Microsoft Agrees to Changes in Vista Security 318
An anonymous reader writes "Bowing to pressure from European antitrust regulators and rival security vendors, Microsoft has agreed to modify Windows Vista to better accommodate third-party security software makers. In a press conference Friday, Microsoft said it would configure Vista to let third-party anti-virus and other security software makers bypass 'PatchGuard,' a feature in 64-bit versions of Windows Vista designed to bar access to the Windows kernel. Microsoft said it would create an API to let third-party vendors access the kernel and to disable the Windows Security Center so that users would not be prompted by multiple alerts about operating system security. In addition, Redmond said it would modify the welcome screen presented to Vista users to include links to other security software other than Microsoft's own OneCare suite. From the article: 'It looks like Microsoft was really testing the waters here, sort of pushing the limits of antitrust and decided they probably couldn't cross that line just yet.'"
testing the waters? (Score:3, Insightful)
From the article (and /. summary):
It's only an author's surmise, but as I understand and interpret Microsoft's position, there is no line they will be able to cross ever while they are still a monopoly. Microsoft enjoys (immensely) their monopoly position in PC OSes, and as long as they do (immensely), they will continue to be proscribed from using their monopoly to leverage, influence, and otherwise compete unfairly with any other of their products.
There is no line to test.
I don't get it. (Score:4, Insightful)
On one hand people bitch about MS's lack of security yet when they do essentially what is asked it is claimed they only did it to be uncompetitive.
Make up your mind. Or is just permanent open season on MS?
I find it kind of interesting... (Score:5, Insightful)
Companies like Symantec (aka Norton) have profited immensely from an industry created because Windows wasn't secure.
Now they're upset because Microsoft wants that piece of that market; in other words, Microsoft wants to profit from the fact that Windows isn't secure.
Yet in pretty much every other operating system, the solution is simply to make the darned thing secure.
Now, I realize that the issues are a bit larger than this, but I do wonder: IF Microsoft ever released a truly secure operating system, thus making Symantec and other such companies as relevant as the buggy whip, would they then sue to prevent the release of the O/S?
Re:Microsoft cant win (Score:3, Insightful)
The problem is that Microsoft's record with security isn't great; lots of people (myself included) prefer to trust another company to provide anti-virus and firewall security under Windows. Microsoft will have to work very hard - in an equal arena -- to show that their AV and firewall solutions are as good or better as those of their competition
While I dislike the M$ monopoloy... (Score:2, Insightful)
Of course if it turns out that Microsoft was just locking other vendors out to make users use their security software, which performed poorly I applaud the EU for helping the consumers. Because really all I care about is how well the end result is.
Re:I don't get it. (Score:3, Insightful)
3rd parties should protect the OS (Score:3, Insightful)
Re:testing the waters? (Score:5, Insightful)
We've all been over this before...
"You know why people use Microsoft Windows? Because they like it."
Microsoft will never allow anybody to test that hypothesis in any meaningful way. You can't say that with any certainty until Dell and HP start saying "Would you like Vista or Fedora with your new computer?"
And how does Microsoft do this? By abusing their monopoly power.
Government Interference in the Marketplace (Score:2, Insightful)
Sorry but I think the kernel should be off limits. Leave that to Microsoft and hold them wholly accountable to preventing issues with it. On one hand people bitch about MS's lack of security yet when they do essentially what is asked it is claimed they only did it to be uncompetitive. Make up your mind. Or is just permanent open season on MS?
Exactly.
That is why we got such awful security in Internet Explorer [although for the opposite reason]: Back in the mid-to-late 1990s, the Clinton administration was suing Microsoft over their "monopolistic" marketshare, and because of that [vis-a-vis Netscape and their browser], Microsoft was forced to integrate Internet Explorer into the operating system so that they could say to the Justice Department that they couldn't ship a version of Windows without it.
Fast forward eight or ten years, and now we've got the reverse: Microsoft is forced to open up the operating system to appease EU regulators who want all of their security vendors to be able to get a cut of the action.
In either direction [governments forcing Microsoft browsers into the operating system, governments forcing third party vendors into the operating system], what you get is government-induced mayhem.
But of course that's not the politically correct point of view here at Slashdot, so expect me to get modded down to "-1 Troll".
Re:I don't get it. (Score:3, Insightful)
Now that there's a chance all those holes might go away, they will fight tooth and nail to prevent that from happening. I'm no Microsoft fan but these companies whining about Microsoft using their monopoly position to shut them out of the market, are in conflict of interest.
Nothing new here, just buisness as usual.
Re:I find it kind of interesting... (Score:2, Insightful)
Re:I don't get it. (Score:5, Insightful)
Lies. Trend and Avast have apparently been able to run on Vista without any problems. They knuckled down and wrote code so they worked on Vista, and indeed Vista has an API called Windows Filtering Platform, which allows anti-virus makers to monitor file activity. Symantec and McAfee, on the other hand, threw a hissy fit.
Microsoft is, for once, clearly in the right.
Re:I don't get it. (Score:2, Insightful)
Re:What other changes before launch? (Score:3, Insightful)
For those who missed the "irony" tags - people didn't switch from 2k to XP - they went from Win9x to XP - the 2k users continually dug in their heels when it came to switching. And certainly nobody I know even has Vista on their radar ...
Really, is there ANYBODY who knows a real live "Joe Sixpack end user" who is even aware that Vista exists? Its pretty bad when both OSX and Linux have a bigger awareness in the general community than linux's new flagship.
People will continue running XP long after its end-of-lifed, mostlyt to play games. And the antivirus vendors will cash in on this, by selling patching services to fix bugs in XP long after Microsoft stops supporting it - because its "good enough" for most users.
Its not like you need the source code to patch. Virus writers "patch" XP all the time.
The Wikipedia treatment (Score:2, Insightful)
The value in finding security holes in a Windows box is that there are millions that can be turned into zombies to be used to crank out spam or worse. There is no money in hacking Linux. [citation needed]
Most of the holes found in Windows come from Linux hackers who rarely take a look at their own OS. While there are many secure features in a standard Linux distro most sysadmins never address them. [citation needed]
The way most people implement Linux is like parking an armored car outside of the bank but leaving the doors open. [citation needed]
Just because you say it in a expert tone, does not make it credible or correct.
Re:NO NO NO. (Score:3, Insightful)
blah, EU went too far (Score:3, Insightful)
Forcing MS to weaken Vista's security and reliability to accomodate these AV companies sucks though.
This is a -bad- thing. Why are we applauding it on slashdot? Are we so caught up in MS hate that we want the government to force them to weaken their product from a technical standpoint?
Maybe this is an example of how having a reputation for lying will make people think you are being dishonest even when you are telling the truth. I know a lot of people on this website dont totally understand the technical issues involved. But doesnt the EU commission have any experts that can explain to them that they are weakening Vista by forcing this on MS?
Build from Scratch? (Score:3, Insightful)
However, expecting the average user to know how to do that is like expecting the average person to perform brain surgery. Most people I know have a hard time telling the difference between RAM memory and Disk memory. They think the tower is the "CPU", and that SCSI is what you call gum stuck to the bottom of your chair. It's not that the people aren't smart. It's just that they have no context to work from, and for that matter, no motivation to learn. You could probably learn how to bake bread from scratch, but why bother if you can just go to the store and buy it ready made? Sure, bread made from scratch is better tasting, and probably a LOT better for you, but you don't have time to fiddle around with it. So, you let other people do the baking for you, and you just keep buying scuzzy store-bought bread.
Re:testing the waters? (Score:3, Insightful)
According to the EU, MS apparently has some obligation to keep these security companies leeching off their OS exploits alive, even to the point of opening their system to security exploits in Vista to do so.
Don't get me wrong, I can understand Symantec going nuts about the OneCare advertising, and can somewhat understand the security center, (although I think MS should allow Symantec to write whatever they want there instead of letting Symantec Disable the thing for their own offering, since apparently, I need even more tray icons telling me something I don't know for some reason.) but the kernel access is simply unacceptable.
Basically there are two ways to go here.
1) Lock down the kernel so absolutely nothing outside of a service pack (being some sort of boot disk) can touch it, run everything else outside of kernel space, and have documented Kernel API calls to allow you to search for anything trying to hide outside of kernel space, which will stop many to all Rootkit attacks since nothing can hide and increase kernel stability since nothing can patch it, with the only drawback being some performance loss since low level access is off limits now.
or
2) Do it the EU way and "ensure that consumers continue to have a choice in security software" (which by the way, Isn't a problem [slashdot.org]) by opening the kernel to third party apps, which will no doubt be exploited regardless of how MS protects the kernel patching by malware and allow most rootkits and the like to latch onto the kernel while these so called security programs happily let the malware run in kernel space because it doesn't even know it's on the PC. That way, the Security companies can claim that Microsoft "Still has a Security Problem" and "need us now more than ever"
I don't know about you, but option 1 is the way to go for me, but since it sounds like their going option 2, then apparently all this security that Vista has will be no better than XP in the long run and I can expect seeing more FU and hacker defender rootkits in the vista future.
Re:I find it kind of interesting... (Score:3, Insightful)
There is nothing like a secure OS.
People who forget Multics [wikipedia.org] are doomed to, er, um, forget that it existed.