Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Security Companies Tussle With MS Security Center 225

hey0you0guy writes, "The large security firms such as Symantec and McAfee want Microsoft to allow them to replace Microsoft's Windows Security Center. Microsoft is refusing these requests. 'By imposing the Windows Security Center on all Windows users, Microsoft is defining a template through which everybody looks at security,' Bruce McCorkendale, a chief engineer at Symantec, said in an interview. 'How do we trust that Microsoft knows what all the important things about security are to warn users about?' Given Microsoft's past, with vast piles of security flaws and patches, they should at least cooperate with these companies. A dispute still exists over PatchGuard, a security feature that Microsoft says is designed to guard core parts of the 64-bit version of Vista, but which critics say locks out helpful software from security rivals."
This discussion has been archived. No new comments can be posted.

Security Companies Tussle With MS Security Center

Comments Filter:
  • by Nimey ( 114278 ) on Tuesday September 19, 2006 @04:22PM (#16141173) Homepage Journal
    It's not as though Symantec and McAfee have spotless records on security and especially not fucking up your Windows installation. The more stuff that's in a sandbox the better.
    • by betterunixthanunix ( 980855 ) on Tuesday September 19, 2006 @04:34PM (#16141285)
      And Windows should have been designed with security in mind since '95, when they integrated networking and web browsing. Symantec's MASSIVE business is the result of poor design on Microsoft's part, which is a shaky basis for a business. The fact that Microsoft is at least trying with security is making Symantec nervous...

      Of course, they said that about other things too...

      • Re: (Score:3, Insightful)

        by Foolhardy ( 664051 )

        And Windows should have been designed with security in mind since '95, when they integrated networking and web browsing.

        Windows NT 3.1 was released in 1993 and was definately designed with security in mind. Windows NT(and its derivatives)'s security issues stem from misuse and implementation errors, not design flaws. Unfortunately, NT requires about 4x the memory of Win95, and didn't have as good compatibility with Win16 and DOS apps (due to strict memory protection), so wansn't marketed as a consumer OS un

        • Windows NT(and its derivatives)'s security issues stem from misuse and implementation errors, not design flaws.

          I had an IBM laptop with Windows 2000, and I liked the OS quite a bit. I ran as a priveleged user or some such title, not administrator. Until... wireless ethernet came out. I would happily take my laptop down to the pub and try to plug in my PCMCIA 802.11b card. Which I couldn't install or use as a regular user, only as administator. EVERY TIME I wanted to use it, I had to be administrator.

  • It is possible to run third-party security consoles in Vista, said Stephen Toulouse, a security program manager at Microsoft. However, people have to manually disable the Windows Security Center if they don't want to use it. And the software giant has no plans to give other companies the ability to turn off the Windows Security Center, Toulouse noted.

    What's the harm in running both at the same time? From a technical perspective, I don't see one. From a money-making stand-point, of course, I see one ...
    • Re:Arrrrr! (Score:5, Informative)

      by dave562 ( 969951 ) on Tuesday September 19, 2006 @04:30PM (#16141244) Journal
      What's the harm in running both at the same time?

      Have you ever run two anti-virus programs on a computer at the same time? More often than not your file system performance completely tanks because every time a file is accessed you have two programs trying to scan it and verify it's integrity. You will also frequently run into problems where one AV program will label the other AV program as a virus.

      • Re:Arrrrr! (Score:4, Funny)

        by Shadyman ( 939863 ) on Tuesday September 19, 2006 @04:50PM (#16141418) Homepage
        You will also frequently run into problems where one AV program will label the other AV program as a virus.

        That's not a bug, it's a feature. It's called 'competition' :p
      • by hpavc ( 129350 )
        I think they just mean the security center (system coverage status and alerts). McAfee currently has a 'do you want to replace windows xp security center with mcafee security center) basically it does just that.
      • by rbanffy ( 584143 )
        Just keep adding programs. You can still use the surviving one.

        It's kind of Darwin, without the reproduction part.
      • by ad0gg ( 594412 )
        Security Centor isn't a virus detector its just simple a control panel that shows if you have a virus detector installed, whether automatic updates are on, and if you have the status of the firewall. Its suppose to be a one stop area to access the configurations for everything and microsoft publishes the API for 3rd parties to add their products to it. Its not required for any virus program to use just makes it easier for users to access all the settings.
    • >What's the harm in running both at the same time? From a technical perspective, I don't see one.

      From a UI perspective, it's like the old joke about the man who buys a second clock and is never sure what time it is afterward. If they agree, the user gets the uncertainty of trying to figure out which one to use. When they disagree it will be worse.
  • Remember the whole bundling IE with Windows fiasco? Off the top of my head, I remember something about their media player in Europe too.

    I think their strategy is "do what we want until we get told off." Even then they could just pay a hefty fine and it still wouldn't hurt them one bit.
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      Oh bull. The WSC just tells you when you aren't running a firewall/antivirus and when you do have some installed it'll tell you the company it's from and other helpful details.

      Symantec and Mcafee don't like it because they want their own branding there taking up taskbar real estate with their fancy shield icons that say "hey look we're protecting you! we're so nice!"
      • by archen ( 447353 )
        I'll stand with Microsoft on this one. I don't want all this shit strewn all over the place with different pannels who knows where just to see if I'm protected and up to date. I am seriously NOT impressed with Microsoft's abuse of their market position, but this is completely vendor agnostic. I'd also be happy if MS actually grew a spine and started enforcing other crap on their system like what is allowed to drop junk on the task bar without warning, or clutter the start menu/desktop. Or perhaps notify
    • Re: (Score:3, Interesting)

      by king-manic ( 409855 )
      I don't agree a media player or a web browser but I do beleive security should be part of the kernel.
    • So they have an OS which frequently has security problems. They get a lot of flak for this. Then they attempt to mediate it by adding in security services. Then they get slammed for unfairly competing with Windows security software vendors.
      You can't have it both ways. If Microsoft makes their OS secure and bundles anti-virus/anti-spyware you may put companies that make their livings off of Windows insecure nature.
      Wheee.
  • by truthsearch ( 249536 ) on Tuesday September 19, 2006 @04:25PM (#16141197) Homepage Journal
    By imposing the Windows Security Center on all Windows users, Microsoft is defining a template through which everybody looks at security

    By imposing the Windows UI on all Windows users, Microsoft is defining a template through which everybody looks at UI.

    By imposing the Win32 API on all Windows developers, Microsoft is defining a template through which everybody looks at development.

    If you sell software to help manage Windows, Microsoft will define your business plan. Those are the consequences of dancing with the devil. Not that they should be happy with it, but you can't expect any less from Microsoft.
    • by Anonymous Coward on Tuesday September 19, 2006 @04:46PM (#16141396)
      It's in Symantec's interest that Windows *remain* insecure forever so they can keep selling workarounds to the broken OS.


      I wouldn't trust either side in this argument -- Micrsoft has long proven itself incapable of understanding comptuer security (at least compared to any other OS competitors), and the anti-virus guys have a business model that relies on Fear of Viruses.


      Neither is in a position to earn any trust from anyone.

      • > Micrsoft has long proven itself incapable of
        > understanding comptuer security

        That's funny. My understanding was that "Writing Secure Code" was among the best books of its kind. Are there better ones?
      • by drsmithy ( 35869 )
        Micrsoft has long proven itself incapable of understanding comptuer security (at least compared to any other OS competitors) [...]

        How do you figure that, given the design of Windows - from a security perspective - is *at least* as good as its contemporaries ?

    • Any OS that provides an enriched user experience is going to define how things are done. Even OSes that are real minimalist at heart like Linux still end up doing so just via convention.

      Ultimately it kinda has to go that way because that's what users want. They don't want every single thing about their computer experience to be totally different. They want consistency and that's why vendors like MS and Apple offer it. Even some Linux vendors do the same thing, and some apps demand it. Oracle doesn't like ju
      • ``Any OS that provides an enriched user experience is going to define how things are done. Even OSes that are real minimalist at heart like Linux still end up doing so just via convention.''

        That goes for some distributions, but hardly for all. Even on the distributions that install the distributors choice of desktop environment, office suite, web browser, mail client, theme, yada yada, you can often simply delete the corresponding packages and install others, getting a wholly different computing experience,
  • It is possible to run third-party security consoles in Vista, said Stephen Toulouse, a security program manager at Microsoft. However, people have to manually disable the Windows Security Center if they don't want to use it.

    I tried disabling the Security Centre in Vista Beta 2; it kept popping up messages in the system tray warning me that I'd disabled the security centre and should re-enable it immediately. Try as I might I couldn't find a way to turn that off.
    • Sounds like Homer's Everything's OK Alarm. "This will sound every three seconds, unless something isn't okay!"
    • Re: (Score:2, Insightful)

      by MioTheGreat ( 926975 )
      There's your problem. You're talking about a 4 month old build. It's like 2 mouse clicks and a UAC prompt to disable the security center in RC1.
  • by Weaselmancer ( 533834 ) on Tuesday September 19, 2006 @04:30PM (#16141249)

    And that's why MS will never allow other companies to replace it. It seems to say "this makes the user more secure" but it actually says "this makes US more secure". Notice how that is the vector that allowed Microsoft Genuine Advantage onto all the XP machines. Which is also doublespeak [wikipedia.org] - there is no advantage to the user, only to MS.

    If these guys think MS will simply hand over the keys to that much control, they're nuts.

    • Hence the name. Microsoft's Genuine Advantage.
  • Helpful Software? (Score:4, Insightful)

    by quanticle ( 843097 ) on Tuesday September 19, 2006 @04:35PM (#16141298) Homepage
    Last time I looked Norton used more resources and was harder to uninstall than most virii.
  • by argent ( 18001 ) <peter.slashdot@2006@taronga@com> on Tuesday September 19, 2006 @04:36PM (#16141305) Homepage Journal
    Microsoft's whole approach to security is backwards. And so is the approach of Symantec and Macafee and the rest... not to mention the EC and everyone who thinks antitrust is even applicable to this whole commotion.

    They think they can add security on, like a product. You can't. You have to design it in. If you had a building with no locks on the doors you wouldn't keep casual visitors out by adding guards before you'd even tried adding locks, even if carrying cards or keys was "inconvenient". So why does Microsoft think they can add security to Internet Explorer that way?

    The whole basis of Microsoft's approach to the Internet is fundamentally wrong. They can't fix it by adding products. They can only fix it by ripping out most of the desktop-browser integration they fought the DoJ to a standstill over in the Clinton and first Bush administrations, and making the browser responsible for never allowing an untrusted object out of the sandbox, no matter what. Even if sandboxes are "slow" and installing plugins are "inconvenient".

    Same with Windows networking, CIFS, CIFS-authentication for HTTP, and everything else they've done to lower the barriers between local and remote resources. Those barriers, those locked doors, are there for a reason.
  • We all know (Score:3, Funny)

    by Anonymous Coward on Tuesday September 19, 2006 @04:36PM (#16141307)
    Windows is the most secure OS on the planet
    • I laughed! If I had mod points, you'd be +1 funny.

      Microsoft is insecure for good marketing reasons. If your machine slows down with all that malware, you'll be tempted to upgrade to a new computer with a fresh install of Vista. It's an unspoken pact between Microsoft and Intel.
  • by sirsky ( 53613 )
    I'm not exactly sure how this can be considered an anti-trust issue. These 'security' companies have created products and business models around Microsoft's flawed and insecure product. If Microsoft chooses to fix what they can, and beef up the security of their own product, whether it puts other companies out of business or not, do they not have the right to do this? How is it Microsoft's fault if by fixing their product, it renders another company's business model obsolete?

    I mean, why don't these 'secu
    • Re: (Score:3, Insightful)

      These 'security' companies have created products and business models around Microsoft's flawed and insecure product. If Microsoft chooses to fix what they can, and beef up the security of their own product, whether it puts other companies out of business or not, do they not have the right to do this? How is it Microsoft's fault if by fixing their product, it renders another company's business model obsolete?

      Are you sure that, if Vista is released as Microsoft wishes it to be released, the need for 3rd

  • Two Problems (Score:4, Insightful)

    by dave562 ( 969951 ) on Tuesday September 19, 2006 @04:37PM (#16141318) Journal
    The first issue that I saw companies complaining about is not being able to disable Windows Security Center. I don't see that as being a problem. Right now I run Symantec AV on XP SP2 and Windows Security Center (WSC) identifies Symantec and the two co-exist. WSC doesn't display warning messages about "No anti-virus software installed" because it recognizes that Symantec is an AV program and life is good. It seems to me that Microsoft has a way of extorting money from companies. They will charge companies a fee to develop a WSC compliant application. They won't allow companies to replace WSC because WSC provides "important functionality" to the computing environment. I tend to agree. I'm glad that Microsoft is making sure that the key pieces of protective software (firewall and AV) are installed and running. I don't think it's too much to ask that other 3rd party developers play nice with WSC.

    The second issue, and the bigger issue is that Microsoft seems be denying companies access to the low level hooks that they need to properly integrate their applications with the operating system. I kind of understand where MS is coming from. After all if they allow Symantec access to the system call table and the various other, kernel level hooks, then they might as well allow everyone access. On the other hand, those who want access to the lower level functions of the OS are going to hack them anyway. It's a Catch-22. Personally, I'd rather that EVERYONE have access to the low level functions. That way the market can sort out who will do the best job of securing it.

  • by mumblestheclown ( 569987 ) on Tuesday September 19, 2006 @04:44PM (#16141378)
    So, McAffee/Symantec..

    Has actual PC security actually interested you in the past, say, decade? I was of the impression that you just paid some second rate programmer in bangalore a load of bananas to churn out any old crap that had the following requirements:

    1. we must be able to sell it in regular, deluxe, gold, platinum, internet, special edition, international, lite, and fat free versions. after all, this allows the user to pay for the exact level of security they need. consumer choice, right! some people only want to pay a little and thus be protected only against some vague subset of last year's threats, while others want to pay more and thus be protected a bit more against some vague subset of last year's threats.

    2. as in #1, the software must be sold in yearly versions. this allows users to respond to the cutting edge threats of 2003 by buying the 2005 version, still on sale in CompUSA (probably).

    3. we must really focus our efforts on getting this shiat pre-loaded on as many chain store PCs as posslbe. WARNING YOUR COMPUTER IS AT RISK! DO YOU WANT TO PAY $99.99 PER YEAR NOW TO UPGRADE? Your choices are [ Yes ] and [ Ask me again in 5 minutes with a big ass system modal dialog box ]

    4. The software must be impossible to uninstall, for Sound Business Reasons (tm). Well, we should include an uninstall routine, but ensure that it does not work if the software is modified in any way.

  • Remember that MS has faced years of harsh criticism over the insecurity of their products. They view WSC as a major step forward in combating future criticisms. By allowing someone else to replace WSC, they open themselves up to inferior products disabling it and making Windows in fact less secure, and once again making MS look bad.

    I suggest a compromise: create a method of adding widget-like components to WSC, so that Symantec and others can interface with it seamlessly and add information without Microsof
  • Silly question (Score:5, Insightful)

    by Guppy06 ( 410832 ) on Tuesday September 19, 2006 @04:49PM (#16141409)
    If third-party software could automatically disable Microsoft's Security Center, couldn't malicious software do the same?

    From a busines perspective, this may be the same as bundling IE, but from a security perspective this is the exact opposite: removing security holes rather than adding them (in the name of "functionality").

    Yes, Microsoft is likely being monopolistic, but I think I'd rather worry about all the Windows zombies populating the web rather than the profit margin of particular security software companies, especially when said companies rely on the inherent insecurity of Windows installations for their income.
    • Re:Silly question (Score:4, Interesting)

      by Shadow99_1 ( 86250 ) <theshadow99@@@gmail...com> on Tuesday September 19, 2006 @05:13PM (#16141625)
      This is the very same thought I had...

      Even if they only give the method to approved companies... What's to stop some nut job programmer for Mcafee or Symantec creating a piece fo code that only disables WSC and letting/allowing/or causing writers of malicous code that same ability... I doubt theyed be able to track such a thing back to a single programmer working for either company and I can imagine some large slices of change from places that want to write malicous code for such an ability...

      Also wants there is a way to turn it off (without user intervention), then what stops someone from accidentally stumbling across it?
    • The security centre performs four functions: It monitors updates, firewall, virus scanner, and anti-spyware (in Vista) software. Of those only the updates can't be replaced (in theory it probably could) and it doesn't ship at all with a virus scanner. So when you install it, it whines about not having a virus scanner. If you choose to install 3rd party utilities security centre is perfectly happy with them. I run AVG and Windows is quite happy with that. It notes AVG is installed, and notes it's up to date.
      • by Guppy06 ( 410832 )
        Those are my thoughts too, but it sounds like the Security Center in Vista will be more robust (somehow) than what came with XP SP2 (I'll have to try the RC sooner or later). But ultimately, all I've seen the XP version complain about is:
        1. Firewall isn't started
        2. Antivirus isn't started
        3. Virus definitions are old

        For the first two, I would hope third-party consoles would say something about that, unless they don't like people seeing just how long after startup it takes for their protection to kick in. As for

    • From a busines perspective, this may be the same as bundling IE

      Actually, it isn't really that either, because Vista doesn't bundle an antivirus tool, which is the flagship product of these companies. They do seem to include a simple antimalware thing though, but I fail to see the big deal about that, especially when it's about helping to protect clueless users installing random "funny applications" from the web. So I don't really see what the big deal is. Microsoft isn't bundling an antivirus tool. They do

  • if the host system has implemented its own version a security center, like vista, and has essentially blocked what truely is a 3rd party app to help windows do what it was meant to do in the first place, thats fine. i would rather something build into the kernel of the o/s than a 3rd party app that breaks windows when you uninstall it, and when it is installed, it slows your pc down to a grinding hault.

    ultimately its windows' product, their space, and it is not their fault another company has based their en
  • by Anonymous Coward on Tuesday September 19, 2006 @04:56PM (#16141473)
    If you open up part of the system so that rival security firms can access them, then potentially anyone could access them. Security mandates that there are some things that only the OS can access. So much as I despise M$, I have to agree with them here.
  • Spin... (Score:2, Insightful)

    by Anonymous Coward
    Not allowing 3rd party products to touch core OS files without significant hassle is a good thing. Am I wrong?
    • That depends. If the user wants to modify those files (eg. to install a third-party firewall because the build-in Windows firewall lacks functionality they need, or to install a custom boot screen because I hate watching the Windows XP logo), then preventing that modification is not a good thing. I'd note that Microsoft's chosen path is typical of them: given several ways to achieve a result, they will inevitably choose the one that gives them the most control over the user's system.

      • True, however what these antivirus developers are asking for is to take out Microsoft's mechanism to identify whether these applications are running: Antivirus, firewall, anti-spyware, and the Windows Updates service. (I may be missing some) It's easy to see why MS is hesitant of doing so -- where's the good reason for doing so, and how would it open for malware developers of replacing that one too with something fake? And just because MS doesn't approve this, doesn't mean that they don't approve Symantec o
        • And as I noted, it's completely ignoring the user and what he wants. If I want to completely remove those features, I should be able to. And no malware should be able to. It's not that hard: any program wishing to do that needs a password entered to do this. That's how my Linux box works: if I fire up the program to install new software or the one to modify start-up services, the first thing I get is a dialog "This program requires root privileges. Please enter the root password." and if I don't enter the r

          • by EvanED ( 569694 )
            If I want to completely remove those features, I should be able to. And no malware should be able to.

            Okay, so how do you determine whether what the user "wants" to install is malware? This is a non-easy question. (In fact, impossible generally.) Because we all know that the average user pays a lot of attention to the dialog boxes that opo up and would discriminate appropriately, right?
            • I'd say, if the user wants to install it and knows they're installing it, it doesn't matter whether it's malware or not. If I want to install software that'll route my Web browser through an advertising server, I should be able to do that. If I want to install spamming software, I should be able to do that. The system should be protecting me against unwittingly installing stuff. And if I have to enter an administrative password to install something, that should be proof enough. Users may have to learn that

  • First they came. (Score:5, Insightful)

    by OpenSourced ( 323149 ) on Tuesday September 19, 2006 @05:02PM (#16141534) Journal
    First they came for the office software companies. But I said nothing because I wasn't an office software company.
    Then they came for the internet browsing companies. But I said nothing because I wasn't an internet browsing company.
    Then they came for the media playing companies. But I said nothing because I wasn't a media playing company.
    Then they came for the security software companies. But I said nothing because I wasn't a security software company.
    Then they came for me, and there was no one left to speak out for me.

    I suppose some day the sofware companies that do bussiness with Microsoft and so help it consolidate its grip on the desktops of this world will take note and start thinking about alternative platforms.

    • by dave562 ( 969951 )
      I suppose some day the sofware companies that do bussiness with Microsoft and so help it consolidate its grip on the desktops of this world will take note and start thinking about alternative platforms.

      Probably not. They're betting that Microsoft is the best bet and they're going to stick with it. As much as everyone lambasts Microsoft, their software does get the job done for a large segment of the computer using world. I don't think that you're going to see anyone jumping ship until Microsoft makes a

    • by Sathias ( 884801 )
      So now Vista has been compared to the Holocaust... Congratulations, your post just broke the Slashdot anti-MS record!
  • by Curmudgeonlyoldbloke ( 850482 ) on Tuesday September 19, 2006 @05:03PM (#16141549)
    (no, really)

    As a former McAfee home user, I was rather surprised to see MS' "security center" replaced with McAfee's when I made the mistake of updating their AV software just over a year ago. What McAfee put in place instead was little more than an annoying attempt to sell me McAfee products that I didn't need (such as a software firewall; in addition to a hardware router controlling access in I also had a software firewall from another vendor in place to stop unwanted access out).

    I rejected McAfee for home use because of this, and tried to make it is clear as I could to the company why (although I doubt that that got past the poor bloody infantry on the helpdesk). Like many people here I'm sure, I get landed with fixing people's Windows PCs. Recommendations count, and McAfee's home software certainly haven't had any from me over the last year.
  • Simple solution (Score:5, Informative)

    by ditoa ( 952847 ) on Tuesday September 19, 2006 @05:14PM (#16141634)
    Don't replace, disable! Simply disable the Security Centre service, install your own and you're done. Infact this is exactly what we have done at work, the idea of a security centre is great however we wanted to add our own applications to the security centre. Sadly there is no way to do this with the default security centre in Windows XP SP2. So rather than try and extend it we simply disabled it and replaced it. Doing the job of the security centre is pretty simple as it is documented what applications have to do to be "seen" by the security centre so we just did the opposite to monitor them (Symantec is very difficult about this because it has anti-monitoring tech built in). I don't see why this is a big problem for Symantec. AFAIK there is no reason they cannot disable the security centre service when they install their application.
  • by segedunum ( 883035 ) on Tuesday September 19, 2006 @05:16PM (#16141648)
    They've been milking money from Windows lack of security and viruses for years, so it's been good business for them. They have flat out and point-blank refused, along with many other companies, to take a lead in developing another desktop system, and developing for it, so that they won't continue to be at a disadvantage. They want to support only Windows, and develop software only for Windows. Companies like Adobe, with it's suite of software like Photoshop and ex-Macromedia stuff that makes a tidy profit, are going to be next in the Redmond cross-hairs over the next few years.

    I mean, I know Microsoft has a monopoly through Windows, but do these companies really not expect Microsoft to use that against them? These software vendors, between them, do have the power to move people away from Windows and on to a system where they all have a much more level playing field.

    Bruce McCorkendale, a chief engineer at Symantec, said in an interview. 'How do we trust that Microsoft knows what all the important things about security are to warn users about?'
    Errrrr. I have news for you Mr. Chief Engineer *snigger*. Windows is a closed source operating system designed to make money for Microsoft. They control the software you run your software on, so they have the high ground. Be grateful that you have had a company and a nice salary off the back of that for all these years. Windows is not designed to keep you in business.

    A dispute still exists over PatchGuard, a security feature that Microsoft says is designed to guard core parts of the 64-bit version of Vista, but which critics say locks out helpful software from security rivals....."PatchGuard is hurting security vendors more than it is hurting malware writers," said Bruce McCorkendale, a chief engineer at Symantec, in an interview on Wednesday.
    Errrr. I have news for you imbeciles. Wait until that is protected by a Trusted Computing system in the hardware and it is difficult, bordering on impossible, to bypass and you are legally [wikipedia.org] prevented from doing so even if you could. See. The whole Trusted Computing thing is most certainly not just about DRM in films and music, and it looks like a fairly big deal for Microsoft.

    I mean, I think Windows is a monopoly and Microsoft should be subject to restrictions like all monopolies have been. However, there's a part of me that is glad that idiotic companies like Symantec, other security companies and companies like Adobe will probably go out of business. Many of them go into denial and like to pretend that they don't compete with Microsoft in order to support only Windows (making more money for Microsoft), but it is obvious that they do. When the brown stuff hits the fan they then whinge about it, rather than having put some thought and effort into ensuring their own survival. Digging your own grave must be a fun business endeavour.

    You know, Microsoft will argue that all these companies had it within their power, collectively, to go off and bolster the popularity of the Mac, or make Linux a first-rate desktop OS that they could sell their wares on if they weren't happy. And you know what, however much I don't want to really say it? They'll be right.
  • Bullshit. They just want to be able to sell a product, and they are mighty pissed off that MS are now bundling software that makes the products unnecesary.

    I still remember that their virus scanner used to catch back orifice as a trojan but completely ignore PC anywhere. Both products did pretty much the same thing except one was more extensible than the other. And one was written by the same people as the Virus scanner.

    These companies are just whining because Microsoft is now doing to them what it has to Ne
  • I know this isn't the crowd to say this to, but Vista really will be a lot more secure than past versions of Windows. In fact, the mere addition of Protected Mode IE will prevent the VAST majority of Malware from ever getting a shot at most users PCs. (Since IE is the primary attack vector for virtually all of the bad guys, whether that's directly through the browser or via IE components being used in e-mail clients or other applications.)

    McAfee and Symantec are very scared about this. They know that the mo
  • by Opportunist ( 166417 ) on Tuesday September 19, 2006 @06:36PM (#16142232)
    Not the usual MS bashing, more my usual posting on that topic. MS cannot, by definition, implement security, for the simple reason that their security software will be on every computer. That, in turn, means that, if you want to get spyware on a given computer, you HAVE to circumvent that security system. So this system will be broken by default by every given trojan out there. They might not go to the lengths of trying to defeat McAfee, they might not try to defeat Kaspersky, but they WILL for sure go to any lengths to defeat the MS Antivirus suit.

    Fighting security software costs resources. So you only do it if you have to. Many trojans today defend against the most predominant AV software, like the forementioned. Simply because they are widespread and thus do present a threat to the ability of a given malware to spread. How much more effort will be put into defeating a security suit that is invariably on ALL computers you plan to infect?

    For reference, take a look at the MS "firewall". Granted, the implementation is shoddy as can be, so defeating it is by no means any kind of feat, but still it HAS to be done. It is on every computer out there, on those computers suffering from clueless owners (i.e. your primary target as a malware writer) it is most likely the only kind of intrusion detection software. Defeating it is the golden key to the computer.

    It will be the same for MS AV. So there is NO security to be expected from an MS AV suite. Not because MS cannot do it. Because malware writers will put any effort necessary behind defeating it. Because it has to be done to infect a computer.
  • The large security firms such as Symantec and McAfee want Microsoft to allow them to replace Microsoft's Windows Security Center.

    If MS would allow this, you can just as well do a replace of "Symantec and McAffee" with "malware developers" to see the problem.
  • I think given the possibilities I have to side with MS on this one.

    "Microsoft Caves In; Allows Third Party Security Centers"
    A month later: "Hackers spoof fake Security Center tricking millions of users"

  • Report (Score:3, Insightful)

    by suv4x4 ( 956391 ) on Tuesday September 19, 2006 @08:13PM (#16142850)
    Report on our Grand Plan on eradicating terrorism and child porn accross the world:

    -I-I-I-I-I-I-I-I-I-I-I-I-I-I-
      Terrorism
    -I-I-I-I-I-I-I-I-I-I-I-I-I-I-

    *Threat:
    The security measures are widely announced and campaigned, terrorists educate themselves and go around the new measures.

    *Collateral:
    People being frisked, called on "random checks", arrests, disruption of business, spread of fear, rapid increase in intolerance towards muslim religion, rapid increase in muslim radicalists towards western cultures.

    -I-I-I-I-I-I-I-I-I-I-I-I-I-I-
    Child Porn
    -I-I-I-I-I-I-I-I-I-I-I-I-I-I-

    *Threat:
    Child porn sharers have long since moved to encrypted channels, they are nowhere to be found on public internet.
    Data retention can't decrypt strongly encrypted information and can't differentiate which encrypted data contains child porn or just bank data or whatever.

    *Collateral:
    All those people who think they're safe since they did nothing have their data in the government. Corrupt people in appropriate position accessing private information and issuing arrests based on indirect evidence.

You had mail, but the super-user read it, and deleted it!

Working...