Forgot your password?
typodupeerror

McAfee, Symantec Think Vista Unfair 424

Posted by CmdrTaco
from the get-in-line dept.
davidwr writes "Is Microsoft unfairly locking anti-virus companies out of Vista? Symantec and McAfee seem to think so and they aren't being very quiet about it, placing a full-page ad in the Financial Times. If you've found the ad online, please post a link."
This discussion has been archived. No new comments can be posted.

McAfee, Symantec Think Vista Unfair

Comments Filter:
  • by ackthpt (218170) * on Monday October 02, 2006 @12:44PM (#16278617) Homepage Journal

    Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites. Once the host changes significantly the parasites advantage is gone. Who can say Microsoft is now to blame for not keeping them on the gravy train? It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth. If you're a corporate IT officer, would you be comforted to know you only have one place to go for help now, and it's the company which releases extreme high priority bug fixes frequently?

    Microsoft was overly optimistic about the true nature of people (they shouldn't as they've proven to be devils themselves), expecting nobody would take advantage of flaws, like giving everyone effectively root on their computers, thus every application, including malicious code. Further, they've been wonderful about hiding the true nature of what's running on your PC. I can see executables, but DLL's, why the hell shouldn't I see those easily? Anything running on my computer should be visible, how else can I tell if there's something there which shouldn't be?

    So, once again Microsoft attempts to get it right. Maybe they'll be closer to the mark this time. I don't care. XP was the last operating system I'm ever buying from them and I don't pirate stuff. With Vista promising to be larger than ever, I don't think it's the direction I want to go. As Michael Crichton implied in Jurassic Park, the more complex a system the more likely it is to break down. I don't find the every growing Windows OS/Environment comforting. I'm also tired of the technology tax, I just want something to work, to be able to do mundane things and play a few simple games when time affords. Good luck McAfee, Symantec and all the rest, it was overdue. Don't forget to send your stockholders a "Thank You" for all the money they gave you.

    Of course, if it all goes tits-up for Vista, Microsoft have nobody else to blame. Doesn't that at least warrant a warm, cozy feeling?

  • Much ado... (Score:5, Insightful)

    by DoraLives (622001) on Monday October 02, 2006 @12:46PM (#16278667)
    about nothing.

    Once Vista hits the streets in its final incarnation, and the Bad Guys get to working on it, my money is on the premise that third party antivirus solutions to whatever problems that inevitably must arise, will continue to be a necessity.

    After all, it's not like we don't already have a pretty good track record to examine, with the folks who are producing Vista, eh?
  • Maybe? (Score:2, Insightful)

    by HatchedEggs (1002127) on Monday October 02, 2006 @12:49PM (#16278725) Homepage Journal
    I'd have to take anything that security solution companies say with a grain of salt. I am sure that most of these companies are a bit pertubed with MS getting into an area that they consider to be traditionally theirs.

    The new steps in Vista will make the product more secure. In that, it might also make it harder for these third party programs to be as integrated with it.

    Justin
    http://hatchedeggs.blogspot.com/ [blogspot.com]
  • Re:Much ado... (Score:5, Insightful)

    by CastrTroy (595695) on Monday October 02, 2006 @12:54PM (#16278817) Homepage
    McAfee and Symantec aren't complaining that MS made their OS really secure, and as such, have nothing left to protect against. What they are complaining about is that MS has made it impossible for any program to run at a low enough level (except MS programs of course) to be able to work effectively as an antivirus/antimalware application. They've made is so that it's impossible for anybody but MS to make a proper virus scanner. Well, they could make a tool that would get down to that level, but it would have to be through some security hole in the code, and MS would most likely patch it to prevent hackers from using it. So i think that Vista will be more insecure than ever, because MS will be the only ones able to provide security tools.
  • by nizo (81281) * on Monday October 02, 2006 @12:55PM (#16278825) Homepage Journal
    But what if GM manufactured parts that only lasted 3 weeks and also made it impossible to use parts made by anyone else?
  • by Churla (936633) on Monday October 02, 2006 @12:55PM (#16278831)
    They are damned either way.

    A) Release an OS without really beefing up security and watch everything bad about XP and prior releases repeat itself on a larger scale.

    B) Release an OS and beef up security and see people who have made a living compensating for your poor coding in the past complain that they can't in the future.

    The NAPA analogy is shockingly accurate in my opinion. Like what would happen if all the fast food places discovered a way to make the same fast food, but make it healthier enough that people didn't have to worry about dieting anymore? Who would complain? Diet manufacturers of course...
  • by ClassicComposer (916856) on Monday October 02, 2006 @12:55PM (#16278835) Journal
    Why arent they attacking OSX as well? I mean it has a built in firewall that is actually semi decent and not many other widely exploited vulnerabilities... Wouldnt that mean that OSX has been for a long time shutting out companies like this?
  • by Anonymous Coward on Monday October 02, 2006 @12:56PM (#16278849)
    The AV and anti-spyware companies don't want you to have a secure experience.
    I mean, it's like duh etc. I know. But this is ridiculous, if they are a huge corp with mad assets ..once the primary "corporate mission" of securing people is accomplished .. then DO SOMETHING ELSE. If you have smart engineers as assets, figure out a way to use them!! Are their CEO's this short sighted? Let me guess they'll have layoffs of really smart folks and then blame Microsoft instead of doing something else innovative.

    It's like Measles treatment sellers getting pissed off at vaccine manufacturers for cutting into their market.

    This crap is why people believe pharmaceuticals dont want to cure anyone when the truth is that a cure for cancer would cause a massive boost in stock price and shareholder dividends. And the billions of company assets can then be used for other things (new markets etc.). Not to mention it's better to find a cure before a competitor does (even if you are colluding with them, how do you trust they aren't secretly looking for the cure and may suddenly release it for a huge influx of cash). But I guess if the CEOs dont see things this way, it's a problem.
  • by marlinSpike (894812) on Monday October 02, 2006 @12:56PM (#16278859)
    I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff, I can imagine how that could be a good argument. I mean, Microsoft gaffs aside, any OS as popular as Windows will invite viruses, and not patching and protecting every Windows OS just opens all the others to attacks via trojans and bots. However, this is a really tough one for the lawyers to argue. If today Messenger is shipped with windows as a communication tool, then can a virtual VoIP client be shipped tomorrow as an updatd communication tool? How about a middle of a road version of SQLServer, with licenses that would fit the needs of small and mid-sized business just fine? Our anti-trust laws obviously need to be updated. I don't think for a moment that Apple is any better than Microsoft. In some ways, they may be worse. But, how can one stop them when our current anti-trust laws were made for steel an railroad barons? Are there any other countries that have better ideas of how to approach anti-trust in the digital age? Any examples of how it's been applied successfully?
  • by Anonymous Coward on Monday October 02, 2006 @12:57PM (#16278877)
    Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites. Once the host changes significantly the parasites advantage is gone.

    This would be true IF Microsoft had removed the need for av/as/s/sf software but it hasnt. All it has done is changed how the software innterfaces with the OS in an attempt to make it more secure.

    Who can say Microsoft is now to blame for not keeping them on the gravy train?

    I can. They *arent* stopping the need for this software, just making it harder for the competition.

    It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth. If you're a corporate IT officer, would you be comforted to know you only have one place to go for help now, and it's the company which releases extreme high priority bug fixes frequently?

    Fuelled MS's growth in the same way a speed bump helps ford's growth.

    This might be true *IF* microsoft was releasing fixes when they're needed but as we've seen lately, they still dont.

  • Not just MS (Score:4, Insightful)

    by ClosedSource (238333) * on Monday October 02, 2006 @12:58PM (#16278891)
    Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.

    I really don't blame either group. If they had considered all possible future needs prior to creating an implementation they'd still be working on it today and Slashdot would be a pen-pal club.
  • by madhatr (1008443) on Monday October 02, 2006 @12:58PM (#16278909)
    I think you missed the point of the article. McAfee's biggest gripe wasn't about being put out of business, it was the fact that an agreement held between them and Micro$oft allowing them access to the kernel wasn't being upheld. If you think that Vista is going to be secure, I believe you're mistaken. BTW aren't we still patching IE6? And these same people are going to keep the us secure? I think not.
  • Re:Yes (Score:3, Insightful)

    by SpiffyMarc (590301) on Monday October 02, 2006 @01:00PM (#16278921)
    There's a difference between a dupe and a story staying in the news.

    I guess CNN should've stopped with the 9/11 coverage after the initial report.
  • by Sancho (17056) on Monday October 02, 2006 @01:01PM (#16278953) Homepage
    Except that there is no effective way to prevent social engineering.

    Many viruses back in the DOS days were spread through BBS systems--not through software holes, but because a user wanted some warez or something. That still happens today, with stupid little flash games like "dwarfbowling" or whatever. No matter how many prompts Windows throws at them, people are going to click. But if their antivirus software throws up a warning and says, "THIS IS A VIRUS." many of them stop.

    TPM+proper software design is the only way this can be mitigated. I think most people here don't care for that solution.
  • by FreonTrip (694097) <freontrip.gmail@com> on Monday October 02, 2006 @01:01PM (#16278955)
    They're trying, but most of the mud they try to kick up doesn't stick because Mac OS X was designed as a much more forward-thinking system than Windows. At least as importantly, it also isn't saddled with hideous mounds of backwards compatibility issues, which also contribute tremendously to the chinks in Windows' armor. Security on Mac OS has generally been superior to what's existed on Windows/DOS for at least the last fifteen years; the cottage industry providing security for Microsoft's products didn't take hold on the Mac side in the same way because it generally wasn't needed.
  • No Sympathy (Score:2, Insightful)

    by humankind (704050) on Monday October 02, 2006 @01:03PM (#16278983) Journal
    If Symantec and McAffee actually made decent products these days, they might have a point. If they actually hired Americans to do most of their development, I might be a tad more sympathetic, but I don't have any sympathy for them. Microsoft has destroyed far more worthwhile publishing companies than those two. Seeing their core business hit doesn't bother me a bit. The truth is their products started sucking a long time ago.

    I just wish Microsoft would take down Quicken. There's another dynasty that has outlived its value and become bloated and mercinary like Symantec and McAffee.
  • by FreonTrip (694097) <freontrip.gmail@com> on Monday October 02, 2006 @01:07PM (#16279051)
    My point is that Symantec, McAfee, and various and sundry others can't make the argument that they're being locked out of the MacOS space because they were barely in it to begin with. A specious, shrill argument could be made on their behalf in the Microsoft-owned space because Microsoft has historically been so bad at security that any substantial long-term improvement by the company represents a very real threat to their presently thriving business model. More to the point, such an improvement will make their products seem less like beneficent caretakers and more like resource-hungry, inefficient parasites. To say that this development is overdue is a massive understatement; this niche in the marketplace should have been largely wiped out with the advent of Windows XP, if not Win2000 before it.
  • by Anonymous Coward on Monday October 02, 2006 @01:07PM (#16279061)
    From the article:
    "It says that it should be able to improve Windows without harassment by governments and has made a court challenge to the Commission's 2004 decision"

    So let me see if I have this correctly... McAfee and Symantec want access to the OS core so they can figure out how to make it more secure? These are the same companies who are perfectly happy milking the "update your virus definitions" security method rather than actually PREVENT infection. These are the same companies who like most of the Windows software world simply cannot conceive of how to write their code in such a way as to run ideally in a limited user mode. I'm sorry but Norton of all companies needs to be hauled off their pedestal and flogged for their bloatastic piece of steaming poo they call a security suite. If they were serious about securing data, they'd be promoting the living daylights out of striped arrays and using Norton Ghost regularly. But no, they're too busy milking the "update" cow to show any real insight and bring the collective knowledgebase of their customers up a notch.

    I think subscription-based systems are how everyone wants to push their software in the future (gotta keep paying the developers to do *something*, right?) and it is just the antivirus companies who designed that system with no thought towards the inevitable obsolescence inherent in all computing systems. Want to charge everyone for updates and then just sit back and fail to innovate? Okay, but you've just nailed your coffin shut with your belief that nothing fundamental about your 3rd party software dependancies will change.
  • Re:Much ado... (Score:2, Insightful)

    by milamber3 (173273) on Monday October 02, 2006 @01:10PM (#16279091)
    Maybe you could point us to this wonderful OS that is totally secure? Keep in mind I don't want to hear about some OS that holds 1% of the market and has never been affected by a virus. That just means no one cares enough to write one for it. You need to show in some way that you have proof no virus could ever compromise this OS you wish us all to use (there is no way IMO to show something is perfectly secure). Oh, on top of that please be sure to demonstrate that this uber-OS functions on a level equal to that of the current mainstream OS (windows, linux, OSX, etc).

    I won't be holding my breath for your response.
  • by krell (896769) on Monday October 02, 2006 @01:12PM (#16279151) Journal
    Bill, why not instead show us an OS where the spamlords, virusjacks, malware-hounds, and other cyber-creeps cry "foul"? Instead, you are angering the virus fighters!

    If Microsoft was in charge of instituting public health plans, it would introduce new reforms that would get rid of doctors instead of getting rid of diseases.
  • by dpbsmith (263124) on Monday October 02, 2006 @01:13PM (#16279163) Homepage
    I hope McAfee and Symantec were around pushing for the administration to enforce antitrust back when it might have mattered. It's too late now. This is what you get when a company acquires monopoly power.

    I remember when water-cooler talk veered from sports to politics to what word processor you liked. (Remember when there was more than one?)

    Anyone remember a program called Lotus 1-2-3?

    Oh, and what about Stacker? Why, yes, Microsoft stole Stacker's technology, called it DoubleSpace, and drove Stacker out of business despite Stacker's winning their patent infringement lawsuit.

    I haven't heard much about GoBack lately, have you? Wildfile GoBack... I mean Adaptec GoBack... I mean Roxio GoBack... I mean Norton GoBack...

    Anyone who believes all this was because Microsoft had superior products lives in a logic-tight compartment.

    It's too bad that the administration chose not to pursue antitrust in any meaningful way against Microsoft, but they didn't, and these are the consequences. If Microsoft feels like squashing Symantec and McAfee there's nothing you or I or Symantec or McAfee can do about it. Only the feds have enough power, and possibly even they don't have enough any more.

    So, let's all hope Microsoft's antivirus component is pretty good, because whether it is or not, in a few years it's all we're going to have.

    (Besides ClamAV, of course...)
  • by ScentCone (795499) on Monday October 02, 2006 @01:14PM (#16279181)
    I suppose Microsoft will claim that this is another integral part of an OS. While my first reaction is to scoff...

    Your use of the word "claim" implies that someone other than them should decide what is, and is not, part of their own product. They wouldn't be "claiming" such a thing, but simply stating it. "Yesterday, our product looked like X, and today, it looks like Y." Other companies that glom onto a freight train like MS and get rich doing so can hardly complain (with a straight face) when that other company's products change shape or purpose. Symantec and MacAfee aren't MS's customers, the end users are. If we ever get to the point of killing off most of the spam conduits in the world, we'll probably hear about how the spam-filtering appliance makers are being "unfairly" deprived of a living.

    This all derives from the pervasive sense of entitlement that's drenching our culture. MacAfee and Symantec know the score, but they're playing this card because they know it will resonate in a courtroom full of modern day jurors, should it come to that. Sleazy, but probably clever in real terms.
  • Re:Much ado... (Score:5, Insightful)

    by molarmass192 (608071) on Monday October 02, 2006 @01:17PM (#16279223) Homepage Journal
    I'm not disagreeing with you, you're bang on, but you raise an interesting point in "MS has made it impossible for any program to run at a low enough level (except MS programs of course)" that I want to expand on. MS doesn't sell open source software. They've never once said "do whatever you want with our OS". They don't provide source code to build your own kernel. So why the big stink by these companies? This is the nature of closed source software platforms. You're at the mercy of their creators. This turn of events for the anti-V companies is EXACTLY the reason why I no longer use or recommend closed source software to my board. Microsoft has ALWAYS owned the key to Symantec's and McAfee's business models. They've just decided to close that door now and these guys will now have to pay the price for the choice of platform they made. This same fate could happen to ANY windows-only software maker. It's the nature of dealing with a platform over which you have zero control.
  • by Sycraft-fu (314770) on Monday October 02, 2006 @01:17PM (#16279233)
    I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong. Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one. There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I wanted. Doesn't matter how secure your OS is, you gave it the permissions it needs.

    What virus scanners do is provide a database of known bad code (and check for variants). They are like a bouncer with a list of known criminals. Even if the owner says "Sure, let that guy in," they can check their list and say "Sir, you don't want to do that, he's known to be a bad guy."

    Now you are somewhat right that certain kinds of designs make more attacks possible. For example if you have services exposed to the Internet, then a worm can try to get in there without any user intervention. However the fundamental problem of malware is not solvable with any OS I'm currently aware of. Running as a deprivledged user does nothing. Either the malware can just install as the user and wreak havoc on that user's files (which is ultimately what they care about not the OS), or will just ask for escalation, which clueless users tend to grant without thinking, and then do as it wishes.

    Unless we move to a trusted architecture, where only signed apps can execute, or we manage to get all users to be highly technically competent, they'll always be a need for virus scanners, at least on the dominant OS. Lock down every other way in all you like, it doesn't matter when you can infect people by sending them an e-mail that says "Hi I send you this file in order to have your advice."
  • by kalirion (728907) on Monday October 02, 2006 @01:18PM (#16279263)
    Something McAfee, Symantec and all other anti-virus/anti-spyware/firewall/spam-filter companies should bear in mind, if operating systems, applications and other software had been properly designed in the beginning these companies wouldn't exist. These aftermarket companies are effectively parasites.

    They're not parasites, they're symbiotes. In a parasitic relationship, only the parasite profits. As you've said yourself, "It's would be true, however, to say that these aftermarket companies are in effect and after the effect Q/A arm of Microsoft, which has doubtless helped fuel Microsoft's growth."
  • by Churla (936633) on Monday October 02, 2006 @01:21PM (#16279315)
    No,

    If they release a new OS with beefed up security by the definition of ot being "beefed up" that would mean no need for third party security addons. Actually I believe Vista has a documented API for how they handle security now so Symantex and others can still write security applications. They're just mad because a lot of what they do isn't needed now. So if they do your version C they will still be hated by anti-virus manufacturers.
  • Re:Not just MS (Score:4, Insightful)

    by baadger (764884) on Monday October 02, 2006 @01:22PM (#16279347)
    I think it's better to create a moderately 'insecure' system (What exactly is insecure about the Internet's infrastructure anyway?) than to impose a grand overly complex security scheme on it to find it becomes a hinderence later (20 years later for example).

    Take for example e-mail/POP. It certainly has it's flaws, but is hugely successful and noone has yet been able to come up with a better system (for example, one that mitigates the spam problem) that doesn't also involve some hefty compromises that would make the whole system less useful to alot of people (and i don't mean just spammers :P).
  • by Mr. No Skills (591753) <lskywalker@hotm[ ].com ['ail' in gap]> on Monday October 02, 2006 @01:23PM (#16279357) Journal
    is a synonym for "someone we haven't figured out how to screw out of their VAR market share yet."

    The list of companies that added value to Microsoft OS products, then watched as Microsoft bundled those products into their offerings (often at no cost to the customer), goes back to MS-DOS. Quicken is the only product I've seen Microsoft take a bead at and not knock them into irrelevence. OS/2, Netware, Lotus 123, WordPerfect, AOL, Borland, several desktop database vendors, DEC, FAX drivers, scanner/OCR software, screen savers, and many others made some cash and then faded into the recycle bin. Now Microsoft is stretching into enterprise applications with their piles of money.

    Tough business to be in.
  • by ScentCone (795499) on Monday October 02, 2006 @01:27PM (#16279417)
    This is what you get when a company acquires monopoly power

    Um... so, if the very same company happened to have produced an O/S (let's go back to, say, Win98 or something, doesn't matter), that WAS airtight, and wouldn't be materially helped by third-party A/V products... wouldn't you still be saying the same thing? At what point did the publisher lose the right to make their own product better?

    At what point did the government, or third parties via the courts, become the best people to decide what features you think should appear in your new software product? Are you really comfortable with that, as a matter of philosophy? If Vista sucks in new and interesting ways, it will either have problems, or a third party will find a new (if temporary) way to make a truckload of cash. If it doesn't suck, all you've got is less trouble on the desktop, and fewer dart-throwing targets for people that don't like MS (um, including the ones who say they don't like MS because their products are secure... the irony is delicious).

    So, let's all hope Microsoft's antivirus component is pretty good, because whether it is or not, in a few years it's all we're going to have.

    So what? It's also the only thing that's meaningfully doing all sorts of things in its role as your O/S. If you don't like the collection of computer-operating tools that's called Vista... use something else. It's not MS's obligation to provide a platform for other companies to market particular pieces of the desktop and under-the-hood environment. No more than it's Symantec's obligation to open up their products so that MacAffee can make money off of "improving" Symantec's tools with another item you can buy.
  • by MSFanBoi2 (930319) on Monday October 02, 2006 @01:45PM (#16279759)
    Agreed.

    Not to mention, Trend has NO issues with being able to disable the Windows Firewall, Windows Defender or anything else. Not to mention it hooks into Security Center with no issues at all. Works perfectly fine. Now Symantec is claiming it CANNOT do all these things, why is it in a Beta that Trend has no issues with all of the above.

    Maybe if Symantec got some real programmers that could read Vista's API and basic documentation, which is available for FREE, they wouldn't be complaining so much.
  • by TheoMurpse (729043) on Monday October 02, 2006 @01:53PM (#16279929) Homepage
    Fuelled MS's growth in the same way a speed bump helps ford's growth.
    That analogy makes absolutely no sense. GP was saying that AV software has fueled MS's growth by effectively being the QA dept., providing a much needed service to users of the OS. If your analogy is assumed to be valid, this implies that your analogy states that speedbumps provide a necessary service for users in operation of their vehicle. This is absolutely not the case, and so by reductio ad absurdum, your analogy is not valid.
    Speedbumps exist to protect those who live in the surrounding neighborhoods and shoppers in parking lots. Now, if GP's statement about AV companies was that they protect users in the same LAN as a Windows box, your analogy would be correct. Sadly (for you), it was not.
  • by SyncNine (532248) on Monday October 02, 2006 @02:17PM (#16280431)
    Exactly! I remember when Norton Utilities for DOS was a set of near-impossible to replace system tools that were undeniably useful to anyone with the inclination to use them.

    Now we've got SuperSuite SystemWorks 2007.3 Ultra ++ Premium Platinum Professional Network Edition, and it's great! It loads a piece of shit e-mail scanner that sucks up 24mb of your ram and only works with two e-mail clients (not web based e-mail like most people assume it does!), some sort of 'worm protection' that succeeds only in disallowing you to connect to any remote machine ever, for any reason, you've got their anti-virus protection which incidently takes about 45mb of ram to sit in the background, double that if it's doing a scan, then you've got the heuristic detection, which is about another 5-10 mb of your ram, you've got the 'Symantec System Center' console, that takes about 10mb of ram just so it can tell you you're running SystemWorks 2007.3 Ultra++ Premium Platinum Professional Network Edition every five minutes in a pop-up window. Then there's Goback, which doesn't work, Ghost Personal 10, which I've yet to get to work properly thanks to its inability to properly clone 'msgina.dll', and an out-dated 'update' to checkdisk that the software doesn't allow you to force a manual run of. Don't even get me started on 'Norton Internet Security' which effectively stops you from transmitting *ANY* data unless the user clicks OK about a thousand times, and also does about 10 or 15 other things to your connection that it will never tell you about that impede normal workgroup/domain traffic. Lovely.

    And that's just SystemWorks. Don't forget about how Corporate Antivirus 10 has a nasty penchant for destroying corporate systems (as seen on slashdot here [slashdot.org].)

    Maybe I'm just bitter at having to remove all this shit from client's computers who have bought it and spent their $50 or $100 on this software only to have it completely screw them from top to bottom.

    I think that Symantec needs to do one of two things: Either drop out completely, admit that their software is a shadow of what it used to be and that they've lost all ability to write any sort of tight and non-resource hungry code, OR re-write their damn software to be functional and not take an average of 100mb of ram to run. I'm fairly certain that properly written code doesn't need direct kernel access to check whether c:\boot.dat is infected with a virus. 'Course, I'm no programmer, so, I don't know that for fact.

    But either way, if they did that, I think their cries would fall on more sympathetic ears.
  • Re:Much ado... (Score:3, Insightful)

    by apt142 (574425) on Monday October 02, 2006 @02:34PM (#16280793) Homepage Journal
    While I agree with you that Microsoft has had the keys forever and that they've never been very encouraging about allowing people to do what they want with Windows, it's a bit different than you detail. It's all about unfair market share. If MS had the market share that Linux or OS X does, then it's all fine and dandy. I'd be the first to tell Symantic and McAfree to stop crying in their beer and go back to work and figure something new out.

    But, it's not that way. Microsoft is a monopoly and they are clearly leveraging it here under disguise of securing their OS. The thing I can't get is why Microsoft would want to do this. It's quite clear that a windows computer without a good firewall and an antivirus is useless to the average user. And it's not like Microsoft has been on the spot about patching their OS or building a good built in firewall. Those new boxes will be open season after the first exploit is found.

  • by danpsmith (922127) on Monday October 02, 2006 @02:40PM (#16280919)
    I really hate this popular Slashdot myth that viruses only exist because OSes are designed improperly. No, wrong. Most viruses are just malicious programs that get executed by the user. They don't hack in to the system, the are downloaded with another program. They come in the front door not the back one. There isn't an OS level defense for this short of an Orwellian trusted computing scheme. If I sent you a version of Apache with malicious code in it and you installed it as root, I could do whatever I wanted. Doesn't matter how secure your OS is, you gave it the permissions it needs.

    I believe this is definitely true. Most people get viruses out of their own free will and/or stupidity, however, there are ways to make viruses more apparent than other things:

    1. Stop hiding extensions. People are less likely to open a file from an email if it is named hello.jpg.exe and they see that in plain view. Even the dumber of users could figure out this very simple thing. However, Windows likes to hide extensions from the user in order to make everything more "simple" by default, and I'm not so sure if there's even a way to turn off extension hiding at all in the email suites that ship with windows. It is evident that these things are viruses to computer saavy people (different looking icon, etc.) but most people don't tend to notice things like this.
    2. Stop hiding running processes. I understand that you want system protected threads that you can't end, hidden processes, etc. But the best OS is one that is transparent. It's discouraging to have to download another third party registry editor just to get into the even more hidden elements of the registry. I understand that registry hacking is something that's pretty common even among people who don't know what they are doing, but don't hide stuff from the people that are supposed to be using the registry editor. And stop, stop, hiding running processes from administrator users. It's a little bit hard to get something to quit malware wise without first knowing how and where it is running.
    3. Stop legacy support for strange script files which hide their extensions (even when "show extensions" is on. I was appalled to find out that even with show all extensions enabled, there were types of scripts that could be made to look like .jpg if they used certain old script types. (.clp, I don't remember what it was exactly)
    4. Prevent applications from tacking themselves onto other executables not in their space without warning. If an application is trying to edit critical parts of the registry, I'd like to know about this. There should be something that makes sure this happens. If things want to change what extension runs them, etc. this should all be done.
    5. Limit script scope. .doc files shouldn't be able to touch things outside of their scope, macro viruses shouldn't be able to harm anything because they shouldn't have access rights. You are dictating the scripting language in this case, quit allowing it to do things you don't want it to ever. Is there even a reason a macro should be able to write to the disk? Why not try a java approach on these things.

    I'm sure there are more beefs here that I'm not looking at but would be able to identify if I think about it more. I'm appalled that certain activities (such as simply viewing a page) can cause malware to take over the machine. Honestly, I think that's the major problem with windows today. IE + Windows allows you to gather a whole host of spyware simply by clicking the wrong link.

    I'm also irritated by the lack of trust that MS has for the user. I'm sure that nobody really knows what processes are, etc. in a very popular way, but that shouldn't prevent someone who knows what they are doing from seeing everything. The system needs to be more transparent. Stop pretending we can't be trusted with our own computers, and stop with the dumb dialogs on C: drive talking about how editing these files could kill us all. Don't treat us like children because you sell to them.

  • by Shotgun (30919) on Monday October 02, 2006 @03:15PM (#16281683)
    People have already found ways to attack the Vista kernel,

    Then why all the fuss. Problem solved.
  • by HiThere (15173) * <`charleshixsn' `at' `earthlink.net'> on Monday October 02, 2006 @04:48PM (#16283343)
    After l'affair SONY rootkit where all of those companies conspired to exploit the end users in default of their clear obligations, I want to see them ALL dragged through the mud. Thoroughly. And stepped on by swine. And sexually assaulted by hogs.

    Every single one of those companies took people's money, and then betrayed them. MS, McAfee, and Symantec are only some of the unindicted co-conspirators, of course. But their names are at the head of the list.

  • by Anonymous Coward on Monday October 02, 2006 @04:58PM (#16283525)
    I uhhh, I think you completely misunderstood this guys statement: Fuelled MS's growth in the same way a speed bump helps ford's growth.

    Here's his analogy: Ford is #1 auto maker on the planet, and they make vehicles held together by bubblegum and ductape. When someone hits a speedbump they fall apart. A 3rd party company (Symantec and McAfee) repairs your broken vehicle for you. This is such good business that they create huge corporations just by fixing broken Fords.

    Ford releases a new vehicle held together by tack welds and zipties, and the 3rd party company complains because there is less for them to fix...

    Now, I didn't read TFA so I have no idea if this guy's argument even really pertains to it, but that's what he was saying and I think the point was missed. His statements of living on borrowed time are on a much grander scale then an IE/Netscap type thing here. ...just my take on it.

    -AC
  • GOOD (Score:4, Insightful)

    by MilenCent (219397) <johnwh@[ ]il.com ['gma' in gap]> on Monday October 02, 2006 @07:31PM (#16285647) Homepage
    I'm no fan of Microsoft, but the major antivirus companies, especially Symantec, have had this coming for a looo-hooong time.

    Most virus writers have moved on to even more damaging (trojans, worms) or lucrative (malware) attacks by now, that the major checkers are either too slow to protect against or, in the case of malware, outright refuse to unless the user buys a new product. Meanwhile even Microsoft Word now contains some built-in anti-virus measures, all the major webmail providers have built-in virus scanning, and many new computers don't even HAVE floppy disks.

    This is not to discount the dangers of viruses, mind. My dad once took a new computer back to the store because of a virus on it that simulated a memory parity error, and boy was I EVER mad about that. But that was a 486DX running at 66mHz running Windows 3.1, and that was my last personal experience with viruses. They are just not the threat it once was, yet to listen to these guys, you'd think the world was about to explode, constantly, forever.

    McAfee was the company that mongered much fear a few years ago about a JPEG virus that was going around. Remember that one? [sfgate.com]

    Symantec is so anxious that people continue to subscribe to their highly lucrative virus definition service that they'll use any combination of the words "Urgent" and "Recommended," and red and boldface text attributes, to get people to pony up for another year of protection they probably don't need, and Microsoft themselves is a major contributor to this funding source by including that little Security Center taskbar icon to nag users into putting antivirus software on their machine.

    Antivirus software is the kind of thing that should be provided by the OS manufacturer for free, because it makes the OS more secure. Windows could certainly use more of that.
  • by ClosedSource (238333) * on Tuesday October 03, 2006 @10:53AM (#16291719)
    No, an application doesn't have to go throught the OS to get to the memory or hardware unless there is hardware there it enforce it and the OS has programmed it properly.

"I've seen the forgeries I've sent out." -- John F. Haugh II (jfh@rpp386.Dallas.TX.US), about forging net news articles

Working...