their own site
You think they'll keep doing that now? (eTrust bets OneCare by miles, imho)
Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
"We wouldn't want any 'problems' on your computer, now would we?"
MS makes a dangerous OS and then they drag more money out of you to protect you from it. Sounds like the mafia to me.
... to anyone that heard about a product called MS Windows Defender. Seriously, did people think that was going to be a stand-alone free product for people to use? From Microsoft?
An Open-handed slap is better than a punch any day: Humiliation is a great tool
How MS can sell you a product that they admit is broken, then sell you a subscription service to fix it? Those guys are marketing wizards.
If this was any other product in the world people would scream bloody murder.
Weaselmancer
rediculous.
Alternatively, you can get a discount for less secure software.
Uhh, it still is
Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
Use this PC to go online and download content, Burn it to CD's and sneakernet it to trusted 100% offline computers. Should the throwaway PC get pwned, just format the hard disk and reload the OS or restore a HD disk image of the PC before it went online for the first time.
A pain in the neck, but more effective (and cheaper) than M$'s solution.
I wonder if anyone is going to sue them under the raqueteering laws since they're essentially now in the protection raquet.
In other news, the Microsoft automotive line was revealed today. The cars run great when they run (which is occasionally) and come with an optional $50 annual subscription fee that provides seatbelts, a windshield, and doors.
This post has no 3 steps.
Simple as that.
Another good way of doing this is to use Ghost, and then physically disconnect the drive you back up to. SATA is good for that.
Weaselmancer
rediculous.
door and boot locks.
Well, close enough. The software to cars analogies never really work. I wonder how much power locks and a zapper would cost?
You have a sick, twisted mind. Please subscribe me to your newsletter.
As you can see from the site http://www.windowsonecare.com/ they are offering antivirus, antispyware, firewall, performance tune-ups, and data backup and restore. At least 3 of those are dependant on their windows OS deficiencies.
It's obvious that they wouldn't be launching this service now if it won't also be needed for Vista. This was basically the last reason i needed to switch over to a Mac.
Ludwig Wittgenstein
When auto companies sell defective cars that will injure or kill or even just break down, they are REQUIRED to do a recall and fix them for FREE. When Microsoft sells a completely defective operating system that allows data theft, invasion of privacy, extortion and wholesale hijacking of the internet, at a cost of billions of dollars, they get to charge more money for the fix. The arrogance and irresponsible behavior toward the customer is breathtaking. Why are lawyers not lining up for the class action suits?
There are many of us who have known the second step for ages: don't have your business rely on Microsoft products.
What do we do? We use Linux. We use Solaris. We use BSD. We use Mac OS X. We use AiX. We use HP-UX.
How does it benefit us financially? What we spend on our UNIX licenses pales in comparison to what we would have paid for Windows licenses, plus this sort of nonsense (all which "fixes" problems that just don't exist when using UNIX). Of course, our Linux and BSD systems don't have such fees at all.
This isn't a matter of Microsoft figuring out the second step. This is a matter of the vast majority of companies not understanding it.
While many companies and individuals waste their time and money on this sort of junk, we just use systems that work, and doing so allows us to vastly improve our productivity. Our productivity improvements easily allow our products and services to succeed. Our corporate networks aren't infected by the Windows worm-of-the-week. Our servers are not easily compromised by script kiddies. We succeed because we know the second step: avoid Microsoft products.
It can't be April 1 already! Where did 2006 go?
So let me get this straight. Microsoft Windows, already running (by default) background processes that hackers contantly exploit, comes up with an idea to add another automatic process to "increase" security?
And to top it off, Windows users have to PAY for that?
Isn't that like having a bank having to pay to have their security system installed by the mafia?
Before everyone gets all excited and thinks this will fix any MS bugs on your machine, stop right there, and read the first page of the onecare website.
This ISN'T paying for updates and patches. This IS paying for an antivirus and antispyware tools that several other companies already offer. So basically MS is trying to protect you from not only their mistakes, but other software's as well.
You can already get everything offered in the OneCare package for free from other utilities, but for huge companies that push out 1000's of licenses this is probably a cash cow for MS.
Dat's some awful pretty data youse got dere. Me an' Lefty would be heartbroken if sumthin wuz to happpen to it, huh Lefty? Maybe youse is need some prtection insurance?
Faith: n. -- That human impulse that drives them to steal appliances when the power goes out
'Nuff said.
I've seen this before ... oh yes, the off button. It is very quiet and just what Vista needs to be save and secure.
Of course, you could just use an OS that requires neither "protection" nor subscription fees.
Friends don't help friends install M$ junk.
that is freaking funny, and even more there's many suckers who will pay...LOL
Everyone has pointed out WHY this is insane, so I really feel that the best use of my time and talent is simply to reiterate the insanity of this whole thing. Back in college, I would have LOVED to have proposed this in a marketing class. While I never took a marketing class, I would have if I had thought this up, if only to frustrate the professor with my very, very stupid and unmarketable idea (that Microsoft is now making money with). It's like they've found a way to profit from hypocrisy.
This is actually good news, and I thank Microsoft for driving yet more people to Linux and BSD and other excellent alternatives.
What I want to know is what kind of security they are talking about? They haven't been able to demonstrate a 'secure' OS so far. I guess they going to downgrade current state of it and then charge money to make existing fixes available.
Is this honestly cheaper/easier than switching from MS solutions?
How much of a pain in the ass does Windows have to get for people to ditch it?
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
"Nice computer you got there.
Shame if something were to happen to it..."
"Windows Live OneCare [CC] works continuously, automatically, and quietly in the background on your PC, ever vigilant against threats but never in the way, allowing you to have fun and be more productive" If it is closed source and never alerts us, how are we supposed to know if it is actually doing anything? The program could just be filled with random code and gibberish to make it seem like it is imporant. At least it doesn't pop up asking you to restart every five minutes!
no doubt this beta is named "guido"?
From my understanding, Microsoft owns the Windows OS and I only have a license to use that software.
Why should I pay to fix their software??
Now if they want to allow me to become the owner of the software, rather than just a licensed user, then I can see paying for fixes. But I will not pay to fix someone elses software.
If M$ can get away with this then maybe local stores will start charging customers extra for maintaining a computerized inventory of their goods, after all, that is what they use to make sure they have the products on hand for the customers.
deserve everything they get. Call it a stupid tax.
Seriously, who would still use Windows? I quit it 5 years ago now.
(Yeah -1 redundant I know, but there is are so many alternatives, and it needs saying over and over again)
It'd be a shame if something... happened to it, now, wouldn't it?
You are still innocent until proven guilty. What's changed is what they do to innocent people. - notnAP, #26891325
ill be trusting a company (and forking out more dough) for security fix software from the same company that released the unsecure software in the first place?
Quite simply, they are nuts.
Mike
I heart the RIAA & MPAA, im sure its mutual...
Microsoft releasing operating systems with inadequate security is not comparable to repair of products that deteriorate through wear and tear (the software equivalent for that is such tools as defragmenters or registry cleaners). It is much more analogous to selling a car with a faulty brake system. Then you buy a separate braking system from another company. The problem with that is that this secondary braking system is not built into the fabric of the car. Thus, it leads to handling problems, will sometimes conflict with the original faulty braking system, and will occasionally even fail to stop the car when needed. The solution is to produce a car that has a properly designed braking system in the first place.
major conflict of interest don't you think? I mean MS builds a platform full of holes, and then asks for more money to fix the holes. Thats like if GM built a truck with no engine, and once you took delivery asked for a seperate additional check for the engine.
Fool me once...shame on you, fool me twice...won't be fooled again (our president)
Or in your case, to sucker people into a scam with the promise of a free Mac.
The design and overall vibe of the website linked in your sig fucking stinks of the PC mentality. Never trust a PC user, I say; even less a PC user hawking "FreeMacs4Me."
Bonsai Kitten: TNG
Microsoft got where they are today by playing the business game right, so they deserve to exploit whatever advantages the free market gives them in their position. If you want to blame anything, blame the way our market works. I certainly don't blame Microsoft for trying to make money.
You don't pay the wolves to guard the sheep!
The amusing thing is that this tells you something about the average intelligence of MS users--they know that Windows products (created by Microsoft) are buggy and prone to spyware, viruses, and other threats, yet somehow believe the the same Microsoft who couldn't write a secure OS can somehow write software to "fix" the holes they couldn't be bothered to close when the OS shipped. Sheesh.
Interested in a Flash-based MAME front end? Visit mame.danzbb.com
SANTA CLARA, Calif., May 30
http://www.techweb.com/showPressRelease.jhtml?arti cleID=X482225
"McAfee first delivered security as a service in 1999, ..."
setting the industry standard with seamless, integrated
protection and transforming the way consumers use
Always keep in mind, just who first delivered this plague of completely-expiring software upon users who already knew there was no need to buy this-years-model every 12 months.
If you look at the features most of those come standard with OneCare and the windows equal.
50$ a year for a Fancy All-In-One gui to your basic windows programs sound like a lot to me. Doesnt even backup to an remote backup server. Sadly Mac suckers (em, users) have been paying for years, Redmond is catching up and getting in on the action.
Procrastinating life a way at a rapid rate of speed.
Why are linux people so angry about Microsoft, you have your linux, you have your free stuff so just enjoy it. Just be glad that you have what you have! Be glad it is not popular and therefore does not attract the attention of virus writers, spyware etc. If you make enough noise and bring enough people on board then you too will enjoy the pitfalls of being at the top of the heap! Maybe they need to release a version of linux called Chillout or Mello!
$50 per year is not a problem for me but I dont need it as I just dont get these infections as i am aware of how to protect myself. If you are competent enough to setup secure linux then you can do the same for windows if you try.
...a jillion and a half fools are going to sign up for this. And ol' Billy G. will just keep getting richer and richer. Whatever happened to buying quality products instead of being satisfied with crap? Pathetic.
Not to be nitpicky and flamebait-ey, but Apple's got holes too, hackers just don't care about them. If it's 50/50 between MS and Apple (yeah, yeah, Linux, I know), you can expect that Macs will be targets too. Something tells me that the [generic mean people] aren't out to prove a point about Microsoft and Apple/*nix, they just go after whatever's easiest. As OSX is Unix-based, I'd imagine finding security holes would be considerably easier should one be looking to do so.
How are sites slashdotted when nobody reads TFAs?
Now they sell us a producte and them charge extra to make it usable?!
How can we end this monopoly? I have no hope.
I never could figure how people put up with windows until 2000
and I never figure out how people put up with window after 2000.
Hey, give us some insurance money or your house might burn down...
If you're not a part of the solution, there's good money to be made prolonging the problem.
That's a classic move by MSFT. Writte buggy, insecure software. Charge money for it. Sell band-aids that need maintenance. Sell maintenance. Thanks, but no, thanks.
"There's a sucker born every minute." Widely and falsely attributed to P.T. Barnum.
"A fool and his money are soon parted." Thomas Tusser.
MS is apparently hoping that lightning will strike twice in millions of places.
They've said repeatedly that Vista will be the most secure Windows ever, so why would Vista need any additional security software, from the creator of the OS or a third party? Obviously, the answer is that Vista isn't secure, and MS already knows it. They've even thought of a way to turn Vista's lackluster security into a secondary revenue stream.
To which the suckers and fools will gladly contribute.
What incentive does MS have to provide a secure OS if they are deriving revenue from the very faults they created?
A message from our sponsor
Try saying it real fast... With an Indian accent...
They want us to pay protection.
Are You Fucking Nuts??? They can't get it right for US$300.00 a copy for XP Pro and gods above and below know what for Vista; and they want me to pay another US$50.00 a year for fucking "security" ? Jesus Wept!
Some mornings it's hardly worth chewing through the restraints to get out of bed.
It's all wel and good that there is a Microsoft service to protect Windows, but what is protecting ONE Care?
Seems funny that security issues that Microsoft should have fixed created a new market, and now that this market exists, Microsoft cannot monopolize it by actually fixing the said issues with built-in software.
RIDICULOUS!
READY.
PRINT ""+-0
of your products being "tried and true" and improving over time ?
So is the new mantra going to be, 'Security through Immaturity' ?
Is the underlying foundation of WindowsNT so shaky that Microsoft
had to just throw up their hands and flatout give up?
Does anybody wonder if they are protecting users or market share?
How many hours will it be until a security patch is announced for the "security" software?
Trust needs to be earned.
...has to do business with some minimum consumer warranty action as in "suitable for purpose" and not containing glaring defects. MS-and software in genereal temrs, is under no such legal liability in most cases. They are allowed the "neener, neener,sucks to be you, nothing is our fault" EULA dodge.
Now *why* exactly all these other billion dollar non software industries put up with that is beyond me, you'd have to ask them. I only run free software, and I totally understand even "stable release" means it is still betaware, but..it's free and Free so I don't care. If I was paying serious folding money for some software "license", I would have a different attitude about it, I'd want a minimum warranty. That's my "capitalist bottom line" anyone can go "leverage".
This may come as a surprise to you, but most viruses exploit flaws in Microsoft software to spread themselves.
Microsoft's initial product is defective, malicious people take advantage of the defects to create problems for users, Microsoft then charges users to remove the problems that their defective software allowed for in the first place.
Who you blame for viruses is debatable, but there's no doubt that Microsoft have a conflict of interests problem if they start selling virus scanner software. If they make their OS too secure, eventually they will kill the need for their new virus scanner product.
The fact that they intend for this service to be used mostly with Windows Vista is proof that they expect Windows Vista to have flaws for viruses to exploit.
Perhaps this is an updated version of MS-AV?
What happens when OneCare decides the system
isn't safe enough and formats the hard-disk?
Is notepad going to also be a subscription service?
Now I know when people ask if they should switch
to Vista my immediate response will have to be
'no'.... unless, of course, I don't like them.
---
'That he surely did not.'
no rushing.. no rushing
place your bets here.. place your bets here..
Today's bet: When will MS bring out another paid service to make sure their Windoze Live OneCare service works as expected?
* lon3st4r *
Unfortunately, users can't be patched.
Sure they can - I slap a Mac on 'em. Then they can't click on anything stupid because there is nothing to click on yet that causes harm.
Yes there could be - but it's hard to ignore the plain fact that there isn't.
Like all patches, it may not last forever but it does fix the immediate problem.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I would say the more relevant question is how good do the competitors have to be in order for people to switch. Obviously, they aren't good enough yet.
Your not honestly going to say that you don't think that antivirus / antispyware is a good thing to have on a machine used by the type of person who will click OK to everything they see?
On a Mac the fact is that you don't need either of those things because no matter how stupid the user is there is nothing malicious the user can click on. You might in the future but why not cross that bridge if you ever reach it, isntead of paying $50 a year right now and risk that it will not even work? Windows has plenty of zero-day exploits that the virus scanners do not catch.
A firewall is useful on any system (not just Windows), and anyone storing data on their machine and NOT doing some kind of data backup (at least for the important data) is crazy.
For inbound traffic Macs don't generally need firewalls because they come with no ports open. For outbound traffic (potential spyware) a firewall might be of more use but since again, there is no spyware or malware it's not needed. Less technical users can get away with not running such things and simply start doing so if and when an outbreak of spyware arrives on the mac.
As for the performance tune-ups, it really just puts the common tools into one place (defrag, clear temp files, etc)
I'm not sure why you'd want to pay for those things; OS X includes them for free (including an incremental defrag approach to the FS that works really well).
In short the TCO figures for Microsoft just increased again. Can't run Windows without the $50/tyear tithe to Microsoft domination!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
No doubt it'll be available before very long.
Microsoft just gave Linux, MacOS X, and the BSDs a nice, juicy marketing point. There's no need for the DOJ on this one. Microsoft is shooting itself in the foot by coming out and saying that their product simply isn't usable out of the box. If I were RedHat or Novell, I'd jump all over this. I can picture the ads now: "So I need to pay another $50 EVERY YEAR just to keep my computer from getting trashed by viruses? Thanks, but no thanks, Microsoft!"
Read the EFF's Fair Use FAQ
Microsoft...selling security...BaWaaHAAAAA! That's a good one.
When the mob does this, they call it Extortion.
Maybe the Feds that they haven't paid off will wack them with RICO.
Is that a SCSI connector or are you just glad to see me?
As a Mac OS X user, I am not troubled by things like that, and I cannot be bothered with Windows, but I would be equally upset if Apple one day decided to CHARGE for security features! But they again, that would not be Apple's style, would it?
Same with Linux companies. They would never charge you for basic secrity, because a) it is built-in into the OS and b) a move like that would severely hurt the credibitity of the company.
So, in sum: shame, shame on you, Microsoft. You are a poor excuse for a technology company. You have NO credibility left in this world.
Beauty is in the beholder of the eye.
Mostly I agree with your sentiment here, but on this particular comment, I wanted to note that there's a material difference between buying it from another company and from the same company. In the case of two companies, the first company can claim the things the second company is fixing are not things they knew about or thought of, and in so doing they might have some sort of vestige of a defense against claims they are negligent for not fixing it in their original product. In the case of the care being provided by the same company, the problem is that Windows already sells this facility, since the Windows Update facility presumably gets frequent security updates.
If you'd get all the same patches anyway, and you're just paying for getting them instantly instead of waiting for a daily polling mechanism, maybe that's reasonable. But if they're actually making a conscious decision "let's not give this fix out for free, let's hold it back from our normal distribution mechanism because people should have paid us more for this kind of protection", there it seems like users should be lining up to sue every time there's a fix that they can't get throught Windows Update and it leads to material damage.
Unlike in the case of two uncoordinated vendors, it would seem like it would be easier to show there was a conscious decision by Microsoft to withhold a fix, and although I'm not a lawyer, that sounds to me like it would make a big difference to jurors considering a liability case.
Kent M Pitman
Philosopher, Technologist, Writer
Apparently only when they charge you a monthly fee so as to not get a BSOD every time you boot. However, I'm afraid that suckers might still fall into that.
If someone can confirm that I'll be able to get it running relatively easily and stable with ATI graphics then I'll start downloading it now.
As for MS charging a premium for a more secure OS... why do we put up with this crap?
* I have an nvidia 9800 pro sitting on my desk however I am saving for a decent PSU - it kept crashing with my current 350w.
"Those who cast the votes decide nothing. Those who count the votes decide everything" -- Josef Stalin
Pay us and we will protect you from ourselves?
Most (all?) antivirus companies have extremely harsh policy against employees writing viruses or other malicious code the software is to protect from.
What is there to stop Microsoft from putting a bug here, a hole there, purposedly, and "discover" it half a year later just to prove how essential the subscription service is to security of a company?
Anagram("United States of America") == "Dine out, taste a Mac, fries"
A secure OS prevents those things that you listed. The malware is not allowed access to the resources it requires, including but not limited to: memory, registers, interrupts, system calls, files, disk, etc. etc. etc.
There are extremely secure commercial operating systems that prevent all of this.
Insurance is not only legal but required in some states. You talk big, but do you even have a liscense to operate a computer?
...this only SOLIDIFIES my stance on sticking with Apple. Forget Microsoft. Bill Gates may be a genius when it comes to making a buck, but he's obviously got no sense of right and wrong.
Hey Bill, if you're reading this, get at least this much through your thick, geeky little four-eyed head:
It's just not right to force people to pay even more money to you to keep their system secure when THAT'S WHAT THEY PAID FOR IN THE FIRST PLACE, especially when you already have a monopoly on the OS market.
Fuck Microsoft.
Well now ... aren't you a fucking wizard. I bet you went to ITT Tech or Univ. of Phoenix. I have a better idea. Use an OS that doesn't suck (I prefer OS X .. but to each his own. There are other options).
Typical anti-Microsoft knee-jerk reaction. You must be a fan of Apple in spite of their almost non-existant market share.
The only 3 options that currently matter....
Linux - Great for server boxen and computer networking but insn't quite 'consumer grade' yet. I hear Linux installations are a pain to use unless you get one of the 'Windowslike' distros that have easy setup/installation routines.
OS X - A great, rather secure OS based on UNIX. Too bad only artistes use it like gangbusters--not the general public who just want to play games or manage their finances on their computer. Has tiny market share compared to....
Windows - Buggy, kludged for 'backwards compatibility' with earlier versions of DOS/Windows, and insecure, it's only strengths are ease of use and dominant market share.
The best idea would be to write a secure, efficient OS from the ground up. Can you do that? I could as I have enough knowledge of x86 BIOS, x86 assembler, and C to try. However, I don't have the time to spare to even make the attempt. And even if I did and finished it, it would probably be a 'hobby OS' like Linux was before big companies like IBM 'got behind it'....
Systems programming is not for the faint of heart!
It should only be attempted by people like Steve Gibson who writes all his Windows programs in 100% assembly language!
Last year's model has a quirk where the freezer door doesn't shut all the way by itself. It looks like it's going to close, but then stops an inch or so from actually closing. This year's model has a new feature: a door alarm. It costs extra, though. They really ought to fix the poor door design, and MS really ought to write more secure applications.
Love those mainframes.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I have a few windows machine.
One - a 2003 server has never crashed - as I mainly leave that happily running Apache, mailserver etc.
One - my big beast has bouts of flakiness - everytime it's down to a flakey driver for some obscure or cutting edge piece of hardware. (a problem MS has attempted to address with signed/unsigned drivers).
Now if a company produces a buggy driver for Windows, you can usually be pretty sure they put even less effort into the linux one (if they bothered at all).
In my country, we patch them regularly.
- Vladimir
If you run Linux you need to spend $50 a year or more to get any support.
At all.
This amounts to a protection racket "Ooooh what valuable data you got on your machine. It'd be a real shame if anything happened to it, guv". Will Microsoft patch the next critical vulnerability for anyone who's not paid up?
Can you say ...
Sent from my ASR33 using ASCII
Isnt that racketeering ??
buy our faulty operating system, then buy our protection for it...
Nice one microsoft !!
Microsoft always wanted to have a subscription model for Windows. Since no one signed up for it, now they have a separate subscription based product, which is required to use Windows (at least for ordinary users). So now, Microsoft can now offer Windows for free and have this subscription model to derive their income. So it's a win-win situation where Microsoft gets their subscription model out with an annual income from their OS, and the users get a safer OS to work on.
Microsoft asking money for what you have already paid for. Now they have economic intrest in creating faulty software, not just the usual negligence.
However if they'd provide this service for free, well THAT would be news.
Yeah, free Ipod! He is innocent!
Redmond keeps hitting us for more money. Why? Well, since the OS market is pretty well sewn up (they have about an 80% overall market share, so that qualifies as "sewn up in just about anybody's book), they have to figure out new and innovative ways to keep the cash coming in. This is obviously it. And, unfortunately, people will probably actually believe that the program works. Barnum's Maxim, in its full form reads: "There's a sucker born every minute... and TWO to TAKE him!" It seems that there's a high concentration of TWO's in Redmond. No wonder they're called "the terrible Two's...!" If their paid security program works as well as their initiative with a certain British University to "teach programmers how to write secure code" that was announced a couple of years ago, then anyone subscribing to this turkey will be in for a LOAD of VERY hard times on the security front! Lee Darrow, C.H. "Insecurity is better than NO security!" - R. Price, 1967
Check out the description of "protection racket."
http://en.wikipedia.org/wiki/Protection_racket
How is what Microsoft is doing any different?
for all the zealots with "fix windows first"... i have this for you:
the reason you see the bugs in windows, is because it has a VAST majority of the market. so you see it more. linux as a kernel has more bugs in it than the whole of windows, you just dont see them, because linux is a very small part of the world comparitivly.
portfolio
I have to say this:
They plan to charge more money to protect us from the problems they created themselves? What is the difference between paying this to Microsoft and paying the Mafia for "protection"?
Thans for letting me put it out. I just took a weight from my chest.
So say we all
The Ford Network reports that Ford is launching a subscription service aimed at providing better driving security for the Winesta cars, which have been sold with seatbelts made of Kleenex. Winesta Live OneCare will give you different seatbelts for three cars for about 2500 dollars a year (25% of the cost of the original car).
seriously - MS makes extremely insecure systems (Windows, Office, Outlook, IE) and then charge for the security, that those products are supposed to include from the start?
besides that: I don't beleive this service will help... MS has proven often enough that they can't make secure systems. how should this product offer any security that Windows,Office,Outlook and IE don't offer?
Man, I'm happy I've switched to Linux!
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
You guys should really think of using OpenSuse for Desktop or FreeBSD 6.1
;)
You wont suffer from viruses or MS backdoors
-Arabian CEO We Arab Portal Network http://www.WeArab.Net/
Willy Wonka?
He'll make you an OS you can't refuse. ;-)
'cause just like a drug dealer, that $50/year will get the unwary a taste of what using your computer on the internet *should* be, and then the price will rise to 'what the market can bear'.
A better solution would be for consumers (and this is who this is being pitched to) to withold their dollars and demand that MS fix what was so obviously broken to begin with, even if PHB and backdoor deals in the corporate world keep MS afloat.
It's amazing that the most widely used product on the planet is the only one that enjoys absolute, iron clad, protection from repercussions of any kind (but that's another thread)
Some days it's just not worth
chewing through my restraints.
s/Windows Live OneCare/Linux/ig
Why UNIX?
I was just thinking that would be about par for MS...
I wish to remain anomalous
In other news ... Michael Jackson is opening a Child Day Care Center.
But frankly, I find some comments on this thread rather too anti-Microsoft to stay silent...
I run Fedora Core at home. Not Windows, but Linux. It's great. In the back of my mind though, it worries me however that my OS seems completely unbothered about any kind of self-protection for itself. Indeed, I have no (software) firewall, no AV-protection, no spyware protection - absolutely zip all!
My XP machine on the other hand is different. On factory install it whined like a bitch it didn't have AV protection, a known firewall, and all updates applied!
Windows actually cares whether or not it's protected; Linux does not - with maybe the exception of system-updates.
Now, I can already hear the Linux zealots copying & pasting their favourite template replies for this subject...."yes but Windows has so many more holes, this & that.....etc".
Remember folks, Windows is by far a more popular platform out there. Yes, in the past certainly its security record has been lax, but that's quickly improving; UAC in Vista is yet another improvement - the last truly lacking design feature in Windows that makes it inferior to Linux on a security-level.
Windows has had to be paranoid to survive, and the result is an increasingly hardened system that actually gives a shit whether the user is protecting it - which for 99% of ordinary users is exactly what they need.
I'm lucky enough to know how to look after my machine, so I'll stick with Linux. Others don't, so they shouldn't.
This OneCare is yet another step in the right direction in my opinion. Maybe Windows is a more 'dangerous' system to run (I personally don't believe so), but just lately, it's not been because of its design - only popularity.
But anyway, what am I saying. On Slashdot, Microsoft are between a rock and a hard place - too much and it's anti-competitive; too little, and it's poor design.
Nothing to see here; move along please...
throw new NoSignatureException();
Hahahahahahaha...... Oh that's a good one, wait, it's not April Fools day...
Talk about a scam. Now MS has less incentive than ever to produce an OS that is secure and well-protected against viruses. Why protect their users for free when they can force them to pay a subscription?
This is another example of why MS should have been broken up. It's only by actually enforcing the anti-monopoly laws that we'll ever convince corporations that doing this kind of thing simply isn't going to wash.
To me, this is extortion, pure and simple, and should be agressively pursued by law enforcement as such.
The only reason I still use Windows is so I can play games. I dearly wish that the companies that make the games I play would port them to Linux so I could be shed of Windows once and for all.
-All that is gold does not glitter - Tolkien
www.ra
Ship it vulnerable, than cash clients to protect it.
Wonderful idea.
Read radical news here
Karem
When all is said and done, nothing changes...
http://en.wikipedia.org/wiki/Racketeering
"The most well-known is the protection racket, in which criminals demand money from businesses in exchange for the service of "protection" from the consequences of crime - which would not exist if it was not for the presence of the criminals."
I freshly scrubbed a VAIO tower, loaded it with its shipped system (98se) went to Windows Update to lather rinse repeat what they said it needed. We gave it exactly one job to do - it's hands-off, headless, on the net FTPing a graphic once a minute with the results of a proprietary data collection app.
Two weeks later when my tech went to tweak something, he came back saying it was loded with crap - we had to do it all over again, this time secured with AVG/SpyBot/AdAware which we do by default to user machines and now run weekly via VNC.
And people wonder why I love my Macs.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
My first support experience with Microsoft set the stage for later encounters.
... Usenet newsgroups. The kind of free software support you get for Linux. And was back up and running in a couple of hours.
...), but this has been my usual experience with Microsoft Support.
This was my first NT domain. Upgrading from NT 3.1 to the newly released NT 3.51.
Microsoft changed the licensing mechnism in 3.51. I don't recall the details now, but the result was that my network of ~100 PCs was having itermittent login problems. It was annoying, but we were able to live with it while I figured it out.
I called Microsoft, they made some suggestions, we went around a couple of times trying things, and on the third call they suggested it might be licensing and suggested I try making some changes to the licensing settings and call them back.
The changes completely broke the network. Nobody could log in. I called them back. "I'm sorry, you've used up your three free support calls for a new install. You'll have to buy a support contract..."
They wanted me to PAY for the damage THEY had done?
I went ballistic at them, and did what I should have done in the first place... went to my free software support
A week later I got a call from some muckymuck at Microsoft offering me another three free support calls. I'm afraid I got a mite sarcastic with him.
Since then, well, there have been exceptional brief bright pockets of clue (the Pocket PC group when Derek Brown was there, Windows Services for UNIX after they bought Softway Systems,
Paying someone else for support on Microsoft products is much more cost-effective.
If they throw in the OS for free with Office for 3 machines for 50 per year, I will gladly switch from Mac to windows.
In the back of my mind though, it worries me however that my OS seems completely unbothered about any kind of self-protection for itself.
Windows seems to be obsessive about security, it seems to be protecting itself.
In fact, it's the UNIX model that Linux follows that actually bothers with protection. It evolved in an environment where security mattered.
UNIX was developed when you had people who couldn't completely trust each other sharing the same computer. Once it got to academia you had professors writing papers, students working on their assignments, and lecturers writing and grading exams... all on the same computer. There's been problems with UNIX security, but they're well known and well understood problems and modern systems can avoid going anywhere near them.
Windows was developed for an environment where youcomputer was locked up in your office or your house, and someone had to actually walk up with a floppy disk to get stuff into or out of it. Every time it's been exposed to infection, it's caught a cold.
UNIX is a healthy mongrel, there's been a couple of big security scares like the Internet Worm that lasted a few days, but it's hardly ever been sick... because it washes its hands and takes care of itself, excersizes, and doesn't engage in dangerous activities. UNIX web browsers don't even have a mechanism to automatically download and execute foreign code... so they don't need web filters and spyware blockers. UNIX services can be shut off or restricted to the local computer, so they don't need firewalls and zone alarms.
You're assuming that the guy who's got a medicine cabinet full of grey-market antibiotics and patent medicines, and used prophylactics and single-use needles in his trash, is the one who's taking care of himself.
UNIX has been faced with a hostile evironment for over 30 years, and has been hardened at a deep level.
Windows has created its own hostile environment, and has absolutely refused to shed even the most flagrantly outrageously dangerous behaviours no matter what. The way Internet Explorer, Windows Explorer, and ActiveX work together is the computer equivalent of running around snogging Ebola patients in the middle of an epidemic, and there's no way to fix it without backing out the whole internet-desktop integration and making IE just another program.
Every time Microsoft's announced another layer of security band-aids over their broken design a bunch of people have crowed that THIS TIME they've got it right. There's no reason to believe that this time is any different from any of the previous "this time"s.
that doesn't do this already? For free?
Yep, it's still true for XP SP2. And it'll be true for Vista, Vista II, Vista XP, and successors, until Microsoft gets serious about removing the inherently unsafe components from the system like most UNIX distributions removed IP-based "security" along with the Berkeley "r suite" applications that used it.
You don't get security by adding band aids, you get security by fixing and removing the components or processes that cause the problem.
The lyrics is changing often in Baldy's school of music, from Developers, Developers & Developers to Subscribers, Subscribers & Subscribers - then threw a chair at them ;-)
If you want to be true to the original (which most slashdotters are probably too young to remember) you have to do more than just reverse words, you actually have to make a comment on Soviet Russia using some kind of pun or play on words. We'll use "system" here, like so:
In America, users patch system. In Soviet Russia, system patches YOU!
See how that works? We are making a comment on the system in Soviet Russia, using the dual meaning of the word system (a social or political system, as opposed to a computer operating system) not just reversing the order of some words that have no relation to Soviet Russia.
I swear, in Soviet Russia, grave is turning over in Yakov Smirnoff. What a country!
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Grisoft.com has a better and excellent service! Free! What's more, it does NOT have ActiveX or VBasic holes nor amateurish security philosophies like the toymakers at M$!
'Windows works fine as long as you don't connect it to the internet, and install non-Microsoft approved software!'
/yea I went there, so what?
Sorry, but as much work (see time=)is required out of the gate to get 'WINDOWS' to a working, albeit stable and secure(**cough**) state, is it really worth it when you can run a live CD of Knoppix (writing created data to USB flash) or install Ubuntu locally and be done with it??
Remember, we're talking about the average USER/CONSUMER here, not someone who has a little interest in thier PC and wants to see how things work...
how it's always supposed to work?
Windows Live OneCare works continuously, automatically, and quietly in the background on your PC,
I am insulted that they would expect me to pay this extortion for what should be a basic standard feature of the product.
That's like paying Ford an extra $50/yr so your tires are less likely to fall off.
I work for the Department of Redundancy Department.
This is (almost) what I expected - though I didn't think MS would use something as critical as security updates to flog their $50 a year revenue model. It all started with XBL, when MS figured out that users are apparently willing to pay $50 for a service that costs MS peanuts, and that users technically have already! It's no wonder that they've been looking to replicate this model elsewhere. I just thought it would be also in the entertainment section (WMP, for example), not in the critical security section.
Welcome your new MS overlords who will nickel-and-dime you to death.
Those who can, do. Those who can't, sue.
The problem, though, as others have pointed out, is less with Microsoft than with third-party programmers. It's actually trivial to set up a limited user account in Windows 2000 and XP. The problem is that there are a truly staggering number of programs out there that save their settings to the install directory or, worse, the Windows directory itself, which requires modify privileges to those locations. For the computer saavy, it's easy enough to edit file and directory permissions selectively without sacrificing too much security (say, giving write/edit access to \Program Files\Poorly Designed App without needing full access to the entire \Program Files hierarchy), but these sort of steps are neither trivial nor obvious to the uninitiated.
Microsoft's problem is defaulting to a basically insecure (everyone-as-administrator) setup. But it's easy to see why, since so much of Windows's reputation is placed on its backwards compatibility. Look at the trashing XP SP2 took for breaking compatibility with a very few applications in order to increase system security. And those incompatibilities are nothing like the problems most users would face if forced into a non-administrative paradigm.
Which doesn't totally excuse Microsoft of responsibility, of course: if earlier versions of Windows weren't such security nightmares, they wouldn't be in the situation they're in today. And they ultimately can decide to change Windows's default behavior, even if it would upset thousands of users. But, to be fair, they are essentially caught between a rock and hard place when it comes to this.
Sean Daugherty "I have walked in Eternity -- and Eternity weeps."
Back in February, slashdot ran a similar story about Microsoft's entry into the "antivirus" space (as you've noted today OneCare is more than just AV). I had crafted a response to that thread, but by the time it was posted the story was way off the main page and I doubt anyone even saw it. :)
;).
Here's a reposting of the original thread (http://it.slashdot.org/comments.pl?sid=176820&thr eshold=1&commentsort=0&mode=thread&cid=14719345). It's just a straight copy/paste, and I'll go through this morning and do a follow-up to specific comments on this thread. I think this is a great discussion, and I'd like for it to continue.
Thanks - Luke Abrams
=====
Hi folks,
My name is Luke Abrams, and I'm the release manager for Windows OneCare as well as a frequent Slashdot reader. I was stoked that OneCare was slashdotted today, and read through (almost) all of the comments and replies. As always, no shortage of opinions here, and it's interesting to see what the reaction in this community has been to the move by Microsoft to release an anti-virus solution.
I wanted to post my personal thoughts on Windows OneCare, both as an employee of Microsoft/OneCare, and as a bona-fide geek (if you need any proof I'll show you my nmos/pmos tattoos sometime
1. "The problem...and the fix" - many of your comments were criticisms that Microsoft was selling solutions to the problems that it caused. It's no secret that all software has bugs and vulnerabilities - and like other software companies, we are committed to building software as secure as we can make it and finding and fixing bugs as quickly as possible. But let's not confuse code defects (exploitable or otherwise) with malware, and methods of protection. Let me dive into an analogy for a bit to flesh out the thought - think home security. When you build a house, you also want to make sure that it's secure. You install locks on doors, make sure windows only open from the inside, put your valuables in a safe, etc. But whether or not the builders left any exploitable holes in their design, you aren't really protected without a security system. Let's break this system down:
Good = secure design for the house
Better = above + updates to the design of the house as exploits are made known + good security practices (e.g. key management - don't leave your key in the mailbox!)
Best = above + active security system and a police force/infrastructure.
Alarm system (real-time scanning). In the event that some unauthorized entity enters into your house, an alarm will go off and the individual is immobilized until you decide whether to allow them to enter or not.
Police with "most wanted list" (signature detection) - they know who the bad guys are and stop them before they get to you.
Detectives/agents that update the "most wanted list" (malware investigators/signature updates) - this is critical in the security arms race, because the bad guys don't stand still. If you have an AV solution with out-of-date signatures, you're not protected against any threat that has been released since your last update (unless your heuristics are really good)
Beat cops with good instincts (heuristic detection) - they can detect suspicious activity and stop some of the bad guys even before they're on the most wanted list.
2. "MS is charging for fixes to their own OS!" - this is not the case. Microsoft will continue to service their products with QFEs, SPs, etc. for free through Microsoft Updates. It's in our best interest to help protect all our customers this way, not just subscribers to one particular service. OneCare (among other things) simply makes things easy for consumers specifically by helping assist with the updating process from Microsoft Update as part of its active protection. As for the active protection piece, MS has long told users they need antivirus protection to be safe - even Windows Security Center in XPSP2 tells you that you're unprotected if yo
that no one in the justice dept. will even raise an eyebrow, to see if this breaks any laws. People downloading music, they after, but not this.
Make it sufficiently profitable and that will change in a heartbeat.
Of course, I even indicated that was the case. But people like you have been saying the same thing for YEARS. Who is to say you'll not be wrong for two more years - or more? All I know is that you are wrong TODAY. And probably tomorrow. I'll not guess beyond that. Well, actually I will - I know you'll be wrong next month, and for some omnths after, due to the shift to the Intel platform (which resets the counter to having exploits show up on OS X).
So why not take a path you know is problem free now and for some undefinable time going forward? Even if we do start to see problems it would take a huge amount of time to catch up to the level of problems Windows has. And if you are truly paranoid but a PPC mac because any new exploits that come out will probably be aimed at the Intel models, when they are in sufficient numbers (hundreds of millions of units? Tens of millions has not been enough to date) to have exploits appear.
In short arguing against using macs because they MIGHT SOMEDAY actually have A virus, is like not driving your Honda Accord until everyone else gets off the road. Especially when as an alertenative you strap yourself into a Gremlin with no seat belts and an open gas tank.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'll draw an analogy...
Plenty of people are already looking for any reason they can find to sue MS. This is making it too easy for them.
Time to be bitchslapped back to reality. Linux is not ready for the masses just because you can use it.
Thanks, I really needed that. I appreciate you taking the time to make me see the light.
But seriously, don't you think this *does* give Microsoft's competitors some very obvious marketing hooks? I see it as a net gain for OSes that compete with Windows. Do you see Microsoft's admission of its own massive failure to make its software reasonbly secure as somehow beneficial to Microsoft?
Read the EFF's Fair Use FAQ
I think someone was thinking of Bill Gates when they gave it its name. For those who don't get it... http://en.wikipedia.org/wiki/Wanker
In theory, theory and practice are the same. In practice, they're not.
I work in a company that does system administration for several clients. Having an important installed base of Windows, UNIX, AS/400 and Mainframe, and looking at the security and reliability of each, you can easily reach a conclusion: If Windows is not safer or more reliable it's simply because it's not profitable for Microsoft.
Calling a Mac secure is like calling the second fattest girl in a room skinny.
Because it's obvious to anyone at a glance?
Claiming OS X is not secure just because there "could be" problems is like claiming your Yugo "could" win the Indy 500 because all the other cars in the race "could" spontaneously explode.
Keep on racin' man, keep on racin'. Glad you have enough free time to keep patching up them windows boxen, but I have better things to do like actually work.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Hey that's work, right? Odd, I don't remember that being on my review last quarter... :-)
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If the OS keeps track of a file's executable status, I have to wonder why this crucial information isn't immediately recognizable in the GUI.
If users had a strong indication of executable status as soon as they look at any file, then I'd bet over time most users would come to avoid opening trojans (no matter how innocently they are named).
A system could also warn people the first time they open a non-bundled executable.
The more I think about this, the more it seems like GUI designers are failing us on malware. It is not the users' role to be mindreaders.
Time to be bitchslapped back to reality. Linux is not ready for the masses just because you can use it.
UNIX is, though.
Under the shiny Mac OS skin beats the heart of a hero.
What a brialliant business model MS is employing! Why don't we design and build software with lots of vunerabilities, then sell that software to unsuspecting users, and when there computer is so full of malware that they cannot use it anymore we offer them a charged service that can fix there problems! Wow what other trully invative business model will MS come up with next?
Dialog boxes may reduce security for some people by training them to automatically approve them, particularly on Windows where almost all the time they're completely superfluous.
Apple has started to go down the stupid dialog boxes route, though, because people have come to associate the illusion of security for the real thing.
To me, any time a programmer thinks "Oh, this might be dangerous, let me add a warning"... they need to change the design so the decision to perform a dangerous operation can be deferred and taken on the user's schedule rather than the application writer's. But don't leave the dialog in there as well!
The "Trash Can" is an example of this... it seems like Microsoft saw how useful it was on the Mac, but didn't understand why, so it asks you "do you want to move this to the trash" and "do you want to emopty the trash", even after changing the dangerous (delete) operation to a deferred (trash... then empty trash) one.
For the example at hand...
Don't automatically install or run components. Just download them, if you don't have a sandbox (a real application level one, not a 'low privilege user') to examine them in, and let the user open them later from the desktop or download manager.
People will learn not to open dangerous documents, if they don't have to make a snap decision about them in a hurry. And that will give them REAL security.
How true that is depends on what you are trying to do with the user, but it's always false in the long run.
If you are an ISP, you win both ways. When a typical user turns off an XP machine, your network's spam and DDoS load drops. The same thing happens regardless of the state of the Linux machine, though at first you will have to answer a few support questions any user of your service has to ask.
If you are a network administrator, you win big time. A few fanboys might be upset at losing their favorite non free junk, but most users could care less as long as things work and work they will! Turning off the XP computer has the same benefits for you as the ISP and you also have less industrial espionage to worry about. Say goodbye to pesky keyloggers.
As a home user you also win. You may have a few newbie questions, but Vista promosses much of the same confusion. Things are much better in the free world. You can play and work without fear of the OS turning itself off and losing things you care about.
Friends don't help friends install M$ junk.
If you had taken the class, the instuctor would have pointed you towards the maintaince and service contracts that have been part of the consumer marketplace for over one hundred years.
This isn't a maintainance or service contract.
This is like having your car recalled because the engine was prone to exploding, and the only fix up to now had been paying a mechanic every week to look for cracks... and when you get to the dealer to have the work done you find that instead of replacing the faulty components in your engine they try to sell you their crack-detection service.
Someone at Microsoft should be criminally liable for the damage done by their arrogant and incompetant design.
It's no secret that all software has bugs and vulnerabilities - and like other software companies, we are committed to building software as secure as we can make it and finding and fixing bugs as quickly as possible.
You've had almost 10 years to fix the fundamental design flaw that's by far the biggest source of security problems - the integration of the Browser and the Desktop using ActiveX - and not only has Microsoft NOT backed out that unfixable problem and the layers of kludges (like "security zones") plastered over it, Microsoft risked getting the company torn apart by the DoJ to keep that design in place.
Nobody else has anything like that. Even the dumbest things Apple has done like Open "Safe" Files After Downloading" are miles less daft.
When's Microsoft going th seriously address this?