MS to Launch Paid Security Subscription Service

user24 writes "MSN reports that Microsoft 'is launching a subscription service aimed at providing better protection for the Windows operating system, which has been vulnerable to Internet attacks. Windows Live OneCare will protect up to three computers for about 50 dollars a year.' From the OneCare website: 'Windows Live OneCare works continuously, automatically, and quietly in the background on your PC, ever vigilant against threats but never in the way, allowing you to have fun and be more productive:'"

Instead of competing with Symantec,

[Drinking+Bleach]

Try fixing your operating system first.

Re:Instead of competing with Symantec,

[drsmithy]

Try fixing your operating system first.

Unfortunately, users can't be patched.

Re:Instead of competing with Symantec,

Unfortunately, users can't be patched.

There are Nicotine patches to stop smoking,
Birth Control patches for unwanted pregnancies,
so why not Microsoft patches to quit Windows?

Re:Instead of competing with Symantec,

[Mistshadow2k4]

[sarcasm] Oh, yeah, right it's ALL the user's fault. And *nix allows remote users to make changes to your system without your knowledge or permission whenever you're online too. And let's not forget that ton of Unix viruses that have made the internet nearly impossible to use because all the servers keep failing. And of course, *nix also requires a whole bunch of third-party software to secure it as well. Oh, and all OSes have browsers with Active X![/sarcasm]

Yes, a lot of users are stupid. But if the vulnerabilities weren't there in the first place there would be far fewer problems. If Windows was as secure as OS X -- and sorry, Apple fans, it's not as secure as some other *nix distros -- a virus would be a rare thing simply because it wouldn't have anything to work with. So, yeah, if they fixed it that would eliminate most viruses right there. Despite the stereotypes many would have you believe, there are a lot of Mac users who are just as clueless as the Windows user you're describing, but their systems haven't been compromised because the OS they're using isn't horribly insecure to begin with.

How to secure Windows by yours truly (hope this makes sense; I haven't had much coffee yet):
1. Firewall! Better still firewall + hardware router.
2. Anti-virus. I recommend Avast! for 2k and XP, AVG for 9x. If you want to pay for anti-virus, I've heard NOD32 is the best, with Kaspersky's coming in a close second.
3. Win Patrol prevents many changes fromt aking place without your permission; just scroll down the page for the link to download the free version.
4. If you're using Xp, get xpy which can disable a whole lot of Windows problems, such as the remote regsitry severice which allows remote users to change your registry whenever you're online -- yes, MS made it that on purpose and isn't going to fix it -- and Active X, Windows' most infamous security hole. You need to know what you're doing with this program though; if you don't, get someone who does to help you.
5. Be careful. Research *everything* you'd like to install. Check the program's ratings at download sites and do a search on the program's name with a good search engine.

Personally, though, I tend to think Winsdows is hopeless. Patches aren't enough, the system needs to be built from the ground up with much higher security. That means a lot of programs wouldn't even work after that. And would MS provide this as a free fix to all of their customers? Ha!

But speculation is useless. Microsoft is never going to try to really fix Windows; as successful as they've been already, why should they? Especially not when they can make money selling services to protect Windows! Never mind that they should've built a secure OS in the first place like practically everyone else did.

Obligatory

[MrNonchalant]

They've found the second step!

1. Build buggy OS full of security holes
2. Charge 50 dollars a year to fix said bugs
3. Profit!

Re:Obligatory

[Duncan3]

Hrm...

1. Build an OS that's so hard to use only geeks can use it
2. Charge 50 dollars for documentation/support
3. Profit!

Oh wait, that's Redhat ;)

In search of the almighty $

[Admiral+Justin]

I gotta commend Microsoft, planning to make money of things that should be integrated into the system so that the threats never happen in the first place.

Prevention is less profitable than response, thus, they'll never try making a secure system now.

Re:In search of the almighty $

[Gorshkov]

No double standard at all. Symantec et. al. exist only because of Microsoft's design/implimentation errors - they should not exist at all - there should be no market for microsoft to push them OUT of.

If microsoft started addressing the problem and making the changes that rendered 3rd party virus programmes unnecessary, I would not only applaud them, but I might even change my mind about being willing to even DEVELOP windows applications.

In 25 years as a programmer, I have never written a windows *anything* for a client, and never will. Because when the sucker crashes (and it will), will the client blame microsoft? No, they'll blame ME - and it will affect MY reputation.

When I write for Unix/Linux/QNX/VRTX/Anything the hell else, I can be pretty sure that if something goes boom, it IS my fault - and I should take the blame, and if it reflects badly on me, I deserve it.

I have no problems whatsoever accepting responsibility for my errors. But there is no f..king way in HELL that I am going to send a client a programme and have them call me once a week bitching about how it keeps crashing becase it's MY fault, when it's because the damned thing is running on an unreliable piece of shit.

Re:In search of the almighty $

[xazos79]

Riiiight, and there's absolutely nothing wrong with the OSes you spouted. I'd hate to bring you back to the real world champ... but its more likely that it *is* your app stuffing up rather than windows crashing. I've been writing apps for 6 years for all platforms and not once has my app crashed as a result of windows. If its crashed, its a bug that's escaped testing. Next time, get off your high horse because those of us down here can't hear you.

Incredible

[abscissa]

Only in the software industry, folks, can you buy a product and then buy another product to make the first product work. I suppose if you are making a bomb that could apply too.

Re:Incredible

[hackstraw]

Only in the software industry, folks, can you buy a product and then buy another product to make the first product work. I suppose if you are making a bomb that could apply too.

Batteries not included.

Re:Incredible

[Gorshkov]

There is a very major difference between a 10 year old washing machine needing repairs and parts replacements after good, solid service and use over a period of time, and having to have the Maytag Man show up on your doorstep once a week if you want to be able to do more than one load a month without having your clothes get caught in the gears.

Re:Vista won't be better

[mincognito]

Your not honestly going to say that you don't think that antivirus / antispyware is a good thing to have on a machine used by the type of person who will click OK to everything they see?

The point is, if the OS was secure in the first place, antivirus/antispyware wouldn't be needed.

A firewall is useful on any system (not just Windows)

But why should i pay extra when other OSs offer full-fledged firewalls built-in?

anyone storing data on their machine and NOT doing some kind of data backup (at least for the important data) is crazy

Yes. But that doesn't explain why sane people should pay $50 a year for onecare.

As for the performance tune-ups, it really just puts the common tools into one place (defrag, clear temp files, etc)

According to the site 'permance plus' automatically runs defrag, etc. for the user once a month. Not sure how this improves on a simple "scheduled task" either...

My original point was that most of what is being offered are dependent on OS deficiencies (i.e. of no value to linux/os x users even if written for those platforms) and the features not dependent on those deficiencies (e.g. automated backup) certainly aren't worth $50 a year.

Re:Wrong analogy

[drsmithy]

User error is a very important source of security problems, but your statement goes way too far.

No, it doesn't.

I repeat: anti-spyware and anti-virus software aren't there to protect you against "inadequate security". They *may* do this as a side effect, but it is not their purpose.

I suspect you have not extensively used Internet Explorer on a user with administrator rights (MS Windows default) to browse the Internet.

No. Nor would I ever consider doing it.

If you had, you would have collected spyware without agreeing to install anything.

Undoubtedly. But this would be due to software bugs (and, arguably, bad UI), not "inadequate security" - not to mention the foolishness of browsing the web with a high-privilege account.

With Windows XP (original release, no SP 1) just connecting to the Internet from a user with administrator rights, without a firewall, is enough to be infected by worms within a short time.

As is installing many Linux distros and commercial unixes from the same time period. Again, you are largely describing problems caused by software bugs, not "inadequate security". I will agree that the firewall should have been enabled by default from the first release of XP and that services shouldn't be binding to external network interfaces by default - but even without that, all those remote exploits are coming from *coding errors*.

OS-level security - which Windows NT has in spades - can protect you against some aspects of malicious code. However, it cannot protect you against all, or even the most common, aspects of malicious code. That is what anti-spyware and anti-virus software is for.

Re:Vista won't be better

[I'm+Don+Giovanni]

The point is, if the OS was secure in the first place, antivirus/antispyware wouldn't be needed.

It's funny that slashdotters like to think of themselves as smarter than everyone else, more "tech-savvy" than everyone else, yet they make such idiotic statements like the above with regularity. And some idiot modded the above statement as "Insightful", further damning slashdot's rep. LOL

Spyware generally doesn't rely on OS insecurity.
Viruses generally don't rely on such either.
Trojan horses almost never rely on OS insecurity.
For those that do rely on OS insecurity, Microsoft will continue patching OS insecurity for free with Windows Update (just as Apple does for Macs). For malware that doesn't rely on OS insecurity, anti-malware software (such as Microsoft's OneCare offering) exists.

yup

[goldcd]

I have a few windows machine.
One - a 2003 server has never crashed - as I mainly leave that happily running Apache, mailserver etc.
One - my big beast has bouts of flakiness - everytime it's down to a flakey driver for some obscure or cutting edge piece of hardware. (a problem MS has attempted to address with signed/unsigned drivers).
Now if a company produces a buggy driver for Windows, you can usually be pretty sure they put even less effort into the linux one (if they bothered at all).

In my country

[this+great+guy]

<<
Unfortunately, users can't be patched.
>>

In my country, we patch them regularly.
- Vladimir