Slashdot Mirror
Windows Chief Suggests Vista Won't Need Antivirus
LadyDarth writes "During a telephone conference with reporters yesterday, outgoing Microsoft co-president Jim Allchin, while touting the new security features of Windows Vista, which was released to manufacturing yesterday, told a reporter that the system's new lockdown features are so capable and thorough that he was comfortable with his own seven-year-old son using Vista without antivirus software installed."
Run a program which sends out mass mails, or communicates with a server or does other actions then malicious people will write malicious code.
Just because a virus cannot harm the operating system does not mean it is harmless.
liqbase
Average user won't need Vista.
Who plans on bookmarking this story so they can laugh heartily at it again in a year?
Game! - Where the stick is mightier than the sword!
Sure... and I'm comfortable driving a car with no airbags! Doesn't mean that everyone doesn't want an airbag!
---
Programming is like sex... Make one mistake and support it the rest of your life.
no, stop, you're killing me, ahhahahahahahhahahhahahhahahhahhahhha
Never had a problem. Of course, I use Firefox, a NAT, and don't visit porn sites or use P2P, which pretty much cuts my attack vectors to zero. Haven't had any AdWare in, hmm, 4 years or so either. I have AdAware installed on my computer but haven't bothered running it in about 2 years since it never picks up anything.
Now I'm using IE7 as my main browser (quiet!) and don't anticipate any problems with it, either. Heck, its *more* paranoid than FF is some of the time (it will quibble about http refresh redirects to executables, for example).
Help poke pirates in the eyepatch, arr.
i've been trying it out, and vista works for me, naked on the internet, without a single problem. in fact i would go so far as to say that V1AGRA HOOD1A GR0W Y0UR PEN1S L0W M0RTGAGE RATES L0SE WE1GHT MEET BARELY LEGAL TEENS SEE HARDC0RE SHEMALE ACTION
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
That only took... what... 15-odd years. Seeing will be believing.
....when they announced that Windows 2000 would never have a Service Pack release. One would never be needed.
(still have no use for XP, btw.)
"We may face a scorched and lifeless earth, but they're accountable to their shareholders first."
as I remember it was something like "you can't possibly write a virus for this operating system". Go get em boys.
How we know is more important than what we know.
Sounds a bit like some unsinkable ship.
To laugh. It always surprises me when someone says "we'll never need this" or "computers will never..." I remember a computer magazine editorial saying we would never store music on Hard Drives, it would take up to much space. These people never seem to think more that a few months or maybe a year into the future.
If you could reason with religious people, there would be no religious people
See, if you don't run av, then when you get infected, you'll have to reload vi$ta (which they only let you do once). Then, you'll have to buy another copy of said OS.
Brilliant marketing $cheme
Windows Vista severly limits access to raw packet sending to non-priviledged apps, meaning that packet forging is much more difficult. Although the zombies that are sending seemingly alright content (at the protocol level) aren't affected, those that are doing the SYN/ACK DDOS floods will be.
wow... haven't heard that one before.... No, really. I haven't.
;)
No system is immune to viruses. All it takes is a stupid user to allow it, and we all know there's no shortage of that. That's why antivirus products exist for every major OS out there. Even Linux has antivirus apps (though granted, most of them are geared towards Linux boxen running as servers for Windows-based networks).
Oh wait. Technically, if it requires a stupid user's interaction to get in, it's not a virus. It's a trojan. I guess Vista really could be immune to viruses....
If you believe everything you read, you'd better not read. - Japanese proverb
Yea..........and 640K will be plenty of memory..........
And the world will only need 4 computers...................
And no one would ever need a computer at home..............
Sheesh......where do they come up with this stuff?
"TV, a medium as it is neither rare nor well done." Ernie Kovacs
Of course a seven-year-old on a locked down computer wont be able to do any harm. Kids that age aren't into the sites (porn, illegal downloads, etc.) that are notorious for viruses and spyware. Not to mention that the kid's using a machine secured by parental controls and is most likely on a limited account. Wake me up when the average teenager can safely use Windows with an administrator account and no extra security software installed.
You'll need to start worrying when he turns 12 or 13. ;)
A case can be made for running all Windows versions without anti-virus, especially if browsing the Internet routinely as a limited user. Unfortunately, the popular anti-virus products (McAfee, Symantec, Trend Micro) almost never prevent targeted attacks by cyber criminals, so one is tempted to avoid the performance hit and potential system destabilisation that comes from using these products and just rely on common sense, good backups, encryption of sensitive data, and acting all the time as if a keylogger might be installed on your system. I still use an anti-virus product personally, but I do not regard it as a reliable means of preventing infection.
NATIVE ANTIVIRUS
Seriously, isn't this what third party antivirus vendors have been whining about?
From TFA, it sounds like you really might not need an antivirus... if you lock it down with the parental tools so you can't download anything at all except from your own approved sites, that covers up a large malware attack vector that an antivirus is suppose to protect. After all, the role of the antivirus now and in the future will be that of a blacklist of known bad software. Everything else an AV does can be obsoleted.
Here's the same guy's promise about their last operating system:
Microsoft has said it has stamped out buffer overflows with the upcoming release of Windows XP. Jim Allchin, vice president, claimed the company has done a complete code review of its operating system and removed all buffers which could overflow.
I'll let somebody else post a list of all the critical updates caused by buffer overflows...
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Coupla key points:
1. He didn't say he let his kid on the Internet without an AV package running.
2. He didn't say "firewall". Speaking of which, ZoneAlarm just grabbed focus and I think I let something connect out to the Internet. I'm running an installer so I'm not gonna freak out, but I certainly hope Vista won't let apps steal focus while you're fracking typing.
3. He also didn't say the kid would be online unsupervised or without parental controls running.
4. It's a safe bet to assume he meant the kid would use IE if he went online, but he didn't actually say it either.
Nothing to see here, move along.
Veteran, Bermuda Triangle Expeditionary Force, 1992-1951
I've had two infections on my Windows over the years--Nimda and a video codec trojan. I'm not counting the second boxes that I used to use for experiments--I never put anything important on them, so I tended to just not care, and blow away Windows when they got nasty--that was back in the bad old dialup days when potential damage to others was minimal, and Windows was a lot less secure. I don't know if AV would have stopped Nimda, because I didn't use AV back then. AV didn't stop the trojan. I used to disable AV routinely because it *is* a virus. It used to slow boxes down way too much, and cause all kinds of problems with installers. I always un-do the stupid defaults in Windows and IE, and I try not to be too careless. Nimda is really the only one I can blame on MS, and it was patched ages ago. I would probably disable AV on my current box, but they seem to have gotten better about not hogging resources and/or crashing the box so I just leave it alone.
I wonder if Vista is finally going to display extensions by default. That was always irritating. It would be *nice* if you had to enable active content on a per-site basis by default. It would be better if they just didn't have so much active content out there. Would I "just trust" a Vista box? No way. But would I run it without AV if there was none pre-installed? Yes, in a heartbeat--but I would still be very careful about how I conducted myself on the web, and I would still want to go through all the settings to make sure there was nothing stupid in there. And I would *still* be checking up on processes and registry keys from time-to-time.
But anyway, XP without AV is not a big deal--if you know what you're doing. Unfortunately, that's a big if. Nevermind 7 year olds. It's the 57 year olds that you have to worry about.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
What he actually meant to say was that it won't need any antivirus...for the first 10 minutes. That's almost a two-fold increase from XP!
Anyone else think the comments just weren't rendering right before they turned off ABP and saw ads?
The main attack vectors these days seem to center on "drive by downloads" or pop ups that trick you into downloading executables ("WARNING! Your PC is infested with SPYWARE - CLICK HERE to remove"). Most Antivirus software is unbelievably pathetic when it comes to identifying/dealing with spyware. I've seen dozens of clients who have so much spyware, it can take 30 minutes or more to boot up and then spend more time closing all the popped-up windows. FF and it appears IE7 as well will hopefully go a long way to closing this attack. Now we just need to wait for everyone with win95,98,ME, NT, etc. to upgrade.
... doesn't need to be walked if you don't mind it using your house as a toilet.
That is all.
...in certain circumstances. Hell, I haven't had a positive virus under XP for years. I'm running avast right now, but I'm contemplating just removing it completely. The only reason I haven't is because I occasionally get emails from relatives such as "click on this funny card!" containing links to god knows where.
IIRC the only times I ever did get viruses were downloading porn or cracks. Sandbox what you can download (which at least they said they did in vista, who knows if it will be effective) and that eliminates most vectors, other than relative spam mail.
There is nothing inherently safe about liberty. That's why so many people died protecting it.
did I mention how
oh wait, this is
605413? Yes, it's a prime.
Without Administrator access, a virus can at best mess around with his son's account. Easy enough to fix by killing and recreating the account. This is actually true of XP as well (and OSX/Linux, obviously), but Vista is the first MS OS to handle Standard User in a straightforward way.
And with UAC, since Administrators don't even run with full token by default, 3rd party applications will quickly move away from assuming Admin access (a huge problem with running XP as limited -- apps blow up).
My kids have been using Linux "with no antivirus" since before they could type (they started with things like tuxpaint and gcompris)
Windows is finally catching up?!!
455fe10422ca29c4933f95052b792ab2
I don't believe he was saying "Vista can't get viruses", but rather UAC (user account control) stops code from executing, thus making him feel safe that even his son could surf the web (with UAC on) without obtaining a virus blindly. I think the biggest weakness with past Windows have been uninformed users thinking that clicking "yes" in dialog boxes to execute an unknown program or script is a witty thing to do. I believe UAC tries to solve this, and most "average" users will be too lazy to turn it off (or won't know how), while advanced users can simply surf responsibly with it off.
... and when his son becomes thirteen he will actually connect the computer to the network. ;)
This reminds me of a Douglas Adams quote:
"The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair."
A virus spreads because of applications running on a large population of machines share the same security hole. Bearing in mind the sheer number of different Linux distros there are, running different kernels, desktops and daemon applications, there really are very few applications that are common to a lot of machines that would also be capable of propogating a virus.
Additionally, the tendency for users to run programs at root level on Linux machines is much less than users running programs with administrator priveliges on Windows - this is because the security model on Linux is much simpler, without complexities of things like the registry, such that the only files a normal user can damage (on a properly configured Linux system) are their own ones.
Before I am accused of being a fanboy, the vulnerabilities in Linux (or any UNIX-like OS) are from buffer overflow attacks that cause a running daemon to drop to a (root) shell prompt allowing access to the system. However, these types of attacks are very directed against specific machines because they only work against specific versions of, say, FTP or Telnet on the system. Nowadays, of course, the tendency is to avoid using these daemons on the public internet anyway, instead opting to use secure services like SSH, SFTP & SCP.
I work in OS security and whether you run Windows or UNIX, you can never view any system as being completely secure or invulnerable to viruses. But being aware of what those vulnerabilities are likely to be means that you are more likely to defend against those attacks when they occur.
Gentoo Linux - another day, another USE flag.
I hate Antivirus products. They consume huge amounts of computing power, slow my computer down, and cause no end of frustration when installing legitimate network applications. In other words, the cost and overhead they impose is far greater than anything I've ever had to endure from viruses that I don't get anyway, because I'm not a complete idiot. I only log in as adminstrator when necessary. I keep up with patches and security updates. I keep my data, the only unique and irreplacable thing on my computer, backed up. I don't click on every idiotic funny ha ha attachment going around. I don't install software utilities from The People's Glorious Republic of Aziberjanistan.
I suppose if you're dumb enough to think you need an Antivirus program, you probably do.
I have car insurance because the insurance companies lobbyists convince the lawmakers to make it the law
>>Sig under construction
Zealotry aside (FWIW, I am a Linux advocate although I use all three platforms mentioned here), the businesses are not "scared" to use Linux and/or OSX, they don't want to due to a simple reason that APIs in Linux and surprisingly enough OSX are moving targets which constantly break stuff left and right. Granted, this is not accross the board, but it is prominent enough to affect the overall product and warrant a significant rise in TCO. Case in point, I purchased an $800 OSX software 1 month ago. Upon installing it, it turned out to be a PowerPC-only application which surprisingly ran quite well under Rossetta in 10.4.7 (especially considering that it was altivec optimized). Then came the 10.4.8 and suddenly my application icon was crossed out saying this application is not supported. So, now I either have to wait for the original software makers to release an update (which they've been promising for some time but nothing has shipped yet and there is a lingering suspicion that in the end I'll have to pay for it), or use my new software as an $800 paperweight... Either way, I am losing in productivity and/or money.
Now if you consider how many times did the Apple platform switch in the recent years and how much overhead has that generated for the Apple third-party software manufacturers, not to mention how many API changes have taken place since 10.0, you'll quickly realize that Apple platform is almost as "enthusiast" as Linux. OTOH, whether you like it or not, XP in 2006 can run software made in 1995 without any problems whatsoever. All this means that businesses can get more mileage from their custom solutions and hence the market share disparity...