Slashdot Mirror
MS To Build Antivirus Into Win8: Boon Or Monopoly?
jfruhlinger writes "Microsoft has quietly announced that it's planning on baking anti-virus protection right into the Windows 8 OS. Users have been criticizing Windows' insecurity for years — but of course this move is raising howls of protest from anti-virus vendors, who have built a nice business out of Windows' security holes. Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"
I would love to see governments attacking Microsoft for making its software too secure. That would keep me laughing for years.
This is awesome and MS should've done this 10 years ago.
Sue Apple first
So making an OS more secure (I know, they could get rid of security holes... but...) is also monopolistic?
To me, this is kinda like saying IrfanView should sue because MS includes Paint or Picture Viewer or whatever they include.
IE was a bit trickier, because they did their own thing with HTML and stuff and you HAD to use IE in order to view some stuff, so it was a bit nastier. But a virus detector? What are they going to do, write viruses that only their software can find... but then they wouldn't work on other OSes... so it wouldn't be much of a lock-in.
The capitalist in me screams, "Anti-competitive!"
The IT guy in me exclaims, "It is about time."
The consumer in worries, "How will this impact performance?"
I will not mourn that which I never had to lose. - Unknown
It's a good idea overall as long as there is the ability for power users to disable the 'feature' and use third-party software.
It will be good for the less knowledgeable / casual user but to the more discerning user there may be better tools for what they want to do with the system.
Overall I think it might help stem the flow of infection through those will no anti-viral software whatsoever but with many boxes still using ME/XP/Outdated everything it won't drop infection rates THAT signinificantly.
I think this would be a great idea as long as MS keeps it well updated and people don't rely just on it. It would immediately improve the security of the PCs of all the people who don't bother with antivirus, but it may lull others into a false sense of security and give them an incentive to not get any other antivirus which would put a target for virus writers squarely on MS's solution.
I feel sorry for people that don't drink, because when they get up in the morning, that's as good as they're gonna feel
I don't care whichever it is. The EU won't like it bundled so.
If I somehow end up with a Windows 8 machine, I will continue to use F-Prot or Command anti-virus no mater what is bundled. Microsoft including their own anti-virus software will not compete with such products, it may however be the end of McAfee and Norton. But I honestly think the world is better off without them.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Imagine if God gave humans band-aids instead of giving humans blood clotting. Microsoft should fix their software so AV isn't a requirement.
Why on earth would Microsoft want to put the AV competition out of business? It only costs them money.
It's neither boon nor monopoly, it's acknowledging a begrudging reality that no matter how secure your OS you need AV on top and you can't rely on your users to purchase it.
I'm sure Microsoft would be more than happy for everyone to run Norton and save the development expense but... that would be like requiring your customers to buy hamburger bun separately.
Stacker, IE, etc... now that the DOJ antitrust action/oversight against MS is complete...
Of course MS will argue that it *needs* to be integral to the OS, just as MS argued about Stacker (data compression) and IE.
Stacker did win a pretty big settlement from MS... perhaps Norton and McAfee should take the money and run, far away...
OS X had this 2 years ago. I can't think of any non-security/utility Linux distros that come with one pre-installed, but this is a pretty common sense move forward. To be frank, I'm surprised that MS waited until now. Granted the whole anti-trust restrictions were still active, but I can't imagine the DOJ wouldn't see a common sense ruling in this one as long as MS didn't restrict 3rd party AV effectiveness. IMHO if Windows can have a built-in firewall, why couldn't it have a built-in AV detection system.
I think they're gonna throw parties at ISP hotlines if this AV works good.
This is like building a home with no doors and leaving a "No entry" sign in the living room.
if that means they make windows inherently more secure that is, you know, by design. I do not need just another bolted on half baked product.
I have a question for the people that'd want MS to 'protect' anti virus companies: If the gov't decided to shut Microsoft down for it's anti-competitive practices, would you object to that in order to save companies like Symantec?
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
They give it away free as it is (and it's pretty damn good at that). Beats the crap out of McAfee and Symantec. Tighter integration of security services is certainly a good thing. What's to complain about, exactly?
and force people to use a non-administrator account for applications?
Bill Gates was right. Microsoft had every right to add whatever features and applications it wanted to its OSes. Look at Chrome OS, Android, Mac OS X, iOS. All have browsers and other applications "built-in". In fact, Chrome OS doesn't even allow you to use an alternate browser, while Windows always allowed this. Adding non-intrusive and automatic antivirus to Windows 8 is a step forward.
will there be an easy way to turn it off? I really don't want to be playing a competitive game online and have my system bog down for a virus scan, or have my computer take twice as long to boot because of this.
Maybe then other security companies like Symantec will start working on making their software decent. Somehow, the free Microsoft Security Essentials is better than Norton all while not being a pain in the ass resource hog.
and force people to use a non-administrator account for applications?
Because it would break Whizzbangsoft Whizzywriter '96.
If anyone would think this a viable option for any system that wades through the internet wait to see how they keep it up to date. You can't protect against what doesn't exist but you can respond faster. This would also assume that Microsoft will catch ever virus, in my opinion its nice but it doesn't do much in the way of sole protection.
If apple did this, it would be great... microsoft does it an they are monsters. to hell with this.
Actually, from all I've heard, Microsoft's virus scanner for earlier versions of windows, works pretty darn well, comparable with the better commercial products.
So, given that they are probably going to bundle an update of this... I'd have to say from prior experience, the odds of your guess being accurate are as close to zero as I can imagine.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
People are annoyed that Microsoft is making their OS *more* secure?
Really, I wouldn't worry about it, I'm sure there will be plenty of attack vectors. (I could be snarky and say "this is Microsoft after all" but I won't. Oops, I just did.) What it comes down to is, you build a better mousetrap, nature builds better mice.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
I'd rather see something innovative rather than another AV product that is never up to date and always slowing down the system. I'd like to see the current pattern matching approach scuttled. There has to be a better way. What about a serious look at white listing?
UNIX/Linux Consulting
They have had Microsoft Security Essentials for years, and I've never understood why it can't be preinstalled.
Not allowing a company to secure their software so parasitic third parties can make money is not a monopoly.
To be fair I do HATE most AV software, mostly because 99% of the time it's much worse than any virus your computer might contract.
I'm sure that part of the reason that it has taken this long for them to do this is precisely because of the possibility of legal troubles. At the same time, whereas it was difficult to argue that a web browser was truly an inherent function of the Operating System, it's difficult to argue that protection from viruses is not. So, while this may appear reminiscent of the Netscape case on the surface, it may be much less of a legal minefield in reality.
As for the anti-virus vendors, realistically they should have known that it was only a matter of time before Microsoft would clean up their act a bit and obsolete the vendors' products. They got to ride on the coattails of Microsoft's laziness for a long time.
"You cannot simultaneously prevent and prepare for war." -- Albert Einstein
A company creates a product, obviously they have a monopoly on this product, they are the ones creating it.
So iPads are created by Apple. Samsung LCD screens are created by Samsung.
Microsoft Windows is a Microsoft monopoly.
Of-course there are alternative products out there, but to get a legitimate copy of Microsoft Windows you go to Microsoft. If Microsoft makes other products that work with their OS, it doesn't mean they are criminals in any way.
If they use their power as a monopolist to lock others out of making similar products, maybe the laws are such, that they prohibit this behavior (though I am against laws prohibiting this behavior, by the way, purely because government shouldn't be involved in making business decisions).
However if Microsoft lobbied the government and got a law passed that made it more expensive (in terms of taxes, licenses, regulations) for others to create similar software THEN I am against it, because that's what creates real barriers to entry - government assistance to one entity over another.
That's the problem with everything that government does, be it laws on what prices should be or government requiring licenses to do any sort of business activity, any sort of a tax or a franchise license or any labor regulation, for examples imposing pensions/medical insurance requirements, etc. All this stuff creates barriers to entry against any new comers into the business, so people don't even try in many cases. Simultaneously there are all these welfare programs out there, that make it stupid for certain to try and do real work instead of receiving these benefits.
You'd think people would finally realize that government involvement into the economy is the reason the economy is tanking.
You can't handle the truth.
I really don't see this as being any different than Microsoft shipping Windows Firewall. They provide the means for third-parties to replace or augment the existing firewall and API to allow those products to declare themselves to the OS so that the unified security user interface can inform the user that it is running and alert them if they are not updated or aren't using the recommended settings. The OEMs and the consumers still get a choice, this will just raise the lowest common denominator. It's not perfect, and there are legit concerns about fostering a security mono-culture and giving malware authors an easy first target to circumvent, but it's better than absolutely nothing, and frankly, as far as AV goes, Microsoft Security Essentials is as unintrusive as they get.
Currently, most if not all home versions of anti-virus programs are poorly written and create a lot of system load. (Business versions are better because businesses won't put up with this nonsense.)
If anti-virus is built into Windows, and has the same problems, people will (justifiably) blame *Windows* for the system load caused by the antivirus. We've seen with Vista that even with the Windows monopoly, having Windows produce too big a system load will not be tolerated. So having MS supply antivirus may be a blessing in disguise, since we may actually get reasonable antivirus programs.
(Of course, if you can't turn it off, that brings its own set of problems.)
You can disable it and MSDN has ways to allow you, as a developer, to have your software fully disable it.... (which in and of itself can be a security flaw using fake digital signatures).
If Windows was a secure OS, they wouldn't need any antivirus (including that of 3rd parties). Please note that this is not (only) to bash Microsoft; I don't wish to put Linux in the "secure enough" category yet, and I just barely put OpenBSD there.
Too bad that Microsoft will never re-write their OS with security as their main focus. Considering how easy Windows is to use (in some cases at least), the result would be quite interesting.
will it block software that MS does not like/ popup boxes saying this app is unsafe of apps like firefox?
It's a monopoly if Microsoft treats OTHER anti-virus programs as viruses and removes them from Windows, like they did with FTP Software, Netmanage, and WRQ's replacement TCP/IP and windows sockets network stacks back in the day. If they don't, and they coexist just fine and allow people to install and use other antivirus applications, then I don't see what the problem is. It's not as if any one antivirus/firewall/ad blocker/cookie blocker/malware remover is ever adequate.
I think this will work in the short term, but eventually they will catch on and just work around it. Just like they do with Norton now. With competition in the marketplace and new versions released at different schedules (building new locks) the virus maker hedges on missing or out of date protection (building new keys). With it built in, not only will everyone exploit the holes (since the lock never changes), but will give users a truly false sense of security (everyone has a master key). Then there is the whole "in order to make it secure he had to build it in to the OS and can't be uninstalled..."
Nah, a virus _does_ something.
Seriously... every computing device I use is either Apple or Linux. M$ can lick my bawls!
The Technologist in me screams: "Spend more time making your OS secure and less time trying to band-aid it with virus protection!"
"All great wisdom is contained in .signature files"
MSE already works better then the Norton & Mcafee bloatware, so their chances are pretty good.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
Even if Microsoft makes there own anti virus solution it will be so poor that an entire new industry will open up based around selling products to fix the new series of holes there going to introduce. How about instead of making anti virus software they just redesign the entire system to be secure. Trying to fix the holes when you can prevent them from the start is backward logic.
microsoft has had a monopoly on computer viruses since they released windows version 1.0, not that i would want that monopoly to be broken up because then avoiding viruses would be much more difficult if there was viruses on all OSs like they are on windows
Politics is Treachery, Religion is Brainwashing
"Dam company to provide leak protection in future dams. Dam contractors angry."
With DOS 6(I believe..) Microsoft bundled antivirus with the OS, they also started bundling things like memory managers, and defragmentation, and disk repair utilities that were previously only available through third parties.
Obviously the real money was to be made on Anti-Virus because the other tools got to stay in because nobody screamed very loud about them. Now they are including an AV.
I don't see a problem in this case including core AV functionality in the OS, putting that sort of thing as close to the kernel as possible will help prevent the real nasties from getting in and hopefully reduce the headache of slow down that seperate AV provides.
Microsoft doesn't need ANOTHER incentive to add security holes to their operating system.
It may have escaped the notice of much of /. but Apple has in fact hidden limited antivirus software in the most recent versions of OS X with quiet definition updates. Since 10.6 I think.
so... MS DOS 6.22 again?
I know that from from Norton off the top of my head, but didn't they learn any lessions?
I guess in internet age, AV signature updates will be easy... not like back then :)
it may however be the end of McAfee and Norton.
Nothing of value was lost.
Let's hope they don't just step up their attempts to bundle themselves with *everything*.
No sig today...
That wouldn't help. You still need an administrator and that account better be able to run non-MS software.
The point of an anti-virus protection is to fix or patch up an insecure system. The reason we have viruses is because there are design flaws that enable them to even be effective. On the other hand, even the most effective AV systems are out of date by design. At best, they can handle the viruses that are already in the wild. Any predictive feature of any AV system still relies on knowing where the virus writers might attack. But if you knew that much, why not just patch your system so it no longer becomes an attack vector.
i could trust microsoft. an all encompassing, overarching built in anti virus into windows, will just increase the routes of intrusion - and convenience too - because it will be present in all windows installations. instead of having to thwart 10-12 major antivirus software that are out on the market separately, exploiters will just need to account for windows antivirus, which is sure to be the main and sole antivirus method for many tech illiterate people. and that means, basically whole public.
Read radical news here
The notion of a "browser market" was then and is now as artificial as a "terminal emulator market". I mean this is the kind of thing that anti-regulation right-wingers point to while screaming "stifling innovation!" (whether right or wrong about it).
The strong-arm tactics MS used against OEMs on the other hand, that was something they deserved to be busted for.
I'm sure there MS will still miss PLENTY of security holes and viruses so AV companies' business models' will still be basically intact.
OSX has bundled AV software... Let's go sue Apple! (Oh wait, you're all fanboys, and MS haters.. never mind).
Snow Leopard's innards:
http://www.macworld.com/article/142457/2009/08/snowleopard_malware.html
A company creates a product, obviously they have a monopoly on this product, they are the ones creating it.
You have no understanding of the meaning of "monopoly". Microsoft doesn't have a monopoly on the product called "Microsoft Windows", they have a (near) monopoly on a product called "Computer Operating Systems".
The very point of a monopoly is that it prevents competition, and creates barriers to entry. So, the question becomes, if the maker of Windows bundles anti-virus software with Windows, does this create a barrier to entry for other would-be anti-virus software producers?
I'm not saying it does or doesn't, or even that I have any problem with Microsoft doing this. I'm just pointing out that your blind devotion to the pure "free market" (as if such a thing could even exist in the real world) is preventing you from actually even understanding the discussion at hand.
Considering the meltdowns that have occurred with other AV companies (Norton being the one I always shake my head at), and MS hasn't had one yet (it probably will, it's just a matter of time, but I have a feeling there will be no signature that manages to prevent the system from booting...).
I'm running it now. Even if it isn't the default in Windows 8, I'll still download it and use it.
Bryan
Here's what I like about MS's AV software: it catches, more or less what other AV software does; it does so without being obtrusive; it's not a resource pig; it doesn't pester me for more $$$ to renew my subscription; it doesn't come up with BS pitches about my PC possibly being infected -- please buy some more software from us.
Norton? Yowza! It's tougher to get rid of than some rootkits, requiring (last time I did it) multiple reboots, multiple programs to uninstall, some hand-deleting, AND a third-party registry cleaner (which still missed a few entries). And the nagging and scare tactics? Pass.
But maybe, just maybe, third party vendors (*cough*Norton*cough*McAfee*) will pick up their game and stop expecting people to shell out $100 / year for bloated crapware.
There is a significant difference here. In the browser battle, the battle was not over what browser the consumer used, but over what tools the web developer used. If the majority of the users you were developing a web page for used IE, than you were better off using the web development tools from MS than those put out by Netscape. Unless the companies that make anti-virus software want to come out and admit that they are selling development tools to malware developers, it is not the same situation at all. Unlike IE where MS made money off of the browser by selling development tools made to work with their variations from the web standard, I am unaware of MS (or any of the anti-virus vendors) making money by selling to malware developers.
The truth is that all men having power ought to be mistrusted. James Madison
No OS is completely secure, and Win8 will be no exception to that rule, even with half-"baked-in" AV software. You'll get low-end AV, and then after a bunch of their competitors go out of business, they will start charging for add-on capabilities, especially for servers. Let see, there will be per-server fees, user-connection fees ... would be my guess. They aren't doing this (add AV into the OS) to be nice - Microsoft doesn't understand the term. It all has a profit motive attached.
The US needs to get a set of BALLS and Liberate Microsoft.
This has gone to far, we need to bring freedom back to the world. Only way to do this is for the US to get a set of BALLS and Liberate companies like Microsoft replacing them with GNU based software.
Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"
If the authorities feel they should "do something" about the MS monopoly then they should force them to spin off MS Office and other business apps as a separate business, look deeply into how their Windows licensing deals with OEMs work, and require open standards for all Government contracts. Without that, arguing over whether they can bundle minor utility "x" is just inconsequential.
Modern operating systems are expected to include a pretty comprehensive suite of utilities, protocol stacks and basic applications. Monopoly or no, its getting a bit silly if OS X, iOS, Android, and the major Linux distros can bundle a web browser (or, more specifically have HTTP and HTML APIs in their OS) but Windows can't.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
You may be technically correct, but most malware for Windows are not viruses. No OS is secure from Trojans, and that's the category most malware falls into.
Well, since the MS operating systems cost so much, I would hope that they'd be a bit more secure. When I'm building a computer, it'll be nice not to have to automatically order some anti-virus for it. Go Microsoft!
Finally...a virus that can detect itself! An anti-virus programmer's dream!
I don't know if antitrust is the way, but this does not make Windows 8 any more secure but makes people think it is more secure If the government has any laws to stop this, they should use them.
As for not increasing security, the fact is that this does nothing to remove the security holes which allow their payload to be delivered. Given a standard approach to virus scanning, virus writers will just write payloads that avoid it.
Which is more secure:
Advice: on VPS providers
Security should not be handled by a third-party program, and equipping Windows with a builtin AV is a step in the right direction. Banning it because of antitrust claims would be ridiculous, but only a minor annoyance, those who want could still get it.
No OS is perfectly secure.
In order to be perfectly secure, you have to know that there is no way to jailbreak your OS.
If there is a possibility of any process gaining root access without prior authorization, or putting the CPU in supervisor mode when it shouldn't have that ability, then your OS can be infected by a virus.
AV programs check incoming data for virus signatures, and search your system for any that may already have gotten through.
Microsoft's problem is that it left the idea of security so late that it didn't design its base libraries to prevent promotion of processes to supervisor level. So it's still an easier target for exploits. And it's 50-100X more popular than the competitors, so it's a much more attractive target for exploits.
If MS wanted to lose its reputation as an easy mark, it would take its most secure known system and demand that every MS user on the planet install that before being allowed to access the internet for anything else.
The problem with Internet Explorer was not the bundling. It was that:
a) Internet Explorer was integrated into things like the shell, rather than separating the browser functionality from the OS functionality.
b) Microsoft prohibited other browsers from being installed as the default.
I'd say the appropriate analogy is bundling Windows Media player.
But how do you prevent code that runs at the users' access level from being able to access all of the data that the user has access to?
One way is by making user accounts a tree instead of just a list. Root has access to all the user accounts under it, and each user can make separate sub-accounts and run a less-trusted application in a sub-account. Another way is by attaching capabilities to applications, as in OLPC Bitfrost, Android, and the Mac App Store sandbox (which I've been told is written by the same guy who wrote Bitfrost).
Craftsmanship is the mark of a master. And given the Petree Dish that is windoze; it's good to see a Journeyman become aware of quality. Pride of ownership should begin to emerge next. One would hope.
A sandboxed application can request access to all files _that the user opens_.
Something that I first saw done in OLPC Bitfrost, on which the Mac App Store sandbox is allegedly based. But can the user also "open" a folder so that, say, a backup program can backup all documents in a folder or a photo management program can thumbnail or upload all photos in a folder?
AV isn`t that useful on single user machines that have a user who knows how to avoid infection. PCs that are running AV are unusably slow in my experience. I don`t run it, and even if you want to speculate that malware is running and I don`t know about it, if so the cure is worse than the disease. Because when AV is running, it does NOT go without notice.
Fix the bloody holes!!
Another red-flag is C++ and the need for productivity tools, or memory monitors to program in it at all.
I think this is an admission from Microsoft that their system can not be fixed, but only a little Dutch Boy included to plug the leaks.
Compared to other free alternatives MS Security Essentials is very nice and doesn't get in the way or throw up adverticements all over the place. I assume it is that which is to be included from the start with Win8 (no I didn't RTFA). Why shouldn't they be allowed to ship a full product if each component could be replaced? As for Antivirus compnaies at large, it is a parasite symbiosis anyway. A necessary evil and companies who I feel even less trust for than MS. After trying to get rid of some of these third party "protection"-programs and having a machine completely crippled I for one welcome this initiative.
In short, you need to make installing software not from repositories so hard that a casual user wouldn't know how to do so
For one thing, the problem would become one of social-engineering the owner of a home PC into adding a malware PPA to the PC's repository list. For another, computer science classes in high school and college would become logistically more difficult.
So how do you keep the same user who downloaded malware in the first place from granting rights to the app? What if you want to use four or five different apps with the same document? iOS has one model where you send a copy of a document to another app, but who wants to do that?
And you have dozens of different permissions that the app asks for (see RIM). How do you keep granny from granting unnecessary rights to the app?
Prosperity via Obscurity....? I don't see it otherwise.
cheapest voice plan is $40
Per month? I pay not much more than that per year for voice on my dumbphone. How does AT&T get away with charging $40 per month when Virgin Mobile USA offers occasional-use voice service at $15 per three months, and then not giving a discount on the plan after the 2-year contract ends?
You have no understanding of the meaning of "monopoly".
- sure I have.
Somebody owns one of the very few Gutenberg bibles. There are maybe 20 of them left at all, that's pretty close to a monopoly, if you own one copy.
It's your book, you bought it, you have a monopoly on it.
Microsoft has a monopoly on Microsoft Windows, for example Microsoft Windows XP is a Microsoft product. Nobody else makes those products.
As a monopolist on that product, the company holds monopsony on the market of Microsoft Windows XP product.
There are substitute products to Microsoft Windows XP, some are also Microsoft products, some are Apple products, some are Free source products, etc.
There is no monopoly on operating systems, it's a large competitive market. Any of the 'smart' phones today runs a different version of an operating system, Windows is just one of the operating systems out there, I haven't touched it in 2 years and my products allow retailers and suppliers to move off Windows to any OS they want not to have to pay OS license fees for example.
The very point of a monopoly is that it prevents competition, and creates barriers to entry.
- well yes, and the natural barrier of entry into the Gutenberg bible monopoly is the fact that there are so few of them, so the cost is very high.
However in a market absent government privileges and regulations the monopolies don't exist, there are only economies of scale that provide a good product. If the product is not good and the price is too high, the market offers a substitute.
As to whether there is 'pure free market', I'd say that there are things that are more regulated than other things, so whatever is less regulated sees more economic activity and more value is being created there, so we want to maximize the freedom in the market, which automatically means minimizing the amount of government involvement.
You can't handle the truth.
Microsoft was heading in this direction with the introduction of Windows Defender. They probably didn't want to go outright with it earlier to keep the AV companies happy. This follows from their earlier approach on hardware device drivers.
How the hell is making your OS behave the way your customers expect anti-competitive?
What if MS made their OS inherently secure, such that it didn't need AV? Would that also make it anti-competitive? That would completely eliminate the AV software companies!
Ridiculous...
in girum imus nocte et consumimur igni
When it's on windows, its called a "Virus", when its on Linux its called "Hacking".
Ever had a server hacked cause someone uploaded something onto it that gave them root access?
But the sooner the anti-malware "ecosystem" disappears the better.
You should not have to purchase third party software to keep an operating system secure or from eating itself (all the snake-oil "registry cleaners" and "application uninstallers"). Such functions should be part of the OS at worst, or better yet, unnecessary.
--
BMO
My main concern is related to see if I can remove the pre-installed AV. Of if it'll be like IE and other MS stuffs that you can only hidden, not a true uninstall. Anyway, I always miss the advanced setup installer for the OS, like in the Win98, when I can select which programs I want install. The Windows for Legacy PCs has this feature, but it's only for MS partners and it's based on XP.
This is one topic Microsoft should leave to everybody else.
With this, virus producers only need to think of one av tool to disable. "Everyone" uses windows, so everyone uses this tool. That's why all the browser malware is written with IE in mind.
Microsoft should know better then this and actually do something about the structural security problems in windows (which are myriad).
Microsoft should concentrate on creating a good OS supplied with the basic tools to get more software on it and to maintain the OS. Right now they provide all kinds of programs and libraries which have absolutely nothing to do with the functioning of the operating system. Some example of this are internet explorer, media player and directx.
Also, you don't need to elevate to create binaries in user-writable directories (i.e. %home%)
Unless a Group Policy is set on %home% to keep users from running programs there.
or to infect binaries that are already there - e.g. Chrome installs itself there, and can be infected that way.
If Authenticode in Windows were to use self-signed software publisher certificates the way Android does, applications for Windows would become harder to infect because an infected executable's hash would no longer match the stored hash. But no; Authenticode requires software publisher certificates to have been signed by a commercial CA, and most Authenticode CAs deal only with businesses, not individuals.
Looks like a great idea to me if they install it by default and turn on auto updates, because it will mean fewer botnets and less spam. It will raise visibility of virus protection so I don't think it will hurt third-party vendors too much. If people want added protection they will buy it, just like they do today.
its called Linux, the first thing I always install with a new laptop
Than virus makers will be rejoicing!
Antivirus was the best thing that ever happened to windows. It was a big tourniquet placed over it's hemeraging security holes.
Microsoft saw a money making opportunity in the rapidly advancing software and couldn't keep there hands off it.
As they destroy they're competition, they'll end up stuck with the antivirus equivalant of IE6.
Also, why is my captcha boners?
Have the whole windows operating system as a guest of an antivirus operating system :)... meant as a joke, slightly insane indeed but at this point may actually be the best way to secure against rootkits, boot viruses and nasty stuff
Never antropomorphize computers, they do not like that
Alright! an F-Prot user! I used to swear by them... until one day I found a machine under my care with one heck of a virus it missed. Unfortunately nothing is perfect, but I've found F-Secure to be better for the viruses I run into. F-prot just seemed to miss all of the ones I ran into for a while, so I needed to switch it up.
Well.. maybe. Or Maybe not. But Definitely not sort of.
But to force MS to allow users to choose a browser to install on start-up is just stupid.
It's called "affirmative action". The ads for Firefox, Chrome, and Opera are intended to give the minorities a bit of a boost closer to the market positions they would have had had Microsoft not forced criminal contracts on PC makers in the Windows 98 era.
Typical hypocritical BS -- if they add it people will call it a monopoly. If they don't add it people will call it insecure. Make up your minds you idiots.
Apple includes a mail app, a calendar app, a web browser, a firewall, and a chat application ... all of those sound like monopolies to me then. They are including something with the OS for free that other people try to charge money for. Smells like a monopoly ...oh but wait... because of Apple's minuscule market share it doesn't count right? The double standard is just pathetic.
...who have no access to the Windows source code libraries or any development documents.
And aren't just Windows XP developers who are moved to a new group.
It shouldn't be necessary, because doesn't Microsoft do more than pay lip service to accepted programming practices?
This is a form of progress. However, one would expect the OS itself to have much stronger defenses against anything from the outside running at kernel level. There should be no way to get a "boot sector virus" onto a machine while running under an operating system.
Interesting. This had me thinking. Many Linux Distros these days: when you create an account it creates a group with the same name. It could follow close to your model with the simple task of allowing the user to create other users with his group account.
What is the difference between this and what Apple does to it's iphone/ipad store?
http://www.usatoday.com/tech/news/story/2011-11-21/bill-gates-novell-microsoft-lawsuit/51329388/1
I really would like to know. MS said hey develop for win 95 but then apparently pulled support apparently for it's own word for windows. Apple says he develop for us only to allow or pull your product when it feels like it.
MS they want to stop, Apple they want to give praise to.
Same thing for the anti-virus stuff.
I just hope it is better than MSE.
So, I'm supposed to trust that Microsoft's antivirus software will work better than their OS? On what grounds? If they can't make an out-of-the-box OS secure, then why should I trust that their antivirus application will work any better?
I'll stick with my current 3rd party provider until Microsoft can prove that they can take security seriously.
"A plan fiendishly clever in its intricacies"- Homer Simpson
You guys are insane. You complain the OS is insecure, they fix it, OMG MONOPOLY. This happens every time Microsoft fixes something. Damned if they do, damned if they don't. I don't even understand the browser thing. You just install Firefox, how the fuck is that monopolized?
Yeah, I did the same thing with Netscape back in the day. For all the good it did.
i dont care, bundle IE and a Anti Virus and you might actully have something worth $20, let alone the $400 price point of most Windows Versions. for that much money I would expect not only a decidated browser, but an Anti Virus, and a working Pop Up Blocker.. Maybe even with voice activated promts.. I mean really now.. my smart phone came with it lol.. but what browser comes on a Mac? I have no idea for real. I bet it is some lame system they came up with.
and virus/malware protection are things that belong.
This combined with the new secure boot seems to be designed to protect against activation hacks. Which might seem fine for some but when combined with the DRM they push makes this step too far. Combine that with their Metro UI and you have a disaster recipe for Microsoft as we must all ask ourselves if Windows is worth the cost.
An application doesn't "need" access to all of the user's data. But how do you prevent code that runs at the users' access level from being able to access all of the data that the user has access to? If the app developer can get users to grant access to their data (not hard to do) how can the OS prevent them without having a locked down environment?
Capabilities and sandboxing:
http://www.cl.cam.ac.uk/research/security/capsicum/
Anti-virus software is as an after-market thing, mopping up the water because MS wouldn't fix the leaks. Now they're offering free mops instead of patching the roof?
(I recall not two years ago my gmail telling me that it had detected a virus in a word document attachment--a virus that had been first discovered in 1996! Over ten years and MS hadn't bothered to plug the hole).
They've been dancing around this for years now with their anti-malware products. I fail to see how supporting a user's ability to use the operating system through secure patching is any different from providing protection against virus and malware attacks.
Being a Micro$oft product, it is not going to work well anyway. Chances are all the virus detection software are rubbing their hands and saying “Goodie, goodie”, because they know they will have to sell a new product that on top of removing viruses will have to deal with the inadequacies of such “Anti-Virus”
Retroactive measures like antivirus aren't a proper substitute for having a system that doesn't encourage bad habits like running as administrator and installing whatever flies along in the first place.
Furries make the internet go.
What if you want to use four or five different apps with the same document?
Add those apps to the document's ACL. This can happen automatically when the document's owner drags the document onto the application's window or chooses the document from the application's file chooser.
How do you keep granny from granting unnecessary rights to the app?
The Bitfrost page that I linked explains how it makes some capabilities mutually exclusive at install time. For example, because "connect to the Internet" (P_NET) and "read entire home directory" (P_DOCUMENT_RO) are mutually exclusive, a photo viewer can't leak all your photos to the Internet. If the user wants to upload an entire folder full of photos to the Internet, the application's package would request "connect to the Internet" and the user would drag folders to be uploaded onto the app's window.
Apple gives out free stuff, why can't MS?
http://www.zdnet.com/blog/bott/new-apple-antivirus-signatures-bypassed-within-hours-by-malware-authors-update/3396
The kind of unmistakeable boom which starts with a frustrated howl followed by the sound of 101 tiny plastic keys hitting the floor.
Join the Slashcott! Feb 10 thru Feb 17!
Teach secures his/her machines, then makes her students members of the VM user's group.
Which is sort of difficult when the machines used by students are made by a manufacturer who bans third-party virtual machines. See also Apple's ban on C64 emulators with BASIC on iOS and Microsoft's insistence that Metro apps come from the Windows Store.
Terrible Idea on so many levels.
Firstly, they need to fix the problem, not the symptoms.
Secondly, as most people will now wrongly assume they don't need to bother with 3rd party virus checkers, virus writers will find their life much easier as they only need to make sure their virus is undetectable to the MS checker.
Thirdly, Microsoft has a terrible track record with fast responses to security issues.Their corporate culture of responding slowly or even sometimes choosing to totally ignore new exploits doesn't bode well for frequent and thorough virus checker updates.
What would be so bad about sandboxing non-repository applications?
Not much, as long as the capabilities given to programs in the sandbox make sense. For example, it shouldn't cost a computer science student who owns a PC $99 per year to be able to compile an application and grant the "display a window with text and buttons" capability needed for Hello World, whether or not the student is affiliated with an accredited university. Nor should uploading a couple dozen photos in this folder to a public web page about the event where the photos were taken require the user to click the name of each individual photo.
The fact is that open market antivirus solutions have utterly failed computer security.
You'll probably still have the freedom to buy one, but to suggest that Symantec, McAfee, Grisoft, and other vendors are anything but slow, resource heavy, prone to failures, or have market penetration is to lie. I still remove rootkits on a regular basis, knowing that the correct answer is to flatten the system, but users don't want to buy solutions and they want their computers to operate well. When free AVs tell them about the full version of their product, people feel less secure about using a half-assed solution, and when those vendors attach conditions like subscriptions... well, it's off-putting.
Frankly, I can't wait to see Symantec and McAfee burn to the ground. Their consumer solutions haven't been consumer-friendly for years. Gamer editions of anti-vvirus software, prominently featuring the Incredible Hulk? WTF, guys?
God speed, Microsoft. It's good that you're patching one of the most glaring security holes in your OS: The end user's need to buy half-baked crap.
Actually, this is an old issue in databases. The file is the data and the different programs are transactions. The file access control in personal computer operating systems is quite weak if a change by one app is not immediately reflected in the other apps. The program sending via email or printing should ensure that the most recent incarnation is used even if those changes are in memory only and done by a different app. The use of tokens, semaphores etc has been debated for as long as computer science has existed. It's probably time for PCs to get current. At the very least, the consumer app could warn the user of the discrepancy.
Security guards are complaining that builders have started putting locks on the doors of new homes rendering the security trade obsolete.
Diddums, poor little things.
The months are just too short. I can count the number of days on one hand.
You cannot prevent user's from doing stupid things with their own files. The best you can do is a versioned filesystem with continuous local and cloud backup. This will prevent loss of data and unwanted changes and it can also track who did what when. It does nothing to protect against identity theft though.
Make better security, make a better hacker, make better security, make a better hacker. Its a vicious circle, that never ends.
People really should read her books. The link goes to the section dealing with antitrust suits.
http://books.google.com/books?id=eWZbq29waP8C&lpg=PT50&ots=NRPAyw4G2c&dq=ayn%20rand%20capitalism%20quotes%20antitrust&pg=PT38#v=onepage&q&f=false
It's not anti-trust, since they created the holes indirectly through poor coding, etc... If Microsoft was a plumber and Windows was the pipe, they are making sure the pipes don't leak. It doesn't mean you can't fire them and have another plumber investigate or watch over your OS. If we take that bad analogy and apply it to Internet Explorer, IE would be the Sink, where it's optional and already installed so why bother looking else ware. They allowed vulnerabilities in their OS, they should secure it. Even if you disagree with my perspective, what's the difference if Microsoft doesn't bundle AV and instead patches the OS daily instead?
www.moonnext.com
When did Micro$oft gain monopoly over browsers ? Last time I checked firefox and chrome were the most used web interfaces :)
...less time trying to band-aid it with virus protection!"
I would tend to agree, except at this point I think consumers have been trained to believe they are not safe without anti-virus. It could very well be that the OS is incredibly more secure than any previous OS, but as a marketing move, they are adding what amounts to a pop up window that says "Your antivirus is up to date and protecting you!". Even if said window actually never updates, scans or really does anything, the average user wouldnt know this difference, and it allows them to put an extra feature on the box and make the average computer user feel better (i.e., convince them to upgrade to Win8, because hey, antivirus is expensive and if its included in the OS now, i'm 'saving' money!).
1) In the windows world, virus protection is necessary. Not having malware protection impacts not only the user, but the internet as a whole. Having it built in reduces that chance of malware distribution so it's a good thing even considering it could lead to a reduction of options in the comsumer market. (Which I highly doubt. Many solutions are free out there, and use the free clients to build up their Enterprise solutions.) I'm just hoping they don't do something stupid, like have it disable if a pirate windows copy is detected.
2) AV companies still can compete (and usually make more money) in the corporate market. MSE is NOT a enterprise malware solution. It can't be monitored or managed remotely. For that you would need to move up to an enterprise solution like Forefront, or Sophos, GFI, Symantec, McAfee, ETC. In the case of Sophos, most of their revenue is enterprise solutions, since that's the sector they focused on. I'm actually surprised they didn't release a free windows client version (they did for Mac) just to build up their virus defs.
In Soviet Russia, Trojan exploits YOU!
All it should take is the ability of the user to drag/drop the photos from their personal folder to the application. The sandbox should take care of the rest. If you want a non-mouse (drag/drop) process, simply have a selection option to "share files/folders with..." where applications would be listed. I can think of about 3 more methods off the top of my head that would make it stupidly easy for the user to "grant" access to the files without having to know about the security, but making them aware that some application has access to those files.
Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
It's been a zillion years, but didn't they do this with DOS 6.22? Same complaints from the AV vendors as I remember it.
Whatever. All that was old is new again.
Don't get me wrong, antivirus built into Windows 8 is a step in the right direction, however, anyone that thinks this is going to seriously protect them from the vast sea of malware is living in wishful thinking. At best most antivirus programs are between 50-70% effective against the legion of bugs crawling around out there and the target is a quick moving one with new beasties custom built to subvert their hosts innermost workings being rolled out almost daily. A built-in antivirus is a great thing, but don't fool yourself into thinking it is either the alpha or the omega of designing a secure operating environment.
Just like good nutrition or adequate sleep are important to avoiding seasonal flu outbreaks. Its just as important to remember that there are dozens of things you can do to remain healthy while those around you fall to illness. And finally, that even taking every precaution, you will almost certain catch a bug sooner or later and that what you do after getting infected it just as or even more important that preventing the disease in the first place.
Good start Microsoft... now make the OS really bug resistant from the bottom up.
As I see it the anti-virus peddlers can go the way of the dodo.
What the whole Internet Explorer deal was inherently a different thing, that was about a Microsoft subverting a whole platform and perverting standards with their time honored EEE tactics. In this case I see no harm in them choking the cash flow of the companies that bought us security suites that slow down disk performance to unacceptable rates and consume most of your available RAM. Not to mention the constant fear-mongering on how at risk you are.
If I am bitter it is because I have seen too many computers reduced to useless paperweights by Norton, F-Secure and McAfee and the local ISP is force-selling Internet Protection at 75€/year/computer to customers who don't fight back enough.
A) a properly-built OS needs only a rudimentary anti-virus/anti-malware system to assist the user in not making stupid decisions and making sure that if those decisions are made anyway, it is relatively difficult for software to do something completely malicious (limited privileges/sandbox), and if it does do something like that, it is relatively easy to notice and clean up (roll back); B) most anti-virus programs I've seen and used are crappy and expensive pieces of subscription bloatware that bog down systems, endlessly nag you about updates, aren't especially reliable, and make you wonder if you'd be better off overall without them (replace with re-install when necessary); C) if it's an anti-virus that is there by default in Windows, then every malware writer will ensure that their program can get around it before "shipping" their code out.
Still, I wanted antivirus. I run filters on my client and my e-mail, and I'm careful with my surfing habits, and people I trust suggested that I use Microsoft Security Essentials. God help me, it works and it works well. It doesn't have every last bell and/or whistle that some of the other outfits do, but hell. Shrieking 'antitrust!' in this situation is just as stupid as it would have been if the idiots behind Nero or Roxio CD Creator sued because Windows 7 has basic CD/DVD authoring capabilities built in. At this point, it's not an add-on, it's an expectation.
Maybe this is a silly question since I don't have a great deal of in-depth knowledge, but it seems to me that if the antivirus software is developed by the same people who make the OS it's protecting, and the people who make the OS are so notorious for missing "chinks in the armor," does it not follow that the bundled-in antivirus software would then, in all likelihood, miss similar--if not the exact same--vulnerabilities? Or am I missing the point altogether and this is really just a marketing strategy, thus implying that they don't care about actual security but instead the sale of more widgets?
This is total B.S. because Microsoft implemented spy-ware to scan all files with XP service pack 3. This announcement is a marketing ploy, so they can publicly remove your files, instead of doing it secretly or getting the governments permission. No longer will the proles be able to choose which software will scan all of their file, and send that information to the police and the copyright-police. Now Microsoft will have to compete against Intel on who can sell the file informations of windows user to law-enforcement the cheapest.
Atleast Microsoft Security Essentials has been a great antivirus in my experience: it's fast, it really does try its best to avoid harassing users, and in all the reviews I've read it does find just as many viruses and malware installations as the other popular choices if not even slightly more. My own experiences are of course subjective, but I find it a lot lighter on resources than its competitors, plus I have yet to see it cause any issues whereas I just had to repair two computers that were rendered inoperable because of F-Secure screwing things up in a major way.
A few years back I wouldn't have believed the words coming out of my mouth but... I do support the decision of including MS's own AV in Windows 8.
Wow, I can see where can this go wrong:
* Microsoft decides to bundle free anti-virus software with Windows 8, causing millions of Windows users to stop purchasing other antivirus software and use what's pre-installed. Because, hey, people are lazy and will use the default option when given a chance.
* Several of the smaller security software companies get out of the business due to declining profits/market share thanks to the built in antivirus software, leaving only a few major players for Enterprise customers and Microsoft.
* The smarter malware authors take advantage of the situation, and write a virus that specifically targets and disables the Microsoft anti-virus, along with several of the other remaining anti-virus products. Bingo, it's like 2001 all over again.
* People feel the need to start having two anti-virus programs on their computer, in order to protect themselves if the primary anti-virus program gets disabled. A new industry is born: AntiVirus software for your AntiVirus software.
Ah yes. Microsoft's anti-virus offerings so far have been... ...less than impressive and their malware detection is a memory hog that detects nothing. (Except sometimes antivirus software.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Microsoft started cooperating with anti-virus vendors on the understanding that they weren't going to provide their own anti-virus product. They then bought an anti-virus software maker and provided that as their own anti-virus product. They then promised that this wasn't in violation of the anti-trust agreement as they weren't going to have it built into their OS. The anti-trust agreement has now expired and, guess what! It's going right into the OS.
Norton and McAfee are disposable these days - they started off brilliant but that was a long time ago. On the other hand, this will also kill things like DrWeb and ESET. That, to me, is much more of a problem. Those two are actually credible products and they won't be usable on Win8 because they won't install if there's any antivirus (including Microsoft's malware detector that doesn't) installed. Once Microsoft has their AV built into the OS itself, DrWeb and ESET will be unusable because you know damn well Microsoft won't have an uninstall feature, just as they don't for their browser.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I don't know if anyone has pointed this out already, but this is totally different from the IE situation.
In this case, they are working towards eliminating vulnerabilities in a product they created. The fact that other companies have made businesses based on fixing those same vulnerabilities is entirely irrelevant.
IE, on the other hand, is a tool to access a resource they did not create and do not own.
There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
OEMs may not like this as they currently get paid $$$ by vendors to include those trial/demo versions of Norton/McAfee/etc (the ones that only come with 3 months or so of definition updates before you have to buy the full version)
If MS is including anti-virus out of the box, how can these OEMs keep earning that revenue?
mod parent +1
I would honestly rather they fix windows so it doesn't need an Antivirus so much than to just include one. Fixing the security holes would help as would removing the auto-run function for all them removable drives and no longer allowing programs to auto-run after install would help immensely as would disallowing non-OS programs from being able to be run as hidden, force them to have an icon on the task bar or something. All of them would remove a great deal of the need for an AV.
Also, if they do put an Antivirus in the OS, most people would quit buying or downloading another antivirus feeling safe with the knowledge they have one already while the virus writers will have a field day knowing that they only need to get around that 1 central target and get free reign on most windows PCs.
It would be good for them to include an AV with the new windows, but only if they fix the wholes and other such stuff I said while also making sure the users know they need to rely on more than JUST their AV.
...is not acceptable for professional use. The inferior people who use Microsoft products will dispute this, of course, but one simply must make allowances for their limited intellects -- this simple posit is as far beyond them as quantum mechanics is beyond my dog. Meanwhile, pimple-faced teenagers living in their parents' basements will continue to write malware that infests these systems whenever they can stop stuffing cheesy poofs into their fat, bloated bodies long enough to bother...and these SAME inferior people will whine about how terribly, terribly awful that their systems have been hacked again. Lather, rinse, repeat.
Microsoft already tried this many moons ago, when Windows were but 3.1 I believe... or maybe when DOS was 6.0...?
If memory serves me they started offering some stripped back version of Central Point AV. Don't recall why they stopped.
Three Squirrels
Look at it as a late attempt by M$ to compensate for the woeful intrinsic insecurity of their family of operating systems. It's their own fault, but because they never bothered to fix the problem, a whole industry evolved to compensate for it. M$ could have included a free anti-virus service over a decade ago, except that it was always going to amount to an admission of a glaring weakness. Perhaps they've had a change of heart, but adding their own virus scanner is still not the same as fixing the problem.
Once it's there, however, it will still be possible to disable it so that a competing product can be used instead. I'm not sure if the usual big players in this market will complain, because if they do someone may argue that it would be okay for M$ to fix the problem, but unfair of them to compensate for it as long as they don't. Oh, the irony!
"Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"
Security of your software should be *THE* #1 concern for any software company.
To call this anti-competitive or anti-trust is simply trolling, shit-mitter.
Bet you work for the AV companies too, you fucking virus writers.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
"Why not make the OS more secure and just call it a more secure OS?"
"This OS has an antivirus"
Normal Person: "Horray! Now I don't need to buy more antivirus!"
Richard Stallman: "This is so not free. We wouldn't be having this problem if everyone read all the source to all their programs. And ran my unfinished OS instead"
M$ "Look! We work so hard to make it secure! This is why you need to pay so much for Windows!"
so many xkcd on /. I know, but this was seriously the first thing I thought of.
http://xkcd.com/670/
It's not. The process is transparent to the user. It's just a regular file-open dialog box.
...be it your government, press or even computer. I don't understand people who think we can achieve a utopian future where there is no malware in our public spaces and yet we are still open and free. It takes the community, working together in constant vigilence, to keep the streets clean and the law respected. Look at the human body, it is an amazing information system and yet it spends upwards of 10% of its resources fighting malware. If manmade system x is not doing the same it is either not as adaptable or the malware it faces is pretty pathetic compared to what nature can design. Walled gardens are the end of free and open systems that are essential to creativity. MS expanding the defenses of their operating system is not anti-trust. And it won't solve the problem of course.
"Hackers and botnet owners would love to have access to the millions of always-on Linux servers" - by Dahamma (304068) on Monday November 21, @02:32PM (#38127520)
Per my subject-line above, & your statement quoted? That's EXACTLY what they went after in these 4 CA's:
Linux's showing in CA's breached recently too? Also very, Very, VERY BAD - this is SSL security oriented:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
Those CA's (for SSL) got breached & RUN LINUX (StartCom, GlobalSign, DigiCert, & Comodo)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
and
http://it.slashdot.org/story/11/10/28/1954201/four-cas-have-been-compromised-since-june
---
* SO, what you're stating? DOES HAPPEN... & for the reasons you note!
(Plus, those are the kinds of targets that can SERIOUSLY mess up anyone doing SSL - hence the "WHY" of why they were targetted (think banking especially, OR, online commerce via a PC, & running linux or not, which for YEARS around here you heard was "so secure", is turning up exactly NOT that!))...
APK
P.S.=> IF Linux = secure, as is often said here on this site, explain this (recent verifiable data on Linux security breaches)
KERNEL.ORG COMPROMISED: (very, Very, VERY BAD - this is the sourcecode repository for Linux!)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
* Additionally, there's also ANDROID'S (yes, it's a Linux, & uses a Linux kernel) "fine security track-record" (lol, NOT) also...
Again - All those years of hearing the typical FUD of "Linux = SECURE, & Windows != Secure" around here on /., only to see recent history (VERY recently in those above no less) show QUITE OTHERWISE It's WIDELY TARGETTED, because IT IS HUGELY USED IN THE MOBILE SMARTPHONE WORLD, per this article today here on /. no less:
http://www.ibtimes.com/articles/253340/20111121/android-malware-mcafee-mobile-nokia-symbian.htm
ANDROID's "taking the smartphone world by storm" & becoming the "Windows of smartphone world" as far as being attacked pretty much!
PERTINENT QUOTE/EXCERPT: (From the "recent section here on /. for the article itself)
"With 550,000 Android devices activated each day, Google's mobile operating system "is clearly today's target" for cybercriminals."
It's JUST "common-sense", bigger target = more prevalent target to try hack/crack... & many on this pages' discussions point out the SAME reasoning too - more used, better target...
Especially malware ones, & it's VERY EASY TO DO (using processexplorer.exe in fact):
---
A.) You open ProcessExplorer, making sure its DLL view pane is open (this way, you can even spot "hidden" libraries marshalled/called on by running apps, ala "DLL injection").
B.) Highlite each running app, scan its lib/dll running list of them being called on...
C.) Once you spot a running .exe of ANY kind running a lib that is the "odd man out" (this includes services, a fav. place for hiding running malware), & some "odd" library that doesn't have a valid oem signature (or not) - you have your "culprit"...
This is what a LOT of today's "blended-threat tech" botnet/rootkits are doing (STUXNET & others I noted below in my ps are 2 prime examples thereof). On the lib/dll - IF you're unsure about it, or it has no documentation (STUXNET does in all of its variants in this file from SYMANTEC -> w32_duqu_the_precursor_to_the_next_stuxnet.pdf ) Otherwise, look it up on GOOGLE!
So, if it comes up flagged as a KNOWN malware lib (or just not @ all)?
D.) HALT/SUSPEND the calling parent process via ProcessExplorer's options to do so (this seizes the lock), & freeze/halt/suspend the bogus lib too... once that's done? YOU CAN DELETE IT ON DISK!
---
* Yes, guys - It's THAT easy with malware running in RPL3/Ring 3/Usermode that is "locked" - more on rootkits below, & easy KILLS of those too, especially today's malicious rootkits that use drivers (.sys files) &/or bogus bootsectors too in combination...
APK
P.S.=> Now, IF this usermode malware's being summoned by ROOTKITS run out of kernelmode/RPL 0/Ring 0? Windows users already have tools for that, unbeknownst to most of them - that's Windows RECOVERY CONSOLE (especially vs. today's rootkit-botnets that use "blended-threat-tech", e.g. a bogus bootsector + protective drivers):
---
1.) Boot up from the Read-Only environs of a Windows installation CD (very important, because it's read-only inviolate)
2.) Do the listsvc command (shows services AND DRIVERS (which malware today's using like mad, ala the allegedly "indestructible rootkit" from a few months ago that used a bogus bootsector + hello_tt.sys, or STUXNET (which symantec keeps an updated file regarding the libs + .sys file drivers it utilizes to spot them))
3.) Once the malicious drivers are spotted? "NUKE 'EM", using the DISABLE command in Recovery Console
4.) Reboot (provided those drivers do NOT protect one another in the registry init. area? They're history... none of them do that SO FAR @ least, afaik, in those 2 prime examples of rootkits that use this mixed threat tech of drivers + bogus bootsectors!)
5.) Now, refresh/clean the bootsector using RECOVERY CONSOLE's FixMBR command... & the bad bootsector's history too, + its protective drivers are already gone!
---
* DONE... & in about 3-5 minutes time in this process! "Here endeth the lesson"
... apk
"Actually, there isn't a single reason why programs shouldn't be sandboxed like that as a default, and only getting additional rights when specifically requested and granted by the OS. Combine that with transparent redirects and most programs should run okay. Sandboxie (http://www.sandboxie.com/index.php) already does it so how hard would it be for the Windows engineer to incorporate something like that into the OS?" - by St.Creed (853824) on Monday November 21, @03:43PM (#38128394)
"Ask & ye SHALL receive" (to an extent) in APPLICATION LEVEL VIRTUALIZATION (UAC Virtualization) via taskmgr.exe in Windows 7/Windows Server 2008!
In the processes list, you need to use the VIEW menu, SELECT COLUMNS submenu & make "UAC Virtualization" visible...
Then, you can make ANY RUNNING PROCESS only affect the CURRENT USERS' SECTIONS of the registry (i.e.-> HKEY_CURRENT-USER vs. HKEY_LOCAL_MACHINE registry hives)... this stops malware from infesting every user profile @ the entire SYSTEM's levels, & isolates it to the current user's running profile.
Fact is, I do this for my webbrowsers (yes, even the ones that have this to an extent in Chromium) and even though I don't let Javascript run in my browsers!
Chromium's stepped up not only to sandboxing, & iirc, so has FireFox (I use WaterFox + NoScript & AdBlock Plus... good stuff, very fast due to the compiler specific switches for x64 Windows apps it uses I have found)...
However, Chromium's also featuring by site preferences like Opera has (to limit what your browsers can do, BY SITE)
Anyhow/anyways: On UAC Virtualization? Hey - It helps for registry level stuff, & the type of tech you're asking for...
(It is a step towards Sandboxie's "chroot-jail" like protection (though it's a LOT more stringent, including drive folder virtualization via its ring 0/rpl 0/kernelmode driver for that)).
APK
P.S.=> MS is slowly "getting there" on things like you're asking for, but it's still "shy" of sandboxie like protection (unless you run HyperV type TRUE application virtual machines)...
... apk
Nah, that's not what will happen.
This is what will happen...
Microsoft will build Antivirus/executable signing at operating system load (where as all these AVS programs only start working after the OS is loaded but before the user apps do.) If an executable fails to be signed, it then scans for malware infection and disables it. If it passes antivirus, it just delays loading it until after the rest of the OS has loaded if the user has whitelisted it. If the user has not whitelisted it, it remains disabled.
The core OS AVS will simply do this for everything, check for signed, scan for malware, prompt for whitelisting. Remember how annoying Vista was? Maybe not to that level. The third party AVS will do the on-the-fly scanning since traditionally that's all AVS software has ever been useful at, preventing the download of the malware in the first place. Microsoft, while the OS is booting clearly can't prevent zero-day infections unless the OS itself grabs the latest definitions before the OS boots. That's what the third party AVS can't do.
If you've ever used software like Diskkeeper (a third party antivirus product) you know that there is only so low level you can go in the OS before the actual process of intercepting the OS is more dangerous. For example, if your AVS product ... oh fucks up and detects a core OS component as infected, your system is toast. It's presumed that Microsoft won't make this mistake since it knows it's own OS components.
dammit, I meant diskkeeper (a third party defragmentation, not a antivirus product)
"Windows has made great strides in security over the past 10 years, but that doesn't make it a secure OS." - by Enderandrew (866215) on Monday November 21, @02:19PM (#38127292) Homepage
That's when YOU THE USER have to "make it so" (ala Jean Luc Picard)... soooo, how to do THAT? Easy, with 1-2 hours of your time, ala:
http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Search
OR
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
---
I've been writing guides for that since 1997 in fact, & yes, they CAN & DO actually work (e.g.-> I haven't been "hit" by a malware since 1996, & because of what's in the guide - in fact, I WROTE IT because of that (really PISSED ME OFF is why, & when that happens, with anything? If I have the means, I do something about it))...
Also, neither have my friends, family, or paying customers that apply + follow its principles.
To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!
I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.
That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))
---
Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" -
here's hoping the mess that is to become windows 8 gets delayed by lawsuits from every direction.....
2007, 2009, (what is expected to be 2012) is just too frequent -- nothing but a cash grab for microsoft (and with the new "apps" and appstore, windows 8 is even more of one).
OS releases should be slow and steady.. an OS should not obsolete itself before the hardware it runs on... windows xp hangs around after all these years in part due to ease of piracy, but also because it is a mature version that works.
an industry built on the failure of MS to secure their own product, now complains when MS secures their own product. wtf? they made money out of MS mistakes and people's misfortune, now that the golden goose is keeping the eggs, they complain? tough!!
There was an unknown error in the submission.
What monopoly?
That's a very unique and interesting take on the issue. Thanks.
Microsoft integrates the virus protection. It hires out all the employees in the AV companies that have actually been finding the viruses (and not bogging the system down). Hire more people to make the operating system more secure so that the AV doesn't have to be so omnipotent. Problem solved.
CA's that run Linux, & all of the info. here is INCREDIBLY recent -> http://tech.slashdot.org/comments.pl?sid=2537254&cid=38132178
* Past few months now in fact, June to present day information that yes Penguins, shows LINUX is indeed, NOT "invulnerable" (despite all the YEARS-to-DECADE here of hearing "Windows != Secure, Linux = Secure" type FUD!) !
Plus - heck with SECUNIA stats only, I am showing REAL WORLD CURRENT RESULTS ABOVE, not just theoreticals!
(Because beyond the std. mainstream 2.6 kernel, the further builds have patches for those remote bugs, iirc, Redhat builds use those "proofed to remote hack" bugs)
Then again, by way of comparison?
Heck - So does Windows!
That is, IF YOU KNOW WHAT YOU'RE DOING ON ITS 2 REMOTELY EXPLOITABLE BUGS left in Server 2008 (which does have 4x less bugs than Linux mainstream kernel alone, which gets worse with the stuff thrown ontop of it).
(colorui.dll bug, & %PATH% variable expansion weaknesses & without a patch too (and end user can unregister colorui.dll or run headless mode in Server 2008, & the variable path is editable, easily, by the end user to check OR "FIX" IT, if needed!)).
Anyhow/anyways:
That's the part that "ticks me off" - because it MISLEADS folks into thinking Linux is (what do you call it, Hairyfeet? Oh, yea) a "magical woobie", lol!
Nothing is, not by default... not even a SeLinux by default, it too can be further "security hardened" & so can Windows, especially via "layered-security"/"defense-in-depth" methods... yes, ones like HOSTS count too, lol!.
APK
P.S.=> I'm with you that "everyone gets 'pwned'", yes Penguins, even Linux (especially ANDROID lately, as it's fast becoming the "Windows of the smartphone world" not only in marketshare/mindshare/usage, but also "pwn-age" too) -
The effectiveness (as limited as it might be) of AV stems from the fact that there are lots of different products out there...
If there is only a single monopoly product, then malware authors have a much easier time of it since they now only need to evade and/or disable one product.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Finally we have an admission (though in a back asswards way) from MS that their OS has security problems in the first place, without them having to come right out and say it in those words...
WARNING: Smartphones have side effects--most of them undocumented.
At program installation time, the program is given a list of areas of the computer and other behaviors that it is allowed to access. It can't do more than that even if installed and run by a 100% privileged account.
This is otherwise known as "mandatory access control".
Why do you insist on calling them MSFT? That's what their Nasdaq symbols is. The company's called Microsoft.
I was internetting in 1995, and even before and after. This covered a period from about 1994 to 2003, where I was a script kiddy with several friends. Linux has never per se had a virus problem, however it has had trojan, rootkit, and exploit problems, since its inception. Over this period, we didn't really care about windows boxes, because they were low value targets. They were mainly home machines, and we wanted servers. Additionally, they were harder to root and control, since most home internet connections were dodgy.
So, just saying, Linux IS a particularly interesting attack target, even in 1995, and no it's not impervious. There's just as many exploits regularly discovered for it, as there are others. Also, Linux often has a much much steeper learning curve with regards to securing the machine.
Just as everything evolves, so does a modern OS, and in a modern OS we as a consumer expect stuff like Browsers, mediaplayers, Anti-virus/malware protection, firewall, notepad, emailclient etc.. Ofcourse it should also be possible to have a substitude for those, BUT it should at least come with one default installed. If Apple is allowed to do it with their MacOS/iOS, so must microsoft be able to do it..
There's always room for 3rd party substitudes..
As a consumer I don't care if MS has a monopoly, if it works it works and I'm happy (and don't come crying that it doesn't, as the tools MS is suplying with Windows 7 are very solid, also the anti-virus/malware. And don't come yelling about IE as we all know all the other browsers have just as many (and sometimes even more) flaws as IE), and if you're not happy, then go buy/download YOUR favorite browser/mediaplayer/anti-virusmalware/firewall/emailclient/etc, that the nice thing about Windows, you can do that too.. And if you're not happy with Windows, then stop crying and go use Linux/MacOSX or whatever suits your needs..
Somehow accidentally posted this in the wrong thread. Go me. Anyways...
The reason this pisses me off isn't because I have a security system set up, but because I contacted them three years ago about incorporating actual security into their operating system using a format that is only limited by internet, and to an extent, by hardware latency. What I was told was, "We only accept ideas from Fortune 500 companies". Fuck that. Seriously. I'm willing to bet money that they use the same (or extremely similar) format I have.
I'm not talking a few hundred megabytes of malware definitions, I'm talking around 20GB+ worth of raw information, not including a heuristics database that has a detection rate of 99.986%. Entire scantimes (ignoring the average 30 second wait time for file mapping) is about 15 minutes via dialup. Mark me as a troll all you'd like, my proof is in the goddamn pudding: http://www.tot-ltd.org/ [tot-ltd.org]
Aw geez APK, while I appreciate you trying to point out FOSSie bullshit when you see it, you DO know that crazy guy is gonna follow me around for a month accusing me of being you again, right? hell last month he followed me around for damned near a month posting as AC "die you fat fucker die" over and over again, and when you show up even on the same page as me much less the same thread he REALLY goes off his meds. I mean hell the guy is using half of one of my sentences as his fricking sig, if THAT ain't batshit I don't know what is.
Besides I honestly think the FOSSies won't be worth bothering with much longer. The number of FOSS programmers is tanking, Linux server has dropped 15% in less than 2 years, all the DE breakage has got old time Linux admins I talk to so damned fed up they are switching to Macs, and finally I'm betting Google locks down Android with code signing so that they can secure their appstore and play protected H.264 which they can't do with an open kernel.
So let the crazy FOSSies cook up their "M$ Ninja!" conspiracy stories and leave them to rot. After BSD crapped itself on the last batch of refurbs I personally washed my hands of the whole mess and don't even bother posting on Linux articles anymore, I'm already hunting down somebody who can sell me Win 7 Starter and just calling it a day. FOSS was a nice idea but then like politics the batshit loons took over and made it more about poo flinging and squeeing fangirl crap than about OSes.
Hell they aren't even sane enough to poke fun of anymore, like old Twitter who could cook up great fantasies where Linux conquered the world. Instead you get like what I got last week, where I said IE was a bad joke I don't allow on my systems and was accused of "Sekrectly being an M$ Ninja!" for INSULTING the product! I guess if you don't say windows kills babies or something you must be "one of them". THAT level of batshit ain't even fun to laugh at, its just rather sad and more than a little scary. Peace bro.
ACs don't waste your time replying, your posts are never seen by me.
Secure code is like giving your city reinforced utilities and construction.
Proper application permissions, not necessarily attached to user permissions, are like giving it a full set of reinforced city walls.
Repository-only installation is like not having any gates for travel or commerce. Sure you can still produce a lot locally (curated software), communicate with carrier pigeons* (data network access), and receive goods and skilled labor via airlift (jailbreaking) but the city suffers for its isolation.
Antivirus (and antispyware, and similar software) are like assembling and arming a city's militia. Not allowing a company to add its own antivirus to its OS is like forcing a city to hire a PMC for self-defense.
*Bracing for obligatory IP via Carrier Pigeon post in 3... 2...
No more going off to fetch an anti-virus after a windows install. There's nothing anti-competitive about making your product better.
While I see the point of this thread, unfortunately I also see the ability and need for suites of programs to create, open and write to related files, e.g. Office Automation. I have written quite a few apps that take advantage of this capability, for example, an Access app that opens numerous Excel spreadsheets and then writes selected portions of the data to a SQL Server database. I suppose that I could sandbox the app I wrote so that it can see only certain directories (much of that is done in the code, anyway), but there are moments in the app where the file to open is unknown until run-time, and pops up the built-in get-folder-file dialog. Maybe there is a way to narrow the selection of folders that are visible, but if so, I don't know how. Arthur
What about how people weren't going to buy Windows 8 The same way they stuck with Older versions of Ubuntu... Fanboys and people who know not how bitchy Windows 8 is going to be, will I imagine build up the whole of the demographic sales. If I for any reason NEED to install Windows 8, I'm installing the best antivirus out there. Malwarebytes! :)
Then you register that your application opens any arbitrary files. The point is, the user knows when they choose to buy and/or install the application that it has asked for permission to do that. If that makes sense to the user, they'll buy it. If it doesn't, they won't.
Coffee = GOOD! Yea... that cracked me up when the ac psycho-stalker accused me of being YOU the past few days now & vice-a-versa (perhaps that's a compliment? Who knows! LOL, "inquring minds want to know"...).
Anyhow/anyways: For me, it HAS been getting rather "spooky" because he's following me into nearly ALL of my posts here for a month or so now - I have a PRETTY GOOD idea who it is & what his registered luser name is, but I don't point fingers until I get SOLID evidence of it (& I was damned near "untrackable" around here until /. put in that "search the page" pane, & since I always sign my posts as "APK", well, not as 'trackable for trolling' am I anymore (not as bad as users via their posts history but... there you go anyhow)).
Hey - IF you still have it, I don't? Do you have a bookmark to the link where he did so?? I got sick of the illogical offtopic adhominem attacks directed MY way (yours too) & I closed the page for good...
However, thinking back on it now, & based on what you've stated? Hey... never hurts to keep record of that kind of thing, so... IF you have a link to that? Put it up please, & thanks... I could use it, hopefully, I never have to though! I can't believe they're accusing you & I of being one another (when initially, you & I didn't "hit it off" well @ all, unfortunately - too bad, you've turned up to be a decent guy imo!)
Plus, Yes, you're right - "the tide is turning", look @ the trend in articles around here now... you ARE seeing things that are "anti-Linux" and sentiments amongst users (sane ones that is, lol) that now admit Linux is no more secure than any other OS out there... I never thought that'd see "the light of day" around THIS website, but lo & behold, it's come to pass!
Plus, the "hacker/cracker" types? Nowadays, unfortunately perhaps??
They're top-marks/1st class level coders out there nowadays, look @ what's being said about STUXNET & it's code design being called "elegant" & what-not!
(This figures though, what with jobs being offshored so much in coding, they're turning to other sources of income & being paid off like most illegal things like drugs are, with the profits possible in exploiting OS due to money being exchanged on smartphones & PC's, the money's there to PAY that kind of coder to do bogus + illegal enterprises... top notch coders too, pretty sad for the MOST part, but... Still, no matter what? Those guys, like all hacker/cracker types, are only shooting themselves in the foot in the end, & for ALL OS - they point out the holes, the OS makers patch them!)
Thus, that cannot keep up forever, & I'm fairly sure they KNOW IT... they're "making hay while the sun shines" is all... but, again, doing us ALL A FAVOR in a strange way, by doing so. Only a matter of time before all the holes are discovered, & sealed.
All our wares & OS, yes even IE, really ARE GETTING BETTER & MORE SOLID (+ feature laden & capable) ALL THE TIME, which is the GOOD PART of all of this, imo @ least!
APK
P.S.=> I dunno... I don't "hate Linux" & even ran it for the MOST part day in & day out in 2010 in KUbuntu 10.x series, which wasn't 1/2 bad - it'll get the job done, but again, what "ticks me off" IS what Ed Bott of ZDNet recently spoke of - they use "FUD" tactics, & of course, the "M$ Ninja" crap you're speaking of here now, to mislead others into thinking "Linux IS THE MAGICAL 'WOOBIE'" you speak of often... when in fact, NOTHING is that: You have to do some work to try to make your OS "weapon-of-choice" solid via a lot of efforts in "layered-security"/"defense-in-depth" work + conscientious patching & setup of your stuff, PROPERLY, if not in code but in configurations & rights management etc./et al...
... apk
You have to look at the intention of the monopoly and the competition they face. When the bundling of IE happened, there was no desktop OS competition. All they had was the competition of moving the desktop into the browser, and MS wanted to be sure that they controlled that migration and limited it to their browser. Their competition was Netscape and their intention was to eliminate this competition by bundling and keeping their product "free."
When you look at the AV space, MS doesn't face competition from the AV vendors, they are helping their product work safer. Their competition is from Apple in the consumer space, Linux in the server space, and Google in the mobile and cloud space. Adding AV to their OS is an attempt to compete in the market, not to eliminate their competition of AV vendors.
That said, it will be interesting to see if and how 3rd party AV vendors will be allowed to replace the built-in AV.
Here's the ac "psycho stalker troll" on me again, like "white-on-rice" today http://tech.slashdot.org/comments.pl?sid=2537254&cid=38134196 in another portion of this article's replies today, & right after I posted my reply to you over coffee here http://slashdot.org/comments.pl?sid=2537254&cid=38134306
(Ah, will wonders NEVER cease... lol!)
* Man - if he wasn't such a nut, I'd be amazed @ his sociopath like tenacity... lol!
APK
P.S.=> Unbelievable - &, mainly for THIS reason after my post he replied to there in trolling me as usual!
I say that, because he's giving me guff for telling users how to dispatch of malware in both either kernelmode/ring 0/rpl 0 rootkit/bootkit processes in Windows, OR in usermode/ring 3/rpl 3 level code via ProcessExplorer.exe usage - & that, no matter what ANYONE SAYS, is a "good thing"... unbelievable!
There, I'm doing folks a favor there in stating how that's done with tools that are FREE or that they already own as Windows users!
Heh, doing favors around here is like asking to get shot @, lol... especially w/ the Penguins!
They're only undermining their OWN credibility doing that, & even more than their years of "Windows != secure, Linux = secure" FUD spread around here for more than a decade, which as my posts data shows? It is ANYTHING BUT the "magical woobie" you often speak of & are correct on by default in most ANY OS THERE IS (or ware, period)...
... apk
"Read 'em & weep" -> http://slashdot.org/comments.pl?sid=2537254&cid=38130156
* You're REALLY "losing it" man... seriously, & others ARE noting it in the link above!
(Especially when all I am doing is showing folks methods of "nuking" malware that "locks files" & correcting technical inaccuracies stated by the user I replied to with FREE TOOLS & ones that Windows users already possess (RC) or can get instantly from MS (ProcessExplorer)).
APK
P.S.=> Thanks for doing me a favor I suppose, in exposing how much of a LOON you're proving yourself to be in stalking/trolling me via your ac illogical off topic adhominem replies - especially when I am DOING OTHERS A FAVOR HERE in extolling those methods for destroying even locked/called on files (malware ones) no less...
... apk
Microsoft needs to create an antivirus with hotswapable antivirus engines, then if mcafee or norton want in then they just have to build an antivirus engine go into the operating system but they will have to abide by microsoft's guidelines.
for these AV vendors. Here's a tissue, you lazy layabouts. Microsoft is fixing something which they never should have allowed to get this far out of hand anyway. The AV people should transition to providing other security measures, build better heuristics, basically doing whatever it takes to stay in business just like every other business before them. Innovate! Transform! Stop lazily milking an idea!
Some of us have friends/life and need more than 300 minutes per year.
That's why every adult in the household chips in to pay for an unmetered land line. Perhaps going mobile-only is more attractive in Europe, where land lines are metered, than in the United States, where they have long been unmetered for local calls. In fact, VoIP providers such as Vonage and MagicJack offer nationwide unmetered long distance calls by now.
AT&T "gets away" with charging more because it's not an occasional-use voice service.
I'm looking for a smartphone designed for use with occasional-use voice service. Can you recommend one? Or are people supposed to buy a separate PDA and dumbphone for this use case?
All it should take is the ability of the user to drag/drop the photos from their personal folder to the application.
Should. Ideally, dragging a file to an application's window would add the application to the file's ACL, and dragging a folder would add the app to all files in that folder. But I haven't seen confirmation as to whether existing sandboxes, such as the Mac App Store sandbox, are designed to let the user drag a folder full of photos as opposed to just one individual photo.
At program installation time, the program is given a list of areas of the computer and other behaviors that it is allowed to access.
Please allow me to rephrase Karlt1's question in terms of your post: How do you keep granny from granting access to unnecessary areas and behaviors on this list when installing the program?
the system builders like me will put a decent free AV like Avast or Comodo
Right now I'm putting MSE on systems that I maintain for friends and family. What makes Avast better than the current MSE?
you had to fuck up and do the whole "M$" thing.
In early versions of the BASIC programming language, all string variable names ended with $. I see it as BASIC's counterpart to the shell- or Perl-style $PHB mentioned in the Jargon File, except alluding to Microsoft's beginnings as a developer of BASIC interpreters.
It's a shame that MS is not allowed to do with it's own developed software what it wants and not allowed to tell people how to use it, like the other companies out there.
Apple has strict guidelines for everything, even the power to stop an industry from it's devices (lets say it together - Flash) and no one bats an eye, except to say "Thanks Apple while kissing Apple's feet". And not to mention how they pull products from the "apple store" only way to get the software on the device. I'm not talking about jail breaking either. Apple just seems to say "it's not good enough" or we don't allow duplicates to what we do (which is anti-competitive), or the one where they said they don't allow multi-featured software in there store (nothing that acts like a desktop)
Google gives a partly free experience but punishes (or holds back) groups by not releasing any new updates to device manufactures for weeks if not months after they are set to sale it themselves giving themselves the advantage over everyone else (anti-competitive by making others wait). Since it will take the manufactures time to make the code work specifically with their devices. And the Android market is only allowed on certain devices that follow certain rules and also pay Google for the privilege, from what I understand. And we all know that the entire Android ecosystem gives the best experience that being the OS and the Market. If not get a device that doesn't have the market on it, you will see what I mean. Thank you Amazon for being a content provider and not care where your stuff can be seen.
Any time MS tries to do something they get flack. Why? They wanted to have certified software, remember that? People complained why should MS tell us what to do? MS wanted specific hardware and people complained, remember that? Again people complained. They design the OS and HAVE to allow everyone do what they want. Do you remember way back when they wanted to put a spell check in word pad (yes word pad) but had to remove it because other word processing companies threatened to sue? (I wish I had a link for that but that was back in win 95 days) Also the commotion caused what last year when they did the security essentials, and the built in firewall flack in the industry for that. Microsoft had there own antivirus software way back in DOS days, remember that? And you guessed it people complained.
People bitch because Microsoft doesn't do everything for them, and people bitch that they do to much. People bitch because they were first and wanted to hold on to the fact they were first and wanted to stay first.
Just look at the tablet industry. Everyone looks to the toys devices that Apple and Android produce (widgets not full featured software) and what ever is Microsoft OSed will be looked at with contempt since people will want not a toy but a full featured OS that runs everything and more. And thanks to Apples brain washing the cost will be high when they come out. I have to thank Apple for High Prices, but I also thank Apple for making people want portable devices.
I still liked the iPhone where there was not cut and paste feature not even to mention the multi-tasking. The way I remember it was that no one needs to multi-task and since that is the case you don't need cut and paste. Google added cut and paste and multi-tasking so Apple then added it and spouted to everyone "it is good". Microsoft comes out with the Win phone software and had no cut and paste and as usual everyone bitched and moaned that it doesn't do cut and paste. Where were those people that ooohed and ahhed Apple for not having it? It took 4 generations of iPhone before they had it.
If Microsoft really wanted to actually help users it would build the anti-virus anti-spyware stuff into a pluggable architecture for the OS that would default to the Microsoft version but allow you to swap it out for Norton, Avast, McAfee or whatever else you wanted. So that it provided a tightly integrated default level of security that any other anti-virus vendor would be able to make use of. Just require a special sort of signature or authorization to install new AV software. That way it should be a win-win for everyone. More choice and a more secure OS by default.
Will that be what happens? Most likely not! I mean look at what it took Microsoft to just consider unbundling IE, if it really needs a web browser shell it should be able to allow the shell to be swapped out for other browsers. Would it be more work? Yes, but that's where you can obviously tell there's a bit of monopolization at play. Rather than do the work to let their products stand for themselves they'll just lock you into theirs because it'd be "TOO HARD!" to make choice available.
Ah yes. Microsoft's anti-virus offerings so far have been... ...less than impressive and their malware detection is a memory hog that detects nothing. (Except sometimes antivirus software.)
That's funny, because every test I've seen online shows it finding the same number, or more viruses as the independent software. So far It's been using far fewer resources than Comodo on my machine. Comodo routinely uses 3-7% CPU at idle, while MSSE is almost always hovering around 1%.
So pretty much the exact opposite of what you said.
I think MS's first attempt - Windows Defender - does not work well at all as I usually have this disabled. While I do not like paying money every year for Anti-Virus software, I think i'd rather have a 3rd party program handle this task. When malware/spyware attacks arrive, I usually have to get malwarebytes or combofix anyways.
Well, you could have generally prohibited areas. For example, except for a conceptual new installation region, the program could be prohibited from reading or writing anything in Windows and/or Program Files.
Your rephrased question amounts to a policy question. A lot of noggin' time needs to be spent on that. But various sandboxing and/or MAC techniques could certainly be put to good use. For example, the web browser process, even when run as Administrator, has no business modifying certain files on your computer. Same with your mail client (if you have one). This would naturally apply to any process spawned by any of the mentioned parent processes.
Imagine that all the web browser could do was set a cookie, record a favorite, or write files into downloads. And that restriction applied to all derivative processes. Elevations wouldn't be allowed. Such a web browser would be mostly harmless to the local computer, even under the worst of circumstances.
While one might dream up exceptions to this, what I am saying is that Microsoft needs to dream up an approach for which actually works using mentioned approaches, in a practical way.
I certainly do not think they have exhausted all options here, by any stretch.
For example, except for a conceptual new installation region, the program could be prohibited from reading or writing anything in Windows and/or Program Files.
And if you don't implement the capability to make a new installation region, or you charge the end user a recurring fee for this capability, you'll get the DIY crowd complaining about the "App Store monopoly". There are a bunch of people who won't buy an iDevice for exactly this reason.
Your rephrased question amounts to a policy question
Ideally, as with OLPC Bitfrost, the sandbox's architect would model the threats to the system and to the user's data and set up policies that address the threat model. But in practice, several device manufacturers have tended to answer these policy questions in a way that promotes lock-in.
Imagine that all the web browser could do was set a cookie, record a favorite, or write files into downloads.
How much space should a web browser be allowed to use to store cookies? (HTML5 Web Storage recommends several megabytes per site.) Should a web browser have access to the OpenGL stack? (WebGL requires it.) Should it have access to the computer's microphone and to its camera, if present? (Voice and video chat features on web sites require them.)
How much space should a web browser be allowed to use to store cookies?
This is a good question, and I appreciate that unrestricted space consumption is its own form of denial of service, but while thinking about better security it's not always a good idea to shackle oneself with best. It is certainly better to be sure that the web browser cannot overwrite kernel.dll, yes?
As for you question about microphone and camera, I think that this would be a very good case for UAC. This website wants to active your computer camera, will you let it? You could kind of treat it like popup denial. Sophisticated users might turn that off entirely, and look for an obscure browswer warning in the GUI when the website's not quite right (ala denied popups).
BTW, if you're interested in this sort of security, you can implement it pretty well now:
1. Install your favorite type-II hypervisor (e.g., VMware workstation).
2. Install, configure, patch the OS and your favorite browser.
3. Configure the OS to allow access to the parent computer on a limited bases, into two sections only: a folder in which the child VM stores things like favorites, and a second section where you can download stuff.
4. Configure a checkpoint.
5. Configure the VM to always rollback to checkpoint when rebooted.
Voila. You have a box that unp0wns itself on reboot.
Use it for all your internet browsing.
If you want to really play the security game, clone this box. Conduct any online financials exclusively on this VM, and on this VM only.
C//
This is a good question, and I appreciate that unrestricted space consumption is its own form of denial of service, but while thinking about better security it's not always a good idea to shackle oneself with best. It is certainly better to be sure that the web browser cannot overwrite kernel.dll, yes?
True. But I've still seen cases where a device manufacturer uses such quotas as a lock-in method. I seem to remember that on iOS, web applications viewed in a web browser are limited to 5 MB of application cache and 5 MB of local storage, which the user cannot override, but applications downloaded from the curated application repository can use more space.
Well, if all browsers did this, you could just install a different one. Whatever else is true, no browser should write to windows or programs (except to install/update itself, a special case which admittedly gives you a quick headache), but what I'm saying is that the protection methods exist, and are being underexploited. MAC is one way; VM isolation is another; "jailing" all ftp roots is another. More here, please.
As far as the confined locked in appstore, don't worry, Apple will encounter an antitrust demon... eventually.
You might get what you are asking for.
MS came out swinging. From what little I understand there are major issues with PC makers as well. Its a mixed bag to be honest. MS is actually responding to users (for a change) but at a cost.
My advice go LINUX or Mac. ANYTHING but MS.