Microsoft Officially Announces Anti-Virus Product

Harry Maugans writes "Microsoft has officially announced their entrance into the anti-virus market. By combining anti-virus scans, anti-spyware scans, and firewall protection into a single package, Microsoft thinks they've created something fresh. So fresh they're charging an annual fee of $49.99 per year." From the article: "Microsoft's Windows OneCare Live program will be launched in June and made available online and via retailers for an annual fee of $49.95 on up to three machines. Customers who beta test Windows OneCare Live between April 1 and April 30 get to take advantage of a special $19.95 promotional price. Microsoft's pricing means Windows OneCare subscribers are likely to pay less up front than if they bought traditional anti-virus software like Symantec, for example, whose Norton AntiVirus 2006 protection pack for three PCs lists at $89.99."

Cool

So now they sell you the problem and the fix!

To be fair to Microsoft

There's plenty of customers who are furious Microsoft isn't providing antivirus software. For them this is the fix. They think mechanically, and don't understand that computers shouldn't need fixing unless the hardware takes a dive. To them, this is maintence that ought to be provided by the manufacture. And besides, there's plenty of viruses that can't be stoped by good security (iloveyou.jpg.exe).

That said, Norton, McCafee, AVG, et. al. can kiss their collective butts good by. It's one thing if they had products Microsoft couldnt' compete with (ala Quicken), but last I check Microsoft Antispyware was one of the beter ones out there.

Re:To be fair to Microsoft

>>put "I love you" in the "bad words" filter for your mail server, rejecting every single email containing the phrase "I love you"

Now I've seen it all. Following that line of reasoning, if they'd just filter on the word "virus"...

Re:To be fair to Microsoft

Right, because the user is going to make informed decisions and choose not to run the thing after clicking through a million of these popups everytime they've installed something in the past.

I agree extensions should be shown, and I agree users should by default have non privileged accounts.

However, forcing the user to click through popups and having them add specific permissions to each executable is not the solution. I don't claim to know what the solution is, but I do know that popups and security warnings simply do not work. Only people who know what they are doing know what they mean. Unfortunately this is the same group of people who do not need them.

Maybe we could start with hardware/software that doesn't permit exploitable buffer overflows (we've got that now, we should be using it). In addition Microsoft should not allow untrusted data to be available to the inner workings of the OS via Internet Explorer.

Nothing is going to keep people from running stuff they shouldn't run. However, we can at least attempt to cut down on the things that run as a result of crappy code. Stupid things like the WMF vulnerability and buffer overflows should not even be problems anymore.

Re:Cool

>>So now they sell you the problem and the fix!

It's a "fix" in the sense of a drug addict getting a dose. Doesn't solve the underlying problems, but makes the pain go away for a short while.

Extortion

Is it wrong for me to feel used and abused at the idea that Microsoft wants to charge for this service? I have seen arguments both ways, but I can't help but feel that charging for such a service amounts to little more than extortion. I mean, it's their operating system, and problems with their code that *often* (but not always) allows for these problems in the first place, so why should I have to pay extra for protection from malware that should have been stopped to begin with?

Now, I know that often times it is the fault of stupid users when spyware, viruses, etc. get loaded onto a system, but for any reasonably computer savvy individual, these things blindside you when you least expect them.

I'm sorry, but anti-trust issues, in my opinion, are nothing more than a mask to use as an excuse for what this really is - extortion intended to nickle and dime consumers that rely on Windows because they can't/won't/don't know how to use anything else. Am I supposed to believe now that Microsoft won't intentionally keep open holes in their systems in order to "persuade" their users into purchasing this service? Somehow, I don't put such evil past them.

Re:Extortion

You know what's the worst part? People will go and think: Hey, this is a Microsoft anti virus program. They know their software best, so it must be the best anti virus program out there. Let's buy it!

Re:Analogy

More like a restaurant slipping you arsenic with your meal, then selling you the antidote as an add-on dessert as you lay dying on the tiled floor. A MONTHLY antidote, no less, at an ever-increasing price.

Re:Extortion

Why is Microsoft considered evil when they introduce an anti-virus, anti-spyware, and firewall for a fee. This is purely a business decision to protect Microsoft from lawsuits. Lets see her if Microsoft was to include this service for free or intergrate it into Windows Vista, then companies like Symantec, Mcafee, etc would sue the shit out of Microsoft, just like other companies sued Microsoft over intergrating a office suite in Windows. If you want to talk about something evil why don't we talk about the people who write these viruses, spyware, malware, etc. They are the reason we have to have so many security solutions in the first place. Its amazing how much hate there is for Microsoft on /. If you don't like it then quit using it. There are other solutions out there, so if you feel that Microsoft is so evil then quit supporting there products.

Re:Extortion

Damn right it is purely business - and that's the problem. Suing for bundling everything under the sun with the intention of abusing monopolies is one thing, but bundling (for free), security software to protect the operating system that should be secured in the first place, does not strike me as monopolistic abuse. Using that excuse sure is convenient though, isn't it?

Being afraid of getting sued hasn't really slowed Microsoft down in the past, so why should they start when it comes to the security of their OS? Oh, right - because they can make money on it this time around. What makes you think that Microsoft isn't using tricks and internal-only API's to make their AV product that much better than the competition? Isn't that abusing their monopoly just as well as if they were to provide it for free? What happens when a security hole goes unfixed for a month because Microsoft has gotten lazy, and it's in their best interest not to fix it to begin with anyway, because they stand to profit from OneCare sales if they "test" a patch just a bit longer? Sure, for high-profile exploits they'll fix them right away to save the PR backlash, but they still are ahead in the end.

I don't hate Microsoft. I really don't. I think they have contributed a fuckton to the industry. But this is just plain wrong, and does nothing more than cast doubt into their userbase regarding their credibility.

Re:Extortion

"Is it wrong for me to feel used and abused at the idea that Microsoft wants to charge for this service?"

Not really - after all, if you just install Microsoft's free updates and secure your computer using methods available online for free, you shouldn't need Microsoft's antivirus services to begin with.

The big purchasers of this product will be corporate and government IT departments looking to save money by buying bulk quantities of Microsoft antivirus as opposed to other products that cost more. It's unlikely that the sleazy side of Microsoft selling antivirus software for its own OS will defer customers, as sleazy business practices have already tainted Symantec and McAffee. Microsoft can afford to undercut every other vendor's pricing and watch them all go under, and as long as the new software isn't bundled with the OS, the DOJ and EU will probably let it be.

Re:Extortion

I'm sorry, but anti-trust issues, in my opinion, are nothing more than a mask to use as an excuse for what this really is - extortion intended to nickle and dime consumers that rely on Windows because they can't/won't/don't know how to use anything else. Am I supposed to believe now that Microsoft won't intentionally keep open holes in their systems in order to "persuade" their users into purchasing this service? Somehow, I don't put such evil past them.

Do you really believe that Symantec/Mcafee/ETC would just sit back and watch their Primary Cash Cow dissolve if Microsoft decided to incorporate Anti virus natively in Vista? Microsoft would be sued for antitrust before Vista was even released.

Microsoft has only three options here:
- Let the third party handle it (Sarcasm)Since that's worked so well(/Sarcasm)
- bundle it into Vista, which would be the final solution to the problem for good, and then say hello to the judge.
- Sell it as a product, which avoids the Courtroom tour and may or may not be better than the third party and can at least possibly advertise it in vista. But get accused to intentionally allowing holes in your product to sell it in the process.

And No. Fixing the OS is not the final solution (or the problem for that matter). I can guarantee that Vista even with all of it's user restrictions, protections and the like will still have a virus problem, because you can patch the OS until the cows come home, but you can never patch the idiot in front of the keyboard. That idiot will run something bad, which will infect his user account (Which doesn't need Admin/Root/Privs to access and infect BTW. Same goes for you linux and OSX people who think your so safe.), and proceed to DOS everything it sees online and off with SPAM and their's nothing that the idiot is going to do about it until he can't use the computer anymore because it's spamming and DOSsing all day instead of looking at the pretty girls on the interweb.

As for Microsoft adding intentional backdoors to sell Onecare, it's highly unlikely, especially when you could easily go to Mcafee or Symantec for all of your security needs let alone the free apps out there.

Re:Extortion

The answer is simple: don't buy Windows

For every complex problem, there is a solution that is simple, neat, and wrong.
H. L. Mencken

Surely you can understand that such a simple answer doesn't cover all scenarios and possibilities, and even if it may work for you and me, that answer isn't going to work out quite so well with 90% of the rest of the world.

Re:Solution for lazy people

The biggest thing I see is that there is now a fundamental disincentive to ever really 'fix' Windows.

When the AV products aren't from your own company, there's pressure to remove them as competitors. When the AV division is part of your own company, there's not much incentive to put your coworkers out of jobs. And management is unlikely to want to squash an ongoing revenue stream.

Microsoft has desperately wanted the subscription model for many years. This, essentially, is it. They get to charge you fifty bucks a year. If they get a significant chunk of the userbase signed up, that is a HUGE amount of money. They're NOT going to jeopardize this new revenue stream by making the platform fundamentally virus-resistant in any meaningful way.

In fact, they now have a big incentive to make the OS less secure.

Big deal

Call me cynical, but when their anti-virus software is based on DirectX, ...

Re:Charges for bug fixing

Afterall, viruses are nothing but exploits which take advantage of the windows bugs.

Everyone so far keeps saying that, but I don't think that's true at all. A virus is executable code that does something malicious. Unless your OS has so little functionality that it is impossible to do something malicious or to run executable code, people will get tricked into running malicious code. In slashdot tradition, the car analogy: whether your car is a BMW (OSX), a Ford (Windows), or an M1 Abrams main battle tank (*ix), it is possible to drive it off a cliff. That's not the manufacturer's fault because it's a subset of the activity that a car is expected to be able to do. It's not reasonable to expect them to clean up the mess if you do so. If you want anti-cliff-off-driving protection (in the automotive world, called "insurance") - that's extra.

Re:Old Auto Industry quote

Bad analogy. We're talking about users running malicious code, not breakdowns or failures. More like, if you pour bleach into your gas tank because someone told you it would turbo-boost your engine, should the manufacturer fix it for free?

Best. Anti-virus. EVAR.

This has the opportunity to really sweep up the anit-virus market.

Using holes first introduced by them, they can identify a virus, protect a user against that virus using OneCare Live, and then dive into their code to see how the virus slipped through, and, two or three weeks later, release a patch to completely stop that virus and any other like it. Since the patch would be available to all users, many would update their system and stop spreading virii, which would cut down on the number of wild virii, which would decrease the work load for the AV service, meaning they can make more profit without changing rates!

They could do more than just make a reactive anti-virus program, they could make a proactive anti-virus program. Within a year or two, they could close up most common security holes in Windows, making their system more lucrative to those trying to decide on an OS.

And, then, they can take what they learn from this, and apply it to Vista, making it a robust and secure OS, rivaling any open source OS! BEST. ANTI-VIRUS. EVAR.

...Whoa, wait... Microsoft is the one making this?

Nevermind. [sigh]

Isn't anybody the least bit outraged?

This is reminiscient of the Bell Co's who sold their telephone listings to telemarketers and then offered their customers options to keep the telemarketers out and charged by the month for those services. They made $$$ on both ends.

M$ has "bundled" IE deep into the OS. IE is the primary channel that viruses and spyware exploit. Why can't they "bundle" the fix in the OS?

What a scam!!!