Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Free AV App May Be a Non-Starter

Posted by kdawson on from the to-morro-tomorrow dept.

CWmike writes "Microsoft is preparing to launch a public beta of Morro, the free anti-malware it announced last November, according to reports. Morro will use the same scanning engine as Windows Live OneCare, the software that the free software will replace and Microsoft's first consumer-grade antivirus package. OneCare is to get the boot as of June 30 (along with finance app Microsoft Money). John Pescatore, an analyst at Gartner, has questioned whether users would step up to Morro even if it was free. 'Consumers are hesitant to pay for a Microsoft security product that will remove problems in other Microsoft products,' he said. 'Think of it this way. What if you smelled a rotten egg odor in your water and the water company said, "Sure, we can remove that, but it will cost you $50." Would you buy it?' Not surprisingly, competitors have dismissed Morro's threat to their business. 'We like our chances,' Todd Gebhart, vice president in charge of McAfee's consumer line, said when it was announced OneCare was a goner. 'Consumers have already rejected OneCare,' added Rowan Trollope, senior vice president of consumer software at Symantec. 'Making that same substandard security technology free won't change that equation.'"

12 of 251 comments (clear)

  1. Re:Viruses Aren't a Problem in Linux by sqlrob · · Score: 2, Informative

    Right, there's no way you could have, say, a malicious perl script.

  2. No thanks by ZOMFF · · Score: 2, Informative

    If it's anything as effective as One Care, I'm going to stay away. I received a free 1 year subscription to One Care at a Microsoft event about 2 years ago and ran it until it expired. After removing it and re-installing my previous Symantec product, it detected around a dozen viruses and malware infections that One Care did not notice. Since then I've kept my distance from any Microsoft AV type product.

    --
    Launch every sig.
  3. Re:Viruses Aren't a Problem in Linux by Anonymous Coward · · Score: 1, Informative

    "Right, there's no way you could have, say, a malicious perl script." - by sqlrob (173498)
    on Friday June 12, @09:46AM (#28307331)

    Agreed, 110%... And, "right, there's no way you could have, say, a malicious javascripted page or malicious javascript adbanner affect Linux either"

    (NOT! Mainly because javascript runs everywhere & is the "vector for infection" across any OS there is, via webbrowsers themselves - correct me if I am wrong on this account fellas, but, it's right along the same lines that sqlrob is hitting upon...).

    APK

    P.S.=> And, as far as the subject-line above? "Yea, right" (sarcasm) again, because these items show otherwise:

    -----

    Bitten By the Red Hat Perl Bug:

    http://linux.slashdot.org/article.pl?sid=08/08/29/1423201

    (Per SQLRob's statement, no less)

    -----

    Linux.Slapper.Worm:

    http://www.symantec.com/security_response/writeup.jsp?docid=2002-091311-5851-99

    -----

    New worm targets Linux systems (Lupper):

    http://news.cnet.com/New-worm-targets-Linux-systems/2100-7349_3-5938475.html

    -----

    But, then again, because it was said on SLASHDOT that "Viruses aren't a problem in Linux", per the subject-line above (again)?

    "Well, heck, those other sources I just put out MUST be lies"... right, Linux Penguins?

    Hate to tell you this truth then: "NOT!"

    Because the main thing defending Linux vs. these "heinous machinations" is the fact it is less used than Windows (The most used OS on the most used hardware platform for personal computers in x86 that there is, bar-none)...

    I.E.-> Security by obscurity, as the saying goes, IS what defends Linux from attacks! IF Linux is ever as widely used as Windows is, you can bank on it that it will be just as oft attacked as Windows is & has been the past decade++ now, because it will be the most used. MacOS X, once it started gaining market share, began to be attacked a lot more than any other *NIX variant I know of, because of it gaining ground... same thing WOULD happen to Linux, should it start stealing personal computer desktop share worldwide.

    (Mainly because today's malware makers aren't out to "wreck your machine", as they used to be - now, it's a far more serious game: They're after your personal information & monies (such as stealing credit card #'s &/or other personal info.) OR turning your machine into a zombied DDOS slave, so it can be used to attack others - so, to do that? These malware makers did the LOGICAL thing (from their pov), & that's to attack the most widely used body of systems there is, Windows NT-based ones!) apk

  4. Re:As long as.. by Zxarr · · Score: 5, Informative

    Avast Antivirus is pretty good too. It's free, but you need to register yearly.

  5. Bad analogy by recoiledsnake · · Score: 4, Informative

    'Think of it this way. What if you smelled a rotten egg odor in your water and the water company said, "Sure, we can remove that, but it will cost you $50."

    I think that analogy is broken. Very few malware use the holes in MS software these days. Most of the viruses spread by user error, email, IM, flaws in Flash/Acrobat etc. MS is offering a service to clean them up and does provide free fixes for bugs in their software. Obligatory car analogy, car company sells insurance for breakins and accidents and charges extra. Why not pay for it if the deal is good?

    --
    This space for rent.
  6. Re:Am I missing something? by donatzsky · · Score: 4, Informative

    Try one of these:
    http://www.wikihow.com/Remove-the-Popup-Ads-in-Avira-Antivir
    http://www.tipsfor.us/2007/08/15/make-avira-antivir-free-edition-more-usable/

    --
    VPS-like shared hosting, on under-crowded servers.
  7. Latest AV-Comparatives report.. by Henk+Poley · · Score: 2, Informative

    As much I would like to bash Microsoft from time to time. latest AV-Comparatives report has them up there with ESET NOD32. With Microsoft you never know if that included some sums of money, but yeah.

  8. Re:Am I missing something? by dtfinch · · Score: 2, Informative

    For one, it creates lots of temporary files for every file it scans, trying to extract them like an archive whether they really are or not. That's why it scans so slowly, and will thrash your hard drive even if you're scanning files elsewhere, like over the network.

  9. Re:Am I missing something? by Blakey+Rat · · Score: 3, Informative

    And rebranding can make a big difference-- look at the recent success of Bing, for instance.

    Bing is, technically, far superior to Live Search. It's not just a re-branding.

    (With one exception: people raving about Bing's image search UI obviously never used Live Image Search, which is nearly identical UI-wise. Bing still returns better, more relevant, results though.)

    --
    Comment of the year
  10. Microsoft's disjointed AntiVirus strategy by Gary+W.+Longsine · · Score: 4, Informative

    Microsoft has, for years, maintained three separate tools in this space (that I know of, there might be others). They change the names of them periodically, to confuse their hapless victims.

    Microsoft Windows Malicious Software Removal Tool
    You gotta read this page. They release a new version every month. It apparently cannot remove viruses which are not actively running. Why is this tool not built in to Microsoft Windows Defender?

    Windows Live One Care
    This link shows a forum moderator, chastising a poor infested user for asking a question about a different Microsoft antivirus product -- Microsoft Windows Defender. Why are these separate products, again?

    Microsoft Windows Defender
    Formerly known as Microsoft AntiSpyware.

    These should be one product. The fact that Microsoft maintains three separate products to deal with this problem is, itself, an indication of a very serious ongoing problem at Microsoft. As a company, they still don't take this seriously.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
    1. Re:Microsoft's disjointed AntiVirus strategy by Z34107 · · Score: 4, Informative

      The "Malicious Software Removal Tool" is pushed through Windows Update. It's not meant to be a full-blown virus scanner, just an install script that will neuter a few of this month's viruses. It's created for the computer illiterates with no virus scanner in the hopes that they left Automatic Updates on.

      Windows Defender was supposed to be a very basic, lightweight application to provide some warning that you're infected It's part of Windows Vista, installable on Windows XP, and has some nifty functions that fall between msconfig and HijackThis. I can't speak to it's detection rate, but our help desk has gotten a few calls from people who didn't realize they were infected until Windows Defender told them so.

      Windows Live OneCare was their attempt at competing with Symantec or Network Associates. They bought the basic engine from some other company, saw that the entire thing was written in VB 6, facepalmed, and rewrote it as OneCare. It also helps with remote backups and whatnot.

      They really shouldn't be all one product, as they serve completely different purposes. Although if they made Windows Defender a bit more powerful, they'd have an uninstallable version of Live Care.

      --
      DATABASE WOW WOW
  11. Re:You gotta love it by Bert64 · · Score: 2, Informative

    Which is where linux has several inherent advantages over windows....

    A trusted package repository - if you can, try to get all your software from the repository, it will be signed by your distro and therefore somewhat trusted, and is much easier to maintain (update) etc... Users are far less likely to be downloading and running random arbitrary binaries.

    Files being executable are based on file permissions rather than the name, a malicious file being delivered by a website can easily control the filename, but it cannot control whether your system gives it execution rights or not, that you have to do yourself creating an extra step in the process.

    Extra to the above, linux does not hide file extensions in the same way windows does by default, on windows icons are stored in the executables themselves, so its possible to create an executable with the same icon as a more innocuous file, eg a jpeg picture... then you can call it "blah.jpg.exe" and windows will hide the .exe part by default, making it look exactly like a jpeg picture in explorer.

    Linux users won't have root privileges by default, so a piece of malware needs to elevate privileges first before it can do serious damage or try to hide itself thoroughly, windows (and shoddy third party apps) has always encouraged users to run as admin, although vista is trying to address this.

    Linux has no concept of autorun, windows will automatically execute files on inserted media by default, some malware takes advantage of this to spread.

    Diversity - there are many versions of linux with various differences between them, even including processor differences (linux/ppc on ps3 or old macs, arm or mips based netbooks etc), meaning that a piece of malware written for ubuntu/x86 may not operate correctly on fedora/x86 and certainly won't run on yellowdog/ppc... for instance the init scripts differ between fedora and ubuntu, so the malware may have difficulty configuring itself to start at boot....

    This isn't a comprehensive list, and it certainly isn't flawless, but it highlights several things that make linux a tougher proposition than windows for malware authors.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!