EU And Microsoft Clash Over Vista Security

An anonymous reader wrote to mention coverage of further clashes between Microsoft and the EU, this time over security in Windows Vista. Microsoft is 'urging' the EU to allow all of the security elements of Vista to remain intact. The EU seems to be under the impression it's not asking for security to be lax; it just wants the software company to ensure a fair playing field for all businesses. From the Newsday article: "European Union officials warned Microsoft Corp. on Tuesday not to shut out rivals in the security software market as the company plans to launch its Windows Vista operating system with built-in protection from hackers and malicious programs. EU spokesman Jonathan Todd told reporters that the European Commission is "ready to give guidance to Microsoft" concerning Vista but added that it was up to the U.S. software maker 'to accept and implement its responsibilities as a near monopolist to ensure full compliance' with EU competition rules."

The solution

[SCHecklerX]

The solution to me seems to be the approach used in linux, bsd, whatever. Fully document the security APIs, or command-line tools to configure the security aspects. Let other vendors write their GUIs for controlling security, such as firewalling, using that API. Let people pick the tool that fits their needs best, while all providing the same type of security through the OS.

Modularization

[theckhd]

This was brought up by someone in another discussion in a different context, but I think it applies equally well to Microsoft's current problems with the EU.

If they would simply modularize many of the components that come with Windows, they might wriggle out of a lot of legal troubles.

For example: I go to install Windows from scratch. On the installation screen, i get a list of components...
[x] Windows OS (base system, required)
[_] Internet Explorer
[_] Windows Security Center
[_] MS Firewall
[_] MS Antivirus
[_] MS Anti-Malware

etc.

I can check any of these things that i like, and they'll be included in the installation. For OEM installs, they could just include everything by default.

Most importantly, make them removable through Add/Remove Programs, so that if i decide at a later date that I no longer need a feature, i can uninstall it completely.

Suddenly a lot of the monopolistic legal troubles get much less worrisome for Redmond. EU worried about MS including Anti-Virus or Firewall? No problem, make them un-checked in the default install. Leave them on the disc, and make them freely available for download at the MS website to make it abundantly clear that they're a free service.

Not that I expect them to do any of this of course, but it would certainly help reduce the amount of resentment that many people feel towards them, even from their own users.

Microsoft Monopolism : making Buggy Bloatware pay!

[FractalZone]

From what I have been reading, Microsoft is designing Vista in such a way as to make it difficult for products that compete with whatever token security schemes Microsoft is planning to foist upon its hapless user base to be installed and/or run properly. Microsoft should make any and all APIs necessary to implement alternative (read: better) security solutions for Vista public. If it doesn't, I think it is fair to say that Microsoft is once again using proprietary standards/code to stifle the competition. That seems like a clear anti-trust violation, given Microsoft's technically undeserved but nonetheless practical monopoly of the commercial desktop PC operating system market.

Like most things that Microsoft touts as benefiting the user (think Windows Genuine (Dis)Advantage, DRM, and the "recommended" options on various configuration pages), whatever so-called security Microsoft puts into Vista will undoubtedly profit Microsoft first and the user as a mere afterthought, assuming that Microsoft can think up a good marketing gimmick to scare users into paying for it.

I'm still planning on not wasting money on yet another overpriced, under performing piece of Microsoft Buggy Bloatware, namely Vista. Ubuntu Linux is working well for me and doesn't seem to suffer from the gaping security holes most major Microsoft products (Windows, Office, and IE) are infamous for.

I must admit that Microsoft has a lot of nerve, trying to exclude competitors from cleaning up the security disaster that Vista is expected to be, so that it can make users dumb enough to buy Vista also pay through the nose to fix flaws that wouldn't be there if Microsoft sold quality programs in the first place.