Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Working With Security Vendors

Posted by ryuzaki0 on from the seen-the-light dept.

mikesd81 writes "The BBC is reporting on Microsoft's U-Turn. They've now given security vendors some of the information they want to make their products work with Microsoft's new operating system, Vista." From the article: "Earlier this month, security firm McAfee took out a full-page advert in the Financial Times to alert readers to its worries about the way Microsoft was handling the release of its new operating system. 'Microsoft seems to envision a world in which one giant company not only controls the systems that drive most computers around the world but also the security that protects those computers from viruses and other online threats,' the advert said. "

15 of 98 comments (clear)

  1. Oh No! by balsy2001 · · Score: 4, Funny

    MS is destroying my revenue stream by making a more secure OS!

    --
    GENERATION 27: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
    1. Re:Oh No! by Gunfighter · · Score: 2, Insightful

      There's actually a lot of truth to this statement. Success for Microsoft can mean an overall decrease in long term recurring revenue for a variety of service providers (even Microsoft Certified Solution Providers). If Vista is more secure, it means less need for "more secure" alternatives. For those of us who base our living off of maintaining and supporting said alternatives, this is a bad thing.

      Personally, I support homogenous networks; so I will see a spike in revenue from any XP->Vista upgrades. In the long run, there will be a decline in revenue if Vista is more secure. A more secure OS means fewer customer calls for security related issues and a decrease in the sales, installation, maintenance, and support of security related products. Initially, the antivirus/antispyware/firewall/IDS/etc. sales and support would stay the course. People have it engraved in the back of their heads that they need all of these things when they're running a Windows environment. Over time, the perception and realization would be that such preventative measures are no longer required.

      Luckily, I don't think Microsoft is releasing a more secure OS. Just like every Microsoft Operating System to date, I have a feeling they will roll it out with trumpets blaring and decree how secure it is.... only to have some black hat cracker show up at a hacker conference with an arsenal of exploits and blow holes in their hard work. We all know that there is no such thing as a completely secure networked computer; but I would caveat that with "especially a Microsoft-powered system." I don't see that caveat changing any time in the near future.

      --
      -- Stu

      /. ID under 2,000. I feel old now.
  2. This is all so dumb by Moby+Cock · · Score: 2, Insightful

    While I revile MS for their draconian business practices, Mcafee is not much better. The problemm with security is that everyone have (roughly) the same system. There is no variation in the computers on the 'net. A windows box with Mcafee (or Norton, to me they are all the same) is as vulnerable as anyother equivalently equpipped box. So a virus will spread quickly. Imagine every person ob earth had an equivalent immune system. Every mutated bug would render the entire population out for the count.
    For Mcafee to raise the alarm that MS was playing fast and loose with security by freezing out security software is just crap. Its FUD just like the crap MS spouts. Although it seems to have worked in this case.

  3. Re:Never Happy by Silver+Sloth · · Score: 2, Insightful
    Well... er... yes.... but....

    The otherside of the arguement is that the proposed Vista lockout would leave M$ as the only suppliers of anti malware (Ok, so Symantic don't seem to agree, but I'm stating McAfee's aguement, not mine) and we are all aware of the dangers of a monoculture, especially one run by Seatle's finest.

    What I want, if at all posible, is the choice to run which anti malware systems I choose.

    --
    init 11 - for when you need that edge.
  4. Re:Never Happy by lbmouse · · Score: 2

    Do you honestly believe that if MS locks down Vista it will solve any security issue? If anything it makes the OS more vulnerable because now the only people that are aware of the security holes are either working in Redmond and/or working to find ways to take advantage of the holes (aka, bad guys). IMHO it's a good thing to have as many (good guy) eyes as possible reviewing an OS's framework.

  5. Re:World Domination by MollyB · · Score: 3, Insightful

    Don't they just do what they want unless they "lose" a legal case, then continue whilst appealing until the suit is moot? Or until a settlement is reached (money changes hands and minds)?

    MS is such a juggernaut that it flows around or over obstacles, like an avalanche, tsunami, mud (fud?) slide, etc. If McAfee and company survive, they'll be the exception that makes the rule, imho.

  6. Re:A trickle... by Rob86TA · · Score: 5, Insightful

    That's funny... Trend Micro had a fully working Anti-virus product during the Beta. They didn't need any special "Kernel Interface Documenation" to make it work. All the information needed was already available, this is about Norton and McAfee whining because THEY couldn't work with MS and wanted special kernel access, not the other way around.

  7. And the problem with Microsoft Securing by Frumious+Wombat · · Score: 2, Insightful

    their OS is....?

    From the Original post: 'Microsoft seems to envision ... but also the security that protects those computers from viruses and other online threats,'

    Not to be picky, but on my Solaris boxes, I don't call up McAffee every time a security vulnerability is released, nor do I call them to protect my AIX systems from Crackers either. I expect that Sun and IBM, respectively, will secure their OS, issue patches, and provide the appropriate tools to manage security. We've been letting Microsoft get away with fobbing that duty off on third-parties for far too long. Pity if that impacts Symantec's business model, but Microsoft should have years ago either (a) fixed their OS or (b) taken the tcp/ip stack out and stuck a big, neon-orange, sticker on every box and install disk which reads, "This Products Is Terminally Insecure and If You Let It Connect to a Network, 12-Year Old Script Kiddies Will OWN Your Valuable Corporate DATA! Within 20 Minutes Or Less!"

    It's hard in a case like this to know which one of them (Microsoft or Symantec) to have less sympathy for.

    --
    the more accurate the calculations became, the more the concepts tended to vanish into thin air. R. S. Mulliken
  8. Antivirus and Security by TheRecklessWanderer · · Score: 3, Interesting

    It seems to me that lately the large players in the AV world (Norton, McAfee) have been trying so hard to differentiate their product from standard Microsoft offerings (i.e. add value to their products) that the cost/benefit of having one of the major player products is not good. We had a 20 or so copies of NAV 2005 (or maybe it was 2004) and we ordered them through Ingram Micro and we got the licences. So we installed the licences, and then a couple of weeks later they would need to be activated (again) but wouldn't accept the #. So after a month or so of this we scrapped the norton product, went to AVG and have had no problems since. So the moral of the story is that the large players are trying so hard to show that you HAVE TO have their product, and to make sure that you pay for it, that it is not a usable product, IMHO.

    --
    Mean what you say...say what you mean.
  9. Mark my words... by justinbach · · Score: 4, Funny

    Microsoft's security is gonna do a total 360!

    --
    I left my wallet in El Sigundo!
  10. Re:World Domination by Rob+T+Firefly · · Score: 2, Insightful

    I like MS-bashing as much as the next basher, but this is just a cheap shot. When you get down to it, isn't virtually every company in every trade envisioning a world in which they eventually snuff out all the competition and grow to become the only source for whatever it is they do? Even if you know it won't logically happen, it's still the general goal that's paraphrased into the "mission statement" posters in every corporate breakroom.

    --
    Slashdot Burying Stories About Slashdot Media Owned
  11. Good news, but not great news... by jmagar.com · · Score: 2, Funny
    I'm glad that Microsoft is being more open, and co-operating more. But I believe the real security improvements are from Microsoft, and the McAffees and Nortons of the world are becoming less relevant. I installed the latest McAfee "security center" on my mother in-law's PC and the system performance was cut damn near in half. The experience has cemented in my mind that an up to date version of Windows with the latest security patches is the right way to go, and that these third party tools are bloatware, and resource hogs. And that the protection they provide is an illusion anyway, since Microsoft patches holes much faster these days anyway. By the time the security vendors have a new identity update, Microsoft has patched the hole... So why waste the time, and money on these things anyway?

    The short answer is that it makes her "feel" more secure. (I'm not sure that she really is though)

    --
    www.jmagar.com
    -
  12. There seems to be a massive misconception here by Myria · · Score: 2, Insightful

    Reading the comments here, I think that most people aren't aware of what PatchGuard is.

    PatchGuard, quite simply, is "security through obscurity". Basically, while the kernel is running, a hidden background thread continuously hashes the code sections of the kernel and validates that nothing has changed. If something changes, the system bugchecks (blue screens). PatchGuard's security comes from it being obfuscated.

    PatchGuard doesn't offer true security. It has nothing to do with escalation of privilege - if you're able to modify the kernel, it's already too late. PatchGuard was intended to stop commercial products from patching the kernel because frequently they do so improperly, and end up causing instability and local privilege elevation exploits. If a company got around PatchGuard, their product would only work until the next second Tuesday. However, rootkit authors may not care about that "time limit".

    Certainly PatchGuard helps slightly with DRM. However its more important use is preventing companies from doing improper kernel hacks. With Microsoft bowing to these companies, PatchGuard's only use is now DRM.

    By the way, the only reason Microsoft is doing this is because of Europe's antitrust complaints. No full page ad will convince Microsoft of anything.

    Melissa

    --
    "Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
    1. Re:There seems to be a massive misconception here by drsmithy · · Score: 3, Interesting

      PatchGuard, quite simply, is "security through obscurity".

      No, it's not. Saying PatchGuard is "security through obscurity" is like saying passwords, etc are "security through obscurity".

      Basically, while the kernel is running, a hidden background thread continuously hashes the code sections of the kernel and validates that nothing has changed. If something changes, the system bugchecks (blue screens). PatchGuard's security comes from it being obfuscated.

      No, PatchGuard's security comes from not allowing unknown code to execute in kernel space. Ie: it stops things like rootkits from functioning by crashing the OS when it detects unauthorised activity.

      PatchGuard doesn't offer true security.

      No one measure offers "true security". PatchGuard is just another part of a layered security model.

      It has nothing to do with escalation of privilege - if you're able to modify the kernel, it's already too late.

      No, only if you *actually can* modify the kernel, is it already too late [for the kinds of attacks PatchGuard is protecting against]. Which is why the system crash-dumps - because there's not much else you can do in the face of an attacker who has already reached that level of privilege.

      PatchGuard was intended to stop commercial products from patching the kernel because frequently they do so improperly, and end up causing instability and local privilege elevation exploits. If a company got around PatchGuard, their product would only work until the next second Tuesday. However, rootkit authors may not care about that "time limit".

      PatchGuard is there to stop malicious and unknown interceptions of low-level system calls. In other words, the kind of stuff rootkits (in addition to badly written, but legitimate applications) do.

  13. Re:I look forward to that... by mgblst · · Score: 2, Informative

    McAffee came about in the days of Msdos, when viruses would replace the boot sector, or attach themselves to the end of EXE and COM files. I am not sure that you can blame Microsoft for that one - there were before the days of encrypion and kernel protection, when any program had full access to memory, so there is not way you could stop it, without building a more secure os. And you can't start of building a more secure OS. (You need money, and ideas!)