Slashdot Mirror
McAfee, Symantec Think Vista Unfair
davidwr writes "Is Microsoft unfairly locking anti-virus companies out of Vista? Symantec and McAfee seem to think so and they aren't being very quiet about it, placing a full-page ad in the Financial Times. If you've found the ad online, please post a link."
Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites. Once the host changes significantly the parasites advantage is gone. Who can say Microsoft is now to blame for not keeping them on the gravy train? It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth. If you're a corporate IT officer, would you be comforted to know you only have one place to go for help now, and it's the company which releases extreme high priority bug fixes frequently?
Microsoft was overly optimistic about the true nature of people (they shouldn't as they've proven to be devils themselves), expecting nobody would take advantage of flaws, like giving everyone effectively root on their computers, thus every application, including malicious code. Further, they've been wonderful about hiding the true nature of what's running on your PC. I can see executables, but DLL's, why the hell shouldn't I see those easily? Anything running on my computer should be visible, how else can I tell if there's something there which shouldn't be?
So, once again Microsoft attempts to get it right. Maybe they'll be closer to the mark this time. I don't care. XP was the last operating system I'm ever buying from them and I don't pirate stuff. With Vista promising to be larger than ever, I don't think it's the direction I want to go. As Michael Crichton implied in Jurassic Park, the more complex a system the more likely it is to break down. I don't find the every growing Windows OS/Environment comforting. I'm also tired of the technology tax, I just want something to work, to be able to do mundane things and play a few simple games when time affords. Good luck McAfee, Symantec and all the rest, it was overdue. Don't forget to send your stockholders a "Thank You" for all the money they gave you.
Of course, if it all goes tits-up for Vista, Microsoft have nobody else to blame. Doesn't that at least warrant a warm, cozy feeling?
A feeling of having made the same mistake before: Deja Foobar
We know.
about nothing.
Once Vista hits the streets in its final incarnation, and the Bad Guys get to working on it, my money is on the premise that third party antivirus solutions to whatever problems that inevitably must arise, will continue to be a necessity.
After all, it's not like we don't already have a pretty good track record to examine, with the folks who are producing Vista, eh?
Is it fascism yet?
Smalltown, US - NAPA says increased quality in GM exhausts unfair. A representative is quoted saying: "GM is in the business of building cars. There's no reason for them to build quality parts for their cars. It's absolutely unfair that the default exhaust lasts more than 3 weeks without needing a replacement. They're trying to drive us out of business."
I'd have to take anything that security solution companies say with a grain of salt. I am sure that most of these companies are a bit pertubed with MS getting into an area that they consider to be traditionally theirs.
The new steps in Vista will make the product more secure. In that, it might also make it harder for these third party programs to be as integrated with it.
Justin
http://hatchedeggs.blogspot.com/
Justin - Don't be afraid of my blog, it won't bite.
My buggywhip business has been unfairly targetted by these so-called horse-less carraiges! I demand Mr. Ford require buggywhips in all his model-T vehicles!
meh
I will be thankfull if i never see another home user product from either company. So far im please with windows defender, if a windows ant-virus is similar i would be happy. After working a number of years on a workbench fighting with the awful software those two companies shit out to the home user. I can say that I welcome our new OS bundled anti-virus overlords.
Too complex for consumers, too bloated for computers, too un-reliable to be usefull. I prefer Avast! for my customers, and not just because it's free.
When you dance with the devil...
Deleted
They are damned either way.
A) Release an OS without really beefing up security and watch everything bad about XP and prior releases repeat itself on a larger scale.
B) Release an OS and beef up security and see people who have made a living compensating for your poor coding in the past complain that they can't in the future.
The NAPA analogy is shockingly accurate in my opinion. Like what would happen if all the fast food places discovered a way to make the same fast food, but make it healthier enough that people didn't have to worry about dieting anymore? Who would complain? Diet manufacturers of course...
I'm a fiscal conservative, it's a pity we don't have a political party anymore
1. Exploit faulty work by covering it up.
2. Profit.
3. Act to stop fixing the faults.
4. Progress!!
Why arent they attacking OSX as well? I mean it has a built in firewall that is actually semi decent and not many other widely exploited vulnerabilities... Wouldnt that mean that OSX has been for a long time shutting out companies like this?
The AV and anti-spyware companies don't want you to have a secure experience. ..once the primary "corporate mission" of securing people is accomplished .. then DO SOMETHING ELSE. If you have smart engineers as assets, figure out a way to use them!! Are their CEO's this short sighted? Let me guess they'll have layoffs of really smart folks and then blame Microsoft instead of doing something else innovative.
I mean, it's like duh etc. I know. But this is ridiculous, if they are a huge corp with mad assets
It's like Measles treatment sellers getting pissed off at vaccine manufacturers for cutting into their market.
This crap is why people believe pharmaceuticals dont want to cure anyone when the truth is that a cure for cancer would cause a massive boost in stock price and shareholder dividends. And the billions of company assets can then be used for other things (new markets etc.). Not to mention it's better to find a cure before a competitor does (even if you are colluding with them, how do you trust they aren't secretly looking for the cure and may suddenly release it for a huge influx of cash). But I guess if the CEOs dont see things this way, it's a problem.
I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff, I can imagine how that could be a good argument. I mean, Microsoft gaffs aside, any OS as popular as Windows will invite viruses, and not patching and protecting every Windows OS just opens all the others to attacks via trojans and bots. However, this is a really tough one for the lawyers to argue. If today Messenger is shipped with windows as a communication tool, then can a virtual VoIP client be shipped tomorrow as an updatd communication tool? How about a middle of a road version of SQLServer, with licenses that would fit the needs of small and mid-sized business just fine? Our anti-trust laws obviously need to be updated. I don't think for a moment that Apple is any better than Microsoft. In some ways, they may be worse. But, how can one stop them when our current anti-trust laws were made for steel an railroad barons? Are there any other countries that have better ideas of how to approach anti-trust in the digital age? Any examples of how it's been applied successfully?
Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.
I really don't blame either group. If they had considered all possible future needs prior to creating an implementation they'd still be working on it today and Slashdot would be a pen-pal club.
I'd start working on residential-level network security appliances. Get ahold of D-Link, Linksys, Buffalo Tech, Netgear, etc., and work with them to implement virus/spyware/spam filtering on their routers. It's not going to take care of the people still on dialup because they want to live 50 miles from the nearest city with >10,000 people, but it's a good start.
If Symantec and McAffee actually made decent products these days, they might have a point. If they actually hired Americans to do most of their development, I might be a tad more sympathetic, but I don't have any sympathy for them. Microsoft has destroyed far more worthwhile publishing companies than those two. Seeing their core business hit doesn't bother me a bit. The truth is their products started sucking a long time ago.
I just wish Microsoft would take down Quicken. There's another dynasty that has outlived its value and become bloated and mercinary like Symantec and McAffee.
Trend Micro is the only (AFAIK) vendor that is certified to produce an anti-virus product for Vista. Are they being given the keys to the castle while McAfee and Symantec are left out in the cold?
Anyone know why this is so? Do tell!
"Let us raise a standard to which the wise and honest can repair" - George Washington
"Due to lack of sufficient number of viruses our business is not doing well.Please write virus"
Wincopy
Personally, I wouldn't care if both Mcafee and Symantec went bankrupt tomorrow. Both feature bloated, buggy software, and symantec's sales pressure to 'Upgrade' to newer buggier software rather than renewal of the old software is just disgusting. Granted, I don't know if MS could do a better job, given their abysmal track record on security and virus prevention. They love to just leave the barndoor open for stuff like that. But they may be able to produce a spyware/virus solutions that works better within their systems, better than the monkeys at Mcafee and Symantec anyways.
God is real unless declared integer.
My point is that Symantec, McAfee, and various and sundry others can't make the argument that they're being locked out of the MacOS space because they were barely in it to begin with. A specious, shrill argument could be made on their behalf in the Microsoft-owned space because Microsoft has historically been so bad at security that any substantial long-term improvement by the company represents a very real threat to their presently thriving business model. More to the point, such an improvement will make their products seem less like beneficent caretakers and more like resource-hungry, inefficient parasites. To say that this development is overdue is a massive understatement; this niche in the marketplace should have been largely wiped out with the advent of Windows XP, if not Win2000 before it.
While in general I'm not sure I like it when Microsoft locks out thrird-party software, I've got no warm feelings for Symantec and McAfee, who I see as little better than pushers.
If you want news from today, you have to come back tomorrow.
The NAPA analogy is shockingly accurate in my opinion.
Why is it that whenever a monopolist abuses their position everyone immediately presents an analogy using a company that does not have a monopoly and calls it the same thing? Here's an analogy that is actually apt. The electric company has a monopoly on local power distribution. For years, third party companies have been selling power converters to get around the low voltage of power delivered by the power company and allow a significant number of appliances to work. All of this is because the power company refused to provide higher power services. Now, the power company is still refusing to provide higher power services, but saw how much these companies were making and figured out a way to break their power converters by sending power spikes at pre-designated intervals they won't disclose. They have also entered into the power converter business, selling converters that know when the spikes are coming and can thus handle them, Gee, why would the existing companies complain?
Bill, why not instead show us an OS where the spamlords, virusjacks, malware-hounds, and other cyber-creeps cry "foul"? Instead, you are angering the virus fighters!
If Microsoft was in charge of instituting public health plans, it would introduce new reforms that would get rid of doctors instead of getting rid of diseases.
Where were you when the voynix came?
I hope McAfee and Symantec were around pushing for the administration to enforce antitrust back when it might have mattered. It's too late now. This is what you get when a company acquires monopoly power.
I remember when water-cooler talk veered from sports to politics to what word processor you liked. (Remember when there was more than one?)
Anyone remember a program called Lotus 1-2-3?
Oh, and what about Stacker? Why, yes, Microsoft stole Stacker's technology, called it DoubleSpace, and drove Stacker out of business despite Stacker's winning their patent infringement lawsuit.
I haven't heard much about GoBack lately, have you? Wildfile GoBack... I mean Adaptec GoBack... I mean Roxio GoBack... I mean Norton GoBack...
Anyone who believes all this was because Microsoft had superior products lives in a logic-tight compartment.
It's too bad that the administration chose not to pursue antitrust in any meaningful way against Microsoft, but they didn't, and these are the consequences. If Microsoft feels like squashing Symantec and McAfee there's nothing you or I or Symantec or McAfee can do about it. Only the feds have enough power, and possibly even they don't have enough any more.
So, let's all hope Microsoft's antivirus component is pretty good, because whether it is or not, in a few years it's all we're going to have.
(Besides ClamAV, of course...)
"How to Do Nothing," kids activities, back in print!
A) Release an OS without really beefing up security and watch everything bad about XP and prior releases repeat itself on a larger scale.
B) Release an OS and beef up security and see people who have made a living compensating for your poor coding in the past complain that they can't in the future.
Or
C) Release an OS and beef up security. Give hooks into the new arch for outside companies to hook their software into.
This is the problem we are seeing, and primarily why people don't like MS.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff...
Your use of the word "claim" implies that someone other than them should decide what is, and is not, part of their own product. They wouldn't be "claiming" such a thing, but simply stating it. "Yesterday, our product looked like X, and today, it looks like Y." Other companies that glom onto a freight train like MS and get rich doing so can hardly complain (with a straight face) when that other company's products change shape or purpose. Symantec and MacAfee aren't MS's customers, the end users are. If we ever get to the point of killing off most of the spam conduits in the world, we'll probably hear about how the spam-filtering appliance makers are being "unfairly" deprived of a living.
This all derives from the pervasive sense of entitlement that's drenching our culture. MacAfee and Symantec know the score, but they're playing this card because they know it will resonate in a courtroom full of modern day jurors, should it come to that. Sleazy, but probably clever in real terms.
Don't disappoint your bird dog. Go to the range.
This wouldn't have been a problem now if the DoJ had broken MS up into smaller units back when it had the chance. MS/OS division would have no incentive to favor MS/AV over any other.
.nosig
No, as someone else pointed out, the analogy only works if Napa is unable to make parts for other cars. The analogy doesn't work if parts are simply unneeded. To use your fast food reference, it's like saying if you eat at McDonald's you can only exercise by playing in their ball pit, and not anywhere else. MS has not made their OS impenetrable, they've made it impossible to tack on third party tools to protect against the bugs/holes/social-engineering-exploits that will inevitably be there.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong. Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one. There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I wanted. Doesn't matter how secure your OS is, you gave it the permissions it needs.
What virus scanners do is provide a database of known bad code (and check for variants). They are like a bouncer with a list of known criminals. Even if the owner says "Sure, let that guy in," they can check their list and say "Sir, you don't want to do that, he's known to be a bad guy."
Now you are somewhat right that certain kinds of designs make more attacks possible. For example if you have services exposed to the Internet, then a worm can try to get in there without any user intervention. However the fundamental problem of malware is not solvable with any OS I'm currently aware of. Running as a deprivledged user does nothing. Either the malware can just install as the user and wreak havoc on that user's files (which is ultimately what they care about not the OS), or will just ask for escalation, which clueless users tend to grant without thinking, and then do as it wishes.
Unless we move to a trusted architecture, where only signed apps can execute, or we manage to get all users to be highly technically competent, they'll always be a need for virus scanners, at least on the dominant OS. Lock down every other way in all you like, it doesn't matter when you can infect people by sending them an e-mail that says "Hi I send you this file in order to have your advice."
If you've used Vista you might have seen the icon for OneCare Live in the Welcome Center. Currently it's only for XP, but clearly it will be ported to Vista as well. Microsoft clearly is going to be able to make their own antivirus product work with Vista. Thus it is going to be possible for other companies to do the same. I don't see what the problem is.
I also recall the security vendors whining that MS made their own Security Center and they can't crack it. Well guess what... let's say I'm a hacker, and MS lets security vendors modify or replace the Security Center in Windows. I am now VERY happy, because I can now trick any user (even, for a short while, experienced system administrators) into thinking their anti-malware/badware solutions are working, when I've just turned them off and replaced the Security Center with my own fake one which lies through its teeth.
Yeah yeah, the NAPA analogies. And yours about fast food.
Even better one: A technology company releases an OS that is locked so that 3rd party software can't get as deep as it likes.
Was that a good one? Because if not I submit that anyone who needs an analogy or a metaphor to understand this is too stupid to comment on the subject and should go outside and play while the adults try to have a conversation.
Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.
That's where I alluded to email other applications and software. To be brief: The interenet isn't completely re-written by one company every few years. Microsoft has the ablility and market position which guarantee to some extent they can re-write their OS every few years and make billions doing it.
A feeling of having made the same mistake before: Deja Foobar
No,
If they release a new OS with beefed up security by the definition of ot being "beefed up" that would mean no need for third party security addons. Actually I believe Vista has a documented API for how they handle security now so Symantex and others can still write security applications. They're just mad because a lot of what they do isn't needed now. So if they do your version C they will still be hated by anti-virus manufacturers.
I'm a fiscal conservative, it's a pity we don't have a political party anymore
If you want to play with the big boys you got to play like one. They could fix this situation in
less than a week and have microsoft bending over backwards to help them out.
CEO Symantec: Billy you are pissing me off let me have access to what I want.
Billy: No way we are taking over the playground.
CEO Symantec: Well you are going to let me have access to what I want or else.
Billy: Or else what, I am not scared of you I own the desktop.
CEO Symantec: Ok here is what I am gonna do.
Billy: laughs
CEO Symantec: We are immediately updating all of our desktop software.
Billy: yea so
CEO Symantec: Any time a virus is found on the system it will pop up a message to the user. If it
is browser installed malware it will contain the following message "A virus related to your IE installation was quarenteened and removed. To eliminate future possible system infections you can
go to www.getfirefox.com and download a secure browser which will greatly enhance your web surfing experience".
Billy: I don't much care about IE anyhow we don't even make money on it.
CEO Symantec: Any time a macro virus is found on the system it will pop up a message to the user. "A macro virus has been found on your system and it is possible that your personal data could have been stolen. A better office suite that is even compatible with your current documents and is totally fee of charge is available at www.openoffice.org. If you would like this installed press ok and the macro virus will be removed and we will upgrade your system to a better office suite"
Billy: oh crap, please don't do that.
CEO Symantec: Also when it catches a system virus it is gonna point the user to ubuntu and offer to install it.
Billy: Tell you what we will send over a team of developers and help you fully integrate with our system.
Problem solved!
Got Code?
is a synonym for "someone we haven't figured out how to screw out of their VAR market share yet."
The list of companies that added value to Microsoft OS products, then watched as Microsoft bundled those products into their offerings (often at no cost to the customer), goes back to MS-DOS. Quicken is the only product I've seen Microsoft take a bead at and not knock them into irrelevence. OS/2, Netware, Lotus 123, WordPerfect, AOL, Borland, several desktop database vendors, DEC, FAX drivers, scanner/OCR software, screen savers, and many others made some cash and then faded into the recycle bin. Now Microsoft is stretching into enterprise applications with their piles of money.
Tough business to be in.
Sleep is for the Weak
Call the wambulance. If they really cared about user security they'd be happy that someone is doing something about it :P
Sadly, there's no compelling reason for Company A to allow Company B access to the inner workings of their product. It *MAY* be in the consumer's best interests, but it doesn't benefit Company A's bottom line, so the consumer's interests don't matter.
Since there's no financial benefit to Company A, and there's no legal reason forcing them to (yet) then the consumer is just SOL.
I don't agree with passing laws to regulate how specific businesses work in most cases, but when there's no way the market (ie, the consumer) can do anything to provide a financial incentive, then maybe thats what it will take -- either symantic buys a new law, or they sue and get a court order.
microsoft arnt locking just competitors out, they are locking EVERYONE out, thats what the anti-patch stuff is for, its just alot stricter in vista, its the reason demon tools stopped working a few weeks/months back.
the reason is, sloppy coding, relying on undocumented, internal-only, kernel "api" that isnt actualy an api.
instead of them complaining and spending money on full page adds, they should spend money on coding their applications properly, and coding them so they dont eat 99% of your system resources while they are running.
portfolio
I must say Microsoft has behaved poorly in the past but to basically say, "you must have a insecure, hole filled operating system so we can sell our security packages for more money from the consumers pockets" is asinine. Anyone that supports these companies can NOT at the same time bash MS for security flaws. Hey the best thing would be for MS to have a completely secure Windows OS (impossible for any OS really). Of course that would put those companies out of business. Tough I say.
Symantex et al. have made a living moping up one companies spills. Maybe they should've considered that the business could stop spilling their drink?
Does this also mean that every patch to the OS (thereby making the os more secure) was anti-competitive?
Maybe, Vista will be crap (thinks of shiny new network stack) and the AV/AS companies will be in there, making more money than ever?
What Microsoft seems to be saying is "Use our security or use another OS."
I can't see why everybody is focussing on security. Shouldn't this be about user choice? If I want to install a virus, security risk or spamming server, I should be able to. Even if I need to overwrite parts of the core system.
To me, this looks more like Microsoft is trying to protect the users against there own choices again. Sometimes, this might be good, but it should never go further then some emphesized text in an alert window.
IANAM (I am not a mathematician) but I once attended a lecture where the speaker was an expert on Kurt Gödel. He claimed that Gödel's incompleteness theorem can be applied to prove that one cannot make perfect antivirus software. Either it will be too strong (imagine labeling everything a virus) or it will not be strong enough. If, therefore, Microsoft can't prove that their security is perfect then one might argue that competitors should be allowed their crack at it. I say security in a reasonable OS can't be perfect because they could obviously make it secure by removing internet support and so on, but that wouldn't be reasonable. It is my understanding that Microsoft feels allowing competitors to override their security system would pose a security risk itself. If that's the case then there are merits to both points of view to debate, but at the end of the day I believe that this would just strengthen Microsoft's monopoly.
Everybody assumes that Vista will be more secure and that the reason security firms are crying foul is because they won't have any business. But what's to say that Microsoft will not make Vista completely secure (and withhold the knowledge about the vulerabilities to themselves) so that they can push OneCare and drive that into another billion dollar cash cow? It's not completely clear why Microsoft invest heavily in the security business if they think that product line will be obliterated soon.
This is rediculous. It's not like Microsoft is completely locking them out of the kernel. There are still documented ways to do everything they need. Microsoft is only stopping them from using methods of hooking into the kernel that were _never_ supposed to be used in the first place.
Back in the day, the Medellin cartel had an official registered lobbyist in Washington DC. They lobbied for stricter drug control laws. Because such laws act as a price support mechnism.
I'm a vendor, and I've tried to work with both these antivirus vendors on a number of projects. My customers would pay as much as $1-2K per server for an integrated "name brand" anti virus feature in my product. What I wanted was an API that will let me hand them a file, scan it and tell me exactly what is wrong with it without them needing to write an extra copy to disk. Their brand would be all over our product: a major selling point. No vendor could deliver that, so I ended up implementing a solution that writes the file to disk, waits a bit to see if it disappears (usually because the "just in time" antivirus scanner grabbed it) and then parses through the logs of a few well known vendors to see if we can say for sure what virus was detected. Instead of a few hundred to the antivirus vendor per server, my customers pay $50 (or nothing if using their corporate subscription) for their favorite desktop AV.
There are a lot of businesses that Microsoft doesn't have much reason to enter. I think they should have left web browsers, search engines, media players, instant messengers, etc. to third parties, but I think Microsoft ought to be able to make a secure system. That said, I'm not sure how they're securing the system. If they're charging people extra for system security and somehow blocking third party security applications, go ahead and scream anti-trust, but if it's included with the operating system, then they're finally getting with the program.
Personally, I've never liked McAffee or Symantec. I've used them both. With McAffee, my system was rendered almost useless by viruses within a month. With Symantec, I was constantly fighting with the firewall to get programs to run properly. Now I use a variant on Zonealarm, and I'm quite happy with it. But I still find it annoying that I have to pay $30 a year to keep my $200 operating system secure, and on my other computer I pay nothing (and in fact run no extra software) to keep my Free operating system secure.
Since there's no financial benefit to Company A, and there's no legal reason forcing them to (yet) then the consumer is just SOL.
Actually, the legal reason DOES exist since MS is (in the eyes of the law) a monopoly. They need to play be different rules. Now if companies B1 and B2 go to court, which they probably will when Vista is released, then they can get some relief AFTER THE FACT.
IMHO, MS isn't being smart. They WILL get smacked by the courts again, and since the consent decree is still in effect, it won't take 5 years for that smacking to happen. Also, they still have the EU which will probably smack them too.
It was a HUGE blunder for the courts to not break up MS into smaller parts that competed, and all consumers (even non-MS users) are losing because of it.
What do you mean "no way to do anything"?
We can stop buying MS shit. I avoid doing so in many cases. A lot of our computers at work run Linux or Mac OS now.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Is it ok for Microsoft to try to make thier OS more secure or not?
Gadget News at Gizmo.com
So it's OK by their "standards" to lie to investors and inflate earnings but when it comes to competition, they cry wolf!
It's not their operating system, so they should have no claim to that turf. They had enough time to make their own secure (Linux) version of OS and MS gave them PLENTY of time.
I think I've said this before, but I'm afraid that it warrants repeating, considering that this isn't the first time that this issue has come up.
I find it interesting that these companies are making such a stink over some features included with Windows that the user can shut off if they need to. I have had, at one point or another, every beta version of Vista installed on my test box, up to post-RC1 builds, and have never had any issues with being able to disable security center alerts or windows firewall with the same 6 or 7 clicks that I've always used.
The only reason I can think that companies like McAfee might take exception to Windows doing things they have been selling, is that it might be more difficult to sell a product when Windows already does it, and does it pretty damn well.
Like I also added last time, the big push now, as it always is with Windows, is backwards compatibility. Are they (3rd party stooges) actually trying to insinuate that Windows will not do what it has always done in the past, that is allow the user (or an install program / MSI) to disable certain addon features? Take, for example, a wireless card installer program that takes control of the wireless configuration. Symatec, you of all people? Back when Peter was running the show you were the first and last name in diagnostic tools and sector-by-sector hard drive recovery, and nowadays this company can't even get together an Anti-virus app that disables Windows Defender?
Windows has more viruses because linux has more virus coders.
While I agree with you, most end users don't have enough clout for that to matter, and the fact is that most users are apathetic enough that you won't convince them to leave MS in any significant number.
Its like me avoiding shopping at walmart. I like to think that it hurts their bottom line by taking my dollars elsewhere, but I know that in the end it doesn't really matter since there are many, many more that will gladly keep throwing their money at walmart.
It's because they've shut the fuck up and updated their product while Symantec has been bitching. MS is not locking out 3rd party virus scanners or 3rd party anything. They know that would get them sued in a hurry. They've just changed the way things work, and you need to update your software accordingly. Vista has all kinds of changes like that. For example PDFcreator no longer works. MS lockout? No, security change. Used to be services could directly interact with the desktop. Well I guess that makes you venerable to a certain class of attacks called shatter attacks. I don't know the details of what they are, but at any rate. So Vista changed the model. Now you have to have the service separate and then a program that interacts with the desktop and controls it. An MMC control would work fine, or your own app, whatever. Just a new way (hopefully more secure) of doing things.
This all reminds me of back in the Windows 2000 days with pro audio cards. So Windows 2000 moved to a new driver model for audio called WDM. While it could use NT drivers, you got none of the features, you needed WDM drivers to be fully 2000 compatible. Well the pro audio companies bitched and whined that WDM wasn't suited to pro audio and that nothing would work and so on. Finally they gave in and released WDM drivers and, what do you know, they work great, better than anything before and that's all that's out there now. However they didn't want to change to a new system so they whined.
That's all that's happening here. Companies are being whiny because they don't want to update. I have no sympathy.
When the courts here in the US don't have the balls to stand up to microsoft and force them to play nicely with others, the fact that they're a monopoly doesn't carry any weight.
For what its worth, I hope the EU courts *DO* smack them, and smack them hard, since the US courts won't do it.
(Cue the world's saddest song, being played on the world's smallest violin, by the world's greatest violinist, who is promptly sued into bankruptcy by the RIAA for copyright violation.)
To all the Symantecs, McAfees, RIAAs, MPAAs, and buggy whip manufacturers out there: progress happens. Progress changes things. When things change, sometimes we don't need things we once did. Sometimes, your entire business model will become obsolete, and once you're done moaning and litigating, all you can do about it is a) see it coming and shape your empire into more than a one-trick pony (eg. IBM); b) see it coming and adapt to the brave new world in which you find yourself (ie. find something else people need you to do); or c) return to the dust from whence you came.
On a more specific note, they really should have seen this coming. Expecting MS to outsource core security features for their flagship product indefinitely is the definition of short-sightedness. If the officers at Symantec, et al, didn't have a plan in place to move beyond this point, they should probably start looking for new jobs.
You shouldn't have to run third party software to have a secure operating system. As others have pointed these companies are living on borrowed time.
The only reason why we're hearing about this is that Symantec needs a new release for the OEMs in a few weeks, and it's not going to run on Vista without a major rewrite. New PC buyers are going to be pissed when they get Vista early next year and their AV software doesn't work with it.
Come on, Symantec, your developers should know better than to patch the kernel. Microsoft can't make an exception, even for themselves, or it'll leave a hole for exploitation.
If Microsoft told them not to do it, and they did it anyway, then I have no sympathy at all.
http://www.flickr.com/photos/77014820@N00/25883676 2/
Win95 etc are all out of support but MS *still* has copyright on the code. Why? They aren't making money and they will destroy the source code well before the copyright expires.
...Netscape says, "Hi, welcome to the club!"
Chris Mattern
As best I know, the service + filter driver + scanning UI model is still valid. Do you know something I don't?
Uninformed has a very interesting article Anti-Virus Software Gone Wrong that describes several ways AV vendors have messed up before when they have patched the kernel.
Same exact thing happens in the automotive industry. The after-market vendors get really used to selling chrome wheels, nerf bars, and fancy mega-watt stereos, then {Insert name of car here} comes out with a "tremor" edition with a woofer the width of the car, chrome wheels and nerf bars in the standard package in a vehicle that doesn't even need a tune-up for 100,000 miles. Even turn signals used to be an after-market item! So Mr. Tune-Up goes belly up. Shouldn't have hitched your wagon to that horse, methinks. And the chrome wheel guys can now sell spin-while-stopped-at-a-light and impress, I dunno: yourself, I guess, but they sell for a grand a wheel instead of $200. And guess what: that guy's still in business.
I used to write and sell some pretty fancy DOS programs in dBase, and my killer-ass Lotus 1-2-3 budget planner spreadsheet would knock an accountant's socks off, but it pretty well doesn't matter now. I hear the guys selling TurboTax are doing pretty well....
How about a moderation of -1 pedantic.
HA HA!
Not that I think this is a good thing, but I just hate all these companies thinking it's the shizzats when they get a close business relationship with Microsoft. They think they gonna be big and profitable cause they are friends with MS, and then they are always surprised when they are screwed over. Check out Stack, Spyglass and all the rest. History is littered with companies that got close to MS and then were ripped off. Whenever the market gets big enough, MS will want the market for themselves, and take it.
-TN
I think the reason Microsoft wants to bundle their own anti-virus software into Vista is not to add the money that Symantec is making to the MS bottom line. Rather, I think they want to sell Vista as 'the most secure OS in the world' and
1. Drive a healthy upgrade market based on that claim - both for the upgrade revenue stream and to accomplish whatever other MS agenda items are tied to getting the lion's share of PC users running Vista.
2. Drive a nail into the (valid) Linux and OS/X claims of being more secure than Windows.
They may actually make Vista more secure than XP in addition to providing built-in anti-virus checking, but it still won't be secure enough to prevent the problem of running as root, which many users will continue to do. But throw in a virus scanner, and they can claim that's not a problem (whether or not that's a valid claim).
Posted from my Android phone. Oh, I can change this? There, that's better...
I thought I would never say, this but there is a worse software company than Microsoft - and that company is Symantec. Ever since Norton 2000, each version of AV has gotten more bloated and unmanageable. They're software is so bad that not only do they have an uninstaller, but they also have a "Norton Removal Tool" because their uninstaller inevidably fails half the time. Seriously, google "Norton removal tool". Not only that, but when you do get the uninstaller to work, it takes around 10minutes to remove the application. I can delete every file on my hard drive in less time.
Interesting reading, you may want to read this article before drawing conclusions about Vista, MacOSx or *nix virus vulnerabilities. http://www.eset.com/download/whitepapers/Eset_ALee VBJul06.pdf
I found the section on "Social Engineering" especially interesting. With the establishment of the first two MacOSX viruses, (yeah yeah, don't give me the it's a trojan, not a virus arguement that apple uses, it still gets in, exploits your system and messes it up... ) and a whole stream of new Win32 viruses, I found the final statements in theis article particulary important. Virus' don't get into your system by accident, they exploit something about the "system" to get in. The easiest exploit, the user. (Wonder when they are going to make a security vulnerability patch for us?)
There will always be code vulnerabilites in all programs that can be exploited (yes that means you Mac people too!) and there will always be people who want to exploit that flaw for personal gain...or financial gain... or just to get attention. Reducing access to Kernal level operations will go a long way to killing off older virus strains, but it won't eleminate them.
As for Symantec and Mcafee's arguements about MS.. well... I can tell you from being in the IT industry for 17 years... not having access to the kernal is the best thing they can do to these two. They missed viruses on a regular basis under 98, 2000, Me, XP and 2003 that often required full repair installs, or full reinstalls to fix. Keeping them out of the kernal may at least stop them from killing your computer's performance while they fail to protect you.
...and Trend Micro has no problems converting their AV suite over to the Vista model. Hmmmm.
Symantec and McAfee are only bitching because their shitty, shitty, shitty products are heavily tied into the old system by way of layer upon layer of cruft, which they don't particularly want to dig through. If Trend can do it, so can they; they just don't want to.
By summer it was all gone...now shesmovedon. --
http://www.betanews.com/article/Sophos_on_Symantec s_Vista_Complaints/1159472882
Ron O'Brien, senior security consultant with Sophos, told BetaNews. "But from what we have learned in our dialog with Microsoft, which is ongoing, the objection on the part of some vendors is that PatchGuard will prevent access to the kernel, which is that very basic level of the operating system where people feel that they may need to go, in order to provide a total security solution."
Conceivably, if Sophos wanted to provide a "total security solution," given this new set of circumstances, wouldn't it need to understand some of PatchGuard's secrets? Surprisingly, O'Brien told us no. "At this point in time, Sophos does not see the need to be able to access the kernel within the Microsoft operating system," he said.
"If there is a point in time where the kernel becomes the subject of malware being written specifically to it, then I would expect that we would go back to Microsoft and tell them we need to be able to access the kernel. But at this point, it doesn't appear to be necessary."
Sure, but even now you couldn't implement standard Unix security on the PC platform that DOS and Windows started with because the hardware didn't support it. Also at the time DOS and Windows were created Unix was just one among many OS's and wasn't considered a standard.
As I said elsewhere, MS could have more easily avoided legacy security issues by giving up backward-compatibility, but that would have been a very dumb business move.
Microsoft is damned because "they don't."
They SAY they do something about security, but this Patch Tuesday doesn't really do anything for security as crackers have a schedule now on how long an exploit will work at a minimum.
This is monopolistc behaviour, no matter what you say.
they have every right to fix thier own crappy products. I do understand why these companies would be mad now that dickhole gates has done something worth while to improve the overall security of windoze, but hey, that's what you get for doing business with microsofty.
also,
Fista is nothing more than an XP service pack. that'll be $300 thank you. I certainly don't need any of ms's crap. Open source does it all for me. For the rest of you... PAY YOUR MS EXTORTION FEE YOU DEPENDANT LEMMINGS!!!!!
HA HA HA HA HA HA HA HA!!!!!!! And RTFM!!!!!!
I can't stand the use of 'begs the question' this way, screw 'modern usage', it gets on my nerves...
Second off, what OS would not theoretically need anti virus software at some point if scaled to larger, less knowledgeable markets? Don't get me wrong, I use a Linux distribution and am a big fan, but I'm not seeing architecturally much improvement beyond protecting users from other users on a system better than default Windows installs, as well as protecting system binaries. That's a vast vast improvement, but there are always gaps. Let's say, for example, malware embeds itself into the gnome-session auto-startup. That piece of malware from that users perspective could be as destructive and performance degrading as any system level utility (i.e. zap ones documents, etc etc). With the increasing prevalence of linux desktop design catering to making life easier, I wouldn't be surprised of some D-BUS architecture issue comes up that gives malware a way beyond what things are meant for anyway. In short, it's easy to point and laugh at MS (which admittedly pre-Vista has done far less than other platforms to be secure), going forward we may find that the more fringe platforms in desktop usage can be made to suffer in a similar way to MS software does today. MS in Vista *may* have gotten the point (we'll see), and, albeit annoyingly, takes measures to protect user from himself and applications while maintaining some degree of user-friendliness.
One demonstrative point, Windows used to be rightfully blasted for having open services. They over time closed them in default installs. However, they also have a more stringent firewall configuration to intervene and block traffic to a service that may be listening, and with XP SP2 and Vista, this is there to give the OS fine-grained control over the security policies with moderately effective strategies. I have noticed Ubuntu taking the approach of zero firewall config or even a hint to point people to take measures. The logic being 'we don't have listening services anyway, so it's redundant'. For the sake of ease-of-use, they leave the low level filtering wide open and rely upon the fact that any services running are blessed by the user, the applications have sane policies, and the user is not stupid. An example of this strategy being dangerous: I ('dumb' user) see this neat utility in the apt repo called synergy. I install it and start it up and happily use it as a dumb user with two systems near each other. Meanwhile, since synergy is very lax and is designed explicitly to be protected by other measures, a malicious user connects and pretends to be your other computer. Without thinking you type a password (which often has no feedback anyway), and the malicious user grabbed all they needed, because no firewall policy was in effect to supplement application security that didn't even try.
XML is like violence. If it doesn't solve the problem, use more.
Maybe Microsoft Figured out what the rest of the IT world knows about Symantec and McAfee they are both crappy products.. Symantec is bloated and resource hog and McAffee is well in general bad... Microsoft is trying to lock down the kernel which it should of done years ago all other 3 party apps have to run on top... Just like linux... Linux kernel is locked and secure all other programs dont have access to the linux kernel... Allowing 3rd party apps access to the kernel basically allows anyone to have free reign...Most if not all linux users understand that if a user gets a virus it is containted to their account and doesnt ruin the kernel... OS Still works and the most the admin would have todo is delete that bad account..... MS isnt holding a gun to everyones heads and forcing them to run windows... People are complaining that Windows isnt secure even with all the anti-virus companies arlready out there for Windows XP such as Symantec and McAfee which are the microsoft's of the security software world... maybe users are too ignorant to go out and install the antivirus software but i doubt thats the case i think the case is Symantec and McAfee plain suck and Microsoft is attempting to please the Users by getting Vista more secure... Only time will tell on that objective on how secure vista is and how secure the vista kernel is... I'll still suggest users run linux but applaud MS for attempting to fix their security issues...
it's impossible to find a way around Vista's security? Or that they will actually have to -gasp!- innovate to find a way to provide a second line of defense!
It's inevitable that virus writers are going to find a way in to the core of Vista - why can't the AV companies figure out how to further prevent access to Vista's core, and the user's personal files?
For instance..maybe they could make a smart AV program! Something that doesn't delete itself, critical system files, or refuses to actually delete viruses.
Why do you bother to use an acronym when you're going to spell the whole thing out anyway?
What was once true, is no longer so
There is no system that is completely secure. I doubt there ever will be. AV companies will be more and more important on open source platforms as they become more prevalent. Hackers and virus writers will have more incentive to attack these systems. AV companies will continue to partner with companies like Comcast and Time Warner Cable to deliver free AV to their customers. People who switch away from Microsoft will have need of quality commercial anti virus. Also, I wouldn't assume that a lot of people are going to switch to Vista. Most won't have the hardware for it for a few years at least.
Read my short stories - You won't regret it.
That cooperated with Sony to install spyware on my machine from audio CD's? Cry me a river.
With the new technology by MS it appears that their products are no longer needed. The companies should lay off their employees and license any patents they have. This is like Norton Commander which was no longer useful once DOS was replaced by Windows.
I am currently using Symantecs 2004 version of its Internet security. For reasons of my own, I prefer it to newer versions. But things have changed. A recent occurence has led me to believe that they are NO different then a mobster extorting "protection" monies. I recently installed the previously mentioned software on a new machine. After receiving a message saying that doing so would exceed my allowed amount of installs per purchase, I called customer service and paid for a one-time install on that machine using my old disc. Not long after, I began receiving a message on my other machines (legally installed with a paid for disc, the same one used for the one-time purchase) stating that there was a problem with symantecs internet protection and to please re-install. I had never received this message before buying the one-time purchase. You guessed it. I cannot re-install because I had already used my legal installs up. They knew this and intentionally disabled my legally purchased software in hopes of forcing me to upgrade (i.e. PAY!)just to fix a problem THEY intentionally created. I can no longer use a product I paid for. So, for me, good riddance. Anything that helps to remove these scum from my world is a step forward. I think "parasitic" is an appropriate term here. If they can't make money from you by selling you software to protect from malicious invasion of your machine, then they become that very threat themselves.
... but I wonder how much Microsoft paid McAfee and Symantec to pull this stunt. I mean, I doubt the boards of either company are really all that afraid of being put out of business by Vista, but Microsoft's reputation for security sure does get a nice boost from it.
in this case mcaffee and the others dont have much of an argument. being european and having a somewhat legal background i followed the media player anti-trust suit. the media player is an optional in an OS and bundling it does kill independent developers that's the thought of the judges that condemned MS. security on the other hand is not a feature. its a must. it's a consumer's right to buy a product not compromised by flaws. a security hole is a flaw and the manufacturer has to do its best to prevent them. the whole AV business is based on covering flaws of the MS enviroment for an extra charge. if that enviroment becomes healthier they just don't need to exist anymore but they dont have a case to claim that MS must be flawed in eternity just to support them.
said that i don't really believe that MS is self efficient on the security issues. vista is bound to be cracked\hacked\pirated you name it for mere pressure of market share. sooner or later MS will either compromise and make the AV industry happy again or will just buy a technology and bundle it to cover the holes (for the 400$ that will cost vista i damn well demand a decent AV app). in both cases will never lose an anti trust case on security issues.
i ain't a MS fanboy i tried several times to switch to linux (but i can't type, or i'm too used to the concept of "driver") and i pretty much hate the fact that windows comes bloated with crap i don't need like WMP and movie maker and firewall and most of all MSN msgr not to mention the godawful windows burn cd feature (no way to do away with that i had to reboot everytime i accidentaly drag amd droped something on the cd icon in "my computer"). i just need a platform that makes my hardware run then i add whatever software suits my needs. if MS could really handle security of its OS i would be really happy. i really hate all that crap AV apps that just make my pc slow.
Two points:
1. re: the analogy only working if NAPA were unable to make parts for other cars - there is no such thing as an inalienable right to a business model. Period.
2. re: making it impossible to take on third party tools - you do realize, do you not, that any hook availed to an anti-virus software vendor is an equally good hook for a malware creator. MSFT is the _only_ entity that can solve the virus/malware problem. Period.
You can find the ad on mcafee's homepage. http://www.mcafee.com/us/local_content/misc/vista_ position.pdf
They were all chummy chummy with Microsoft when Netscape was getting their asses handed to them back in the late 90's due to MS bundling IE. Now they are crying like little babies yelling about anti-trust.
I'm no fan of Microsoft, but if you sleep with the black widow, expect that she'll eat you eventually.
I tend to prefer the object-capability approach, but SELinux is another valid example of the techniques that have been invented over the last 40 years to prevent malicious software from causing harm.
It just isn't the network's job to handle security. Or at least, those layers of the network...
http://en.wikipedia.org/wiki/OSI_model
Deleted
What REALLY pisses me off is..
If I buy a door for my house and a thief gets through the door because the door was DEFECTIVE (...lock fell apart, materials problem) I can SUE the door manufacturer for selling me a product that failed (most likely).
If I buy a product from Microsoft (or most vendors) and I get hacked because of BAD code, I can't do a damn thing. And to top it off...Microsoft now wants me to buy MORE software to protect myself from future holes in their software!
I'm not just picking on Microsoft, its a problem in the entire commercial software industry. When the Federal Government get's hit by a virus that takes advantage of a hole, WHY did'nt they sue MS!? Has that EULA EVER been tested by REAL laywers?
Lotus won't run.
I'm having trouble thinking of a clever new version for MacAfee and Symantic.
Vista isn't ready until it's broken MacAfee?
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
What do these companies think about Linux ?
Hey McAffee and Symantec:
Look, Microsoft is screwing you over. Face it. Stop whining about it by placing ads in a newspaper. Start promoting a credible vendor-neutral alternative! Are you capitalists, aren't you? Don't like the market leader? Support alternatives with your dollar!
Support Linux. Promote Linux. Linux is vendor-neutral by nature. With Linux such situation wouldn't happen. And as others have explained, no matter how secure Linux gets, there will be a need for security products, so you won't be out of a job.
I use Linux because it actually is fairly secure, when I know what I'm doing. Windows can be insecure even if I know what I'm doing.
As for eliminating the need for AV, I don't see why a prompt that says "this is a virus" means so much more coming from Norton than "this might be a virus" does coming from Windows/IE/Firefox/whatever. And I agree, clueless users will happen anyway. People will probably always buy AV, whether or not it does anything at all, unless we start educating them. But given the choice, I'd rather make things really secure for people who know what they're doing than sort-of secure for people who don't.
Don't thank God, thank a doctor!
Until you actually need the OS to access something low-level that VMWare doesn't or can't provide. For instance, no virtualization that I know of will allow the guest OS to use 3D acceleration, which is especially bad for Vista.
Don't thank God, thank a doctor!
Not only do they sound like a sceaming child who wanted ice cream for dinner instead of green beans, but at the same time their 'article' is massive commercial-centric FUD translating into, "If we can't make our product work within the kernel, your PC will be DOOMED...DOOOOOOMED! Consider yourself warned!"
They aren't even asking for customer intervention - Ok...now that I've read this, what am I supposed to do? Write my local congressman? Notify Homeland Security? Protest outside of Redmond?
What is McAfee doing aside from complaining? Sounds like not much.
Prove it.
None of that is a real solution for the average user though. SELinux is nice, if you know what you're doing. You have to define what is and is not allowed by each individual program. That right there is too much work for the average user. Its even worse to implement on Windows, considering how many applications that exist for it; many of them all but unheard of. There is no way to protect against the truly unknown. Always ask if your technologically-challenged grand parents are able to use the system easily with little to no real training. That is what companies are aiming for, and always will. Yes, certain things can be done to reduce the damage inflicted by malware, some involve better technological design and others involve better social-engineering type design, but none of that will be as secure as what many here seem to expect ,or experience, every day.
Microsoft should improve its software. It should add new features and new capabilities. Hopefully that includes security features, capabilities, applications. While I have a very strong desire to just say that Microsoft can do whatever it wants with its software, I also believe that users would ultimately be happier with Microsoft should they have the ability for many other choices. In this situation, Microsoft could probably take some actions to reduce the criticisms directed toward them, but its competitors should receive just as much criticism.
After l'affair SONY rootkit where all of those companies conspired to exploit the end users in default of their clear obligations, I want to see them ALL dragged through the mud. Thoroughly. And stepped on by swine. And sexually assaulted by hogs.
Every single one of those companies took people's money, and then betrayed them. MS, McAfee, and Symantec are only some of the unindicted co-conspirators, of course. But their names are at the head of the list.
I think we've pushed this "anyone can grow up to be president" thing too far.
Come on over here to the Linux pool.
The water is fine, I promise.
On a more serious note, I think that Vista may be Microsoft's last great fark-up. A more resource-hungry, less stable, third-party unfriendly, "pretty" version of software they released more than 10 years ago. I know that the OSS camp says this every year; however, if Microsoft doesn't write their next OS from the ground up, they stand to lose a noticable amount of market share.
Each year millions of ripe little consumers are getting jobs and buying themselves a computer. Since the mid 90's, each one of these groups has been getting progressively more tech savvy. Most imporatantly, each one of these groups has been getting more dependent on technology. It is only a matter of time before a shift in consumer expectations of functionality force changes in the market. In my opinion, Linux is in a better position, right now, to deal with that demand.
"By the time they had diminished from 50 to 8, the other dwarves began to suspect 'Hungry.'" -Gary Larson
http://www.flickr.com/photo_zoom.gne?id=258726098& size=o&context=photostream
Has MS actually blocked third party apps from using a technique their own AV software uses or did they block it off from everyone? If vista simply doesn't allow ANY antivirus software, including their own, the ability to run at the level Symantec & Mcafee desire then too damn bad. If they are disadvantaging their competitors without inflicting the same limits on themselves in order to leverage their OS monopoly into the AV market then of course their activities are illegal. The former is whining, learn to adapt. The latter is actionable illegal activity so far as I'm aware.
die by the sword.
Any time you build your business around someone else's products, you're always at least to some degree dependent on their not moving in a direction that disrupts your business.
If I were a Windows user, I'd be happy that Vista need not rely on third party security software in order to function properly. Of course, if I were Symantec, I'd go crying to the courts about abuse of monopoly power.
Read the EFF's Fair Use FAQ
OK, I'm confused... Anti-virus software clearly isn't locked out at the moment - this Vista RC1 box is running AVG as we speak, and I haven't seen any MS anti-virus software of the conventional sort at all - at the moment they've just beefed up the default security a bit.
Anti-spyware, they might be upset about, since Vista ships with Windows Defender - but as far as I can remember, it's not enabled by default - you get the option to enable it during install. You can install any third party anti-spyware you wish though at any time. As it happens I'm also running Spybot S&D as a second line of defence on this Vista system.
So... Can anyone explain what's up with McAfee/Symantec? It's not making any sense to me at the moment. Sure MS may change something in the future, but so far it looks like it's pretty much business as usual?
So, this would be the same Symantec that's alledgedly been unfairly blocking Spybot S&D for nearly a year?i ndex.html
http://www.safer-networking.org.nyud.net:8080/en/
So you don't know that it's hardware than makes it possible to have different privilege levels in an OS?
I suggest you go off quietly and think about the implications of a single address space that is available to all programs, why that is a security issue and why this problem can't be solved in software.
I'm no fan of Microsoft, but the major antivirus companies, especially Symantec, have had this coming for a looo-hooong time.
Most virus writers have moved on to even more damaging (trojans, worms) or lucrative (malware) attacks by now, that the major checkers are either too slow to protect against or, in the case of malware, outright refuse to unless the user buys a new product. Meanwhile even Microsoft Word now contains some built-in anti-virus measures, all the major webmail providers have built-in virus scanning, and many new computers don't even HAVE floppy disks.
This is not to discount the dangers of viruses, mind. My dad once took a new computer back to the store because of a virus on it that simulated a memory parity error, and boy was I EVER mad about that. But that was a 486DX running at 66mHz running Windows 3.1, and that was my last personal experience with viruses. They are just not the threat it once was, yet to listen to these guys, you'd think the world was about to explode, constantly, forever.
McAfee was the company that mongered much fear a few years ago about a JPEG virus that was going around. Remember that one?
Symantec is so anxious that people continue to subscribe to their highly lucrative virus definition service that they'll use any combination of the words "Urgent" and "Recommended," and red and boldface text attributes, to get people to pony up for another year of protection they probably don't need, and Microsoft themselves is a major contributor to this funding source by including that little Security Center taskbar icon to nag users into putting antivirus software on their machine.
Antivirus software is the kind of thing that should be provided by the OS manufacturer for free, because it makes the OS more secure. Windows could certainly use more of that.
While McAfee and Symantec are complaining about this development, Trend Micro, CA, and Avast! have already made their products compatible with Vista. The truth of the matter (at least in the case of Symantec) is that they embed the Norton software so deeply in the OS that removal is next to impossible. I know a lot of people who have completely stopped using Symantec's products because of this. At some point, both Symantec and McAfee need to revisit their protocols and methods of accessing OS resources, otherwise they'll lose more of the XP market due to bloatware.
"no longer supports the HTTP servers used by Hotmail" under Vista
as of June 19, 2006 according to Knowledge Base.
For further information you are advised to join here.
Microsoft's Hotmail employees are downright LIVE about Vista.
If Intel was the only maker of chips, motherboards, and video cards, what choice would you have, but to own an Intel product? I personally think that if you depend on a market made by responding to a poor design, and the design gets fixed, then tough titty, you were milking the situation. How ever, I also think that with Microsoft's track record, I would MUCH prefer to have some backup anti-virus/anti-spyware on ANY box that has their product (OS and Office apps included) installed on it. 2 cents for you all :o)
"My immediate reaction is "WTF? What kind of moron doesn't make things 64-bit safe to begin with?" Linus
It's about time the antivirus companies were forced to rewrite their software. Norton antivirus and symantec antivirus are too bloated and take WAY too many resources. I hope that vista makes symantec and macafee tear down their entire software crapload and make something new and better, maybe something fast loading like dare I say Avast and AVG? I mean really, WTF is up with the horrible boot time that norton and symantec have become? Why are the free antiviruses faster loading and seem to get the job done just as well. Maybe I'm missing something and norton/macafee catch more viruses or something? I've used both for years and I can say that the new guys at Avast and AVG get the job done. Notably, Avast offers a wonderfull boot time virus scan that has saved me quite a few times. Norton's boot time only boots off the CD with no definition updates so WTF, it's no good. In conclusion all I'm saying that norton and macafee can go pound sand until they make an antivirus that loads as quick as or quicker than Avast -- and cheaper. $30+ a year for bloated crapware from norton/macafee...bullshit I haven't bought from them for two years and I'll continue to not buy from them and continue my spree of freeing AOL 9/earthlink/etc. users from macafee until both symantec/macafee get their heads out of their asses and make some decent software. Everyone bashes WindowsXP but I think that some symantec/macfee bashing is due a turn. As far as their complaining in court, I think they should go pound sand. A more secure operating system from microsoft is always welcomed...Although I hope vista has an option to look like windowsXP.
You are categorically wrong in your "parasites" description. Specifically:
"# A parasite is an organism that lives in or on the living tissue of a host organism at the expense of that host."
In no way can these companies be said to exist "at the expense of the host" (Microsoft).
In fact, your analogy is the exact OPPOSITE of what it should be: the relationship between McAffee and Symantec/Norton is SYMBIOTIC, specifically defined as:
"The intimate living together of two dissimilar organisms in a mutually beneficial relationship."
Indeed, the relationship benefits both MS *AND* the virus scanning companies.
How many escape pods are there? "NONE,SIR!" You counted them? "TWICE, SIR!"
Just as antibodies in human/animal bodies can be harmful (too many histamines fighting against pollen, for example), AV software can be just as bad. My computer was having the equivelant of a runny nose because of the invasive AV software. In my opinion, my Symantec AV was the most irritating, resource-hogging, nag-me-to-update, piece of shit I have EVER installed on my PC. Ever. I could not run Netbeans or any other IDE without shutting it down anyway, so I completely removed all AV/AS/whatever from my PC and I am please to say it's it runs faster, better, and cleaner than the day I bought it.
Let's face it, Symantec and others like them are out there to make money, and they do so by preying on the fears of the ignorant. And they keep on coming up with new ways to "protect" you against unlikely or non-existent threats, which of couse, end up costing the consumer mucho dinero for their false sense of security. My advice, DITCH THE FRIGGIN SHIT and be careful of what you download, and you'll be fine. My AV software has *never* and I repeat *never* caught a valid virus or trojan. It is the equivelant of taking expensive medecine when all you had to do was drink clean water, exercise, and eat right in the first place.
Echoing others here, I don't plan on moving on to Vista. Too little too late guys. Besides, if I ever really need to run XP/Vista-compatible software, I'll run it in an emulator on my Mac.
Goodbye Microsoft, it was nice knowing you!
- Seth
They have nerve to complain about anything for what they charge per year for there useless bloat ware. cost omers are just fish to be fried. I would cut off my hands so i could not play with my computer than be robbed by those fools.
What is the difference between charging people "extra" for something or including it in an inflated price?
Do you suppose the "free" shipping at amazon come at no expense? What is the difference between Vista Home and Vista Ultimate. Well, Vista Ultimate costs $200 more than Home, but it comes with additional "free" software.
Why do you bother to use an acronym when you're going to spell the whole thing out anyway?
Yes, exactly, and even if he dropped the acronym it is obvious he is not a mathematician.
Just define "secure" and I'll agree that you can say at least something with "Goedel" in it.
If you want your life to be different, live it differently.
You are going to need it. MS does not enter any market with the intention of doing anything but exterminating the opposition & putting them out of business. Period. Once Symantec and McAfee are toast, the rest will be a mop-up operation, who can be crushed out of business by lowering the price on MS's product(s) until they have to fold. Just like they did to Netscape.
After the competition has been sent to the unemployment line (with maybe a token/pet exception or two so it can claim that there really is competition), MS can forget about improving their product(s) and do what they do best: raise prices a few hundred percent. There won't be anything you slaves can do about it, either.
If you want your life to be different, live it differently.
Which is *exactly* what Microsoft has done...
I've been reading some of the comments, and I feel that people are missing the point. Basically the main arguments I'm seeing is that Microsoft is making it hard for competitors to make their software and/or this does not remove the need for AV programs.
That's the not really the point, what people are missing is that the goal of patchguard technology is NOT to prevent infection, it does no work to prevent viruses/worms/trojans from getting on your system. What it DOES do is prevent this malware from patching code in the system and using rootkit technology to hide from your AV products and system admins.
Basically the idea is that they are trying to remove the ability for malware to hide within your system.
Microsoft is getting this one right for a change and it's about time. AV vendors have been resorting to unsupported and frankly unstable "dirty tricks" to get the job done, it's not Microsoft's fault that they stop allowing an unsupported feature to work, they never said it would ever work to begin with!
This is really no different than when Linux stopped exporting the sys_call_table symbol, it simply is not a good idea, nor is it considered "stable" to hook things like system calls at run-time. I'm not saying it doesn't work, I'm saying it's a kludge since there are all sorts of race conditions that are being introduced, in addition to the stability of the kernel as a whole being subverted due to no way good way of verifying that the hooking code doesn't make a mistake and crash the system.
Bottom line is that AV vendors should quit the whining. They will need to adapt to the fact that MS is actually taking security seriously.
proxy
If they all die, I'd be happy, their software stops crap no more quickly than windows updates for most users, they slow down your machine to a crawl with constant HDD scanning, and when they do claim to find something half the time it's something you want and the other half it "can't quarentine or delete infected files" - I havn't seen good antivirus software in years and years, it's all nearly so invasive and process slowing now that it's worse than the few viruses and spywares it will prevent that free antispyware clients won't.
The bottom line is that AV vendors are riding off the back of 'features' that shouldn't be there in the first place: security problems. Whilst no product is 'safe' (for a start, 'safe' is a matter of definition), MS has most certainly left glaring deficiencies.
If they tidy that up, AV Vendors won't have a market, BUT NEITHER SHOULD MS HAVE as it's a sticking plaster on intrinsically deficient design. There is a potential that MS expects you to pay extra for fixing a problem they caused in the first place. That's not taking security seriously, that's leaving a product defect in place to force people to buy the 'upgrade'. So, no news there then.
You don't really understand that the application needs to go through the operating system to get to the memory and other hardware do you?
...for creating an operating system that doesn't need virus checking :)
-booj
Neither can a virus :)
Seriously, Symantec and McAfee not being able to hack into the bowels of Vista is a GOOD THING(TM). If these guys can't do it, neither can the virus writers.
My last sig was ridiculed
Sure, you can make an OS that doesn't allow programs written in native code to run, but it's not very useful.
Also keep in mind that the context of this discussion is whether MS should have been able to create a secure OS given the platform it started with (i.e. 8088 processor etc). The idea that such an emulator could fit within that environment and still have room for anything else is unrealistic at best.
So what? Their argument basically says the new OS is too secure please make it less secure so our pissant business models can continue flogging yearly bloat-ware. Why can't they release products that patch other security holes...or are they saying Vista is perfectly secure?
It's not Microsoft's fault that these companies were too naive to know that given an ideal OS there would be 0 markets for antivirus or AntiSpyware products. Nor do they need to allow the security apps to be replaced by third party ones. And before some idiot brings up the Media Player argument...media playback is not an essential OS function, security is.
----- I refuse to have an argument with an unarmed person
Anyone who has followed the tale of Spybot S&D vs. Symantec should be tempted to say "tough luck" to Symantec.
Here is the story from http://www.safer-networking.org/en/news/2006-09-29 .html
Summary: For over a year, Symantec has flagged the source anti-spyware package "Spybot Search and Destroy" as "Incompatible software" and urges users to uninstall it when installing Norton Ghost or Norton Internet security. Symantec has refused to work with the author of Spybot or identify the "incompatibility". Both Spybot S&D and Symantec are members of the Anti-Spyware coalition.
-Ejay
AV programs today replace critical OS components, sap unbelievable amounts of system memory resources, slow the overall system down a lot for programs that access a lot of files and frequently are the culprit in installation problems that can cause whole days to be lost. I've said it before and I'll say it again. I've lost far far far more time diagnosing performance or other more serious problems that ultimately were caused by the AV software than I've ever lost due to actual virus attacks. And further, I don't believe that I've ever been saved from a virus by the AV software despite actively downloading and running thousands of programs over the last 20 years.
Valid point. However I'm of the belief that security should be part of the operating system, and if that means an inflated price, it still ought to be included. What I would object to would be Microsoft selling a flawed product, preventing other people from correcting it, and then making users buy an additional product to fix something that should have been included in the first place.
http://www.mcafee.com/us/local_content/misc/vista_ position.pdf