Slashdot Mirror
The Netscaping of Symantec and McAfee
rs232 writes to mention a C|Net article about the uncertain future of the popular anti-virus software companies. "I mention Netscape because, if you believe Symantec and McAfee, a similar situation is about to unfold within the security industry. Microsoft, again recognizing late that it had failed to seize upon this thing called security, is now about to bundle its own security solutions within Windows Vista and further enforce new security policies that lock out some third-party security solutions altogether. Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape."
symantec does make firewalls as well.
Netscape had a product, which filled in a need customers had: a web browser.
Symantect and McCafe are only parasites, leeching from Microsoft's -mistakes-. It was unevitable that Microsoft would one day try to fix those mistakes, and unlike things like Office Suites, it is Microsoft's -responsability- to fix this mistake, and it is a feature that SHOULD be part of an operating system (aka: security, though Microsoft's implementation is debatable).
Not only that, but McCafe's and Symantec's products are viruses of their own, doing unthinkable things to the operating system and screwing over their users: They are malwares. I, for one, HOPE these 2 companies die soon, or find a new business model.
Who speaks reverently of the early builds of Netscape? 2 and 3 weren't awful, but they weren't great either. And I think we all remember the abortion that was 4.
"Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape."
Speak reverently of Symantec...... Bwahahahahaha
There was Microsoft anti-virus software with early versions of MS Dos, software which got scrapped when Windows 98 et al hit the scene.
McAfee and Symantec exist because of problems that exist in the Windows code. They are concerned b/c Microsoft is releasing its own "security" software, which I agree with to a point, but they are also pissed off because MSFT is locking them out of the kernel (as they have been since x64's XP).
So b/c MSFT is actually doing some stuff to try and protect themselves from outside code (in addition to outside vendors) we're supposed to feel sorry for these people? Either revamp your products and find different stuff to fix or move along.
That or stop whining about MSFT locking you out of the kernel and concentrate on them selling software that "fixes" problems in their own buggy OS.
The so-called security vendors are best off when there is a proliferation of viruses and people are scared to death of the Internet. Their business model disappears if the Internet actually becomes a secure platform.
Microsoft wants to see the number of exploits impacting its operating system disappear to zero. Only if they are successful will they kill the security vendors. And if not, the security vendors will prosper.
I stopped using Netscape as their "new and improved" releases became huge, very slow bloated with unneeded features that don't even belong in a browser (email? Use an email client!) and crashed all the time. (It took the Mozilla guys to do for free what Netscape engineers were paid to do and failed to do: make a nice version of that browser). McAfee, etc should not have to worry about this as long as they improve their products instead of turn them into unusable monsters.
Where were you when the voynix came?
Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape.
I don't see a problem with that since I don't use either product and wouldn't mind seeing these two outfits go into the software oblivion. Microsoft will get lazy about updating the features on its security software and open source will come to the rescue with something better. It'll be IE vs. Firefox all over again. Ultimately, the consumer will still win out.
In the meantime, and as I have posted before, quis custodiet ipsos custodes? Who is going to verify that Microsoft's security solutions perform as expected? Would you, if you were a CIO, be happy believing that the same company that designed your desktop and server operating system was also responsible for providing oversight of its security? Whatever you think about lawyers, would you trust the entire judicial system to the police?
Pining for the fjords
Symantec's and McAffee's respective antivirus products are some of the buggiest software I've ever seen. The latest versions of both are awful memory hogs with questionable reliability and average detection rates. McAffee installs are widely known to 'go bad', resulting in cryptic error messages, failed updates, and vulnerable systems. There are threads upon threads in the Dell forums of users trying to ununstall McAffee off a brand new computer and failing.
As for Symantec, , I had a computer at work with a copy of Symantec Corporate AV 10.1 (the latest version) still installed after we chose to migrate away from it due to ever rising costs and poor support. I tried to uninstall it. The uninstaller crashed. Then, every time I tried to right click, it tried to reinstall itself. Yes, you read that right - Symantec's antivirus installs a handler that traps every right click within Explorer that runs a check to see if files are missing. After two hours on the phone with a Symantec rep who didn't know what they were talking about, I finally had it cleaned off the system.
What I'm trying to say, I suppose, is that the original Netscape, while not perfect software, had the right vision behind it. Symantec and McAffee don't. Both companies have gone downhill, and I'm absolutely sure it's for reasons completely unrelated to Vista's new kernel.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
As a sysadmin supporting the usual symantec products, reverently is never a term I would use to speak of their products.
Second, Symantec and others are doomed partially because of their products.
Finally, they are doomed anyway because it fulfills so many objectives at Microsoft. The potential for revenue is too great to turn away and the only path to desktop revenue growth for the OS is to tighten the DRM noose until it is the equivalent of your cable/satellite set top box. Any other path is too risky/difficult.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
It's fashionable to bash Symantec and McAfee and make ridiculous comparisons between them and viruses, but they're just companies meeting a demand for specific software. They are no more leaching off of microsoft than car-washes 'leech' off the auto-industry.
The OS is changing, and the nature of threats are changing. These companies started by writing software to protect against disk-to-disk threats, then file infectors, then worms, and so on. Each has changed their business model as the needs of the market have changed, and I'd be hesitant to casually write them off just yet.
The market will decide things in the end. Either the companies change and continue to meet customer demand, or they won't, and they'll fade away. My money is on smart people staying fresh and changing based on their past history.
The alternative is to essentially say "Netcraft confirms that security software companies are dead!", with just as much legitamacy.
If Microsoft were to succeed in shutting out security vendors (which I don't think they really want), they'd be digging their own grave. Many of Microsoft's security problems now stem from their dominance in the browser market - had Netscape won the browser wars, Microsoft would likely not be vilified to the extent it is today since security would not be as big of an issue.
The one thing that has made Microsoft's products at least somewhat secure are the third party security products. If Microsoft shut out these security products, it is unlikely they could provide the same level of security that users expect from their O/S's. Take away McAfee, Norton, and the other security vendors and Microsoft's profit and revenues would be impressive until users became tired of the constant security breaches and holes.
If Microsoft moves forward with shutting out 3rd party security companies, Linux vendors and Apple will be the big winners, not Microsoft
Crack - Free with every butt and set of boobs
The market for anti-virus software is a response to poor software design. So Microsoft claim they will fix it, and in the process are bundling tools similar to their competitors'. But the ultimate solution will will require not a reactive solution - which is why anti-virus software does - but a proactive solution, similar to just about every other professional OS. That is, pervasive use of filesystem ACLs, low privilege user accounts, etc etc etc. That is, enough security such that if a virus does run - it wouldn't do much damage.
Wouldn't a Windows system with proper security be just as damaging to these anti-virus makers as Microsoft bundling anti-virus software? And isn't the OS maker the proper responsible party for system security?
I'd say a comparison with Netscape is a bit off.
Next victim? Adobe: with its PDF and Flash.
Open sourcing these products, and creating decent interfaces for their PDF reader are the only feasible things [for Adobe] to do in my opinion. QT would be better than using GTK. You might wonder why: I cannot type or paste a link in the file selector dialogue of Adobe's PDF reader, in this day and age!! Think of it.
These are the dying pleas from strategy officers. Although I hate to mention it, there are some serious (kernel patch protection) security improvements for Vista - and if they cannot adapt to the way their 'piggy backing' is being jeopardized, they'll just have to crumple. They are however well known security groups, so entering into new medias wouldn't be a terrible idea.
And who says their gonna be losing business within the first, one, two, or three years after Vista's release. What about home users and, the elderly.
- cam
Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something. -Heinlein
Netscape were visionary and had a good product. The AV vendors wouldn't even exist if Microsoft had designed a secure OS.
When your company makes a single product, you cannot complain when that product is no longer relevant. They should have diversified when they had the capital to do so.
Also, Symantec and every other virus scanner makes use of non-approved APIs in win32. They were not documented, and not approved for the use that security companies gave them. Vista is finally removing deprecated APIs and replacing them with documented, hopefully bug-free versions. They have said numerous times in their blogs and elsewhere that they will help existing companies convert existing API calls into standard calls. Symantec et all are complaining because they make such liberal use of these APIs that they are facing a huge challenge to get their product on the market quickly, if at all.
Note that one-time file scanners will still work, e.g., what your e-mail client does with received messages. That can all run just fine in user space. The pervasiveness of anti virus clients, though, would require complete administrator access, something Microsoft has been trying to get rid of for every day use (as they should!). If you allow Anti virus software to run in administrator mode while in user mode, you also open the door to viruses easily being able to do the same.
Human activity and especially software in particular seem to follow a cycle of exploration and compaction phases. I remember when a disk defragmenter was an extra piece of software you bought (Blitzdisk on the Amiga). As time goes by, what used to be peripheral functions become part of the core operating system. This is a good thing. I expect a web browser, media player, word processors (even Notepad counts), and so on to be available immediately upon a fresh install. Microsoft is legitimately trying to improve their Windows product. They are improving their customer experience by folding new functions into the operating system such as anti-malware (or other nasties), and security (firewalls and such). This represents the compaction phase of the cycle preparing the way for the next exploration phase.
Shh.
...symantec in particular brings a system to its knees. Realtime scanning is a great idea IF it doesn't render your computer unusable. For obvious reasons you are forced to used the latest version, which just gets bigger and bigger and bigger. I've started dumping Symantec in favor of a daily clamwin scan. Not as good...but at least the computer is usable.
I don't think Symantec and McAfee will have a problem in the near future. It think it's the same thing as with personal firewalls. Even though Windows XP has a built-in firewall (which covers only incoming connections, I know), people feel the need for additional security. I won't write about the pros and cons of personal firewalls and the use of Symantec's and McAfee's products, but I believe that the average user will simply keep buying security products. They come in nice boxes and as we all know, Windows isn't safe if you use it as it is.
I don't think Microsoft's marketing will change this perception in the next few years, so many computer users will still believe what the traditional security software vendors tell them.
The strength of a civilization is not measured by its ability to fight wars, but rather by its ability to prevent them.
Symantec and Mcafee are more like Netscape every day. The put out slow, bloated, buggy code.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
Security companies can continue with the current business model, creating software to fix Microsoft mistakes and target Windows malware. There must be heaps of user-hostile code in Vista's DRM schemes.
You do know that it is Microsoft's VISTA OS right? Can't they build in what they want? No One is FORCING anyone to buy Vista, the can buy MacOS or Download any version of Linux they want, Microsoft wrote the code, its theirs, if they want to lock out vendors, or increase or decrease security on a whim, they can, its theirs... doesn't anyone get this? If you don't like MS, choose some other vendors OS...
Symantec and McAfee are only in business because of Microsofts mistakes, true. I'd love to see them go out of business because MS had finally made a secure product. But that's not what MS are doing. Rather than making Windows secure, MS are making it difficult for the AV companies to operate. Sure, they're plugging Windows, but the wrong bits. It's not security, it's monopoly. We've seen this before.
In my opinion, the major "anti-virus" vendors are precisely the type of parasitical hanger-on that you DO NOT want on your computer in the first place. They use an unGodly amount of resources and greatly slow down the machine they're "protecting." They live merely because Microsoft has been unwilling/unable to write secure code. So now Microsoft is trying to fix that (rolling eyes) and these parasites are crying about unfair competition. Do you propose that the EU forces Microsoft to write less secure code in order to allow these companies to maintain their relevance? That seems rather foolish.
Let's use an analogy. Let's say I build an automobile and it's famous for having fuel injectors that clog up. People begin getting annoyed as the engine runs worse and worse until they get stuck on the side of the road. Along comes WidgetX. They invent a device that attaches to the engine end somehow "prevents" the problem. The downside is that the efficiency of the engine drops and you burn a LOT more gas, but your odds of getting stuck on the side of the road are greatly reduced. The next model year, the car company redesigns the engine so that the injectors no longer get clogged. WidgetX cries foul because now their product has become both unecessary and it has become obvious how wasteful of resources it was. So WidgetX demands the EU authorities to force the car company to go back to selling failure prone injectors instead of coming up with another innovation that actually helps consumers.
Call me crazy, but I don't see Microsoft as the "bad guy" here at all.....
Early builds of Netscape suck. I'm trying to get 4.08 to run on Windows 3.11 under Virtual PC but it crashes on launch! At least IE doesn't crash until it encounters a font the system doesn't have. Opera on the other hand is <3 and doesn't crash.
riddance.
Both of these products, and Norton too, piss me off to no end when trying to debug problems on my friends' computers. I would never install them on my own computer, and haven't needed anything like it in ages on any other operating system. Since I end up having to reinstall Windows ANYWAYS, I always just tell people not to worry so much about viruses. I just tell them, don't click something stupid, don't use IE, you'll be fine. It's just one more "fear factor" that is so abundant in people's lives these days. Viruses are the last thing anyone should be afraid of.
Anti-virus software is nothing but leeches on CPU time, memory, and network speed.
This Just In: Symantec sues Linux for creating a secure product, denying the company a potential revenue stream.
I'm no fan of Windows, you'll never see me use an OS that requires fifteen free gigs just to install, but if they're finally getting their security right then I guess the security vendors are S.O.L.
...tough luck. This time it is not a function unrelated to the OS that Microsoft is bullying the competition out of, but security of the OS itself. Security companies were spawned by MS' mistakes and they simply failed to grow healthy diverse business offering value other than compensating for MS' mistakes. Nobody is investing in them, some are histerically dabbling in spyware (or so I seem to remember reading somewhere sometime) and are generally about to crash and burn.
Symantec and McAfee will find new lines of business or fade away because they are selling products that shouldn't exist at all.
These products are based on identifying any of hundreds of thousands of programs and stopping them from executing—in an environment containing a few dozen programs the user actually wants to run. It's far easier to allow the few dozen and deny access to anything that isn't on this short list than to check everything against a very long and growing longer list of signatures and behaviours.
In the fullness of time, MS operating systems will fully implement Default Deny security, a path they have already started down; PatchGuard is part of it. When this is done, there will be nothing for anti-virus software to do.
I run my systems using just this part of F-Secure (Application Control enabled, everything else disabled) and the occasional scan. Same approach to browsers: all is forbidden unless expressly allowed. Scan results are always zero hits.
I look forward to the day when this is written into the OS code. Vista security is a good start.
I'm a Programmer. That's one level above Software Engineer and one level below Engineer.
Once you have a browser, you can use it for years. Not so for anti-virus software. If you ignore a few cycles of updates, it's pretty much useless. They could give away the base software and still make money from the updates.
For Microsoft to compete with McAfee et al, it has to do as good a job as they do with the updates. In this case, Microsoft won't be able to compete by producing an inferior product and using its overwhelming marketing force. If McAfee can produce updates within hours and it takes weeks for Microsoft then people will see the value of going with McAfee and continue to buy it.
Having said the above, I really do think all these companies have to pull up their socks. Nothing slows a computer down like having a couple of pieces of security software fighting with each other.
I used to exclusively use Norton AV on mine and my clients systems, but ever since Norton tried sneaking DRM spyware into their AV downloads I have switched everybody I can to AVG. It turns out that AVG is cleaner, easier to use, and safer than anything else I've seen out there. Best of all it's free for non-commercial use. I've already heard rumors that Microsoft is letting market considerations determine which software is filtered by their AV so I'm planning to continue to use AVG until I know for sure otherwise.
Unless we move to a trusted computing model where MS (or someone else) decides what can and can't run we'll need virus scanners. Why? Because an OS isn't broken when it does what you ask it to. If you are the system administrator and you order your computer to execute something, it can't second guess you. It's job is to run the software. If that software happens to be evil, well then that's your business. I mean I can send you a shell script that does "rm -rf ~" and if you are gullible enough to run it, well you just lost all your data. The OS can't defend against that.
Virus scanners, however, try to. A virus scanner is like a bouncer. It's got a list of know bad guys, and the good ones can tell if it's the same guy in a wig (heuristic scanning). A virus scanner will go and say "Hey boss, this file is probably bad, you should let me delete it."
Mcaffee and Symantec's problem isn't that viruses will go away. Unless we get an Orwellian TCPA/Palladium type setup they won't. The problem is their software sucks, is over priced, causes problems, and has much better alternatives. AVG is faster, does a better job scanning and costs less money. Why would I want to buy from Symantec?
IF you can get realtime scanning that doesn't slow you down. Try out AVG sometime. When I first got it, there was so little impact I was sure it wasn't doing anything. So I went and grabbed a virus to test it. Immediately, AVG threw up a red flag.
The threat to Symantec isn't MS making Windows unvirusable, that's not possible (barring trusted computing), the threat is that there are new AV companies that make good, fast, cheap products that beat the crap out of symantec's offerings. AVG and Kaspersky are two excellent choices. Also I hear lots of good things about Bitdefender though it leads to bluescreens on my (and other's) system.
Virii, worms, and malware all exist because MS makes famously insecure products. Symantec and McAfee exist because virii, worms, and malware exist.
Symantec and McAfee need to at least acknowledge that their business models are based on design flaws, poor implemetation, and bad coding practices within MS. They should thank Bill and crew for the ability to complain when a fraction of these inadequacies are fixed after many years.
I'm not defending MS and their monopolistic procatices, but this isn't simply another Netscape crushing. Netscape was a user space product. This is about fundamental flaws at the core of the Windows OS: about as faw away from user space as you can get. That these flaws permeate into the userspace is beside the fact.
Symantec and McAfee (and many others) have spent the past decade or more cleaning up after MS in terms of security. Now they want to bitch when their lazy benefactor decides to take some responsibility? But, the issue isn't the mere taking of the responsibility, it's more about the monopolizing of that responsibility. No one has any reason to believe that MS' anti-crapware will be more effective than any third party solution. MS allowed security to become a third party market, now they want to be that market.
MS is wrong for closing out vendors from providing a complete third party security solution. However, MS is more wrong for not writing secure products in the first place, and certainly for not understanding what comprises an operating system.
Windows security vendors only have something to worry about if MS actually produces a secure operating system. I don't believe they think this is possible, which is why they haven't broadened their product lines. Until hell freezes over, Symantec and McAfee should all but shut up and enjoy what MS has given them.
If there is a monopoly (or even an oligopoly) on antivirus software you can bet on virus writers will test their software to make sure that it is undetected. Having a wide range of antivirus programs is essential or else pretty soon and the major AV software sucks compared to anything else. While people with Vista Home Edition will likely run the Windows AV Software, IT departments at corporations will most likely stick with Symantec and McAfee or whatever else they have.
Symantec and Network Associates will continue to pay their way onto every new Dell, HP, Gateway, Toshiba computer (with a three-month trial subscription), so the average consumer will still end up with a third-party security suite preinstalled.
Let's hope the Vista versions of their products don't suck as massively as their current offerings... but they will.
people still use that crap called symantec and mcafee?
My company deletes XP and installs 2000 on all new machines.
Thare won't any netscaping for at least 5 -10 years IMHO.
Many companies don't seem to be bitching. Sophos announced they'll have a Vista compatible version out a couple weeks before Vista (their current version even works with realtime scanning, it just can't update or interact with the desktop). AVG has apparently been working with Vista since Beta 2 (I haven't tried it) and the 7.5 version is listed as Vista ready. Kaspersky Labs says "From what we have seen of Vista, we cannot tell that Microsoft is blocking access to the core."
So it seems that whatever the problem that Symantec and Mcafee are having, it's not universal to virus scanners. Seems more like they are lazy and don't want to do any rewriting whereas their competitors are on the stick.
I had two computers with Norton Antivirus (2005 I think it was) installed. I could get it off the XP computer cleanly, but the one with Windows ME, it still left bits and pieces all over the place... had to uninstall it, remove it, delete stuff- and eventually reformat the hard drive and install Linux. AVG Antivirus was what I used in the interim, and it did a good job of keeping up with the crap my parents kept dumping on it. It's amazing how Norton got itself keyed into the system like that, and there's really no way it should have been doing that. I should be able to uninstall it- and have it be gone. It not doing so is rather virus-like, and I'll never use Norton antivirus or firewall again.
Care about privacy? Read this!
Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape.
I don't know about you, but it will be a cold, cold day in hell before I speak reverently of McAfee or Symantec. It's much more likely that I will gripe about Windows' vulnerabilities and the marginally effective, resource-hogging third-party antivirus software that kinda sorta fixed the problem.
Proud member of the Weirdo-American community.
These companies have increasingly adopted unethical tacttics themselves - just try uninstalling McAfee from a Dell pre-install.
Worse, when my grandmother (who was technically capable enough to set herself up for broadband) recently bought a new PC (a Dell) - it took two weeks of frequent support from me finally to identify why she was not getting any email: McAfee's entirely unnecessary, premium, spam filter 'trial' program was changing the settings in Outlook Express so that it could intercept email. Only it was so buggy that whilst it intercepted the POP3 checking, it failed to connect to the mailbox, so Gran got no email.
Finally, you only have to see all the nonsense press releases from these companies ("barcode scanning virus" [no, it was nonsense]).
Desperate and unethical marketing has wiped out my faith in these companies, and the sooner they cease to exist the better.
Mcafee and Symantec do more than just try to compensate for holes in the Windows OS. People seem to forget that not all virii and malware is technically based.
There is a whole class of malware that is purely spread by people passing around code that they themselves execute. If your grandma gets a virus attachment that says "I love you, Grandma", she's probably going to open it, even if she's running 100% perfect Vista, or Mcafee or Symantec. Sure, it might get caught by whatever her anti-virus protection is, but that's if her signatures are up to date. Will Microsoft have the time and resources to keep all signatures up to date? With their cash, perhaps, but then we've all seen their patch release schedule. In any case, the holes in the windows OS at that point are moot. Grandma herself is the security risk.
Additionally, these companies are not stuck on the desktops of your enduser consumers. There are all kinds of backend network and instrusion detection systems they sell. Even before it gets to Grandma's computer, they have scanning products for routers, anti-hacking intrusion protection software and all kinds of other security software programs.
Enduser consumer products only make up a smaller percentage of the current security market, there are all kinds of corporate and backend reasons for having security software. Instead of having a worm running rampant, trying and failing to access 10,000 desktops in your internal company network, it's easier to stop it once at the gateway, before it even gets in, which has nothing to do with desktop OS's. It's the same reason companies like Cisco are coming at it from the other direction.
Microsoft getting into the security game hurts them, I'm sure, but don't make the mistake that it's the end of the road. It just kind of bugs me when I read comments about the over-simplification of the security market.
Windows will be insecure while it has such market share. Security issues and viruses and such are natural phenomenon, they don't depend much of operating system. So far, Windows was perfect target. If Linux had such market share, 'malicious' people would make badware for it. And with source code being openly available, weaknesses are not too difficult to find.
So, this is an opinion piece, tying together loosely related facts, but there isn't much to worry about. Look at the product lines at these two companies - they make all kinds of non-AV software. These large ISV's get more insight into MSFT product road-maps than just about anybody - they knew this was coming.
I'm not sure where all the hatred for AV vendors comes from. Sure, you can't run a Windows system without an AV package, but that's not the fault of the AV vendors. These guys have been filling a need for DOS and Windows users for about 20 years. You don't have to buy their software, but their existence isn't hurting anyone. There are plenty of free and smaller-circulation commercial AV packages out there if you don't like these two. Use them instead. But to say "these companies must die" - really, why again? Because their software doesn't always work? Isn't that true of all software? Because once an AV package "messed up your computer" and you had to reinstall Windows? Maybe. More likely, your computer was already broken and an AV software installation was the straw that broke the camel's back.
AV vendors deal with a lot of confused end-users because their apps get deep into the OS and can get stomped by bad device drivers, OS changes, and other 3rd party software. AV software is often the canary in the coal-mine, alerting you to some underlying problem (your video driver has a memory leak, somebody's installer rolled-back an OS file to a previous version, etc).
If you don't like AV software, don't run Windows. Oh, wait, you don't? So what is your point exactly?
You can't bookmark pages either. In 2006 you can't bookmark pages!
I don't see how MS can lose.
Belief is the currency of delusion.
You guys are acting like MS is finally cleaning their act up or something. Duh! Their One Care is a competing product that you will have to pay for in addition to purchasing their own #*$&(#*@ OS. Funny, the service is priced the same as the vendors they are locking out.
When you think about it, this ITSELF introduces another vulnerability. Another point of failure. Why bother exploiting the OS, when you can use the nice convenient path provided to you by the AV software? Everyone seems to forget this.
Microsoft gets bashed for their 'insecurity' and the moment they try and IMPROVE that, they get flamed, and people cry foul and start throwing around such words as 'monopoly', 'abuse', 'lock-out', and the tin-foil hatters come out of the woodwork and start bashing MS security, while somehow totally missing the absurdity in what they're saying!
Other AV companies have managed to adapt to the kernel lockouts, why can't Symantec and McAfee do the same? Instead, they'd rather keep their grubby paws hooked into the OS as deep as they can be, so that they can effectively hose a user's installation, then charge them $80 for phone support to resolve the issue.
People can't have it both ways. You have to give credit where credit is due. Windows One Care is not installed by default, it's a FOR PAY product (which totally differentiates it from IE vs All) that you have to buy IN ADDITION to the OS. Windows Defender is free, and protects against spyware, and comes pre-installed. While I don't particularly like that, it doesn't really bother me either. People install Yahoo Messenger, and it wants to install a Toolbar with Yahoo Anti-Spy. The same goes for Google, AIM, MSN(yes I know that's redundant), and a plethora of other IM options, and even just generic toolbars. Most ISPs now days 'give' you AV/AS to use. So Windows Defender doesn't bother me, there's already another 50 billion people trying to give me spyware protection (none of which I use, the standard Windows Firewall is quite sufficient for me thank you), so why not MS too?
I had the opportunity to participate in the beta for OneCare (wasn't hard, they offered it free, and I liked that idea, since people were inevitably going to ask me about it). I found it to have a rather large footprint, and be fairly slow. Given it's competition in the form of Symantec NIS, and McAfee's Internet Security Suite, and Trend Micro's Internet Security Suite, it's performance was roughly average. It wasn't as fast as TM, but was quicker than NIS and MIS in most cases. What struck me was only TM had a better detection scheme, and even then it was marginal (though I know a single thing getting through can mean the difference between being completely hosed, and being OK, never knowing how close you came to Virtual Armaggedon). MS One Care did a MUCH better job of catching/stopping spyware then all of them (Windows Defender gets lumped into One Care installs generally).
Think of these things from the USER'S perspective. NOT from YOUR perspective. For people who are WAAAAY non-tech savvy, One Care offers a one-stop-shop for performance tuning (uncomplicated), AV, and AS and Firewall protection. It's easier to use than NIS, WAAAY easier than MIS, and TM rounds out the list of being the least user friendly. Bottom line is this is just one more cool way to bash Microsoft for trying to improve things. Do you think they're using kernel hacks for One Care? Probably not right now, as people would LOVE to find a way to exploit One Care to compromise a machine. Will it remain that way? Probably not, because I see things getting into the kernel eventually, and requiring that the kernel be accessible, at least to be scanned and locked so that it can be replaced. But still, NO AV/AS program should EVER be hacked into the kernel. Period.
It opens up the doors for too many things. OneCare also doesn't bombard the user with useless popups and notifications like the others often do, which aids in hosing the system as they USER tells it to do something bad.
One Care is a LEGITIMATE software release by Microsoft, and not at all a surprise. What is surprising to me, is that it took THIS long for it to resurface.
That is all. Please return to your normal dailty activity.
Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape.
This alone pretty much shows you how much this article can be scoffed at. I don't know of many people who would consider their experience with either one of these vendors to be very possitive.
Dedicated Cthulhu Cultist since 4523 BC.
...I spent years getting people to buy antivirus software...and now as you say, the antivirus software has grown into a problem of its own.
People look at me like I'm crazy when I tell them their paid antivirus software is causing their computer to suck, and I need to replace it with free antivirus software. Their poor little heads just spin as they smile, nod, and slowly back towards the exit.
people may one day speak of them in the way that we now speak reverently of the early builds of Netscape."
Probably because I was dual-booting Coherent unix the first half of the 90s, OS/2 the 2nd half of the '90s and linux now, I often feel like I'm the only person left in the world who can still feel a pure warm feeling for the 80s garage software that was the original McAffee.
Everybody else invariably seems to echo, "Die McAffee, Die! Die! Die!" Which I guess is OK with me since it's just been a corporate brand name for ages anyway.
Bundling the browser with the OS is one thing, but by locking out third-party apps altogether they're asking for it.
How often have you heard that the new version of Windows is "more secure" than the last version? A quick recap:
Windows 3.1 - no real security, but it's prettier than DOS!
Windows for Workgroups 3.1.1 - now with a login screen (but still no real security)!
Windows NT 3.51 - now with ACL's (and mostly not compatible with Win3.1 apps)!
Windows 95 - also has a login screen! no real security, but prettier than WfW!
Windows NT 4.0 - now with shared ACL's (domains) - the most secure Windows ever!
Windows 98 - Slightly less likely to crash than Win95! No NT security features!
Windows ME - Now with some system-software protection, but still no ACL's!
Windows 2000 - An improved interface and kernel! Active Directory 1.0! Now, the most secure Windows ever!
Windows XP - The successor to the Win2k and Win9x kernel products - super duper secure! Home users still run as the super-user, but it's less likely to crash! ACL's for Professional users and a very limited firewall make this, yes, the most secure Windows ever!
Windows 2003 (server) - The XP kernel in a server! Hardly anything runs by default! The Most Secure Windows Ever!
Windows Vista - Still with ACLs! New ways to limit access! Everyone's running as superuser, but with more warnings!
Windows Longhorn (server) - Not fully designed, but looks a little less secure than Win2003 - possibly *not* the most secure Windows ever!
Anyone who builds a business that is dependent on the failure of a single software vendor to produce secure code is, well, asking for it aren't they?
The irony here though is that the single software vendor is a monpolist. So, what do we do? Allow Microsoft to continue to produce broken, sloppy-designed software, and thereby prop up an oligopoly of anti-virus vendors, or let them "fix" their software by incorporating anti-virus measure that they should have had in there all along?
I sure as hell wouln't like to be the judge on this one!
"And the meaning of words; when they cease to function; when will it start worrying you?"
At one point there were 3rd party memory managers and multitasking/task-scudulers for DOS and Win2.x (see DesqView and QEMM). Future versions of Windows incorporated modern virtual memory and multitask scheduling on their own and DesqView and QEMM went bye-bye. And you know what? It's *GOOD* that that happened. If the EU had been around, they would've prevented Microsoft from adding virtual memory and mutitask functionality to protect 3rd-party memory manager and multitask-scheduler companies. Times change, OSes incorporate more and more functionality. GET OVER IT, EU!!
-- "I never gave these stories much credence." - HAL 9000
I don't even know where to begin with the suckage:
1) nested tables didn't work
2) css didn't work
3) netscape, inc. tried repeatedly to make proprietary flavors of markup
4) you had all of these bizarre spacing artifacts
5) Netscape was bloated, and you could watch the app leak memory
6) It was slow
7) It set Ajax-like functionality back literally years. Microsoft had demo code of Ajax-ey stuff for production releases of IE in, what, 1999?
8) Netscape got slower and suckier with each successive release, rather than better
9) In the late days Netscape, Inc. couldn't ship on time to within a ~years time.
Since Netscape stopped being a player -- thank God -- you've seen the emergence of much more agile development efforts (Safari, Flock, extensions) and the resurgence of technologies that were invented, oh, last century or so.
Netscape was a poor competitor with a poor product that drove itself into the ground. Microsoft put out a modestly competant browser with IE5,6,7, made few substantive improvements over the course of years, and was still able to eat Netscape's lunch because of the galactic suckiness of what Netscape was coding and releases.
Revere Flock, revere Flickr, revere Microsoft's better developer stuff, revere Apple. But please don't revere Netscape, because for most of its corporate life, their core product sucked. I'm glad they're gone.
-KF
Daemon Tools 4.06 run perfectly on my Vista RC2 x64 installation, without requiring me to disable 'driver signing enforcement' on bootup.
throw new SuccessException("Sig read successfully");
O.K. Here's what M$ needs to do if they want to be taken seriously as a provider of anti-virus/anti-spyware software: put some money on it.
When they're also providing loss insurance to companies using MS security, then they'll have a little more trust. Start monetizing infections/intrusions and Redmond will take security as seriously as they should.
Ask me about my sig!
because they've learned a lesson or two from Microsoft. Their antivirus product is a cash cow, much like Windows. It's not a coincidence that it comes pre-installed on a number of vendors' platforms. And like Microsoft, they're beginning to use their cash reserves to branch out into other markets.
It's not an accident that Symantec purchased Veritas. It's a great hedge. It gives them entry into a part of the enterprise they didn't previously have, and Veritas is a company that has/had a reputation much better than their own. Rather than focusing on the antivirus product so much they should just accept that it's a slowly dying market, and work harder at not screwing up their Veritas assests going forward.
These days, the Norton products seem to be made by Ed Norton.
I remember the days when antivirus software implemented default-deny, and didn't use virus signatures. It could have been argued that having to know and register legitimate programs was a big task compared to having a list of known viruses, but I'd say the viruses have caught up. For most people it'd make more sense to subscribe to an "allow" list. If you never upgrade any software you won't even need a subscription! Add that Windows now recognises certain methods of signing software..
ACLs usually support "deny" entries, but if default is "allow" you're really not securing much..
-- All your bass are below two Hz
The logical conclusion is that microsoft will eat any market that has money to be gained. It may take them a while, but they will get there eventually.
Pretty much expect that if you make *any* PC software that makes money you will be eaten at some point in the future. So enjoy it while you can.
---- Booth was a patriot ----
>Microsoft wants to see the number of exploits impacting its operating system disappear to zero.
No, they just want to fix all those exploits themselves. No more exploits means no more reason to install security patches, which means no more reason to install Windows Genuine Advantage.
my password really is 'stinkypants'
I have owned a mac for maybe 15 years, and I remember Norton Utilities was the set of system repair tools that got the job done with a minimum of fuss and effort. They worked well, and I have nought but fond memories of them. So Symantec (Norton) is not all bad.
it's logical Any future OS should be able to protect itself. Viruses on the internet spread by people who have no protection. What the antivirus makers should do, create more with their product. For example NTbackup is capeable of making Exchange server backups. But in the fields i see products who are much better in options, and possibilities. One cannt see hey i have invented edlin, and know notepad is included by default. Besides there are allready free antivirus products too. In despite for those anti-virus companies who have a terrible license policy. they never inform you by a simple mail to notify you that their product yaer license is soon out of date, worse they dont do it because they want you to buy the whole next product of them again. In this respect i hate many populair antivirus companies... Well wont say the name of this company but i'm sure you know who it is i'm talking about.
I know you're out there. I can feel you now. I know that you're afraid. You're afraid of us. You're afraid of change.
> Vendors Symantec and McAfee have looked into the future
> and realized that people may one day speak of them in
> the way that we now speak reverently of the early builds
> of Netscape.
Believe me, there is NO fucking way I would EVER think of the PC-infesting junk Symantec and McAfee make in the same light as Netscape in its early days.
What did does Microsoft gain by having people use IE? They went to the trouble of developing a browser to put a company out of bussiness that wasn't even a competitor and they still give it away for free. Why do they care what browser we use, do you think windows would be cheaper if IE wasn't included?
Locking out other vendors is a anti-trust issue. I wonder where the DoJ stands on this issue.
And to those who think virus can't infect Linux. Think twice. It can be BLISSfully apparent when their ass is bitten by a LION. It can be a real SLAP in the face to those who ADORE Linux. Is that subtle enough for ya?
\
Why is it that Avast and other AV vendors aren't complaining about the new security model and are releasing products already that work with Vista? Did Symantec and McAfee really think that Vista was another NT 5.x and their products for XP were going to operate perfectly without some work?
"In 1994 there was one very good Internet browser: Netscape." Idiot. Netscape was a piece of shit software. IE won because it was better.
I could not believe this when it happened. I was totally amazed that any company would treat their customers this way and go unpunished by law:
A friend of mine allowed his Norton 2005 suite expire. It locked all his networking components completely, only allowing web connection to symantec.com to renew the subscription. (he could no longer see any other website, use the lan, or any ohter network functionality). At this point Norton could not be uninstalled, on uninstallation it protested that the subscription had expired and would not uninstall unless it was renewed. I could not believe this.
I recommended that he simply back up his data and wipe the sytem and start fresh and never install Norton again. Much to my disappointment he caved and renewed the subscription.
That was the final straw for me, previously I had seen Norton completely take over many systems and never uninstall completely etc. etc... but this took the cake - totally unbelieveable. From that day on I concluded that Norton ws the worst of all viruses, no other virus that I am aware of was capable of outright extortion and allowed by law to get away with it.
Norton (both Home and corporate editions) interfere severly with so many applications its not funny, if you install Norton on a system you might as well just fill the case with sulphuric acid, pour gasoline over it and set it on fire, it will be about the same usefulness.
I have always suspected that Norton was just a product developed by Peter Norton to exact revenge on his former employer (quite effectively I might add). Though Symantec continued the trend and took it to new heights. Sad, I remember when Symantec actually made useful software.
As for McAfee, They were fine up to version 6, as of version 7 they began to suffer from severe feature bloat and sad attempts at software firewalls.
The fact of the matter is that no AV software will ever protect a computer from dumb users and kids. They all want their iPod, their iTunes, their iThis and their iThat. If it has an "i" in front of it it must be cool and safe. The only way to allow the chronically stupid to use a computer without demolishing the OS is to run them in a VM or on a disk image restored on every login.
Bottom line: Norton is truly evil. I'd even say criminal. McAfee has never crossed that line, their product just degraded with time.
So to all those super-Antitrust-horny folks out there: get a life, and a clue, and some consistency, and some objectivitiy and...
Sorry dude, I wish I had mod points to give you. Everyone ignores the fact that opening the kernel to the AV vendors means it's open to everyone else too... so it's just another attack vector. Sigh.
Apparently it started working during Beta 2 and AVG 7.0. AVG 7.5 is explicitly Vista compatible with RC2.
Microsoft will go after Adobe next.
Heh, good riddance. Of Acrobat anyway. M$ will never be able to touch the likes of Pagemaker, Photoshop, or Premiere. If Acrobat gradually slips from the scene over the next couple years? I sure as hell won't miss it. Maybe M$'s version won't run so goddamn slow.
Partial Credit: The Engineer's Best friend
"Well, the bridge didn't fall all the way down!"
Give me a fucking break.
I would like to see some numbers on how much of McAfee and Symantec's revenue is generated by desktop virus scanning products. I honestly don't think M$ coming up with a desktop virus scanning solution is any threat at all to Symantec. I am fairly sure that at least Symantec makes the bulk of their money on enterprise class security systems, not anti-virus. And if M$ does intergrate anti-virus in Vista how good will it be? It usually takes years for anything they do to mature into a usable product. Their virtualization product isn't going to threaten VMWare for years, their anti-spyware package is utter shite and no threat to Ad-aware or Spybot S&D or any of the other decent spyware removers. Their Terra Server project is dismal compared to Google Earth, and terra server was launched years before GE. I don't know any Windows home users who soley trust in the M$ built-in firewall. They are all running Trend Micro, or Zone Alarm or one of the other 3-5 decent ones on the market. If their anti-virus package is anything like those ventures then I'd say Symantec and McAfee have at least several years before they will see a decline in their desktop and server anti-virus products. And that several years begins if/when Vista makes any serious market penetration for the home users. It is probably going to be at least 2 years before it has any real market penetration at home, and another 5 years before it makes it into most Business environments. Honestly it took M$ over 10 years to write an OS that didn't freeze up or blue screen at least once per day.
"Don't believe the hype" - Chuck D
"All those moments, will be lost in time...like tears in rain..."
...are doomed to repeat it. This seems to be Microsoft's slogan. Microsoft has a very long memory which is built into their business plan. They count on everyone else forgetting, and those that don't get tied up in litigation so long they no longer exist, give up, or dilute their case so much that it doesn't matter.
I have *NO* sympathy for McAfee or Symantec. I can't stand either product. But I want control over the software I use. I don't want ANYONE to dictate what I use. Browser: FireFox. Firewall: ZoneAlarm. Antivirus: Avast or AVG. Antispyware: AdAware and Spybot S&D. None of those are Microsoft products. Once MS forces the world to switch to Vista (by refusing to sell anything else to vendors and *STILL* no game developers making their games available for Linux...and forget about Cedega) there will be no choice. If Vista refuses to allow Avast or AVG or ZoneAlarm or perhaps AdAware or Spybot S&D to install, that's when I am forced to dual boot XP and Linux, and hope that drivers exist.
As for Microsoft being up to their old tricks, here's a list for those short of memory: Netscape, Stacker, Norton Disc Doctor, Norton Defragmenter, Quicken, WordPerfect, Lotus 123, Ami Pro, Harvard Graphics, DesqView. For the last few, Microsoft isn't the only reason it failed. Quicken still exists because a judge didn't allow Microsoft to purchase Intuit back when MS couldn't complete. I'm sure I'm forgetting some others.
So yes, McAfee and Symantec *DO* have a reason to worry, but the only reason I care is because other smaller vendors and their software will stop working once Vista is released.
Netscape lost the browser war partially due to Microsoft's tactics, and partially due to the quality (or lack of) in the product.
Symantec and McAfee have been releasing low-quality products for years. Even Symantec's corporate offerings have been questionable. Release after release gets buggier, slower, and less reliable. If Microsoft's offerings are even a little bit better, Microsoft should have no problem burying these two companies.
Frankly, Trend, Grisoft, Sophos, and Avast have been doing more damage to Symantec and McAfee than Microsoft has in the last few years.
-ted
The next model year, the car company rolls out their own product called InjectorQ which does the same thing as WidgetX.
There, fixed that for you.
If MS would actually *fix* the security problems, then I would like what they do a little better. OTOH, for backwards-compatibility reasons, we will probably *never* be able to fix the security problems with Windows, and patching them over is the best MS can do at the moment.
Not that I am a fan Symantec or McAfee, but I fear the end if independent antivirus offerings. You can argue that independent antivirus vendors such as Kaspersky, F-Prot and Trend Micro have better processes for responding to virus outbreaks and more efficient virus detection algorithms. In the end, it won't matter. As we've seen repeatedly, people would rather not think about virus protection. At best, "I've got installed" is the extent of virus protection people are willing to take. Whatever requires the minimum of attention will win the marketplace. That mirrors the "Netscape or Internet Explorer" arguments of a few years ago. You can choose to defend a position where people will be better off, but you'll never push that boulder uphill.
I'm surprised no one seems to have pointed this out. If MS have their own Antivirus product, then it will require there to be problems with Windows' security to guard against. There's a huge internal conflict of interest here - if they improve windows' security, then they'll end up screwing themselves out of money by making their own product irrelevant.
I am probably one of the most HARDCORE, anti-ms mofos to plow and ply slashdot with my opinions, so don't think for one second I'm being a grandstander or troll here. I RARELY EVER come out and support msoft, much less have anything *nice* to say about them, and I irreverently display lack of gratitude for them if/when I can. But while I'm hesitant (well, at this very instant) to call McAfee and Symantec "parasites" (tho, clinically it's maybe the best word), like you said, it IS ms' responsibility to fix these holes.
The writing may not have been on the wall in colored ink, and even if it was written in magic decoder ink, any fool at McAfee or Symantec, or even that place called wall street had to realize the A/V business plan was based on flaws (too open/underprotected system internals) of another party (msoft) that HAVE to be fixed. They're only bitching now because until now, other than msoft, nobody else could have the sheer resources (devs and dollars) to start plugging these holes that only a handful of a/v companies could even attempt. Once vista is regarded as highly stable, then the stocks will plummnet for McAfee and Symantec, the natural response to a company that becomes redundant.
McAfee and Symantec had better start re-writing their business models, and FAST. They'd better start basing them on non-parasytic expectations, or they'd better whip out a crystal ball to show vista will INDEED be so riddled with holes that they are not redundant. Or, they can come up with their own Linux distros and become PRO LINUX somehow. Or, go into real estate with any cash they never donated or burned up. After all, Kaspersky and others precociously already have legit and hard-fought places in Linuxland and don't need McAfee and Symantec becoming leaches there (by writing virii for Linux in the background or via "digital mercenaries").
Nothing and NO ONE lasts forever. It's just that ms was lucky in their beginning (gates' family's money, IBM's, DR-DOS', and Lotus' mis-steps, and ms underhanded, egregious, blatantly illegal strong-arm tacticts in plastering virtually every manufactured computer with windoze under threat of assisting in piracy, and by kicking-back bilions of marketing dollars to anyone who'd supplicate to or suck from ms' many digital nipples), but due to ms' early immaturity, regular sloppiness and trademark lack of foresight (really, they RESPOND more than INNOVATE--keyboards, mice, consoles, real estate, games, web portals, databases, browsers, mp3 players....), the McAfees and Symantecs got lucky. Not much more, not much less. Just lucky. Now, their luck is rightfully (or, is "predictably" better?) running out.
BUT, the story's main thread is redundant or pointless, as I recently read that the EU ruled that msoft HAS to allow 3rd party hooks into vista, something ms was keen/intent on NOT permitting. But, poor, whiny a/v cottage industry won't accept that ms has a DUTY to fix their shit first and foremost (as much as I DON'T want ms steamrolling Linux, tho), even if the A/V industry has to whither and die because of it. If ms' did the os right or responsively on a daily basis, from day one, then the a/v industry might not have had a toehold anyway. Go and rewrite your biz plan and try again, A/V's.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I believe Microsoft has screwed Symantec over like this before. I don't have proof so this is all speculation. But when Windows 98 came out, the defragmenter in Norton Utilities was way better than the Windows defragmenter, and one of the main reasons I kept Norton Utilities around. But when Windows XP came out, the security model didn't give the software the same access so Norton Utilities was just a wrapper for the built-in defragmenter. All the while, the people who made Diskeeper had a deal with Microsoft to make the built-in disk defragmenter. So they did. And of course their paid version was way better than their free version, with absolutely all competition locked out by Microsoft's security model. Again, this is just my speculation based on observation, but if it's true then it's not the first time Microsoft made a security upgrade that screwed Symantec over and gave the competition a monopoly.
Well, not if they do chicken RIGHT!
They could just GRILL the goose the SPLAYS the golden eggs... (then, pull them both out of the oil in the nick of time...)
(slash image word: "snuffs", hmmm)
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
They did this with relatively few employees, almost no capital - and made several bucketfulls of money for their employees, shareholders, and the VC vultures around them. Why do people say that netscape was a failure.
Now lets talk about Time Warner. Silly company let itself be bought by an upstart Internet company that was falling in market share on a dialy bassis. This is one of the two signs of the popping of the Dot-Bomb bubble. I'll leave it as an excersize to the reader to pick out the other sign.
I have mod points and I am not afraid to use them
History's Lesson about "Getting Netscaped" by Microsoft:
Netscape went "poof" (mostly because it sucked anyway). IE was actually better for a while there but it still lacked something so this created a "market" for Firefox. Microsoft's security patches come out long after exploits are found. I doubt their security software will be any different. A new version of Windows means lots of new holes to find--a 3rd party AV product will probably always be the best way to shore up MS's vain attempts to secure their OS.
Even so, the kind of expoits out there right now are very scary. I just found a client's computer with a pretty nasty root kit on it--very difficult to detect even by scanning the disk on a clean machine.
Microsoft is a very ponderous and bulky corporation that is trying to diversify into as many markets as it can just to keep in the black every quarter. They are too big to have the agility they need to stay on top of security. They tried to sell us on their commitment to security but the security problems are as bad as ever--if not worse.
People are getting fed up with this sort of thing. Just like with IE, I think people will try Windows Defender (or whatever they're branding it) but eventually turn to another solution as they're doing with Firefox.
MS is a big shark that takes very messy bites out of everything thing. There isn't enough room in the tank for another big shark but the little remoras and scavangers that ride along with the MS will do very well to dine on the big chunks that Mr. Softy leaves behind.
I might know what I'm talkin' about, but then again, this is Slashdot...
Insightful? Absolutely...
Symantec used to sell compilers, developer tools, and even some user applications like ThinkTank, an early outliner. Microsoft pushed them out of the tools field on Windows; Symantec had a more portable alternative to MFC, and Microsoft didn't like that. Outliners disappeared as a standalone product category; Word now does that. All that's left is the anti-virus business. Now that, too, looks like it's toast.
Actually, the OS vendor should be doing the security system. The primary function of an operating system is security and resource management; everything else could potentially be an application. Only because of Microsoft's appallingly bad security does the anti-virus industry even exist.
>It's far easier to allow the few dozen and deny access to anything that isn't on this short list
A good safe attitude and an underused design principle (is it Prevx that actually implemented this?), but it bogs down in the mud where the sea of code meets the dirt of data.
Will your monitor that restricts software execution to a whitelist allow Javascript? Macros in Office documents? Macros in Emacs? XML? Postscript? As soon as one of the programs on the whitelist has any kind of interpreter built in, then any document it can see is potentially software.
What right (or business) do McAffee and Symantec have messing around with the kernel of the operating system.
;)
After seeing how much both companies have slowed down (and in some cases crippled) systems with their software -- I don't WANT them anywhere near the kernel of my machine.
What's interesting is how Microsoft is being FORCED to expose the internals of their proprietary software for anyone who asks. Including the source code -- just to make it easier.
I don't see anyone forcing Ford or General Motors to turn their engineering drawings and specifications over to Toyota or Honda in order for these companies to be able to make replacement components.
Call me devil's advocate, but someone has to be.
NetCraft says there are about 60M websites running Apache. Although a small percentage of sites require dozens or hundreds of machines to run, the vast majority of domains have little-to-no content (just a page of ads), and are hosted on machines with hundreds or thousands of other domains. It's probably safe to assume there are no more than a million actual computers running Apache on the Internet. Of those, perhaps 90% are Linux.
So there are fewer than 1 million Linux servers sitting out there on the Internet. Servers are all fairly hard to infect because they're mostly behind firewalls and don't have users running web browsers or email clients. This means that the only way to infect them is with a bug in Apache or an app that the server is running.
Face it, you don't hear about Windows web servers becoming botnets either. That's because they're much more difficult to infect and once infected they're going to get patched much more quickly. Besides, if you were trying to spam, you would want 100 machines with 1% of the bandwidth of a big server because they would be 100x harder to block.
In other words, a botnet of servers would be useless because they would be patched or blocked before you could make your second sale. The only reason you would want to break into servers is to install redirects to phishing/ad sites or put in browser exploits to make the clients part of your botnet.
dom
If McAfee and Symantec were being pushed out of the AV market because Microsoft was actually redesigning their products to close holes and remove *features* that provide virus' an avenue to spread themselves, I'd tell McAfee and Symantec to quit being a baby! Innovate or die! That's the rule these days.
Since Microsoft is plugging the holes with their own tape instead of tape from a third party, then they are right back where they started.
I'm amazed that the largest and rishest corporation on the planet can't remember their own history. Maybe the document shredders are working overtime.
My $0.02 CDN
"Well you're not Fiona Apple, and if you're not Fionna Apple, I don't give a rat's ass."
Speaking of alternative solutions, there's another big difference between this and the netscape/explorer incident :
Several years passed between when the Netscape browser became b0rked beyond usefullness, and before new partical opensource solutions started to rise from the ashes like FireFox/IceWeasel.
This gave plenty of time for the "bundled with and good enough" explorer to gain market share.
In the current situation not only are there already several player with enterprise-wide contracts with big corps, but free-as-in-speech alternatives have already emerged, and those are already good for a lot of utilisation similar as Mozilla and FireFox were at their dawn (ClamAV is routinely used in mail servers), plus solutions to make them really great are being actively developped (built-in mail plugin, available browser plugin, embeding in opensource watchdogs, nice windows suite, etc)
In article similar to this one, Microsoft is praised with the way in which it managed to catchup in the internet field even if it was a late commer. But we all know how microsoft usually catches up : it's solution are often completly botched, bugged, under-performing. Explorer was getting used by a lot of people, but it mostly was a joke in term of security, stability and standarts.
For sure, Microsoft will try to get a similar monopoly on security. But we can be certain that their solution will, this time too, not be very effective or usefull, probably buggy, full of exploits itself, often circumvented by malware writer, and propably turned of by "wanna-be-power-users" because it slows down their computers (which are already falling under the load of viruses and spambots).
But this time, ClamAV, AVG, H+BDEV and Kaspersky will already be there to be promoted as a better solution by articles, just like now FireFox and Opera are promoted against IE's defects after years of IE dominance.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
If I recall correctly from reading some the case material, something else MS did beyond bundling IE was to offer free lic. for Exchange and NT Server to companies
for standardizing on IE and removing Netscape products, which hurt Netscape badly, since we maybe overlook their _SERVER_ side software.
a man, a plan, a canal, panama
But MS is not trying to fix those mistakes. MS has figured out that it can take Symantic and co.'s lunch and there's nothing they can do to stop it. Read the article, it is simply muscling in on Symantec, McAfee and the others by not fixing and charging for not fixing.
To a certain exent, the anti-malware companies have shot themselves in their collective foot by letting the public perceive all that malware as "computer" viruses or "e-mail" viruses. That rather eliminates any reminder of just how dependent on the MS monopoly those companies are. Calling the malware by what it actually is like "MS Windows viruses", "MS Outlook viruses", "MSIE viruses", etc. would have maintain a more better perception by the public of the anti-malware companies' situation. However, they probably couldn't have done that or anything else like it because that would have brought attention, even indirectly, to more robust options and weakened the operating system monopoly upon which they are so dependent.
No one survives a partnership with MS. These anti-malware companies have had a longer run than most anyone else in the same situation.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
I know this might seem like a kinda radical idea, especially as we're talking about software here... but maybe McAfee and Symantec should try actually making decent products? The business version of McAfee antivirus is okay-ish, but the home version's fucking atrocious! The same goes for Symantec - I've been asked to fix numerous computers that have been, er.. "secured" by these products, they're almost impossible to uninstall cleanly and slow everything down when they run. I now have difficulty recommending antivirus software to friends, because they all suck so much. There's always AVG of course, but that never seems to be able to clean virus infections, only report them and give a cryptic error about not being able to delete them.
:)
If McAfee and Symantec are being smart, they should have predicted this already and already made plans to move with the market and continue to offer software that's valuable to people in other ways. Businesses that don't adapt, fail. But I won't miss them
Well the the thing is, I and most people in the I.T. industry can't sympathize with symantec or mcaffee. In fact, quite frankly, we'd probably key their car if given the chance. They both produce annoying bloatware that attempts to notify the users of it's presence on every occasion possible.
That said, this is a stark reminder that Microsoft can bundle your company out of existence if you develop on their platform. They have done this in the past and they will do this again. I would be worried in several years if I was developing anything like OCR software (like TextBridge), speech recognition software (like ViaVoice) or other as-yet-unbundled mass market products. Because these will be bundled eventually.
They bundled I.E. and killed Netscape, bundled WMP and reduced most other media players and they added the "thumbnails" feature in Explorer (as well as Windows Picture and Fax Viewer) and killed a significant portion of the market for picture browsing software. So Microsoft has a track record (more extensive that this) in doing this.
But on the other hand the notion that Microsoft should never add anything to their O.S. if somebody already sells a product that has the feature is just crazy. I mean, their O.S. would never be able to add anything at all. By definition generally useful features would be prohibited from being added. Or Microsoft would have to come up with some kind of completely new software that was unimagined by any other software developer on earth. Furthermore, it would have to be solving a problem that no one ever perceived before - because those generally already have products out there (i.e. need to manage and view pictures, need to browse the Internet, need protection from viruses.)
Furthermore, most other O.S.es have bundled the same products as Microsoft. My Slackware CD came with several bundled solutions, I sure as hell would have a problem competing with any of them commercially. In fact every Linux distro I've ever used came with a tightly bundled web browser (Konquerer, Epiphany etc.) Much less so than Windows but it would still be very hard to write a successful commercial browser. Same thing with picture browsing software and media players.
Mac OSX bundles these features too. (i.e. Safari)
I guess the final solution is - if you write a program that solves a very common need it's functionality will eventually be bundled into operating systems. So make money from it quickly - if you can. And have eternal fear of MS if you develop for their platform. Because they can release your product for free - pre-installed - at any time.
You will still have a market, but it will be smaller and you'll have to keep on improving your product and you might even need to give it away free and find other ways to make money from it. For example FireFox, Picasa etc.
And this is a good thing for all O.S. users.
I have a theory that the truth is never told during the nine-to-five hours. - Hunter S. Thompson
Dang, I read the headline and thought it was saying Symantec and Mcafee are open sourcing to fight against Microsoft ;-)
Sam
I started with Netscape 2.02, and to Netscape's credit Navigator didn't go to hell until version 5 or 6. As for McAfee and Symantec they deserve to die. Their consumer level virus programs are bloated bandwidth sucking RAM hogs. Half the time I get a machine in with an Internet connection problem, or "sunning really slow, it's Norton Antivirus that's the culprit. Symantec and McAfee deserve to DIAF (Die In A Fire).
Slashdot = -1 Redundant, Asperger, kdawson FUD, Libertarian, and Linux
What a curious word. It is certainly not one that I would apply to McAfee. Does anyone remember earlier this year when McAfee released a virus signature that caused mass-deletion of executable files?
The Netscape Navigator was, in its early incarnation, a fine work of innovative craftsman ship. That deserves reverance.
You can learn more about it here...
Mainframe/UNIX Bit Twiddler and long time Windows/Linux Hobbyist.
The Theorem Theorem: If If, Then Then.
into desktop users and PHB's.
I think it's reasonable to assume MS will expoit their monopoly, but do so in a circuitous fashion.
It will probably be a campaign of fear and terror about "threats on the Internet" placed either through direct advertisements or successfully placing stories in the media about terrible things that happen to computer users if they aren't "protected."
This is a common strategy used on a national scale already. It works. It will work for MS too.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
not to mention that signature based antivirus is going to die, and companies who do av/as right (don't let unknown stuff run in the first place, instead of trying to clean up after the fact) are going to eat symantec/mcafee's lunch (bit9, etc.)
As far as I'm concerned, signature based antivirus is alreadyK?i> dead. But McAfee and Symantec love it because it means subscription-based revenue. Techniques that don't require it can often only be charged for once, so never mind what techniques may actually work better.
I sure hope so! Except people won't be speaking of them reverently - Netscape worked. There will be dancing and singing in the streets when Symantec and McAfee go tits-up.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
First off, I really do not like the security companies. Symantec puts out a products that more times then not causes my system to chunk and creates conflict like it's constant fighting with MS Defender. McAfee is headed up by a CEO who spreads FUD and lies about the open source anti-virus and anti-spyware community. Both companies are bad in my book. Still what Microsoft is doing is closing off Windows even more to the competition. I think they only legitimate response we can have is to boycot Vista!
Ya know, part of the problem currently is that I can't kill off some processes that are "system" because "I don't know what I'm doing and it's safer this way". Nevermind that the viruses got around all that and installed themselves as those kinds of processes.
For shit's sake, I had one infection so bad it was active even booted in "Safe" mode! And yet I could have gotten rid of it if only I could have killed some processes.
Eventually I reinstalled the OS, and it ran fine until the HDD crashed and I had to reinstall it again. Many web sites still do popups, even with "popup blocker" installed.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Now suppose that your house is so built that the inspector cannot check that the correct materials have been used. The house is delivered to you pre-assembled. The manufacturer says "Safe? of course it's safe. We made it. Nobody else is allowed to know how it is done or what we used, you must take our word for it."
The same thing goes for cars. Do you not think that car systems are now multi-vendor designed and built to common standards? That the materials are independently tested and warranted? Have you noticed all those standards stickers on the glass?
You are confusing design and assembly.
Pining for the fjords
People are talking about how Microsoft gave IE away for free. Wrong. They simply raised the price of Windows to pay for its development. Surely the Microsoft IE programmers were paid money, and that money has to come from somewhere.
The problem with everything Microsoft gives away for "free" is that all Windows users have to pay for it whether they like it or not. Give me a version of Windows that has nothing but the kernel, UI, and drivers for $50 instead of $300 and let me buy my own software to run on it.
Actually, every major AV product still relies on signature scanning for detection on client machines. You're right that observation on a honeypot or even VM sandbox is often used to characterize the behavior initially, but this is distinct from a roll-out of detection to the client, which is what I believe everyone's talking about here.
As for signature scanning going the way of the dodo, there are really only 3 choices at present: signature scanning, run in a VM sandbox, or try to detect heuristically without resorting to a VM. The last two are similar, but not identical.
There's already malware that won't run when inside a VM, so 'running in a virtual sandbox' provides no real solution. (And if someone suggests that we solve that by making it impossible to tell whether or not you're running in a VM -- which likely means processor changes -- think about what that will do to being able to detect a rootkit that loads your whole environment into a VM.)
If you take a look at AV-comparatives.org, heuristic scanners don't seem to do very well vs. signature based detection. The very best proactive (heuristic) detection of 'unknown' malware (viruses, trojans, worms, etc.) seems to run about 60%. The very best signature based detection seems to run around 99.9%. (Moreover, the rate of false positives with heuristic detection tends to be much higher.)
60% vs 99.9%? That's a big, big difference. Signature-based detection isn't going away anytime soon.
Warning, URLS lead to PDF's: See: http://www.av-comparatives.org/seiten/ergebnisse/Finally, I'm reasonably persuaded by Eugene Kaspersky's comments on this at http://www.kaspersky.com/eugenearticle Of course, he's slightly biased, his heuristic engine is weak compared to some, though still reasonably strong, and his company is fastest in the world at rolling out signature updates. But I think there's a lot to his argument, and I just don't see heuristic scanning closing the gap anytime soon. Holmwood