Forgot your password?
typodupeerror

Anti-malware Vendors Stare Down Microsoft Threat 207

Posted by Zonk
from the angry-eyes dept.
Captain Rose writes "Matt Hines at eWEEK has stepped up to report the other side of the story CNET inked recently on the perceived death knell that Vista will deliver to independent anti-spyware vendors. There's definitely a fight in store (David v. Goliath), though who knows how long we'll have to wait to see it play out now that Vista's delayed yet again. Is this a bit of foreshadowing on how the new Microsoft OS will address the self-replicating, zero-day spyware threats?" From the article: "Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro, which market integrated packages of applications to companies wishing to solve long lists of problems. However, for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat."
This discussion has been archived. No new comments can be posted.

Anti-malware Vendors Stare Down Microsoft Threat

Comments Filter:
  • by Anonymous Coward on Thursday March 30, 2006 @03:34PM (#15028688)
    If Microsoft stays true to form, their security tools will be full of security holes. They might even spawn a second tier industry similar to the anti-virus/worm/etc industry.
    • I think you've just described a user's worse nightmare.

      An OS with security holes protected by a security tool that has security holes. So malware writers will attack the security holes of the security tool to attack the security holes in the OS.

      You'll have to download updates to close the security holes in the security tool used to attack the security holes in the OS. Then you'll have to download updates for the security tool to close the security holes in the OS.

      Ow...I think I brained my hurt.

      • It's obvious: MS will then release a security tool which patches the holes in the security tool so that you can download the update to patch the security hole in the OS. Once the OS is updated, you can download the patch for the Security Tool Security Tool Security Hole which will allow you to securely patch the security holes in the OS.

        Briefly:

        1) Release OS

        2) Find security hole

        3) Release Security Tool

        4) Find security hole

        5) Release Security tool patch

        6) Infinite Recursion

        7) Profit!

    • Since Microsoft created the problem, would they not be in the best position to fix it? Oh these holes in the opsys are there by ACCIDENT?? Oops! My bad!
    • Microsoft will just delete the competition [slashdot.org]...
  • by kimvette (919543) on Thursday March 30, 2006 @03:35PM (#15028694) Homepage Journal
    if history serves as an indicator of future performance. I'm sure that Microsoft will stick to the first Tuesday of every month (or whenever it is) to release signature updates, security patches, etc., which will give third-party vendors the upper hand - or worst case should Microsoft totally blow it, potentially drive up the market share for OS/X and Linux migrations.
    • What's OS/X? I've never heard of this. I know of OS X, but not OS/X.
    • I think the third parties will rely on plain stupidity. I can't tell you the number of times I have services a computer with the WinXP firewall, Norton Firewall, and Mcaafe Firewall all installed and running. Not to mention multiple antivirus programs running.

      People are stupid. Even if the fromt of the WinVis box *screams* anti-virus included, people will still be lured into grabbing Nortom Internet Security Suite for $99.95 as well. They just can't help it.
      • Whats wrong with multiple AV software packages installed?

        I can understand your point with regards to multiple software based firewalls, thats redundant. ;-) But multiple AV software is a good idea, and one that I subscribe to on my only Windows machine.

        Having said that, the 2 I use are AVG [grisoft.com] and ClamWin [clamwin.com]. Not exactly bloated in the same way Symantec Norton Internet Security is.

        There is no guarantee that a single AV package is going to get all viruses. Just the same that something like Ad-Aware [lavasoft.de] isn't going to g
        • It is not so much the two being installed on the system, but most I've seen run all the time in the background scanning files. Two programs scanning files you are opening ("On Access" protection!)for teh virus!!!1! is a Bad Idea.

          But with the new Intel Core Duo, you could do that easily!
    • I'm sure that Microsoft will stick to the first Tuesday of every month (or whenever it is) to release signature updates, security patches, etc., which will give third-party vendors the upper hand.

      Microsoft's corporate customers like a fixed release schedule. Updates from third-party vendors like Symantec have not been without problems lately...

    • Yes, there will still be a market, but not for the reasons I've seen anyone mention.

      Microsoft is a single entity. Large as it is, and as many people as it employs, it's still a single entity that acts as such. Everyone under the Microsoft umbrella will be addressing the malware (and I include such things as viruses, spyware, installware, etc. under that term) from a single point of view. That's inherently dangerous, no matter how much money, people, effort, or any other resource they want to throw at the
  • by Tominva1045 (587712) on Thursday March 30, 2006 @03:35PM (#15028696)


    As long as the OS permits users to turn down or turn off security measures- experienced users in order to do something they deem useful and noobs for just not knowing any better- followed by forgetting to turn them back on/up and then surfing to some-malicious-site.com or opening some-malicious-email then the liklihood of an unwanted installl/download > 0 yes?

    Sounds like we will always need utilities to help out.

    As technology evolves, so will the malware.

    Compare this topic to that of graphics- in the beginning there was the .BMP. And Microsoft gave us the Paint program. But images evolved into other formats and movies. And that necessitated all kinds of cool graphics software-- needs not even Microsoft itself could fully imagine or fulfill.

    There will always be a market for some next-big-thing.. :-)
  • Jeez... (Score:5, Insightful)

    by Geldon (444090) on Thursday March 30, 2006 @03:35PM (#15028697)
    First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them?

    It seems to me this is like horses being mad at cars for making them obsolete.

    However, I am yet to be convinced that Vista will not require third party anti-malware support.
    • Re:Jeez... (Score:3, Insightful)

      First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them? It seems to me this is like horses being mad at cars for making them obsolete.

      No, they created a market for mitigating the effects of the holes in their OS. Now they are not fixing the holes, but entering the market for mitigating the effects of those holes by illegally leveraging their existing monopoly. Let me be clear on this. Bundled or not the

      • They can fix their OS so it does not have holes, but they can't illegally enter a market by bundling with their monopoly and they can't enter the market separately, because then they are leveraging the holes they have left in the monopoly to double-dip on customers. Both are illegal.

        MS could argue that with Windows Defender they are creating a proactive way to deal with undiscovered holes. No developer is psychic; they can't see every problem up front. Example: http://www.debian.org/security/2006/ [debian.org] Oh no Deb
        • MS could argue that with Windows Defender they are creating a proactive way to deal with undiscovered holes.

          Sure they can. Of course it has nothing to do with the way the law regards monopolies. They could start selling "OS covers" that are hard cases to protect your media upon which your OS is stored from breaking and they would be guilty if they bundled it with Windows. The reason for this is that monopolies are defined by markets, not by products. There is a market for anti-spyware. If MS enters that

      • Doesn't this also incentivise (god I hate that word) MS to purposly break their OS?
    • First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them?

      That's my feeling about it. A substantial portion of my earnings comes from coping with a problem that shouldn't exist. (I help small and medium sized businesses cope with spam.) If some development makes the spam problem go away, that will be bad for my business. I knew that when I started working in the business. And I'm not any brighter tha

      • I used to carry red flags in front of cars.

        Man the bottom really fell out of that business!!
      • Exactly. The anti-malware guys got lucky, and found a gap in the market that needed filling. Eventually, conditions change and the circs which led to the gap in the market disappear. The anti-malware makers need to start thinking, and find another gap in the market. Don't gripe. They did it before, they can do it again.
    • Darned if you dont. Darned if you do.

      I think MS realized many years ago that they are the official definition of this phrase.
      • But they're not fixing the holes. If they fixed the holes, there wouldn't BE a need for antispyware software.

        What they're offering is another layer of software to cover up the holes, in a market where there are already people who do that.
    • Now they are threatening to fix their own holes and that industry is mad at them?

      How do you equate providing antivirus/antispyware with fixing the holes that caused the need for antivirus/antispyware in the first place? Providing antispyware isn't fixing the holes; it's covering them up with another layer of software.
    • ...Surely they had a strategy, right?

      First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them?

      I find it hard to understand that companies such as Symantec and McAfee apparently haven't had a strategy prepared for this eventuality. If you've built a business on Microsoft's incompetence, then surely you'd have to expect that sooner or later Microsoft's competence would either improve, or Microsoft woul

  • by geoff lane (93738) on Thursday March 30, 2006 @03:36PM (#15028708)
    If Vista is as secure as we are being told by MS, why would it need anti-virus code from any source?
  • by rob_squared (821479) <<moc.derauqs-bor> <ta> <bor>> on Thursday March 30, 2006 @03:37PM (#15028716)
    I'm guessing the biggest buyers of antivirus, firewall, and spyware detecting software will be knowledgeable users and corporations. Even if you're talking about AOL users with their default installs, AOL still had to make a deal with MacAfee.

    My guess is that most corporations and users will turn off the bundled anti-whatever, and use what they trust. After all, should you trust the company that created the problem after they sat for years without doing much, to solve the problem?
  • by xxxJonBoyxxx (565205) on Thursday March 30, 2006 @03:37PM (#15028718)
    I understand M$'s desire to squash these guys. Every time some server custodian buys another Symantec/Trend/McAfee license, the thought in the back of that custodian's head has to be "I wonder how much less of Symantec/Trend/McAfee's shit I would have to deal with if we didn't have so many M$ platforms running around."
  • by doctor_nation (924358) on Thursday March 30, 2006 @03:39PM (#15028745)
    Since everyone will be running MS's anti-spyware program, the spyware folks will concentrate on defeating it, just like virus writers concentrate on beating Windows "security". So there will still be a market for other vendors, since they would hopefully be better at stopping spyware than MS' default option. And since there's lots of them, it's harder to defeat them all. Even now, it's pretty well accepted that you need at least two anti-spyware programs to catch everything.
    • it's pretty well accepted that you need at least two anti-spyware programs to catch everything.

      Is that really true? Do you need to pay for subscriptions to keep them both up to date? If not, how do the companies make money? If they don't make money, why do they care if Microsoft steps up to take care of the problem?

      Forgive my ignorance, but I only really used Windows for about a year before throwing in the towel.

  • I can't help but wonder why Microsoft bothered to buy Giant Company [pcworld.com] awhile back for their antispyware product. Guess it explains why they've put zero effort into improving it since they bought it though.
  • by digitaldc (879047) * on Thursday March 30, 2006 @03:41PM (#15028763)
    leading vendors such as Symantec, McAfee and Trend Micro,

    AVG Free [grisoft.com] works quite well and has removed Trojans that Symantec couldn't.
    • The gist of the article is that the Big 3 provide a suite of solutions, not just A/V. Yes, there are people out there who prefer putting together their own suite and maintaining it all by themselves. And that's perfectly ok.

      However, there is a larger group of people out there who would rather throw money at the problem and make it go away (or at least make somebody else try and make it go away on their behalf). That's the solution the Big 3 offer.
  • by Rosco P. Coltrane (209368) on Thursday March 30, 2006 @03:43PM (#15028802)
    Anti-virus companies, ironically, are very much like a parasite that only lives on a specific host. When the host disappears (pre-Vista versions of Windows), the parasite dies. Either they get lucky and they find a new host in the form of Vista with security problems, or they diversify in a hurry.

    For once, you can't blame Microsoft for ruining an industry, and I can't say I'll feel sad if McAfee or Symantec dies...
    • Hate to throw water on your hopes of a mass industry die-off, but how do you know that Vista is going to be any more secure than anything else they have ever produced?? Do you know something about Microsofts QA that we don't??
    • It's more of a mutualistic [wikipedia.org] relationship than parasitic, although I'm sure MS views it as a commensal [wikipedia.org] one.
    • For once, you can't blame Microsoft for ruining an industry, and I can't say I'll feel sad if McAfee or Symantec dies...

      I prefer to think of it as if you get into a cage with an 800 pound (and growing) gorilla and a fully grown banana tree, plant your own banana tree, and eat only bananas off your tree, *eventually* that gorilla is going hit 900 punds and decide it's time to rip you into quivering shreds so it can eat your bananas too. It's the price you pay ... and I won't shed a single tear either, I
  • by xx_toran_xx (936474) on Thursday March 30, 2006 @03:54PM (#15028933)
    Yeah, sure, they'll get rid of spyware. Just like they got rid of spam.
  • XP and its predecessors.

    From early reports the odds are that they are right. Now they won't have to manufacture phoney Linux bugs in their lab in a vain attempt to generate revenue from Linux users.
  • So... (Score:3, Interesting)

    by steveo777 (183629) on Thursday March 30, 2006 @04:03PM (#15029011) Homepage Journal
    Microsoft plans on counteracting McAffee, Symantec, and Trend Micro's speed crippling services with their own? Honestly. There are MUCH better tools out there that corporations could be using. Try using a Novell firewall in front of all your Windows boxes. Then subscribe to a good blocklist so your employees can't get to sights that are likely to be infected (employees will rarely, if ever, need access to warez, porn, or blogging sites).

    The big names in anti-virus are just eating resources. Without them we wouldn't be upgrading our computers quite as often. I work on a 2000 box at work with only 256MB of RAM. It normally runs fast enough, but once there was a decision by scared execs Symantec was installed. Now I'm hitting the VRAM like a drunk hits the dollar tapps at happy hour.

    • When they tried that at one place I worked I immediately switched it off - compiles were taking 5* longer which directly hit productivity. They bitched, but saw the point. You just have to explain to them that it's costing them money *now* to have that crapware on your machine, rather than the very small risk of something getting onto your machine without you knowing about it.

  • Hmm... (Score:3, Interesting)

    by tktk (540564) on Thursday March 30, 2006 @04:04PM (#15029027)
    Collectively, all other anti-malware vendors should just delay support for Vista. Let Microsoft handle all the anti-malware for a while.

    Then when Microsoft is overloaded with attacks, the vendors should return with their new versions. They'll be greeted as saviors.

  • Microsoft has put thousands, perhaps tens-of-thousands of software companies out of business in the last two decades. As much as they do have a track record of destroying competition in various segments, somehow, I just don't see "computer security" being one of them.
  • ...for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat.

    Perhaps, but experience tells me that it will probably be a long time before most businesses upgrade to Vista. Why, even after five years, there are still many that haven't yet upgraded to Windows XP.

    Actually, the worst thing that could happen to the anti-mailware vendors is if companies end up rejecting Vista and move to *nix platforms instea

  • What exactly is a "self-replicating zero-day spyware threat?"
  • oh, cry me a river (Score:3, Insightful)

    by b17bmbr (608864) on Thursday March 30, 2006 @04:16PM (#15029148)
    we're supposed to feel sorry for companies that hooked their wagon to an unsecure ship? their buisness model is dependent upon MS writing bad software. well, not that that's a bad gamble, but...

    maybe it's about time MS writes more secure software. besides, given the hardware req's for vista, there'll be millions who sill still run xp/me/98 for the forseeable future.
  • by mabu (178417) on Thursday March 30, 2006 @04:20PM (#15029180)
    If there's an issue over whether Vista will put the big antivirus companies out of business, I don't see it as consequential. IMO, the software companies themselves will be responsible for their own demise, regardless of whether Microsoft enters the market. Programs like Norton Utilities used to be valuable, but now these once-critical utilities have morphed into bloaded virus-like software incarnations that are best not installed in the first place.

    Furthermore, both McAffee [cert.org] and Symantec [zdnet.com.au] products have been hosts to numerous flaws, security holes and vulnerabilities themselves.

    If Microsoft wanted to do it right, they could merely have Vista identify both programs as "malware" right off the bat, remove them from the system, and most users would be better off.
  • Isn't Microsoft using its monopoly power to (Windows platform) to introduce a new product that competes with existing products? Anti-virus companies are already making products to handle security, then Microsoft includes that functionality in the OS itself.

    This is quite similar to the inclusion of Internet Explorer. And OS level disk defragmentation (remember PC Tools anyone?).

    Now if Microsoft were to include preventatives/prophylactics in the OS, that's one thing, but including AV software, even if integ

  • Remember that longhorn(now scrapped) was MS's first attempt at an OS since DOS. They hired a team from digital to produce the NT/2k/XP codebase and OS architecture, and gave that group a significant degree of insulation from the MS management structure, including billg. MS is very likely going to have to do the same thing again to deliver Vista in any decent form, or whatever it will be called by then. After all, if they scrapped longhorn, whose to say they won't have to scrap vista.

  • If they play their marketing cards right, this could really be a boon for the independent anti-malware guys.

    There is a definite trait in the human personality that feels that a bone-stock mechanism isn't good enough. Evidence the number of after-market mufflers, 3rd party ringtones, Windows defragmentation utilities, et cetera that are sold every single day.

    By making anti-malware 'standard', Microsoft is actually enlarging the population of people interested in the product. As it stands now, there are a l
  • The anti-malware/anti-spyware/anti-virus/anti-badstuf f war is extremely similar to insurgencies against governments (even historically, not just now).

    There are two aspects to this situation:
    1) How can these companies staunch the ever-widening, ever-innovative flow of assaults on the Internet?
    2) What will Microsoft's product do to the businesses who make much of their living from anti-badstuff software?

    For the first item, one can only hope to lessen the impact and severity of assaults. One cannot hop
  • Security focus (Score:3, Insightful)

    by HangingChad (677530) on Thursday March 30, 2006 @05:04PM (#15029576) Homepage
    Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro

    Mainly because many businesses will start asking the uncomfortable question about why they have to pay for an insecure software product then pay more for security software. I realize many companies are doing it now, but when the checks are going to different companies one can pretend you're buying network security. When both checks go to the same company it becomes glaringly apparent that you're paying for something many companies think should be included in the price.

    I realize it must seem strange but I really think this will do more to highlight MSFT's insecurity than boost revenue. Because it's sort of like rubbing a customer's nose in the fact that the product they're buying is basically not secure. I'm guessing MSFT will end up bundling the package at a price not far above where they are now, especially for big buyers. The little people will, of course, get the corporate shaft but most of them are used to it by now anyway. After the XP Activation Follies paying for security updates won't seem like much of a big deal.

    Not seeing a win here.

  • This would not be an issue of the scope that it is if M$ had built the OS well in the first place. The anit-malware industry would not exist at the level it does were it not for this. If Vista truly eliminates the vast array of Windows fundamental problems, the anit-malware and security vendors will likely provide much better products that would be more cost effective and far less intrusive to the user. There was a time, for example, when 'Norton' utilities and anti-virus were well respected products, but
  • Remember? WinXP comes with its own firewall (a pathetic excuse for a firewall, but there is one). Did ZoneLabs go out of business? Or Kerio?

    No. For a simple and very logic reason: The VERY FIRST thing any given malware today has in its code is some piece of code to turn the WinXP "firewall" off or grant itself permission to pass through it. It's Registry configured, a well placed call to RegCreateKey fixes this "problem" easily.

    Why should we expect it to be different with an MS-antivirus tool?

    Yes, the overh
  • by GregNorc (801858)
    These computers will be operated by humans. That is one security hole no one can fix. To us, it seems easy. We're programmers, pen-testers, geek squad members. We're basically lucky enough to have a hoppy that pays well. Not everyone thinks like a geek. Joe Sixpack doesn't give a damn how his computer works, and doesn't want to learn how it works. He just wants to browse the net, send e-mail, and maybe if he's feeling frisky put up a new desktop wallpaper. These people don't know what a "root password" is
  • Ignorant consumers would be lining up around the block to upgrade their antivirus and antispyware software... and that folks, is a very large market.

COMPASS [for the CDC-6000 series] is the sort of assembler one expects from a corporation whose president codes in octal. -- J.N. Gray

Working...