MS To Build Antivirus Into Win8: Boon Or Monopoly?

jfruhlinger writes "Microsoft has quietly announced that it's planning on baking anti-virus protection right into the Windows 8 OS. Users have been criticizing Windows' insecurity for years — but of course this move is raising howls of protest from anti-virus vendors, who have built a nice business out of Windows' security holes. Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"

Anti-Trust

[0123456]

I would love to see governments attacking Microsoft for making its software too secure. That would keep me laughing for years.

Re:Anti-Trust

[ByOhTek]

Given that you can (or at least, for a couple years, could) jailbreak iOS by visiting a web site, I'm surprised there aren't more viruses for it. It seems a pretty wide open target, with a rather profitable victim base (they, at minimum, could drop a couple hundred or more for a cell phone).

Re:Anti-Trust

[gnasher719]

Sandboxing on MacOS X 10.7 solves this quite reasonably. A sandboxed application can request access to all files _that the user opens_.

Re:Anti-Trust

[shutdown+-p+now]

A large chunk of the enterprise sector uses Linux, as do a large chunk of web servers.

We were talking about viruses. Viruses are useless against servers, since virus, by definition, requires that the infected program is run on the attacked box. People don't usually run random programs on servers. Windows servers don't have a virus problem, either.

A big part of the problem is that Unix and Unix variants have been designed for security from the beginning. They've been designed to sandbox apps, and not run everything with full rights.

Most Linux distros don't sandbox apps - they still run with full user permissions, so any app has access to all user data of any other app. Proper sandboxing would be creating a separate set of permissions for every app that only lets it access and write data that it actually needs - as seen in Android or SELinux.

Of course (as also seen in rooted Android), if your sandboxing has a "full privileges" option, and it only takes an explicit user approval to enable it, casual users will do so when an infected app asks for it. You basically can't trust the user on making that decision if you want security on a platform that's being used by non-tech-savvy users. That's precisely why there's all that heavy sandboxing with no opt-out on iOS.

Windows was designed for users to have admin rights from day 1. Even when Windows started to introduce UAC, they did so in a manner that just annoys most people into turning it off. And so many Windows applications need full rights (because of the Windows mindset that they always could before) that it is difficult to properly sandbox everything.

I've been using Vista since 2008, and Win7 since it came out. I have a lot of applications on my system, but none of them require full admin rights. This really is mostly in the past - it has been 5 years now that applications couldn't reasonably assume to have full admin lest they break the user, so anything that still does so is either old software that hasn't been updated in a long time, or some POS line-of-business app that's written to run on corporate PCs that all still have XP.

Re:Anti-Trust

[jbolden]

Capability computing. You don't grant applications the rights of a user. Rather an application is granted the right to do X to thing Y. So getting access to a user's file doesn't mean access to all of them. Some other problem controls granting capabilities.

As an aside the NT kernel 3.51 had an excellent capabilities and Windows still has it. Microsoft just never made their own software, including the shell / GUI work with it.

Re:Anti-Trust

[devent]

The only reason why Linux don't have viruses "in the wild" is because it is extremely difficult to write viruses for Linux that can be run or installed without user interaction.

Sure, I can get a virus for Linux if I go to virus.com, download and run the virus. But for Windows you can get a virus with different means. Like via Email attachment, autorun from a USB-stick, via remote access (in Windows XP I get virus only because I was online).

In Linux you have explicitly tell the system to run the file. But on Windows everything with a .exe is run. Also, many programs are run automatically for the "convenience" of the user, like autorun USB or CDs. Windows still hides the file extension from the user, so if you have a file like porn.jpg.exe Windows will show you porn.jpg.

Also it's very easy to get rid of a virus in Linux. Just delete the infected file and replace it with the original from the package manage. In Windows you can't even delete the file because it's still in use.

Plus the whole-system update management of the Linux distributions. I can run my updates weekly and in the background and it will update the system and all of the applications.

Re:Anti-Trust

[ILongForDarkness]

I think there is a fundamental flaw in the assumptions here though. You can't trust a package just because it happened to get added to Debian or Apples repositories. It does probably mean someone, probably a large number of someones and tools have been used to check the app which is a good thing. But you still shouldn't have to fully trust or fully not trust (by not downloading) an app. Just because I install Firefox doesn't mean I want it to be able to access everything I can on my computer. Apps should be installed in a sandbox and only allowed outside of the box when a user grants them access. That way for example the user can say "wait a minute why does Angry Birds want to access my email account?" Or "why is Google Desktop trying to send my data back to the mothership?" There is a lot of cool FOSS software out there I like to try, but it shouldn't mean that I'm giving bob@coolhacker.org "full trust" on my system because I want to see if his text editor is really as cool as it looks and more than I should be giving full trust to some random app that landed in a deb package on debian.org. The old rule: trust but verify holds.

Re:Anti-Trust

[hairyfeet]

But you seem to be missing the fundamental problem mcgrew, which is this: How do you protect the user from themselves without forcing them into an Apple style walled garden where nothing that isn't corporate approved is allowed to run? Because if given the choice i'll take dealing with AV over a walled garden, thanks ever so.

As a guy that builds and fixes Windows every damned day I can tell you EXACTLY where the bugs are coming from, and the vast majority? INSTALLED BY THE USER. Do you think Linux would be safe from a user that would happily run anything they got from an email, complete with putting in their password and chmodding whatever the attacker told them to? of course not. here is the list of the most popular bugs i've seen this month along with the way they got in. you tell me where MSFT could have stopped any of them.

1.-Security tool and AV 20xx variants. These get in with a classic social engineering "ZOMG U Got Teh Viruz! Run "Is_Not_Viruz_iz_Cleanerz.exe" to kill the viruz ZOMG!" 2.- Porn codec malware. Infection source? Horny users. Uses this trick "U want teh hot lezbo teenz? We GOT teh hot lezbo teen right now! Just run "Iz_not_viruz_Iz_codec.exe' to see teh hot lezbo teenz right now!" 3.- social site malware. Infection source? again social engineering "Hey its me! I found this great new site! Just click here to load "Iz_Not_Malware_Site_Iz_cool.html" right now!"

Now in NOT A SINGLE CASE were they exploiting anything but the USER and any of these attacks could just as easily work on Mac (DNSChanger and MacDefender) or Linux (KDELook malware and infected Q3 game) by simply getting the user to go where the attacker wanted or run what the attacker wanted run. Now does this mean MSFT hasn't done dumbshit? Oh Lord No! Whomever thought XP should run as admin by default should have been publicly flogged! and IE 6 was an abomination that has made me hate IE so much to this day I refuse to allow it on a single machine I touch! I toss the links and give them both Firefox and Comodo Dragon with ABP and tell them to stay the fuck away from IE!

But XP is two and soon to be 3 versions out of date so no point in even bringing it up, hell if it weren't for contracts with corps and government they would have already taken it out back and put it down. And since Vista MSFT has been pretty damned good about using best practices, running the users without being admins, DEP and ASLR, having low rights mode (Which neither Linux nor Mac have yet) so that drivebys are that much harder to accomplish...but in the end it all comes down to freedom. If you allow the user control over their own machine that means they have the power to fuck it up, full stop. the ONLY way I've seen that could possibly remove that vector is walled gardens and personally i don't think the loss of freedom is worth the security that an app store brings, do you?

Re:Anti-Trust

[Anthony+Mouse]

So how do you make a file compression program that uses a Sandbox?

Imagine gzip without the ability to read or write to the filesystem. It's still just as useful: you just type 'gzip -c file.gz' and your file gets compressed, and if gzip is broken it can't do anything other than compress the file wrong. And there is no reason why a GUI application can't be designed to work in an analogous way.

It does mean that the world of Windows software development would look a lot different. A zip program doesn't need its own UI. All it needs is to provide an algorithm to the OS and a hook that tells the US it can put it in the 'things you can do to a file' menu. Then the zip program never gets access to the file system, the OS just feeds it data to compress on stdin and takes the compressed data from stdout.

Good for consistency; bad because of consistency

[show+me+altoids]

I think this would be a great idea as long as MS keeps it well updated and people don't rely just on it. It would immediately improve the security of the PCs of all the people who don't bother with antivirus, but it may lull others into a false sense of security and give them an incentive to not get any other antivirus which would put a target for virus writers squarely on MS's solution.

Monopoly

[im_thatoneguy]

Why on earth would Microsoft want to put the AV competition out of business? It only costs them money.

It's neither boon nor monopoly, it's acknowledging a begrudging reality that no matter how secure your OS you need AV on top and you can't rely on your users to purchase it.

I'm sure Microsoft would be more than happy for everyone to run Norton and save the development expense but... that would be like requiring your customers to buy hamburger bun separately.

Bill was right

Bill Gates was right. Microsoft had every right to add whatever features and applications it wanted to its OSes. Look at Chrome OS, Android, Mac OS X, iOS. All have browsers and other applications "built-in". In fact, Chrome OS doesn't even allow you to use an alternate browser, while Windows always allowed this. Adding non-intrusive and automatic antivirus to Windows 8 is a step forward.

Re:Perspectives

[jd2112]

The capitalist in me screams, "Anti-competitive!"

The IT guy in me exclaims, "It is about time."

The consumer in worries, "How will this impact performance?"

Microsoft AV is among the lest resource intensive AV programs I have seen.

Antiviruses are like unofficial patches

[Hentes]

Security should not be handled by a third-party program, and equipping Windows with a builtin AV is a step in the right direction. Banning it because of antitrust claims would be ridiculous, but only a minor annoyance, those who want could still get it.