Slashdot Mirror
Security Companies Tussle With MS Security Center
hey0you0guy writes, "The large security firms such as Symantec and McAfee want Microsoft to allow them to replace Microsoft's Windows Security Center. Microsoft is refusing these requests. 'By imposing the Windows Security Center on all Windows users, Microsoft is defining a template through which everybody looks at security,' Bruce McCorkendale, a chief engineer at Symantec, said in an interview. 'How do we trust that Microsoft knows what all the important things about security are to warn users about?' Given Microsoft's past, with vast piles of security flaws and patches, they should at least cooperate with these companies. A dispute still exists over PatchGuard, a security feature that Microsoft says is designed to guard core parts of the 64-bit version of Vista, but which critics say locks out helpful software from security rivals."
It's not as though Symantec and McAfee have spotless records on security and especially not fucking up your Windows installation. The more stuff that's in a sandbox the better.
Hail Eris, full of mischief...
E pluribus sanguinem
By imposing the Windows Security Center on all Windows users, Microsoft is defining a template through which everybody looks at security
By imposing the Windows UI on all Windows users, Microsoft is defining a template through which everybody looks at UI.
By imposing the Win32 API on all Windows developers, Microsoft is defining a template through which everybody looks at development.
If you sell software to help manage Windows, Microsoft will define your business plan. Those are the consequences of dancing with the devil. Not that they should be happy with it, but you can't expect any less from Microsoft.
Developers: We can use your help.
Have you ever run two anti-virus programs on a computer at the same time? More often than not your file system performance completely tanks because every time a file is accessed you have two programs trying to scan it and verify it's integrity. You will also frequently run into problems where one AV program will label the other AV program as a virus.
And that's why MS will never allow other companies to replace it. It seems to say "this makes the user more secure" but it actually says "this makes US more secure". Notice how that is the vector that allowed Microsoft Genuine Advantage onto all the XP machines. Which is also doublespeak - there is no advantage to the user, only to MS.
If these guys think MS will simply hand over the keys to that much control, they're nuts.
Weaselmancer
rediculous.
It will be an interesting suit with the argument, "They fixed their operating system, so we're not needed any more, but they won't let us in". So, they took the part of the OS most succeptible to being tainted, and shut it off so it can't be. At least they're even handed; "Friend or Foe, Out You Go."
the more accurate the calculations became, the more the concepts tended to vanish into thin air. R. S. Mulliken
Last time I looked Norton used more resources and was harder to uninstall than most virii.
We all know what to do, but we don't know how to get re-elected once we have done it
If they'd actually fixed it. But they haven't. (See IE7 zero day exploits)
And they're bundling security products with their OS. They're not providing a secure OS. There's a major difference between the two. The first is illegal when you're a defacto monopoly. The second would be welcomed by everyone.
The cesspool just got a check and balance.
Microsoft's whole approach to security is backwards. And so is the approach of Symantec and Macafee and the rest... not to mention the EC and everyone who thinks antitrust is even applicable to this whole commotion.
They think they can add security on, like a product. You can't. You have to design it in. If you had a building with no locks on the doors you wouldn't keep casual visitors out by adding guards before you'd even tried adding locks, even if carrying cards or keys was "inconvenient". So why does Microsoft think they can add security to Internet Explorer that way?
The whole basis of Microsoft's approach to the Internet is fundamentally wrong. They can't fix it by adding products. They can only fix it by ripping out most of the desktop-browser integration they fought the DoJ to a standstill over in the Clinton and first Bush administrations, and making the browser responsible for never allowing an untrusted object out of the sandbox, no matter what. Even if sandboxes are "slow" and installing plugins are "inconvenient".
Same with Windows networking, CIFS, CIFS-authentication for HTTP, and everything else they've done to lower the barriers between local and remote resources. Those barriers, those locked doors, are there for a reason.
Windows is the most secure OS on the planet
I'm not exactly sure how this can be considered an anti-trust issue. These 'security' companies have created products and business models around Microsoft's flawed and insecure product. If Microsoft chooses to fix what they can, and beef up the security of their own product, whether it puts other companies out of business or not, do they not have the right to do this? How is it Microsoft's fault if by fixing their product, it renders another company's business model obsolete?
I mean, why don't these 'security' companies just ask Microsoft to conitnue to ship a flawed and insecure product, just so they can have a market to develop software to fix it? It sounds pretty absurd when worded like that, but that's essentially what's going on here...
"In other news, Ford Motor Company has made a deal with Napa Auto Parts to begin shipping all new model vehicles from the factory with head gaskets designed to last only 6 weeks or 1,500 miles. Napa will however provide an upgrade gasket that can be installed at the dealership that will last for 1 year regardless of miles. At which point, you can renew your gasket subscription online, in which case it will be good for 1 more year."
The second issue, and the bigger issue is that Microsoft seems be denying companies access to the low level hooks that they need to properly integrate their applications with the operating system. I kind of understand where MS is coming from. After all if they allow Symantec access to the system call table and the various other, kernel level hooks, then they might as well allow everyone access. On the other hand, those who want access to the lower level functions of the OS are going to hack them anyway. It's a Catch-22. Personally, I'd rather that EVERYONE have access to the low level functions. That way the market can sort out who will do the best job of securing it.
Tell this to everyone who will buy a new PC as their old one becomes so infested with malware that it slows to a crawl. I bet MS will make sure any new computer will come with Vista once (maybe never, I hope) it comes out.
So, McAffee/Symantec..
Has actual PC security actually interested you in the past, say, decade? I was of the impression that you just paid some second rate programmer in bangalore a load of bananas to churn out any old crap that had the following requirements:
1. we must be able to sell it in regular, deluxe, gold, platinum, internet, special edition, international, lite, and fat free versions. after all, this allows the user to pay for the exact level of security they need. consumer choice, right! some people only want to pay a little and thus be protected only against some vague subset of last year's threats, while others want to pay more and thus be protected a bit more against some vague subset of last year's threats.
2. as in #1, the software must be sold in yearly versions. this allows users to respond to the cutting edge threats of 2003 by buying the 2005 version, still on sale in CompUSA (probably).
3. we must really focus our efforts on getting this shiat pre-loaded on as many chain store PCs as posslbe. WARNING YOUR COMPUTER IS AT RISK! DO YOU WANT TO PAY $99.99 PER YEAR NOW TO UPGRADE? Your choices are [ Yes ] and [ Ask me again in 5 minutes with a big ass system modal dialog box ]
4. The software must be impossible to uninstall, for Sound Business Reasons (tm). Well, we should include an uninstall routine, but ensure that it does not work if the software is modified in any way.
There's your problem. You're talking about a 4 month old build. It's like 2 mouse clicks and a UAC prompt to disable the security center in RC1.
I wouldn't trust either side in this argument -- Micrsoft has long proven itself incapable of understanding comptuer security (at least compared to any other OS competitors), and the anti-virus guys have a business model that relies on Fear of Viruses.
Neither is in a position to earn any trust from anyone.
If third-party software could automatically disable Microsoft's Security Center, couldn't malicious software do the same?
From a busines perspective, this may be the same as bundling IE, but from a security perspective this is the exact opposite: removing security holes rather than adding them (in the name of "functionality").
Yes, Microsoft is likely being monopolistic, but I think I'd rather worry about all the Windows zombies populating the web rather than the profit margin of particular security software companies, especially when said companies rely on the inherent insecurity of Windows installations for their income.
You will also frequently run into problems where one AV program will label the other AV program as a virus.
:p
That's not a bug, it's a feature. It's called 'competition'
if the host system has implemented its own version a security center, like vista, and has essentially blocked what truely is a 3rd party app to help windows do what it was meant to do in the first place, thats fine. i would rather something build into the kernel of the o/s than a 3rd party app that breaks windows when you uninstall it, and when it is installed, it slows your pc down to a grinding hault.
... and im a mac user, and a IT engineer that works with microsoft products all day.
ultimately its windows' product, their space, and it is not their fault another company has based their entire product range on a previous microsoft product with security flaws.
maybe their time has ran out. i doubt it, but i like to know that the people making vista are attempting to fix mistakes from their previous range of products. if this ultimately leads to a more stable, secure product, i dont see a problem.
linux and mac users do not need antivirus, and do not need a 3rd party app to slow down their pc. one of the reasons of this is because on linux and mac you need to enter a administrative password to do anything that is going to affect the operating system. if im not mistaken, vista has also implemented this. if this is the case, what is the need for symantec products
we've had anti virus on windows for so long we've gotten used to the fact that we need it, when truely we shouldnt.
i welcome this.
Oh bull. The WSC just tells you when you aren't running a firewall/antivirus and when you do have some installed it'll tell you the company it's from and other helpful details.
Symantec and Mcafee don't like it because they want their own branding there taking up taskbar real estate with their fancy shield icons that say "hey look we're protecting you! we're so nice!"
If you open up part of the system so that rival security firms can access them, then potentially anyone could access them. Security mandates that there are some things that only the OS can access. So much as I despise M$, I have to agree with them here.
Not allowing 3rd party products to touch core OS files without significant hassle is a good thing. Am I wrong?
I think that you mean: "In soviet russia, Vista confirms to Netcraft that Microsoft is dead, petrified, covered in hit grits, and also has a greased up Yoda doll shoved up its ass!"
First they came for the office software companies. But I said nothing because I wasn't an office software company.
Then they came for the internet browsing companies. But I said nothing because I wasn't an internet browsing company.
Then they came for the media playing companies. But I said nothing because I wasn't a media playing company.
Then they came for the security software companies. But I said nothing because I wasn't a security software company.
Then they came for me, and there was no one left to speak out for me.
I suppose some day the sofware companies that do bussiness with Microsoft and so help it consolidate its grip on the desktops of this world will take note and start thinking about alternative platforms.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
(no, really)
As a former McAfee home user, I was rather surprised to see MS' "security center" replaced with McAfee's when I made the mistake of updating their AV software just over a year ago. What McAfee put in place instead was little more than an annoying attempt to sell me McAfee products that I didn't need (such as a software firewall; in addition to a hardware router controlling access in I also had a software firewall from another vendor in place to stop unwanted access out).
I rejected McAfee for home use because of this, and tried to make it is clear as I could to the company why (although I doubt that that got past the poor bloody infantry on the helpdesk). Like many people here I'm sure, I get landed with fixing people's Windows PCs. Recommendations count, and McAfee's home software certainly haven't had any from me over the last year.
I manage hundreds of PCs without any malware problems. This is because of third party security! Who will protect consumers on Vista? M$? I think not!
Athiesm is a religion like not collecting stamps is a hobby.
I don't agree a media player or a web browser but I do beleive security should be part of the kernel.
"There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy."
Don't replace, disable! Simply disable the Security Centre service, install your own and you're done. Infact this is exactly what we have done at work, the idea of a security centre is great however we wanted to add our own applications to the security centre. Sadly there is no way to do this with the default security centre in Windows XP SP2. So rather than try and extend it we simply disabled it and replaced it. Doing the job of the security centre is pretty simple as it is documented what applications have to do to be "seen" by the security centre so we just did the opposite to monitor them (Symantec is very difficult about this because it has anti-monitoring tech built in). I don't see why this is a big problem for Symantec. AFAIK there is no reason they cannot disable the security centre service when they install their application.
5. Takes up 90% of system resources to give the impression that it's actually doing something useful.
I mean, I know Microsoft has a monopoly through Windows, but do these companies really not expect Microsoft to use that against them? These software vendors, between them, do have the power to move people away from Windows and on to a system where they all have a much more level playing field.
Errrrr. I have news for you Mr. Chief Engineer *snigger*. Windows is a closed source operating system designed to make money for Microsoft. They control the software you run your software on, so they have the high ground. Be grateful that you have had a company and a nice salary off the back of that for all these years. Windows is not designed to keep you in business.
Errrr. I have news for you imbeciles. Wait until that is protected by a Trusted Computing system in the hardware and it is difficult, bordering on impossible, to bypass and you are legally prevented from doing so even if you could. See. The whole Trusted Computing thing is most certainly not just about DRM in films and music, and it looks like a fairly big deal for Microsoft.
I mean, I think Windows is a monopoly and Microsoft should be subject to restrictions like all monopolies have been. However, there's a part of me that is glad that idiotic companies like Symantec, other security companies and companies like Adobe will probably go out of business. Many of them go into denial and like to pretend that they don't compete with Microsoft in order to support only Windows (making more money for Microsoft), but it is obvious that they do. When the brown stuff hits the fan they then whinge about it, rather than having put some thought and effort into ensuring their own survival. Digging your own grave must be a fun business endeavour.
You know, Microsoft will argue that all these companies had it within their power, collectively, to go off and bolster the popularity of the Mac, or make Linux a first-rate desktop OS that they could sell their wares on if they weren't happy. And you know what, however much I don't want to really say it? They'll be right.
Lesson One.
Vista will be defined by what it offers users in business. Vista will be defined by what it offers users in the home.
The Geek gets the crumbs that fall off the table.
Lesson Two.
The OEM system install is the gold standard in many markets where Microsoft is dominant. The home user doesn't simply buy into the new OS. He buys into the next generation of consumer grade hardware at OEM prices.
third party security is good. but given symantec's track record in that area, i'd say you're better off running windows unpatched with no third party at all than installing one of their products
Bullshit. They just want to be able to sell a product, and they are mighty pissed off that MS are now bundling software that makes the products unnecesary.
I still remember that their virus scanner used to catch back orifice as a trojan but completely ignore PC anywhere. Both products did pretty much the same thing except one was more extensible than the other. And one was written by the same people as the Virus scanner.
These companies are just whining because Microsoft is now doing to them what it has to Netscape and loads of others since.
I dont read
Not the usual MS bashing, more my usual posting on that topic. MS cannot, by definition, implement security, for the simple reason that their security software will be on every computer. That, in turn, means that, if you want to get spyware on a given computer, you HAVE to circumvent that security system. So this system will be broken by default by every given trojan out there. They might not go to the lengths of trying to defeat McAfee, they might not try to defeat Kaspersky, but they WILL for sure go to any lengths to defeat the MS Antivirus suit.
Fighting security software costs resources. So you only do it if you have to. Many trojans today defend against the most predominant AV software, like the forementioned. Simply because they are widespread and thus do present a threat to the ability of a given malware to spread. How much more effort will be put into defeating a security suit that is invariably on ALL computers you plan to infect?
For reference, take a look at the MS "firewall". Granted, the implementation is shoddy as can be, so defeating it is by no means any kind of feat, but still it HAS to be done. It is on every computer out there, on those computers suffering from clueless owners (i.e. your primary target as a malware writer) it is most likely the only kind of intrusion detection software. Defeating it is the golden key to the computer.
It will be the same for MS AV. So there is NO security to be expected from an MS AV suite. Not because MS cannot do it. Because malware writers will put any effort necessary behind defeating it. Because it has to be done to infect a computer.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Vista isn't saying no to third party security, and this article isn't about that. This article is about replacing the Security Center, not about preventing Symantec from installing antivirus tools. Heck, Microsoft even provides an open API for security tool developers to report their status to the Security Center so Windows can appropriately inform the user if they'd be shut down in a standardized way. They're in this way doing a service to these 3rd party developers they didn't before Windows XP SP2.
Beware: In C++, your friends can see your privates!
I don't know how many here have downloaded and installed RC1, but the basic gist of Vista is this:
If buying a new PC, you'd want to get Vista. But if you run an existing PC with XP in a non-admin account, fully patched and firewalled, you're not missing much. The initial novelty of Vista wears off once you realize how complicated and inconsistent the interface has become. Some dialogs are in a new Vista style, but then you'll come across old dialogs ripped straight out of XP, such as Display Properties. The Network dialog actually has two Properties buttons on it, each leading to a different dialog. It's something of a mess. I also do not enjoy the new Start menu at all, which is more difficult to navigate. Aero Glass gets tiresome after an hour, and you end up turning off the translucency because it tends to create ugly, blurry window borders that become distracting.
The system-wide search is nice, but it's a little slower than OS X Tiger's, and it's far slower than Leopard's. Anyone using the Leopard WWDC preview has seen how fast Spotlight is. Apparently, the index is now pre-cached in some way, as results now appear instantly as you type in real-time just like iTunes, and there is no longer any hard drive grinding. Leopard's Spotlight will make Vista's search seem poorer in comparison.
I was playing with Cocoa today and rotated a text view by 15 degrees. The text system continues working correctly, including mouse selections, but all slightly rotated, which was hilarious. But it just reminded me that OS X has had a vector-based system going back to 2000, and Microsoft is just now getting around to it.
It's sad that they ended up being three years late with this stuff. That's the perfect way to describe Vista; it feels like it should have been out since 2003.
"Sufferin' succotash."
Report on our Grand Plan on eradicating terrorism and child porn accross the world:
-I-I-I-I-I-I-I-I-I-I-I-I-I-I-
Terrorism
-I-I-I-I-I-I-I-I-I-I-I-I-I-I-
*Threat:
The security measures are widely announced and campaigned, terrorists educate themselves and go around the new measures.
*Collateral:
People being frisked, called on "random checks", arrests, disruption of business, spread of fear, rapid increase in intolerance towards muslim religion, rapid increase in muslim radicalists towards western cultures.
-I-I-I-I-I-I-I-I-I-I-I-I-I-I-
Child Porn
-I-I-I-I-I-I-I-I-I-I-I-I-I-I-
*Threat:
Child porn sharers have long since moved to encrypted channels, they are nowhere to be found on public internet.
Data retention can't decrypt strongly encrypted information and can't differentiate which encrypted data contains child porn or just bank data or whatever.
*Collateral:
All those people who think they're safe since they did nothing have their data in the government. Corrupt people in appropriate position accessing private information and issuing arrests based on indirect evidence.
Are you sure that, if Vista is released as Microsoft wishes it to be released, the need for 3rd party anti-virus and security tools will vanish? Are you absolutely sure that Vista will be so much safer than all previous versions of windows that the anti-virus software will be reduced to a funny anectode in computing history?
There is absolutely no proof that Vista users will not suffer from virus problems or even that MS's own anti-virus will be the absolute best in the business. Nonetheless, Microsoft is trying to prevent all anti-virus vendors from being able to install anti-virus software on Vista by not only tying Microsoft's products into the OS but also not releasing any information about Vista's interfaces and reserving them to their in-house products. So, where exactly is that a good thing? What exactly is good about offering an unproven product as the only possible solution, barring every alternative from being able to be installd and locking out every 3rd party tool produced by the competition? Is it in the user's best interests to influence the security tool's offering not on the quality and efectiveness field (i.e., competing on a levelled playing field) but by restraining the security tool's ability to install and run on the platform (i.e., preventing the rival team from entering the court)?
Slashdot, fix your code or at least hire someone who is competent at it to do it for you.