Anti-malware Vendors Stare Down Microsoft Threat 207
Captain Rose writes "Matt Hines at eWEEK has stepped up to report the other side of the story CNET inked recently on the perceived death knell that Vista will deliver to independent anti-spyware vendors. There's definitely a fight in store (David v. Goliath), though who knows how long we'll have to wait to see it play out now that Vista's delayed yet again. Is this a bit of foreshadowing on how the new Microsoft OS will address the self-replicating, zero-day spyware threats?" From the article: "Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro, which market integrated packages of applications to companies wishing to solve long lists of problems. However, for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat."
They need not worry (Score:4, Funny)
Re:They need not worry (Score:3, Funny)
An OS with security holes protected by a security tool that has security holes. So malware writers will attack the security holes of the security tool to attack the security holes in the OS.
You'll have to download updates to close the security holes in the security tool used to attack the security holes in the OS. Then you'll have to download updates for the security tool to close the security holes in the OS.
Ow...I think I brained my hurt.
Re:They need not worry (Score:2)
Briefly:
1) Release OS
2) Find security hole
3) Release Security Tool
4) Find security hole
5) Release Security tool patch
6) Infinite Recursion
7) Profit!
Re:They need not worry (Score:2)
Re:They need not worry (Score:2)
Re:They need not worry (Score:2)
There will still be a market (Score:4, Interesting)
Re:There will still be a market (Score:2)
Re:There will still be a market (Score:2)
People are stupid. Even if the fromt of the WinVis box *screams* anti-virus included, people will still be lured into grabbing Nortom Internet Security Suite for $99.95 as well. They just can't help it.
Re:There will still be a market (Score:2)
I can understand your point with regards to multiple software based firewalls, thats redundant.
Having said that, the 2 I use are AVG [grisoft.com] and ClamWin [clamwin.com]. Not exactly bloated in the same way Symantec Norton Internet Security is.
There is no guarantee that a single AV package is going to get all viruses. Just the same that something like Ad-Aware [lavasoft.de] isn't going to g
Whats wrong with multiple AV software packages??? (Score:2)
But with the new Intel Core Duo, you could do that easily!
Re:There will still be a market (Score:2)
Microsoft's corporate customers like a fixed release schedule. Updates from third-party vendors like Symantec have not been without problems lately...
Re:There will still be a market (Score:2)
Microsoft is a single entity. Large as it is, and as many people as it employs, it's still a single entity that acts as such. Everyone under the Microsoft umbrella will be addressing the malware (and I include such things as viruses, spyware, installware, etc. under that term) from a single point of view. That's inherently dangerous, no matter how much money, people, effort, or any other resource they want to throw at the
Won't the need always exist? (Score:3, Interesting)
As long as the OS permits users to turn down or turn off security measures- experienced users in order to do something they deem useful and noobs for just not knowing any better- followed by forgetting to turn them back on/up and then surfing to some-malicious-site.com or opening some-malicious-email then the liklihood of an unwanted installl/download > 0 yes?
Sounds like we will always need utilities to help out.
As technology evolves, so will the malware.
Compare this topic to that of graphics- in the beginning there was the
There will always be a market for some next-big-thing..
Jeez... (Score:5, Insightful)
It seems to me this is like horses being mad at cars for making them obsolete.
However, I am yet to be convinced that Vista will not require third party anti-malware support.
Re:Jeez... (Score:3, Insightful)
First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them? It seems to me this is like horses being mad at cars for making them obsolete.
No, they created a market for mitigating the effects of the holes in their OS. Now they are not fixing the holes, but entering the market for mitigating the effects of those holes by illegally leveraging their existing monopoly. Let me be clear on this. Bundled or not the
Re:Jeez... (Score:2)
MS could argue that with Windows Defender they are creating a proactive way to deal with undiscovered holes. No developer is psychic; they can't see every problem up front. Example: http://www.debian.org/security/2006/ [debian.org] Oh no Deb
Re:Jeez... (Score:2)
MS could argue that with Windows Defender they are creating a proactive way to deal with undiscovered holes.
Sure they can. Of course it has nothing to do with the way the law regards monopolies. They could start selling "OS covers" that are hard cases to protect your media upon which your OS is stored from breaking and they would be guilty if they bundled it with Windows. The reason for this is that monopolies are defined by markets, not by products. There is a market for anti-spyware. If MS enters that
Re:Jeez... (Score:2)
Re:Jeez... (Score:2)
A web browser is far more afield for them than OS stability/security tools, and they ended up having no legal issues due to IE - it's still in the OS.
First, they were convicted in three jurisdictions for bundling IE. Second, the product does not matter, just the market. MS had a much better case with IE because the market was very indirect. Everyone was giving the product away and using indirect advertising to make money. With spyware there is a direct, healthy, competitive market. People buy anti-spywa
Re:Jeez... (Score:2)
It should be illegal either way. If they sell an anti-whatever, they get a conflic
Put me out of business (Score:3, Interesting)
That's my feeling about it. A substantial portion of my earnings comes from coping with a problem that shouldn't exist. (I help small and medium sized businesses cope with spam.) If some development makes the spam problem go away, that will be bad for my business. I knew that when I started working in the business. And I'm not any brighter tha
Re:Put me out of business (Score:2)
Man the bottom really fell out of that business!!
Re:Put me out of business (Score:2)
Re:Jeez... (Score:2)
I think MS realized many years ago that they are the official definition of this phrase.
Re:Jeez... (Score:2)
What they're offering is another layer of software to cover up the holes, in a market where there are already people who do that.
Re:Jeez... (Score:2)
Yes, there would.
Re:Jeez... (Score:2)
How do you equate providing antivirus/antispyware with fixing the holes that caused the need for antivirus/antispyware in the first place? Providing antispyware isn't fixing the holes; it's covering them up with another layer of software.
But .. but .. but.... (Score:2)
I find it hard to understand that companies such as Symantec and McAfee apparently haven't had a strategy prepared for this eventuality. If you've built a business on Microsoft's incompetence, then surely you'd have to expect that sooner or later Microsoft's competence would either improve, or Microsoft woul
be secure or BE secure? (Score:4, Insightful)
Re:be secure or BE secure? (Score:2, Insightful)
That link is usually situated between the keyboard and the chair.
Having a system able to run generic code means no matter how many warnings you give, malicious code will still exist.
Re:be secure or BE secure? (Score:2)
Re:be secure or BE secure? (Score:2)
Re:be secure or BE secure? (Score:2)
Re:be secure or BE secure? (Score:2)
Just because most of linux and mac os x users are not stupid doesn't mean everybody is smart and antivirus are not needed.
Check who's buying anti-malware software. (Score:5, Insightful)
My guess is that most corporations and users will turn off the bundled anti-whatever, and use what they trust. After all, should you trust the company that created the problem after they sat for years without doing much, to solve the problem?
I understand M$'s desire to squash these guys (Score:3, Funny)
It'll be the same story as always (Score:4, Insightful)
Re:It'll be the same story as always (Score:2)
Is that really true? Do you need to pay for subscriptions to keep them both up to date? If not, how do the companies make money? If they don't make money, why do they care if Microsoft steps up to take care of the problem?
Forgive my ignorance, but I only really used Windows for about a year before throwing in the towel.
Microsoft Antispyware (Score:2, Interesting)
What about AVG Free? (Score:4, Insightful)
AVG Free [grisoft.com] works quite well and has removed Trojans that Symantec couldn't.
It's a great POINT solution (Score:2)
However, there is a larger group of people out there who would rather throw money at the problem and make it go away (or at least make somebody else try and make it go away on their behalf). That's the solution the Big 3 offer.
Re:What about AVG Free? (Score:2)
Most common use for it is to scan email through an MTA or web traffic through Squid. I've also used it to run scans on network mounts via a cronjob in the middle of the night.
The Windows port of it is quite good. But again, its just a scanner and it doesn't offer Live/resident scanning for files opened/closed in the way most other AV packages do. Its only manual scanning. Where it comes in to
It's not Microsoft's fault for once (Score:5, Interesting)
For once, you can't blame Microsoft for ruining an industry, and I can't say I'll feel sad if McAfee or Symantec dies...
Re:It's not Microsoft's fault for once (Score:2)
Re:It's not Microsoft's fault for once (Score:2)
Re:It's not Microsoft's fault for once (Score:2)
I prefer to think of it as if you get into a cage with an 800 pound (and growing) gorilla and a fully grown banana tree, plant your own banana tree, and eat only bananas off your tree, *eventually* that gorilla is going hit 900 punds and decide it's time to rip you into quivering shreds so it can eat your bananas too. It's the price you pay
get rid of spyware? Ha. (Score:3, Insightful)
Gambling that VISTA is as insecure as ... (Score:2)
From early reports the odds are that they are right. Now they won't have to manufacture phoney Linux bugs in their lab in a vain attempt to generate revenue from Linux users.
I already have anti-malware from Microsoft (Score:2, Funny)
So... (Score:3, Interesting)
The big names in anti-virus are just eating resources. Without them we wouldn't be upgrading our computers quite as often. I work on a 2000 box at work with only 256MB of RAM. It normally runs fast enough, but once there was a decision by scared execs Symantec was installed. Now I'm hitting the VRAM like a drunk hits the dollar tapps at happy hour.
Re:So... (Score:2)
Hmm... (Score:3, Interesting)
Then when Microsoft is overloaded with attacks, the vendors should return with their new versions. They'll be greeted as saviors.
An Industry Threatened? (Score:2)
Threat? Well... (Score:2)
Perhaps, but experience tells me that it will probably be a long time before most businesses upgrade to Vista. Why, even after five years, there are still many that haven't yet upgraded to Windows XP.
Actually, the worst thing that could happen to the anti-mailware vendors is if companies end up rejecting Vista and move to *nix platforms instea
Self replicating ... (Score:2)
Re:Self replicating ... (Score:4, Funny)
oh, cry me a river (Score:3, Insightful)
maybe it's about time MS writes more secure software. besides, given the hardware req's for vista, there'll be millions who sill still run xp/me/98 for the forseeable future.
Who Watches The Watchers? (Score:3, Interesting)
Furthermore, both McAffee [cert.org] and Symantec [zdnet.com.au] products have been hosts to numerous flaws, security holes and vulnerabilities themselves.
If Microsoft wanted to do it right, they could merely have Vista identify both programs as "malware" right off the bat, remove them from the system, and most users would be better off.
Isn't This Monopoly Power Abuse? (Score:2, Interesting)
This is quite similar to the inclusion of Internet Explorer. And OS level disk defragmentation (remember PC Tools anyone?).
Now if Microsoft were to include preventatives/prophylactics in the OS, that's one thing, but including AV software, even if integ
Assuming MS delivers vista (Score:2)
Remember that longhorn(now scrapped) was MS's first attempt at an OS since DOS. They hired a team from digital to produce the NT/2k/XP codebase and OS architecture, and gave that group a significant degree of insulation from the MS management structure, including billg. MS is very likely going to have to do the same thing again to deliver Vista in any decent form, or whatever it will be called by then. After all, if they scrapped longhorn, whose to say they won't have to scrap vista.
Actually, this will HELP the independent vendors. (Score:2)
There is a definite trait in the human personality that feels that a bone-stock mechanism isn't good enough. Evidence the number of after-market mufflers, 3rd party ringtones, Windows defragmentation utilities, et cetera that are sold every single day.
By making anti-malware 'standard', Microsoft is actually enlarging the population of people interested in the product. As it stands now, there are a l
Extremely similar to insurgency... (Score:2)
There are two aspects to this situation:
1) How can these companies staunch the ever-widening, ever-innovative flow of assaults on the Internet?
2) What will Microsoft's product do to the businesses who make much of their living from anti-badstuff software?
For the first item, one can only hope to lessen the impact and severity of assaults. One cannot hop
Security focus (Score:3, Insightful)
Mainly because many businesses will start asking the uncomfortable question about why they have to pay for an insecure software product then pay more for security software. I realize many companies are doing it now, but when the checks are going to different companies one can pretend you're buying network security. When both checks go to the same company it becomes glaringly apparent that you're paying for something many companies think should be included in the price.
I realize it must seem strange but I really think this will do more to highlight MSFT's insecurity than boost revenue. Because it's sort of like rubbing a customer's nose in the fact that the product they're buying is basically not secure. I'm guessing MSFT will end up bundling the package at a price not far above where they are now, especially for big buyers. The little people will, of course, get the corporate shaft but most of them are used to it by now anyway. After the XP Activation Follies paying for security updates won't seem like much of a big deal.
Not seeing a win here.
Matter of Scale (Score:2)
Look at the WinXP Firewall for an analogy (Score:2)
No. For a simple and very logic reason: The VERY FIRST thing any given malware today has in its code is some piece of code to turn the WinXP "firewall" off or grant itself permission to pass through it. It's Registry configured, a well placed call to RegCreateKey fixes this "problem" easily.
Why should we expect it to be different with an MS-antivirus tool?
Yes, the overh
Re:Look at the WinXP Firewall for an analogy (Score:2)
So no wonder many users, especially when not too tech-savvy and not really used to the idea of different privilege levels, simply run around with an admin account at home and no "user" accou
We overlook something (Score:2, Insightful)
Even if Vista was Spyware and Virus proof... (Score:2)
Re:Write better malware (Score:4, Funny)
No. (Score:5, Interesting)
However, there is a more interesting issue with things like virus signatures and so on (emerging threats.) IANAL but I do wonder if, assuming that continuous updates are required to identify new forms of phishing, Trojans etc., MS might be required by the EU to open its API so that updates could be bought from different suppliers, on exactly the same basis that you can buy tires and exhausts from sources other than the car maker.
Re:Don't worry! (Score:5, Insightful)
Perhaps you should evaluate the logic of your statement?
Microsofts web browser put the competition out of business. (and got themselves in a bit of a legal battle too)
In the 80's and 90's Word Perfect was the defacto standard for an office suite, and Claris Works was popular on the mac. Then microsoft brought out it's office suite, and has all but put the competition out of buisness.
Not sure where you are going with the anti-virus, since Microsoft has never released one. But when they do, I'm pretty confident it'll steal the market share too.
The point i'm trying to make, is that while all of us know that plenty of non-microsoft products are becoming available, and are even better products in many cases, the fact still remains that microsoft obliterated the competition in all of these areas and only the FOSS community is able to gain any traction at all.
You gotta remember that just becuase you and I use FireFox and OpenOffice.org, doesn't change the fact that 99% of computer users are on Internet Explorer and MS Office.
Re:Don't worry! (Score:2)
But neither Firefox/Opera nor Openoffice (just to mention sw that runs under MS OSes) is dead! And MS is to keep an eye on those 0.01% sw not to loose too much!
Re:Don't worry! (Score:4, Interesting)
I have word that the bigger players in the anti virus/malware markets have preempted Microsoft and are already being advised by relevant legal departments. They (the AV/M companies) cannot do anything unless Microsoft bundles competing software. But as soon as they do, you can be assured that if there is any drop in revenue seen by the AV/M companies, Microsoft will find itself in court again. Next time it will not be a first offence.
Re:Don't worry! (Score:2)
You can't add components to your software product becuase someone else already sells those components and stands to lose money? I don't get it... What is the legal precedent here?
Re:Don't worry! (Score:3, Interesting)
If Microsoft want to get into the antivirus/antimalware market, they are free to develop (or purchase) a product, market it and sell it. They just cannot bundle it with Windows as this would be seen as an attempt to squash the existing companies (who compete on product price, quality,
Effective monopoly in one segment... (Score:3, Informative)
They, because of their relative size in the market, can't just be putting anything and everything into their products as a bundled deal. It's the same story with the media player and browser software they're already in trouble (though with the browser, they got a slap on the wrist over it- it remains to be seen on the media player software, but it's not looking as good for Microsoft on th
Re:Don't worry! (Score:3, Insightful)
Re:Don't worry! (Score:2)
They did win the case, but went out of business long bfore that.
Re:Don't worry! (Score:3, Insightful)
Re:Don't worry! (Score:2)
So next time they'll get a slightly larger slap on the wrist?
Re:Don't worry! (Score:2)
I've always wondered though, if Microsoft didnt include IE with Windows, then how would I be able to download Firefox?
Re:Don't worry! (Score:3, Informative)
c:\>ftp ftp.mozilla.org
Re:Don't worry! (Score:2)
Re:Don't worry! (Score:4, Insightful)
That will hit some people. Not everyone, many not most, but some. Maybe then a bigger backlash will start. It will probably depend on if the anti-whatever software is free or not.
You've got to love the oddity of it all though. What if tomorrow Oracle released a version of their software that would randomly drop tables? Let's say for the sake of argument that everyone used it anyway. What if Oracle's solution was to sell you software that would catch that happening and instantly put your table back?
What if your Ford car would randomly stall, and Ford's solution was to give you a anti-stall upgrade on your car?
I hope Vista fixes a lot of this (I'm on OS X so it doesn't matter), because it is just mind-bending if you think about it.In what other industry (other than possibly government) would this kind of thing be accepted so well?
Re:Don't worry! (Score:2)
Re:Don't worry! (Score:3, Interesting)
This fact doesn't support your argument concerning bundling because these products are not necessarily included in Windows. Rather, the fact that Office became the standard is either due to a) improved quality over the competition, or b) improved marketing over the competition, neither of
Re:Don't worry! (Score:2)
Re:Don't worry! (Score:2)
You're painting a rather bleak picture here. I don't know about OO.o, but Firefox is widely credited with having at least 10% marketshare, and some websites are reporting now that over half their visitors are using Firefox (most on Windows). These aren't even websites you'd expect to have an audience of mostly OSS supporters, so it shows t
Re:Don't worry! (Score:2, Insightful)
Anyone remember MSAV.exe? They never updated it, and let it die when they moved to windows 95. Kind of like when they let IE die after 6.0. Oh, and wqhen's the last time Word had a feature that wasn't wither copying a competitor, or a really stupid idea? (Like animated helpers.) What was new wasn't useful, and what was useful wasn't new...
So we'll actually say you're wrong on 2 counts - they can compete,
Re:Don't worry! (Score:2)
Actually DOS 6 used to ship with antivirus. Hardly anyone would remember it though. Remnant I found [computerhope.com]. MS got out of antivirus in a hurry. Even this product was licensed from Central Point.
Microsoft Anti Virus (Score:2)
MS put out an antivirus way back in the early 1990's with MSDOS ver 6.0 [wikipedia.org] based upon the Central Point Anti-Virus product which was later incorporated into Symantec/Norton Antivirus.
My oh my, how quickly we forget history.
Re:Long way away (Score:3, Insightful)
W2k is still in the heart of IT running the domain controllers in many (possibly most) companies... W2k3 is gaining ground but is still not in the majority even 3 years after its release (based on our own marketing surveys, which cover a lot of companies in
Re:If.... (Score:2)
Re:dump windows (Score:2)
Re:dump windows (Score:2)
Re:Good Riddance (Score:2, Informative)
Re:Anti-Spyware/Adware (Score:2, Informative)
These tools provide protection from attacks against multiple fronts. In part the protection is against malware designed to seek out and exploit holes in the underlying software. But it is also designed to protect users from their own inexperience. The strongest O
Re:Interesting article (Score:2)
I dunno... how about the experience of the last 15 years?
Re:I hate to say it... (Score:2)