Slashdot Mirror
Microsoft Security Essentials Released; Rivals Mock It
Bimal writes "After a short three-month beta program, Microsoft is officially releasing Microsoft Security Essentials, its free, real-time consumer anti-malware solution for fighting viruses, spyware, rootkits, and Trojans. MSE is available for Windows XP 32-bit, Windows Vista/7 32-bit, and Windows Vista/7 64-bit. 'Ars puts MSE through its paces and finds an unobtrusive app with a clean interface that protected us in the dark corners of the Internet.' The software received positive notes when in beta, including a nod from the independent testing group AV-Test." But reader CWmike notes that Symantec is trash-talking Microsoft's free offering. Jens Meggers, Symantec's vice president of engineering, dismissed MSE as a "poor product" that will "never be up to snuff." Meggers added, "Microsoft has a really bad track record in security." The GM of Trend Micro's consumer division sniffed, "It's better to use something than to use nothing, but you get what you pay for."
Doesn't bug, silent updates, fast scans, no noticeable performance hit. I can finally get my parents off of their annoying Norton or whatever they paid $50 to use for 12 months.
When Pressed, Symantec admitted they were actually describing their own products, burst into tears, and chugged the rest of the bottle of whiskey.
Sorry to throw Symantec under the bus, but the AV program and AV mentality that they have created amounts to a CPU tax. We don't have 4 core machines, we have 3 cores plus for one for Symantec, which manages to have the deadlock everything while it scans a single file.
This is my sig.
Around the computer shop's i've worked at we joke that we'd rather have a virus than norton on our machines, at least the virus won't charge you a fee to mess up your OS.
- Better to speak your mind than to remain silent, or someone may speak for you.
A virtual virus can be as bad as a real virus. Deleted files and pirated bandwidth are the same either way.
Table-ized A.I.
Symantec's products aren't exactly admired for security and effectiveness in recent years. Pot, meet Kettle,
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
And what, use a fresh drive image every time you boot up the virtual machine?
It's still the same problem except it's possible to detect virtual rootkits from the host OS.
Last I checked some of the highest detection rate AV solutions also happen to be free.
I use Avira AntiVir, which came in #2 in the last comparative study I read. It's gratis, with the sole "cost" of a popup-ad every 24h, disabled in the paid version (or for free, if you know how to set up a local security policy under windows and don't mind breaking the EULA).
Please, please. Symantec offers an "expensive product" that has managed to sink further away from the figurative snuff as time goes on...
So let's see, independent groups give positive reviews. One of the main competitors give it a negative review. Who to believe?
Anyone remember a software product called QEMM back in the DOS days? It was a tool to deal with this horrid thing known as "high-mem" back in the bad old days before Windows 95, allowing one to have more memory to run Win 3.1. It was written by a company called Quarterdeck Office Systems and it built their business. Microsoft came out with a tool that did the same thing called memmaker that worked well enough and did the same thing and they bundled it with DOS 5.0 (I think it was 5.0). Though, not as efficient as QEMM it was good enough and ultimately led to the demise of Quarterdeck (along with a bunch of other dumb mistakes).
It's a sweet little anti-virus program. A well designed and simple user interface, updates unobtrusively, doesn't bog down the computer and it is very effective at detecting all threats I've thrown its way. It also is easy to tell when it is unhappy thanks to a well designed and simple system tray icon. Credit where credit is due, Microsoft has put together a good program. I've tested this on dozens of machines and have not a single bad thing to say about it, which is not something I would have thought I'd ever say about a Microsoft product.
If I do have a quibble, it's that it requires a validated Windows. If I were Microsoft I'd throw this on automatic Windows Update and push it out to everyone not already running an anti-virus.
Symantec can blow me. I've seen more hosed computers where the owners thought they had current updated Symantec AV just to have me discover that their definitions had last been updated in 2007 or something with no indication from their Symantec AV they were vulnerable.
To tell me it's working, it sounds like pretty much the best thing out there.
When the CEO of your competition derides your product publicly, you know it's got to be good shit.
Platform advocacy is like choosing a favorite severely developmentally disabled child.
I've used Avast Antivirus (free), Malwarebytes Anti-Malware (free) and Comodo Firewall (free) for a couple of years now. I've never had a virus and various other types of malware are promptly and efficiently dealt with.
Trust the inventors of Windows Genuine Advantage with my security? Or freakin' Symantec? I won't bore you with the horrible, hellish experience of getting Norton Antivirus off my machine. It was harder to get rid of than the virus it failed to catch.
Fat chance. I'll stay with something that works, thank you very much.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
I see. So you want to explain to my parents why their data went away and, no, I can't get it back without spending a few hours implementing a rigorous and thorough virtual infrastructure on their home computer?
Symantec? Ha! I would rather have nothing at all than Norton products. They are bloated resource hogs, and any script kiddie's concoction can disable them. People who know nothing about computers, but still own one for their work or their kids' school buy Norton crap purely on name recognition. All they are buying is a false sense of security.
The Uncoveror: It's the real news.
I just formatted and installed XP SP3 on a machine running an Intel 2.4Ghz CPU (Northwood and non-HT). I've noticed that installing applications take about four times as long after having installed this program. The culprit seems to be a running process "MsMpEng.exe" pushing CPU utilization to a total of 100%. I did not have Windows Defender installed, but it's interesting to note this is the same file that it uses too. I'm guessing Microsoft Security Essentials is a close cousin to Windows Defender code which would explain a lot.
Other than that, it seems to stay out of the way under general computing. But for those looking to do a format/reinstall of Windows, I recommend installing this program AFTER you get finished with everything else on your to-do install list.
Life is not for the lazy.
Using Windows inside a VM makes removing dangerous stuff like rootkits easy (e.g. by simply falling back to a snapshot).
But if someone catches a trojan and then directly heads for his bank website to do some transfers, the VM doesn't do shit to protect him. Same goes for worms, spambots and all the other crazy stuff. As long as the VM is running, they are as dangerous as ever. Telling people by running stuff in VMs makes them immune to threats just gives a false sense of security.
Okay, now that Microsoft makes an antivirus, someone explain to me why they haven't simply dedicated all this effort to debugging Windows, closing security holes and stabilizing code? Can anyone now sufficiently explain their motivation to do so? I don't see anymore reason for Microsoft to clean up the mess that they made, now that they've thrown a board over the pothole instead of repaving the frickin' road.
If Microsoft makes Windows secure and stable, then, in theory, the antivirus industry is out of business. Someone, please, convince me to remove my tinfoil hat.
Let q be a radix > 1. I am in ur base-q, killing 10 d00ds.
Now correct me if I'm incorrect, but was I told it's untrue that people in Springfield have no faith? Was I not misinformed?
Execuse me if I'm missing something here but shouldn't they fix the security holes to prevent the problem in the first place?
You want MS to block everyone's access to shady porn sites?
"The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." ~Thomas Jefferson
Seriously, who better to defend an OS against threats than the developers themselves? Antivirus is just another security feature.
to make everybody on Slashdot rush to defend MS.
I've been using Microsofts OneCare security suite for over a year now and I absolutely love it. It has been able to stop, detect and remove and lot of pieces of malware, spyware and trojans. I can see how Microsoft got a bad rap in the past, and I used to believe Microsoft software in the security field was unreliable but OneCare has changed my thinking. I think Symantec might be rushing to judgment a bit quickly but time will tell whether Microsofts new innovation is a worthwhile endeavor
"Norton" Utilities started to go downhill the moment it was acquired by Symantec, and after just two years I could no longer stand to use the product. Not only did the "utility" of the product steadily decrease, I found the virus / malware detection to continually be substandard compared to cheaper and even freeware products.
I am aware that there are people who still swear by Symantec products, and I do not wish to argue with them. But I was with that family of products ever since Peter Norton put them together into a package, and is is simply not up to the standards that his personal software met... no matter how big their corporation is today.
Boo, Symantec. I use Kaspersky and a few other tools now, and even though it takes several separate tools, I find the whole to be both superior in performance and also less intrusive into my system than Norton Utilities and other Symantec products.
I think if this is a troll then "Uninstall Windows to fix your virus problem" is certainly a troll. And my comment was a sincere, wholehearted comment. Unless he's presenting Windows to a bunch of people only interested in programming or networking, that's the likely outcome. And for what it's worth, it's very possible to run Windows without getting a virus and anybody who is likely to get a virus by running Windows will probably get a virus the same way by running any other OS, unless they just can't figure out how to run anything.
Could you provide a link for this which involves a "serious" anti-virus company (Norton/McAfee/Kaspersky/BitDefender etc.) and an actual released to the field piece of malware. "There are cases" could include the "anti-virus" packages advertised via online ads which actually are malware.
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
What security hole? There is no security hole involved when someone downloads a file and executes it. You're confused or disingenuous.
You're a retard. You haven't used the product but you _know_ it sucks. Right.
Opinion: Dismissed.
Maybe he finally figured out that the part of the ladder theory he occupies means he will never get the nookie.
Jesus was all right but his disciples were thick and ordinary. -John Lennon
Microsoft purchased Komoku, a developer of RootKit Detection software with clients like the usual government and military suspects, banks, that kind of thing. Komoku's technology has been rolled into Microsoft Security Essentials.
I would think that right there is a good reason to check it out, and possibly implement it in your XP/Win7 system, especially since MS probably had a chance to do some tweaking on the RootKit detection engine using their proprietary knowledge of some of the more obscure aspects of Windows file systems, the still unpublished NTFS specification, etc.
Of course, if you have no RootKits installed, it might be more of a pain than necessary ... after all, every AV app you now have running says nolo problemo, si?
Then again, how would you know?
if you do have a RootKit lurking, I find it very difficult to believe that Norton or Symantec would tell you so ... the whole point of RootKits are to avoid detection, whether by conventional AV applications or otherwise, and to avoid removal by the usual removal tools available to AV product users.
Some RootKits are even stealth-installed by law enforcement, and the "person of interest" isn't supposed to have Norton go all five-alarm on them, if you get my drift. Not that we can be sure this will either ... I'm just sayin' they are not trivial to detect, is all.
It remains to be seen exactly what MicrosoftSecurityEssentials does turn up, but in at least one aspect, you are getting (for free) security software that cost thousands of dollars had you contracted with the original developer prior to Microsoft's acquisition (March 20 2008) and prior to MS's adding at least some of that same software to this new app.
There will be plenty of people who will jump in right away and download MicrosoftSE. If you're one of them, fine; don't change for my sake.
But, the best advice might be wait a week or so, as the prudent should, to see if major issues develop once widespread deployment exposes the suite to a wider set of configurations. If all is well, I say "run her". When MS offers you the equivalent of "free money" I say take it. I never see them refuse mine.
It makes me suspicious. Usually when there's an article about Microsoft, even if it's about something good they're doing, everyone on Slashdot attacks them. It strikes me as odd, how many comments are giving this software a chance. Almost as if a bunch of MS employees are posting comments.
MS discontinued OneCare around a year ago genius (see here). The free Security Essentials release we're discussing in TFA is what the OneCare team got spun off into..
Not happy with forcing WGA and automated WindowsUpdate when you install this antivirus, MSE also forces DRM and Silverlight down your throat. Oh... and you are not authorized to talk about MSE without written consent from Microsoft.
Just read the license.
Doh!
Well, I always welcome free solutions which enhance overall end users security, but this licence is a no-no for me.
Actually they are just trash talking MS in the true spirit of corporate competition. It is like brushing teeth in the morning for them. You are not taken seriously as a competitor if you don't issue some form of short press conference where you can say how bad everything but your own products is.
The truth is, through my "fixing" of countless laptops ridden with Symantec products, I can honestly say, disregarding their security track record, I despise and resent their products as much as I ever could. Large, monolithic but with 10 services to get rid of, poorly uninstalling or not uninstalling at all, horrible user interfaces - at least Microsoft products are benign compared to Symantec, use FAR FEWER resources to the point where you don't notice them (but they still do the job), have usually quite well designed GUIs and remove themselves without question. Thing is, Microsoft has different divisions, and clearly divisions that work on Windows Defender, Windows OneCare Live, and now Windows Security Essentials are, by evidence, not the same division that work on builtin Windows security, although situation seems to be improving on the latter.
Symantec and those corporate benemoths have been preying on customer fear for malware, and feeding us crap for more than ten years now. There was once Peter Norton and his Norton Commander, ever since that it went downhill with all things related to him and his company. Symantec has a lot of fat around the waist now. And they are afraid Microsoft is onto them.
The whole anti-virus industry is kind of like a dysfunctional family sitcom, with Microsoft as the wacky uncle whose crazy antics ironically bring in new customers for the family business by the end of every episode. Every other season the crazy uncle threatens to leave and the kids go nuts trying to convince him he can't make it without them, but everyone knows he's going to be back by next season's premiere. This story arc is no different.
The funniest episodes are when the kids go out and try and pitch woo. They seem to think that everyone else is crazy as "Uncle Mike" and leave a trail of property damage all over town as they fail to convince Apple and Palm and everyone else that their nutty schemes are JUST what they need for success.
As long as you're using Vista or 7, both of which include technology for low priority processes, MSE will be a negligible performance hit on your system.
:P
I generally tell the program to exclude my games directory of real-time virus scanning. Most viruses these days aren't out to try and infect every application in your system, but to dump themselves in temp files or the windows directory (or in the future's case, somewhere in the user's home directory).
So really excluding the games folder for me isn't so much of a problem
Symantec's security products suck. They are a pain, not particularly good at finding threats, and they slow your system down. Ok well despite that, they manage to hang on because a lot of people know they need virus protection (and Windows will remind you of that fact) and Symantec has name recognition. Unfortunately some of the very best out there are from companies that people have heard of, like ESET. Also, they all cost money, just like Symantec.
So the good AV solutions probably didn't cut in to their market that much. Ya, I run NOD32 (side note, I really recommend it if you are after virus protection, it is excellent) but then I would go with no protection before I'd run Symantec. I'm not really a lost sale. They are after the non-technical user market, who know enough to know they need virus protection, but will just buy it form the first name they recognize.
Well now along comes a product from Microsoft. Can't get much better name recognition than that. What's more, it is free and what's even more it is very light weight, at least as compared to Symantec's crap. Now THAT is a problem. That could seriously cut in to their market.
Also remember this is the same Symantec that was complaining about Vista's security center as being "anti-competitive." All the Vista (and Windows 7) security center does is make sure you have anti-virus, anti-malware, a firewall, and automatic updates. If you don't it warns you. While the updates have to come from MS (or a WSUS server if you are in a domain) the rest it doesn't care about. It is quite happy with ESET Smart Security as your AV, AM, and firewall and shows a green board. So why was Symantec whiny? Because they had a similar thing, but it said you needed all Symantec software. So if you got just their AV solution, it'd tell you that you were at risk unless you bought more products. They were scared that people would look at MS's security center and go "Oh, ok, I've got what I need."
More or less if Symantec is badmouthing a product, I think it is worth my time to check out :D.
As for the product in question, we are trying it at work now. It seems to be very fast and unobtrusive. So long as its detection rate is reasonable, I'd say it's a winner for people who don't want to buy a solution.
Besides if you want to blame anyone for the death of QEMM other than themselves, well you'd be blaming Intel. The writing was on the wall for memory managers when the 80386 came out. Protected mode meant that all that shit would no longer be necessary since apps would get flat virtual memory spaces presented to them, no segmentation or tricky BS needed. All memory would be equal.
QEMM continued to sell after memmaker came out because it did work far better. Its sales started dying with Windows, since it didn't do anything for you. Windows 95 was when it was all over.
Please remember that the conventional memory/640k thing was NOT a Microsoft creation. It was a combination of Intel and IBM. The 8088 had 20 bits of addressing, giving it 1MB of addressable memory. Now on a system, actual RAM itself isn't the only thing that needs memory addresses. Hardware, notably video memory but other things as well, need to have memory addresses to be used. So IBM divided the addressing as 640k for system RAM, 384k for other usage. At the time they made the system, this was not a problem as you couldn't get 640k of memory. Later the limit got hit.
Thus whenever you ran an Intel processor in 16-bit mode, this is how addressing was done. Still true to this day. Modern Intel and AMD CPUs boot up in 16-bit real mode and they still address memory in this fashion. However the OS boot loader switches them over to protected or long mode and then it isn't an issue.
You still can run in to similar issues though, at least on 32-bit systems. You discover that on 32-bit systems you hit the 3.something GB limit. You knock 4GB of memory in to it, yet only 3.something (the something varies) are available to the OS. Why? Hardware that uses memory mapped IO. Your video card, sound card, etc. They all need memory addresses in the 4GB space the CPU can use. As such it can't actually address all 4GB of physical RAM. Wasn't a problem for a long time as 4GB was way more addresses than a system would have RAM, but no longer.
64-bit systems don't have this problem, as they have 16 exabytes of total address space. Plenty for whatever RAM you've got, plus all the addresses for hardware. However, if in the future we ever do have computers with that much RAM, the same issue will again reappear.
Symantec? Ha! I would rather have nothing at all than Norton products.
Norton products are great. They've just all been replaced by crappy Symantec products.