Slashdot Mirror
The Netscaping of Symantec and McAfee
rs232 writes to mention a C|Net article about the uncertain future of the popular anti-virus software companies. "I mention Netscape because, if you believe Symantec and McAfee, a similar situation is about to unfold within the security industry. Microsoft, again recognizing late that it had failed to seize upon this thing called security, is now about to bundle its own security solutions within Windows Vista and further enforce new security policies that lock out some third-party security solutions altogether. Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape."
Vendors Symantec and McAfee have looked into the future and realized that people may one day speak of them in the way that we now speak reverently of the early builds of Netscape.
I don't see a problem with that since I don't use either product and wouldn't mind seeing these two outfits go into the software oblivion. Microsoft will get lazy about updating the features on its security software and open source will come to the rescue with something better. It'll be IE vs. Firefox all over again. Ultimately, the consumer will still win out.
No kidding.
Norton, maybe. Norton Commander and Norton Tools were excellent, but once Symantec absorbed Peter Norton & Co., it was a quick downhill ride from there.
Learning HOW to think is more important than learning WHAT to think.
Next victim? Adobe: with its PDF and Flash.
Open sourcing these products, and creating decent interfaces for their PDF reader are the only feasible things [for Adobe] to do in my opinion. QT would be better than using GTK. You might wonder why: I cannot type or paste a link in the file selector dialogue of Adobe's PDF reader, in this day and age!! Think of it.
These are the dying pleas from strategy officers. Although I hate to mention it, there are some serious (kernel patch protection) security improvements for Vista - and if they cannot adapt to the way their 'piggy backing' is being jeopardized, they'll just have to crumple. They are however well known security groups, so entering into new medias wouldn't be a terrible idea.
And who says their gonna be losing business within the first, one, two, or three years after Vista's release. What about home users and, the elderly.
- cam
Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something. -Heinlein
Netscape were visionary and had a good product. The AV vendors wouldn't even exist if Microsoft had designed a secure OS.
When your company makes a single product, you cannot complain when that product is no longer relevant. They should have diversified when they had the capital to do so.
Also, Symantec and every other virus scanner makes use of non-approved APIs in win32. They were not documented, and not approved for the use that security companies gave them. Vista is finally removing deprecated APIs and replacing them with documented, hopefully bug-free versions. They have said numerous times in their blogs and elsewhere that they will help existing companies convert existing API calls into standard calls. Symantec et all are complaining because they make such liberal use of these APIs that they are facing a huge challenge to get their product on the market quickly, if at all.
Note that one-time file scanners will still work, e.g., what your e-mail client does with received messages. That can all run just fine in user space. The pervasiveness of anti virus clients, though, would require complete administrator access, something Microsoft has been trying to get rid of for every day use (as they should!). If you allow Anti virus software to run in administrator mode while in user mode, you also open the door to viruses easily being able to do the same.
not to mention that signature based antivirus is going to die, and companies who do av/as right (don't let unknown stuff run in the first place, instead of trying to clean up after the fact) are going to eat symantec/mcafee's lunch (bit9, etc.)
Human activity and especially software in particular seem to follow a cycle of exploration and compaction phases. I remember when a disk defragmenter was an extra piece of software you bought (Blitzdisk on the Amiga). As time goes by, what used to be peripheral functions become part of the core operating system. This is a good thing. I expect a web browser, media player, word processors (even Notepad counts), and so on to be available immediately upon a fresh install. Microsoft is legitimately trying to improve their Windows product. They are improving their customer experience by folding new functions into the operating system such as anti-malware (or other nasties), and security (firewalls and such). This represents the compaction phase of the cycle preparing the way for the next exploration phase.
Shh.
Security companies can continue with the current business model, creating software to fix Microsoft mistakes and target Windows malware. There must be heaps of user-hostile code in Vista's DRM schemes.
That's why I've stopped using the free version of McAfee that my university provides me with in favor of AVGFree. It used to take my fairly modern system an extra minute between booting and being usable because of McAfee. Security is a great thing as long as it isn't an inconvenience.
Agreed. This is like abortion clinics complaining about lost revenue when condom manufacturers reduce their failure rate.
And no, the fact that in this analogy the end-user is getting screwed either way is not lost on me.
Bemopolis
"I guess the moral of the story is, don't paint your airship with rocket fuel." -- Addison Bain
No, however it may suddenly be much less of a priority to the QA managers to ensure that releases are secure, because any flaw may then bolster a revenue stream for Microsoft. And anyhow if they don't catch it in time they could just push a stopgap to their own AV suite which everybody has by default based on their intimate, insider knowledge of their own territory.
My tinfoil hat might be a bit tight, but this does stink a bit. At the very least, what's going on is questionable.
Anyone who builds a business that is dependent on the failure of a single software vendor to produce secure code is, well, asking for it aren't they?
The irony here though is that the single software vendor is a monpolist. So, what do we do? Allow Microsoft to continue to produce broken, sloppy-designed software, and thereby prop up an oligopoly of anti-virus vendors, or let them "fix" their software by incorporating anti-virus measure that they should have had in there all along?
I sure as hell wouln't like to be the judge on this one!
"And the meaning of words; when they cease to function; when will it start worrying you?"
I don't even know where to begin with the suckage:
1) nested tables didn't work
2) css didn't work
3) netscape, inc. tried repeatedly to make proprietary flavors of markup
4) you had all of these bizarre spacing artifacts
5) Netscape was bloated, and you could watch the app leak memory
6) It was slow
7) It set Ajax-like functionality back literally years. Microsoft had demo code of Ajax-ey stuff for production releases of IE in, what, 1999?
8) Netscape got slower and suckier with each successive release, rather than better
9) In the late days Netscape, Inc. couldn't ship on time to within a ~years time.
Since Netscape stopped being a player -- thank God -- you've seen the emergence of much more agile development efforts (Safari, Flock, extensions) and the resurgence of technologies that were invented, oh, last century or so.
Netscape was a poor competitor with a poor product that drove itself into the ground. Microsoft put out a modestly competant browser with IE5,6,7, made few substantive improvements over the course of years, and was still able to eat Netscape's lunch because of the galactic suckiness of what Netscape was coding and releases.
Revere Flock, revere Flickr, revere Microsoft's better developer stuff, revere Apple. But please don't revere Netscape, because for most of its corporate life, their core product sucked. I'm glad they're gone.
-KF
Yes, but I think they they will get it in the end. Look what happened when they realized that they needed an Internet strategy. No matter what you think about their methods, they succeeded in the end. Hopefully they will repeat that success story now.
Microsoft is not following the path that McAfee and Symantec have followed. There is no antivirus software built into windows - the whole discussion that "Microsoft is trying to kill A/V venders" seems completely misguided. Yes, they are trying to make the OS more secure, you might argue that they are trying to kill anti-spyware products (since they *are* including this in the OS) but A/V? I don't get how this is 'the next netscape' when there is no A/V software bundled, or even strongly tied - to Vista.
Never mind that Netscape pretty much killed themselves with the abomination that was Communicator. I was a netscape-only user until the disparity in quality between IE4 and Communicator appeared and was so blatant that I couldn't see continuing to use Netscape. IE4's betas were more stable than Communicator's RTM product - I was a die-hard microsoft hater at that time and still this was clear. Of course, we paid for the fact that IE4 sacrificed security in favor of features, performance, etc. in the long run (i.e. they implemented cool features with little regard for the long-term consequences.)
.....The best use of AV software for MS is as a short-term patch.....
The best use of an A/V patch would be not to need one in the first place. There is no need for such crap on Mac OSX. How many Mac owners run special anti-virus software? How about Linux users? Why can't MS make their OS at least as secure as OSX? Maybe they don't want to? Security should be built in, not added on by third party software. By reducing the number of services needed by most users and limiting their system access, Apple makes their OSX a much more difficult target in the first place.
All theory is gray
Netscape was practically Free. it's licencing allowed just about anyone outside of governments free use of the Browser. In fact, The only Netscape browser I can remember that had a Nag screen was 2.01, and Microsoft at one time was selling IE in stores the same way Netscape was.
Even under this situation, MS didn't start really gaining share until late IE4 Early IE5, and code quality was the reason Netscape started slipping market share. Not Win98 or Free browsers like Netscape would like you to believe. By that logic, Linux with Apache is just as guilty with doing Netscape in as Microsoft with IE, Since most of Netscape's money was made on Netscape's Web server software and not their browsers.
Navigator was absolute junk by the time Netscape was done with it. They kept claiming that MS was purposely denying access to windows so they couldn't code it better, well then explain why the Sun terminal I used to use at school had the same Netscape "crash after 1 hour use" bug that windows had, In fact, when they created mozilla.org and open sourced the thing, the first thing the Dev's for mozilla.org did was chuck the code and started from scratch.
Netscape could have saved their product, they could have diversified into other markets, they could have recoded it to work better, they could have did a ton of things, but in the end while Opera with their pay browser was still keeping their business going, Netscape decided that suing MS was the easier of all the other options. pure and simple.
Simply put, Microsoft did not Kill off Netscape. Netscape killed off Netscape.
In Soviet Russia, Trojan exploits YOU!
It doesn't make business sense for MS to release buggy software either. It would be a lot easier if they just released software with fewer bugs. People would be happier, and they wouldn't have to spen so much time fixing it. It's always less work to design something right the first time, then to try to fix it later, after it's been released. Just because it seems like it makes better business sense, doesn't mean MS is going to follow that path. I think that MS should do what Apple did, and drop their old OS, to get rid of all the legacy crap that's holding them back, but that doesn't mean they'll do it.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
All the big major AV products moved away from reliance on virus signatures some time ago (though though checking for signatures never hurts). Running suspect code in a virtual sandbox to see whether it will decrypt a hidden payload and launch an attack is the new arms race.
Socialism: a lie told by totalitarians and believed by fools.
Signatures aren't going away, as long as there is malware, there will be a desire to know what malware it is and some type of signature technology will be used for that.
The thing that has gone away a long time ago was a simple string matching signature mechanism, that hasn't been very good for viruses for ages and AV vendors have been working on alternatives sine like 1990 or so when polymorphic viruses first showed up.
What's the alternative? YOu think there will be non-detectable malwares or they will ship whole copies of them to detect them rather than some sort of signature?
Insightful? Absolutely...
Symantec used to sell compilers, developer tools, and even some user applications like ThinkTank, an early outliner. Microsoft pushed them out of the tools field on Windows; Symantec had a more portable alternative to MFC, and Microsoft didn't like that. Outliners disappeared as a standalone product category; Word now does that. All that's left is the anti-virus business. Now that, too, looks like it's toast.
Actually, the OS vendor should be doing the security system. The primary function of an operating system is security and resource management; everything else could potentially be an application. Only because of Microsoft's appallingly bad security does the anti-virus industry even exist.
I'd like to know which companies still use solutions from Symantec or McAfee. Both companies are jokes. As someone who works in PC repair, I can't tell you how many systems have come in my shop as a result of programs by those developers/publishers behaving badly.
...and don't even get me started on McAfee. It's been bloatware since day one, and so many questionable items pass right through it's "protection" unaffected that it should just be called "Federal Anti-Virus: We give you the illusion of protection, and you'll pay us well for it."
In a lot of cases, normal internet usage is locked out entirely if NIS becomes damaged. And you can't uninstall NIS through the normal add/remove dialog if it's corrupted. So what do you have to do to strip it out of the system? Why, log onto Symantec's site and run their online SymNRT, of course. It used to be easy, download and store the app somewhere, run it when needed. Now it's a complete mess. Which IT department wants to deal with that?
You mean like, for instance, this bug: http://security.itworld.com/4352/020620apache/pfin dex.html
/tmp. I didn't notice it for a while until I saw some suspicious entries in my logs. Of course, since Apache runs chrooted as an unprivileged user, there wasn't much else the attacker could do.
/tmp that excludes the Apache user. Next time around I'll just give /tmp a separate partition with noexec enabled.
My Apache server was hacked via this (or some similar) exploit. The attacker installed an IRC bot in
For now I solved the problem by creating a group with write privileges to