Slashdot Mirror

← Back to Stories (view on slashdot.org)

AV-Test Deems Windows Security Essentials "Very Good"

Posted by timothy on from the if-you're-in-the-right-demographic dept.

CWmike writes "Microsoft's new free security software, Windows Security Essentials, passed a preliminary antivirus exam with flying colors, said independent and trusted firm AV-Test, which tested Essentials, launched yesterday in beta, on Windows XP, Vista and Windows 7. It put it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers. 'All files were properly detected and treated by the product,' Marx said in an e-mail. 'That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet.' It also tested well on false positives."

69 of 318 comments (clear)

  1. Malware? by homes32 · · Score: 5, Insightful

    viruses, trojans, and worms, are all nice and dandy but what about malware? That is what most people have to worry about these days.

    1. Re:Malware? by molafson · · Score: 5, Informative

      "AV-Test also examined the program's anti-rootkit skills and its ability to scrub a system of malware it finds with a limited number of samples and "found no reasons to complain," Marx said. "[Security Essentials] is able to remove found malware very well, but further tests against larger sets of samples are required before we can come to a final conclusion."

    2. Re:Malware? by Talchas · · Score: 5, Insightful

      Even against viruses, trojans and worms, it really won't stop them from getting owned. It may help against old viruses spreading, but it is unlikely to help much against new ones. And new ones often will take out the antivirus, leaving you with an even falser sense of security.

      --
      As the Americans learned so painfully in Earth's final century,free flow of information is the only safeguard against...
    3. Re:Malware? by Jurily · · Score: 5, Informative

      Mod parent up. The "several other [antivirus] scanners" won't detect new ones because they're tested against before release.

      From a software engineering point of view, malware is state of the art.

    4. Re:Malware? by CrashNBrn · · Score: 5, Informative

      I'd be pretty suprised if they're AV-tool doesn't handle "Malware" - considering Mark Russinovich of sysinternals works for Microsoft now, and was the one to discover Sony's Rootkit and provide the fix for it. Among the many other tools he has provided over the years and still updates regularly.
      http://blogs.technet.com/markrussinovich/

    5. Re:Malware? by CrashNBrn · · Score: 2, Funny

      ugh, don't post at 2 in the morning. Repeat after me. s/they're/their/

    6. Re:Malware? by trifish · · Score: 5, Informative

      > It may help against old viruses spreading, but it is unlikely to help much against new ones.

      You refer to heuristic scanning, or pro-active security. This means that the software is able to discover new unknown viruses based on their behavior or properties.

      You might be surprised but MS Security Essentials has been found to have the best heuristics (60%) in retroactive tests (outdated definitions, therefore, unknown viruses) with by far the least number of false positives (which is crucial for good heuristics).

      They even overtook the former leader, NOD32 (and often even in performance).

      Source for heuristics (2009):
      http://www.av-comparatives.org/images/stories/test/ondret/avc_report22.pdf

    7. Re:Malware? by Talderas · · Score: 2

      You're just cringing at the fact that Microsoft did something right, and are looking for any reason to bash them. This is Slashdot however, and everyone is supposed to be a Microsoft cynic.

      --
      "Lack of speed can be overcome. In the worst case by patience." --Znork
  2. Sounds positive by dov_0 · · Score: 4, Funny

    MS is lifting their game.exe

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start
    1. Re:Sounds positive by Mista2 · · Score: 2, Informative

      But they still think the US and it's friends are the whole world:

      From the download site:
      Not available in your country or region

      You appear to be in a country or region where the Microsoft Security Essentials Beta is unavailable.

      This beta is available only to customers in the United States, Israel (English only), People's Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only).

    2. Re:Sounds positive by bertoelcon · · Score: 3, Insightful

      I tried to open that file but it didn't work. My norton is working to protect me from malicious files very well thankyou.

      If norton was doing its job, it would not allow you to open norton since it is also malicious.

      --
      Anything can be found funny, from a certain point of view.
    3. Re:Sounds positive by gbjbaanb · · Score: 2, Insightful

      This beta is available only to customers in the United States, Israel (English only), People's Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only).

      Isn't that list of countries the ones bot-spamming the most crap out of their PCs?

      Perhaps its more targetted than conspiracy?

  3. I wonder how Symantec, Norton, et will react by supercell · · Score: 5, Interesting

    Norton, Symantec and others have created an entire multi-billion dollar subscription based industry around virus protection for Windows. I wonder how they are going to react to this potential bomb for there business model?

    1. Re:I wonder how Symantec, Norton, et will react by gewalker · · Score: 5, Funny

      Well, we know one thing for certain: "Resistance is futile"

    2. Re:I wonder how Symantec, Norton, et will react by Anonymous Coward · · Score: 5, Interesting

      claim anti-trust and attempt to sue.

      How dare microsoft plug security holes themselves.

      Come on EU, save us from a secure windows platform.

    3. Re:I wonder how Symantec, Norton, et will react by Anonymous Coward · · Score: 5, Funny

      "Resistance is futile"

      Yes but only if much less than 1 Ohm

    4. Re:I wonder how Symantec, Norton, et will react by zonky · · Score: 2, Informative

      There would only be grounds for such a claim if they bundled it with windows.

    5. Re:I wonder how Symantec, Norton, et will react by i.of.the.storm · · Score: 2, Insightful

      What are the design flaws? That said, if Norton and McAfee are still doing well now then they'll probably be able to survive this as well, because there have been much better free alternatives to their bloatware and they still seem to be extant. That said, the Symantec online virus database is pretty handy, but their client software is horrible. After switching to Avast, my computers booted 30 seconds faster. It seems like this Security Essentials thing is similarly lower on resource usage than Norton et al; perhaps a surprise coming from Microsoft, but a welcome alternative nonetheless.

      --
      All your base are belong to Wii.
    6. Re:I wonder how Symantec, Norton, et will react by mysidia · · Score: 3, Insightful

      Microsoft has raised the bar. To continue to have people buy their product, their competitors will need to further differentiate themselves from Microsoft's now free offering.

      That means doing it better, providing features the customers want (that MS doesn't deliver), innovating.

      e.g. Enhancements and capabilities that are beyond Microsoft's expertise, or that MS isn't interested in delivering.

      Probably mostly for enterprises, security management capabilities. There are elements of security to manage on your network OTHER than scanning and trying to block known infections.

      And 'group policy' is not perfect, or necessarily ideal, for endpoint security management. The security vendors might be able to come up with more powerful solutions.

      What about unknown threats? What about security patches in OS and third-party product....

      Where's the popup from system security software warning the user that there's a known exploit for a bug in their current version of program Xyzabcd PDF viewer, being actively exploited??

      Why rely on being able to detect a virus in a new untrustworthy .EXE a user downloaded, why not also sandbox all untrusted .EXEs, unless the user is authorized to install software, and manually taking a 'privilege elevation' action ?

      Nornot/Symantec aren't the be-all, end-all of system security. There are also antimalware/security apps like Spybot S'n D, Adaware, Malwarebytes, and commercial ones.. eEye Blink, PrevX, SUPERAntiSpyware.com, Avira.

      Which aren't $100-year subscriptions and provide their own advantages.

      The higher the market share of the MS AV product, the less you should trust it (malware will specifically aim to be undetectable, or to evade the detection of and disable that specific product).

      It's a lot easier for badware authors to 'evade' an antimalware product, if there's only one they really need to worry about.

    7. Re:I wonder how Symantec, Norton, et will react by internerdj · · Score: 2, Insightful

      Herein lies the antitrust problem... People have been making money off this area for years, but is the money being made off of Windows flaws? If I started selling unofficial patches that fixed say crashes in IE, would I have the right to sue if Microsoft patched those flaws? What if they waited several years and I had a clearly established market for my patches? This case is interesting because it will define how far a company can go in fixing its own issues. If they rule against Microsoft, this could mean that companies are only allowed to patch issues in the last two phases of Software Engineering.

  4. Anti-trust? by Roger+W+Moore · · Score: 3, Interesting

    Should be interesting to see if the current AV vendors try the anti-trust card with MS for this. I imagine it will be a vary hard case to make since really all they are trying to do is fix their broken OS.

    1. Re:Anti-trust? by bill_kress · · Score: 5, Interesting

      There was talk about antitrust suits when Microsoft first included the TCP/IP stack in windows. Before that you had to go to another vendor.

      It made life a LOT more easy once it was built into the OS.

      I'm pretty sure the same thing will be true of AV software.

    2. Re:Anti-trust? by Anonymous Coward · · Score: 2, Interesting

      It should be noted that Bill Kress is a Public Relations "professional" who works under contract for Microsoft.

    3. Re:Anti-trust? by Anonymous Coward · · Score: 3, Insightful

      Be that as it may, his statement of comparing the relative usability of windows during time periods before and after MS made a windows component change is no less valid. Additionally, his statement supposes that similar integration (assuming it is done properly) will likewise make windows usability improve.

      So, AC, your very obvious implication that he is astroturfing despite relating nothing but easily confirmed facts is a waste of everyone's time involved. If you want to take a swing at MS' credibility, by all means do so. There are plenty of avenues you could approach and would get no argument from me. GP's simple comment, however, is not one of them.

      Incidentally, did you ever [i]try[/i] dealing with windows during the era of 3rd party tcp/ip stacks? It was unpleasant, to say the least.

      I would add another example of integration that I think has improved the windows experience: the Vista (and Win7) search tool compared to XP's and earlier. Not as drastic as the implementation of the tcp/ip stack, I'll admit, but nonetheless quite the improvement. An indexing service that works and does so without a fuss and a simple WinKey followed by typing what I want has dramatically increased the speed with which I access what I want in many cases.

      Integration is not all bad, you see. Provided it's done right. I expect the AV vendors who have built their subscription model on equally useless bloatware will not be happy about this. Good riddance, I say. As to you, MS, please don't screw this up.

    4. Re:Anti-trust? by b4dc0d3r · · Score: 4, Insightful

      TCP/IP should be in the OS - it is a resource management issue and is a hardware issue. If only a handful of apps used it, maybe third-party would be acceptable. But you don't want a third-party stack crashing the OS, so write it yourself and include it.

      On the other hand, Anti-virus products shouldn't even be needed. MS should be able to write software with fewer holes in it. They have piles of static analysis tools, piles of research, and piles of other stuff. They just don't want to take the time and fix things (including testing), so they put wrappers like UAC around things instead of fixing it.

      I've seen lots of bug reports ignored by MS just because it doesn't look like it's exploitable, only to have some crafty fool figure out how to exploit it. I can cause a stack overflow in Oracle 10.x drivers by sending a VALID openquery through a linked server. Runtime catches the error, but then it causes a crash in the error reporting because the stack is trashed. Currently it's a null refrence, but how hard would it be to turn a stack overflow into a server root hack? Not all that hard. But they won't fix it because the problem is in a third party module, and if that one is fixed the MS error disappears. I'm just saying these vulnerabilities are all over the place, especially since they have so much third-party code.

      One person or company making the problem, and the solution to the problem, does not look good. Especially since MS only publically fixes holes they publically admit to. There might be piles of security problems no one else knows about, but MS AV might know to watch for suspicious behaviour that only MS knows about.

      Giant virus outbreak because it's too expensive to patch a particular problem, or can't get it out fast enough, and only Windows SE customers are protected so everyone ditches Symantec and other AV and goes to Windows. It's not that far-fetched, and they might even do it that way by accident. When it's possible to have that kind of advantage and wipe out your competition in a single event like that, especially if it's unintentional, that's a problem.

      Just saying, the mafia used to take protection money, but you were being protected from the mafia. Problem and solution should be from different sources. Therefore your analogy is invalid, same as if my hair were a bird.

    5. Re:Anti-trust? by not+already+in+use · · Score: 5, Insightful

      I imagine it will be a vary hard case to make since really all they are trying to do is fix their broken OS.

      How is releasing anti-virus software fixing their "broken OS?" Are you implying that a non-broken OS is completely immune to viruses and malware or are you just spewing typical anti-Microsoft vitriol?

      Oh ok... Thought so.

      --
      Similes are like metaphors
    6. Re:Anti-trust? by Blakey+Rat · · Score: 3, Insightful

      On the other hand, Anti-virus products shouldn't even be needed. MS should be able to write software with fewer holes in it. They have piles of static analysis tools, piles of research, and piles of other stuff. They just don't want to take the time and fix things (including testing), so they put wrappers like UAC around things instead of fixing it.

      Microsoft software is already more secure than most vendors. Recent major viruses have either:

      1) Spread via social engineering. (The kind of thing UAC is supposed to help with, contrary to what you seem to think it's for.)

      2) Spread via non-Microsoft software. For example, I got a lovely copy of the Vundo virus courtesy of Sun's Java VM. Sun and Adobe software have been major spreaders recently.

      What would you suggest Microsoft do about either of those issues that they aren't already doing? Make it impossible to run Sun or Adobe software? Yeah, right.

      --
      Comment of the year
    7. Re:Anti-trust? by westlake · · Score: 4, Insightful

      really all they are trying to do is fix their broken OS.

      It isn't one OS.

      Every OS is "broken" in the sense that there are always avenues of attack.

      It can't be otherwise so long as mere humans have the final say on which programs can be installed and which programs can be run.

      To call something "Malware" is fundamentally a value judgment.

      I think the geek would be the first to howl if he could only install the apps approved and certified-safe by Redmond, Cupertino, or his favorite Linux distro.

    8. Re:Anti-trust? by b4dc0d3r · · Score: 2, Interesting

      Let me rephrase. They don't consider bugs important unless someone can turn it into a vulnerability. Previous examples have shown that it is possible to turn a seemingly benign bug into a security hole, with a little flash of insight.

      I should be able to submit bug reports directly to MS, instead of having to talk to a desk jockey at the OEM who never passes it on to the company that wrote the software. They would prefer you didn't do that. They will take your "send error report to microsoft" data, but at that point it's just statistical - whatever gets the most reports gets attention.

      They should say at this point, you know what, let us know if you find something and we'll take a look at it to make sure it's not going to cause problems. You know how much that would cost? Probably not as much as you think if it's simple triage.

      If I didn't work at a fortune 100 company, I wouldn't have a vendor support contact I could just call up and say hey this is causing problems, can you look at it? Smart people who know what they are doing can give great feedback and have it completely ignored because it doesn't seem worthwhile to look at something that might have problems.

      They will always have problems with third-party code, and not much you can do about it. But you have to realize that the attack surface area increases, and have your bug-squasher team increase in surface area along with it. I don't see an equal response. Sure I'll be your effective beta tester, but I don't want to hear one more detailed report about bug reports getting ignored.

      Simple, eh?

    9. Re:Anti-trust? by hot+soldering+iron · · Score: 2, Funny

      Yes, It is like tow truck companies suing GM for making a more dependable car.

      Wahoo!! I think I got the first car analogy in!

      --
      When you want something built, come see me. If you want correct grammar and spelling, get a F*ing liberal arts student.
    10. Re:Anti-trust? by shutdown+-p+now · · Score: 4, Interesting

      I should be able to submit bug reports directly to MS

      secure@microsoft.com

      I have actually submitted information about a vulnerability that way. It was fixed.

    11. Re:Anti-trust? by jonbryce · · Score: 2, Informative

      UAC in theory is just like sudo. There is nothing wrong with the idea of it, just the implementation.

    12. Re:Anti-trust? by dbIII · · Score: 2, Insightful

      I'm saying that Microsoft have such a lax attitude to security that they even had a flaw to allow arbitrary code embedded in images to run when you tried to view the image - something that is so incredibly stupid it should only exist in the realms of science fiction. Their systems do not rate at all in terms of security in comparison to things designed with security in mind. That is why I had to reply to your "Microsoft software is already more secure than most vendors" to politiely point out it is no more than ignorant fanboy bullshit with a deliberately flawed comparison. Adobe of course are also infamous for things like calling ROT-13 "encryption" when it is literally cereal box codewheel stuff.
      I suggest looking after more than a single Microsoft based system preferably with several in the hands of inexperienced computer users and you will begin to see why so many here are critical of things like the lax attitude of Microsoft to security. It helps if you have other half-decent systems to compare it to.

    13. Re:Anti-trust? by L4t3r4lu5 · · Score: 2, Interesting

      Well, you're correct in that it's a control for rights elevation for a particular process, but way, way off apart from that.

      sudo is a manual control; You have to physically type the command into your shell to instigate a rise in privilege. UAC asks you if you want to raise privilege. To a (l)user, desensitised as they are by Microsofts' abuse of message dialogues, clicking "Yes" is almost coded into muscle memory, and it's between MS and the users to sort out who is responsible for that situation.

      AFAICT, UAC is just a get-out. It shifts the onus for installing crapware onto users PCs onto the user, as MS can now say "Look, you had to type in the password! You didn't read the box? Oh, well then... That's not our fault!"

      sudo requires knowledge. Pressing "Yes" only requires impatience.

      --
      Finally had enough. Come see us over at https://soylentnews.org/
  5. Hitler's Kosher Hotdogs by EdIII · · Score: 5, Interesting

    It's interesting, but at this point can Microsoft really convince anyone that they are serious about putting out a quality product? I think that is there biggest problem here... PR.j I will admit I laughed when I saw the article, and it is Microsoft's reputation that made me laugh. Maybe it is good, but I am I really willing to give them the chance with something that important?

    I can remember articles talking about Windows Firewall in the past as being pretty darn good too, yet it seems the first thing a tech person does is to deactivate these days.

    Let's face it. If Microsoft was seriously competent about doing these "core" activities, would the 3rd party market be as big as it is?

    In any case it will be interesting if they start shipping Windows with this pre-installed. Then maybe the manufacturers won't be so quick to bundle Norton/McAffee with their products, and THAT will be fun to watch.

    1. Re:Hitler's Kosher Hotdogs by Pharmboy · · Score: 2, Interesting

      People forget (or weren't alive yet) that Windows roots are on a very limited platform that even a Linux kernel can't run on (no hardware support for "root" on a 8088)

      Not exactly accurate. For starters, Windows NT 3.1/3.5 also ran on Alpha and MIPs, not just x86. More importantly, Windows didn't take off until the 386 came out (and i386 is still the basis for much code, including Linux). Almost no one ran Windows on a 286, and virtually no one on a 8086/8088.

      Code originally designed to run on a 8086 and 286 won't even run on a 64 bit version of Vista (and 64 bit is the standard now, assuming you want over 3-4gb of ram, depending on BIOS). The 64 bit version doesn't have any 8 or 16 bit API support, only 32/64, unless you can hack it in virtualization. There really is no reason to run a 32 bit version of Windows 7 either, unless you need those old apps (not common) and will never need 4gb of ram (unlikely).

      In short, Windows Vista/64 and 7/64 won't run DOS or 8088 code, and *isn't* backward compatible.

      As a side note, I *think* you can install the 64 bit version of Linux and run DOS apps in a dosbox if you need. Will have to try that on the servers at work and see.

      --
      Tequila: It's not just for breakfast anymore!
    2. Re:Hitler's Kosher Hotdogs by westlake · · Score: 4, Interesting

      It's interesting, but at this point can Microsoft really convince anyone that they are serious about putting out a quality product?

      Microsoft is strongly positioned as a client OS. On the server. In core business applications. In development tools. In console gaming....

      In software software sales, MS Office is bigger than games.

      Bigger than anything. It is the tail that wags the dog. The 900 pound gorilla. Choose whatever metaphor you like.

      The Win 7 Beta opened to rock-solid reviews and has effortlessly claimed about half the market share of Linux on the desktop. Operating System Market Share

      The geek knows all of this intellectually, but he can't process it emotionally. It is easier to live within the bubble.

      I can remember articles talking about Windows Firewall in the past as being pretty darn good too, yet it seems the first thing a tech person does is to deactivate these days.

      Windows Firewall wasn't designed for the techie.

      It was designed for the user relentlessly nagged by requests to approve outbound access for the obscure subroutines of programs that already have his permission to access the net.
       

  6. Probably Pretty Good by Sponge+Bath · · Score: 5, Insightful

    With all that talent, resources, and internal knowledge they should have a slam dunk. Unfortunately I have a lot of distrust built up from over the years about what MS sticks under the hood. It will take many years of good reviews and endorsements before I feed comfortable that the MS AV does not give any special passes to iffy software from a MS partner, or that the MS firewall will correctly block things from going out when configured to if the originator is an MS component.

  7. It makes sense by phantomfive · · Score: 5, Interesting

    The Microsoft style is to solve problems by throwing a lot of people at it, and they use that strategy fairly well. Instead of simplifying the structure to where it can be reasonably dealt with by a small group of people, they are happy to make it big. For example, compare the number of system calls in the windows kernel with the number in the Linux kernel. Having so many more system calls means each internal refactor will have to take more into consideration, as well as requiring more testing, but it's ok, Microsoft is happy to throw lots of testers at it. The ASP.net model, which basically wraps a whole system around html/javascript to encapsulate it and make it easier for the average programmer was an amazingly man-hour intensive job, once again requiring lots of testing and many special cases, and yet Microsoft did it.

    That operating style is especially well suited to AV software, because it is a job that can be easily broken up and handed out to different programmers, and catching all the viruses is a job that can be easily helped if you have a lot of programmers and testers. It makes sense that Microsoft would write good AV software.

    --
    Qxe4
    1. Re:It makes sense by Anonymous Coward · · Score: 3, Insightful

      Ok, I have to quibble with the ASP.NET comment. Bash Microsoft all you want but get your facts straight.

      ASP.NET is not primarily an HTML/Javascript wrapper. Its purpose is much more ambitious than that. I would argue that the greatest strength of ASP.NET is providing an easy method for a web developer to utilize the .NET framework. Yes, its complex but so are the enterprise-class applications I build with it. Some of us build things more complicated than a blog publishing platform. And thus we need more robust tools.

      As to your argument that it was a man-hour intensive project: so what? Microsoft, for all of their chair-throwing, Internet Explorer-inflicting ways, does know how to create top-tier dev tools. And that does tend to take time and a lot of qualified people.

    2. Re:It makes sense by Dutchboy2000 · · Score: 5, Interesting

      In my view, using a "small subset of the .NET framework" is not an argument against using ASP.NET. .NET is a huge and extremely varied framework (as you evidently know well). It would be a very odd case where any particular application - whether it be web or Win32 - would require the majority of the functionality provided through .NET.

      But the fact that all I need is a screwdriver does not lessen the value of having a well-stocked toolbox. The first time I had to create a web application that could consume and perform complex recursive logic on XML files created by a mobile application framework, I didn't have to wonder whether .NET provided the necessary functionality. I knew it did even though I'd never used it before.

      I'm not going to sit here and tell you there aren't things about .NET that drive me nuts. And, in fairness, I don't have a lot of experience with other web application frameworks. Still, .NET gives me what I need when I need it and without a lot of fuss. The biggest problems I deal with each day have very little to do with my framework of choice and much more to do with things outside of my control. C'est la vie, eh?

      By the way, I'm the Anonymous Coward that posted above. I just created a new Slashdot account so now I can be a Well-Known Coward.

  8. I would hope... by Jesterace · · Score: 2, Funny

    So far it's been running very well. I would presume that they should be able to make something that will protect their own operating system after all they did code it.

    1. Re:I would hope... by ichthus · · Score: 2, Informative

      Yeah, but this is a bit like a car manufacturer providing locks for their doors after the fact.

      --
      sig: sauer
  9. MS still has superb programmers by geekboy642 · · Score: 5, Insightful

    It's always been this way. Microsoft rests on their laurels until an upstart company starts making money at their expense. Between Mac, Linux, and the insane proliferation of general crapware, MS has a real image problem on their hands. Luckily for Microsoft, the best and the brightest can be wooed by the kind of money they're able to throw around. When they throw their top programmers at a job, the results are stunning, just witness the turnaround from early Vista to the current beta of Windows 7.
    Sadly, the end result will be bad for consumers. Other security companies will be badly hurt by the release of this freebie, and MS will go back to sleep, leaving the security marketplace to stagnate like the pre-Firefox browser market stagnated.

    --
    Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
    1. Re:MS still has superb programmers by icebraining · · Score: 4, Insightful

      There are many AV suites already released for free - Avira, AVG, Comodo, etc. Avira is much more popular than paid AV suites around here.

      --
      Dilbert RSS feed
  10. Great if you're living in one of 5 countries... by jpedlow · · Score: 3, Interesting

    So I decided i'd check it out for my XP box.... "Not available in your country or region You appear to be in a country or region where the Microsoft Security Essentials Beta is unavailable. This beta is available only to customers in the United States, Israel (English only), People's Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only). " So...not Canada? *sigh* Well, time for Nod32 or kaspersky I guess...

  11. directed self-interest by Horar · · Score: 3, Insightful

    A computer consultant advocating Windows is like a doctor prescribing cigarettes. It creates a lot of extra work.

    1. Re:directed self-interest by mozzis · · Score: 3, Funny

      A computer consultant advocating Windows is like a doctor advocating a healthy lifestyle. Stop twisting reality to fit your fundamentalist preconceptions.

      --
      This is not a self-referential sig.
    2. Re:directed self-interest by dublin · · Score: 5, Insightful

      Any computer consultant worth his salt won't get drawn into silly squabbles over OS/platform/software/language/etc., and will recommend the *best* solution for the client. Don't ever let bigotry blind you...

      I describe myself as a dyed-in-the-wool Unix proponent (24 years now), but I run Windows on my desktop machines, and have recommended Windows on many occasions, including some large-scale Fortune 20 deployments, where it made more sense. (For servers, I avoid Windows unless the app environment really needs it or runs markedly better there, but there are still a good number of those situations. Given my druthers, I design new systems around open source technologies, mostly because of the lifecycle cost savings. Auditing all those licenses is a non-trivial cost and PITA, not to mention acquiring them in the first place - and avoiding licensed software makes leveraging cloud computing *much* easier...)

      Windows certainly has its faults, and I'm a big critic, but it also has its place, and for a good number of things (even some server-based things), Windows is the best choice - sometimes by a good margin.

      --
      "The future's good and the present is nothing to sneeze at." - Roblimo's last ./ post
  12. Re:The question is by Nightspirit · · Score: 2, Insightful

    Because people will download and install anything? Even OSX was hit recently with people pirating the iwork suite.

  13. Re:Beta not available for download by NervousNerd · · Score: 2, Informative

    Right here.

  14. Re:Maybe, but... by xxuserxx · · Score: 2, Insightful

    If Mac's had 90% of the user base such as Microsoft does you would see the same problem with Macs or Linux even. It has nothing to do with system security it's simply that PC's are who virus programmers target.

  15. It seems wrong for an OS vendor/maker to do this by erroneus · · Score: 4, Insightful

    Microsoft should not be making antivirus software. It should be fixing its vulnerabilities.

    The OS has many fundamental problems, some of which cannot be resolved without redesigning the core internals which would render all older software incompatible any newer version of the OS. This sort of problem was identified long ago, but it was decided that the cost of change would be too great, the burden on third party software vendors too heavy and ultimately, it would be too slow to adopt and migrate for all users. And the longer they wait for this eventuality, the more expensive and prohibitive it becomes to make such important changes.

    If this sounds like the U.S. moving from Imperial measurements to the globally accepted Metric system, you wouldn't be alone in this observation.

    Microsoft still cannot fix the "stupid user" problem but there are many things they could fix if they had the balls to do it. And they could take a page out of Deep Freeze's playbook and create a system where the user must first unlock the system before they can install anything. But perhaps the similarity to the adoption of the metric system doesn't stop here. Perhaps there will come a point at which everyone will move on to another system leaving the "imperial" one behind... well I can dream can't I?

  16. Re:Maybe, but... by h4rr4r · · Score: 4, Insightful

    Too bad apache proves you wrong.

    This is an old, tired and false argument. If any OS had the holes windows does it would get exploited like mad.

  17. About time by avandesande · · Score: 2, Funny

    When you consider all the extra crap they ship with their OS, including something that is actually useful like this should have been done 10 years ago.

    --
    love is just extroverted narcissism
  18. Only protection against files? by sugarmotor · · Score: 2, Insightful

    'All files were properly detected and treated by the product,'

    Aren't there other attacks besides file-based ?? This sounds rather silly!

    Stephan

    --
    http://stephan.sugarmotor.org
  19. Re:Maybe, but... by xxuserxx · · Score: 2, Insightful

    Did you not read about the Apache security flaw that was posted on Slashdot just this week?

  20. Re:Microsoft Hate by h4rr4r · · Score: 4, Interesting

    Try using it.
    1.
    A shell that uses objects is asinine.
    It looks like a bunch of java idiots tried to make a shell. If I wanted objects I would use a programming language, this is supposed to be scripting.

    2. No ssh, lame.

    3. does not support anything like authorized_keys.

  21. In other news by Ludedude · · Score: 2, Funny

    Redmond WA, June 24 2009. Microsoft is proud to announce today its acquisition of independent and trusted testing firm AV-Test. Details of the transaction are not immediately available but rumors involve a large cash payment and real estate on a remote Caribbean island.

    --
    Then != than you morons.
  22. Re:Windows Defender? by dave562 · · Score: 2, Informative
    If my memory serves correctly, Windows Defender is based around IE and protecting the computer from exploits that come in through the browser. Anti-virus software on the other hand scans the rest of the system. To come up with a theoretical example, if you are running Windows Defender and AV software, when you visit a website with malicious code on it, Windows Defender will recognize the code attempting to execute in the browser and block it. On the other hand, if you are only running AV by itself, the malicious code will execute in the browser, and MAYBE your anti-virus software will catch whatever trojans and other executables the website copies onto the local system (if you're lucky and have up to date definitions that can detect whatever they are trying to drop on the system).

    The sad reality of the fact seems to be that in order to secure a typical Windows network in this day and age requires a multi-tiered approach. You need some sort of proxy/web filter software to block known malicious sites outright, and also to do some sort of packet inspection/exploit detection on the open connections. You then need some sort of software to protect the browser itself, like Windows Defender (if you are running IE). As a last line of defense, you need anti-virus software running on the local workstation. Also worth noting if you're hosting email in house and forwarding that email to Windows clients, you need AV on the email server, and some sort of anti-spam box in front of the email server.

  23. Re:Microsoft Hate by Blakey+Rat · · Score: 3, Informative

    A real shell?
    Having to install cygwin is kinda a pain. No powershell does not count.

    Way to craft your requirements in such a way that they're impossible to meet. What is a "real" shell? And what features does your "real" shell require that PowerShell doesn't have?

    Let me guess, a "real" shell is defined as "a shell that Microsoft is not currently shipping."

    --
    Comment of the year
  24. Re:Windows Defender? by ECCN · · Score: 5, Informative

    Defender is Anti-Spyware only. Security Essentials is Anti-Virus & Anti-Spyware combined, so it effectively replaces Defender outright.

  25. Re:Maybe, but... by ClosedSource · · Score: 3, Insightful

    "Oh wow 1 flaw, BFD."

    Well, you have to add them all up you see..

  26. Re:It seems wrong for an OS vendor/maker to do thi by TSPhoenix · · Score: 5, Interesting

    Its a social problem, not a technical one.

    All UAC did was train people to press "Yes" on every dialog even more zealously than before. A system based around asking important questions to people who neither understand or care is not a good one. sudo works because everyone using it does care.

    What MS is doing here is clever IMO. Instead of trusting the user to not do anything dumb, they've instead given them a big "Press me to fix your computer" button to wail on. People will see their computer is being slow, hit the button and hopefully the problem will be fixed.

  27. system performance? by Satanboy · · Score: 2, Insightful

    Has anyone tried this out yet to see what the performance hit is?

  28. Re:Maybe, but... by shutdown+-p+now · · Score: 5, Interesting

    Viruses don't target server environments. That's pretty much by definition - as they require active user interaction to spread.

    Exploits are a different thing, but, really, have you looked at vulnerability stats in Apache vs IIS6/7 lately? Try it, you might be surprised.

  29. Re:Microsoft Hate by colinrichardday · · Score: 3, Insightful

    As opposed to a "real" office suite being defined as one that is compatible with Microsoft Office?

  30. Re:Beta not available for download by prockcore · · Score: 2, Funny

    If you weren't so eager to install software provided by random slashdotters, perhaps you wouldn't need the beta...

  31. Re:Maybe, but... by shutdown+-p+now · · Score: 4, Insightful

    It has had much more patches over the year and I'm not conviced that an actively developped open source project like this is more vulnerable because more holes are found. That might be a sign that it's easier to locate in apache than IIS but does not mean they are non existent and unknown to the wrong people in IIS.

    To sum it up: you don't care about any numbers I might show you, you just firmly believe that Apache is more secure, simply because it's OSS.

    So, is there any point to discuss it further, then?