Forgot your password?
typodupeerror

Windows Chief Suggests Vista Won't Need Antivirus 361

Posted by CowboyNeal
from the steadfastly-bulletproof dept.
LadyDarth writes "During a telephone conference with reporters yesterday, outgoing Microsoft co-president Jim Allchin, while touting the new security features of Windows Vista, which was released to manufacturing yesterday, told a reporter that the system's new lockdown features are so capable and thorough that he was comfortable with his own seven-year-old son using Vista without antivirus software installed."
This discussion has been archived. No new comments can be posted.

Windows Chief Suggests Vista Won't Need Antivirus

Comments Filter:
  • vuja de (Score:5, Informative)

    by KillerBob (217953) on Thursday November 09, 2006 @11:04PM (#16790720)
    wow... haven't heard that one before.... No, really. I haven't.

    No system is immune to viruses. All it takes is a stupid user to allow it, and we all know there's no shortage of that. That's why antivirus products exist for every major OS out there. Even Linux has antivirus apps (though granted, most of them are geared towards Linux boxen running as servers for Windows-based networks).

    Oh wait. Technically, if it requires a stupid user's interaction to get in, it's not a virus. It's a trojan. I guess Vista really could be immune to viruses.... ;)
  • by RootWind (993172) on Thursday November 09, 2006 @11:14PM (#16790772)
    From TFA, it sounds like you really might not need an antivirus... if you lock it down with the parental tools so you can't download anything at all except from your own approved sites, that covers up a large malware attack vector that an antivirus is suppose to protect. After all, the role of the antivirus now and in the future will be that of a blacklist of known bad software. Everything else an AV does can be obsoleted.
  • yeah, big whoop (Score:4, Informative)

    by Maserati (8679) on Thursday November 09, 2006 @11:18PM (#16790800) Homepage Journal
    Coupla key points:

    1. He didn't say he let his kid on the Internet without an AV package running.

    2. He didn't say "firewall". Speaking of which, ZoneAlarm just grabbed focus and I think I let something connect out to the Internet. I'm running an installer so I'm not gonna freak out, but I certainly hope Vista won't let apps steal focus while you're fracking typing.

    3. He also didn't say the kid would be online unsupervised or without parental controls running.

    4. It's a safe bet to assume he meant the kid would use IE if he went online, but he didn't actually say it either.

    Nothing to see here, move along.
  • by Nightspirit (846159) on Thursday November 09, 2006 @11:32PM (#16790876)
    ...in certain circumstances. Hell, I haven't had a positive virus under XP for years. I'm running avast right now, but I'm contemplating just removing it completely. The only reason I haven't is because I occasionally get emails from relatives such as "click on this funny card!" containing links to god knows where.

    IIRC the only times I ever did get viruses were downloading porn or cracks. Sandbox what you can download (which at least they said they did in vista, who knows if it will be effective) and that eliminates most vectors, other than relative spam mail.
  • Big Boldfaced Lie (Score:2, Informative)

    by HermMunster (972336) on Thursday November 09, 2006 @11:42PM (#16790932)
    We already know that systems can become infected under Vista. There was a big long write-up of someone installing all sort of malware under Vista via iexplore. There's no question that what Allchin is saying is in direct response to the outcry that there's no compelling reason upgrade and that the security in Vista is really a minor feature. Maybe he's doing it to up his stock value so he can get out from under Microsoft with a big windfall in stock.

    He's out-going employee so he may feel he can lie all the wants. When the time comes a lot of people will be very disappointed in Microsoft and they'll also already have been duped.

    I wonder if Microsoft can be brought to court early for such fraudulent claims, maybe even to the point halting Vista's release. Making such false claims are akin to fraud. To let that out to encourage sales is to make those sales based on fraud.
  • yay for him.... (Score:3, Informative)

    by zcat_NZ (267672) <zcat@wired.net.nz> on Friday November 10, 2006 @12:04AM (#16791030) Homepage
    My kids have been using Linux "with no antivirus" since before they could type (they started with things like tuxpaint and gcompris)

    Windows is finally catching up?!!

  • by Anonymous Coward on Friday November 10, 2006 @01:03AM (#16791298)
    Never had a problem. Of course, I use Firefox, a NAT, and don't visit porn sites or use P2P, which pretty much cuts my attack vectors to zero. Haven't had any AdWare in, hmm, 4 years or so either. I have AdAware installed on my computer but haven't bothered running it in about 2 years since it never picks up anything.

    I never had any problems either. I use Firefox, a NAT and I do visit porn sites and use Torrents. I have AdAware and Spybot and HiJackThis on my system for years. Since I started using Firefox I have never had a computer Virus. I do run an AVG sweep every day, but have never had a scan come back with anything on it. In fact the only virus I have seen on my computer was something in the Java Cache that AVG found the day I installed it, and Norton never did find.

    I have been using Firefox and AVG for, I believe, 4 years now.

    Porn sites are not bad anymore. The people running porn sites don't want you to get anything from their sites as they want you as a repeat customer, ad revenue and all. That small percentage of idiots out there running fake porn sites ruin it for everyone.
  • by pandrijeczko (588093) on Friday November 10, 2006 @07:24AM (#16792118)
    For your information, Linux *is* pretty immune to viruses.

    A virus spreads because of applications running on a large population of machines share the same security hole. Bearing in mind the sheer number of different Linux distros there are, running different kernels, desktops and daemon applications, there really are very few applications that are common to a lot of machines that would also be capable of propogating a virus.

    Additionally, the tendency for users to run programs at root level on Linux machines is much less than users running programs with administrator priveliges on Windows - this is because the security model on Linux is much simpler, without complexities of things like the registry, such that the only files a normal user can damage (on a properly configured Linux system) are their own ones.

    Before I am accused of being a fanboy, the vulnerabilities in Linux (or any UNIX-like OS) are from buffer overflow attacks that cause a running daemon to drop to a (root) shell prompt allowing access to the system. However, these types of attacks are very directed against specific machines because they only work against specific versions of, say, FTP or Telnet on the system. Nowadays, of course, the tendency is to avoid using these daemons on the public internet anyway, instead opting to use secure services like SSH, SFTP & SCP.

    I work in OS security and whether you run Windows or UNIX, you can never view any system as being completely secure or invulnerable to viruses. But being aware of what those vulnerabilities are likely to be means that you are more likely to defend against those attacks when they occur.

  • Re:Jeez.. (Score:5, Informative)

    by QuietLagoon (813062) on Friday November 10, 2006 @08:51AM (#16792386)
    Allchin says stupid things. For example, here [microsoft.com] he says that Windows XP would not be vulnerable to buffer overflow attacks.

    We used new source automation tools that removes any potential buffer overflow attacks.

    News articles detailing Windows XP buffer overflow attacks are abundant [google.com].

  • by Anonymous Coward on Friday November 10, 2006 @08:59AM (#16792460)
    Someone has had his head up his ass for the last 10 days. Vista can be reinstalled indefinitely now, as long as it's only on one machine at a time.
  • Re:Jeez.. (Score:3, Informative)

    by AnotherDaveB (912424) on Friday November 10, 2006 @09:16AM (#16792584)
    this version of Windows will be the "Most Secure Evar".

    As I recall they billed XP the same way, and in the middle of their "most secure ever" ad/launch campaign, the FBI (I think on prime time TV) warned USA computer users of the terrible security vulnerability of XP's plug and play facility [marketwatch.com] which should be disabled before it caused the computer to morph into a flesh eating zombie (or words to that effect :-) ).

  • by pixelite (20946) on Friday November 10, 2006 @10:08AM (#16793046) Journal
    I have car insurance because the insurance companies lobbyists convince the lawmakers to make it the law
  • Re:Also reported (Score:3, Informative)

    by maztuhblastah (745586) on Friday November 10, 2006 @01:05PM (#16795200) Journal
    Point releases should NOT break api compatibility And in the couple years I've been coding almost exclusively for OS X, they haven't.

    Oh sure... they've nuked some of the deprecated ones (Apple keeps deprecated APIs for a little over two years, or one major release of the OS, for the most part), and they've changed some of the undocumented ones. But no developers should depend on undocumented APIs, and if you're given a warning two years in advance, you should have time to fix your dependence on deprecated APIs.

He keeps differentiating, flying off on a tangent.

Working...