Slashdot Log In
Microsoft To Offer Virus Defense
Posted by
Zonk
on Fri May 13, 2005 09:54 AM
from the no-more-foot-shooting dept.
from the no-more-foot-shooting dept.
FridayBob writes "According to the New York Times, Microsoft plans to
enter the consumer antivirus business
with a subscription service next year.
Most of us will remember
Microsoft's assimilation of RAV Antivirus from GeCAD Software of Romania in 2003." From the article: "Microsoft plans to expand the service beyond its 60,000 employees this summer and offer an open trial for consumers this fall. No date has been set for a commercial introduction, but the executive in charge of the new business said it would ultimately be offered as an annual service by subscription."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
It should be part of the OS! (Score:5, Insightful)
Re:It should be part of the OS! (Score:4, Insightful)
Parent
Also try AVAST! (Score:5, Informative)
I've actually used this software to fix problems that McAfee couldn't (the boot time scan is not possible with McAfee).
Parent
Re:Also try AVAST! (Score:5, Informative)
It's great for tinfoil hatters too, since you don't even need a registration code.
Parent
Re:It should be part of the OS! (Score:4, Insightful)
Parent
Re:It should be part of the OS! (Score:4, Insightful)
Let me get this right (and twist the argument around a bit)...
You are saying that something that would be good for users (Microsoft fixing their vulnerabilities [forget for the moment how they are fixing it]) is bad for businesses? This is like saying, "finding cures for diseases is a bad thing because it will put the pharmacutical industry out of business"!
This flies against the face of logic. Then again, we are talking about businesses here. Anything for a buck!
B.
Parent
Re:"Anti-virus software" != "Fixing vulnerabilitie (Score:5, Insightful)
The virus issue is an interesting question. Any operating system that allows code that the user introduces to the system to run with privelages of the user is vulernable to virus attacks. I mean to say, I can write a binary for a Linux box that wipes every file the user running it has access to.
Is that a flaw or just how things are?
Viruses that exploit bugs or flaws in the OS are deplorable, and show what a lax attitude MS had for so long. However, as MS is fixing those, what's more and more and more common are programs that trick/deceive the user into installing them and then do something that is pretty much malware. How should that be handled? They aren't viruses per se, but they are annoying.
That's whats really wrong with Windows right now. It's just sucky when dealing with stuff on your PC that you don't want.
As Windows is continued to be locked down this is the last "growth vector" around.
At some point, the virsues going around are no longer exploitig what Windows has to "offer", but rather, the users themselves.
Parent
Re:"Anti-virus software" != "Fixing vulnerabilitie (Score:4, Informative)
I agree that many types of malware would be better fixed by changing Windows itself, patching obvious entryways such as ActiveX and such, etc;, since the majority of those are actually exploits of Windows system flaws rather than viruses in the traditional sense.
I also agree that the simple release by Microsoft of a free anti-malware products is little more than a band-aid in terms of fixing the general malware problem found on Windows today.
I do, however, disagree that Windows is alone in having traditional viruses (the classic Mac was also hit very hard in the past), and I think the recent focus of AV companies on Windows-centric forms of exploitative malware in addition to their more traditional activities (the detection and removal of traditional viruses) has blurred the distinction between the two types of malware in your eyes.
The two classes of malware are NOT the same.
Even if Microsoft were to fix the massive security holes that exist on their platform, a market for third-party anti-virus tools would still exist.
However, a Microsoft AV offering has the potential to remove that marketplace comepletely.
That's the difference...
Parent
Re:It should be part of the OS! (Score:3, Insightful)
Re:It should be part of the OS! (Score:5, Interesting)
No, no, no! It should be part of the OS. If I buy an OS and it is vulnerable to viruses, it is a flaw in the OS's design. Why do I have to pay extra to make my machine usable?
No, it shouldn't. If Microsoft *did* bundle AV with Windows, everyone on slashdot would be jumping up and down saying "Microsoft are being anti-competitive yet again!!". Microsoft have been (rightly) burnt by the fair competition regulations often enough to know that they cannot just bundle this in and need to offer their product so that it can compete on the open market.
That said, many people will use it because it is easiest to take it from the same vendor as the O/S, even if it's not the best solution, technically.
My biggest concern is that MS will use non-disclosed APIs to support their AV, leaving the rest of the market to use the current selection of cludges to make their work. Obviously, this would be unfair and they should be shot if they are thinking it...
Parent
Re:It should be part of the OS! (Score:5, Insightful)
There's a big difference between bundling antivirus software into your OS, and making your OS more robust against viral threats to begin with.
Parent
No, not part of the OS, just fix the OS. (Score:5, Insightful)
Anti-virus software should NOT be part of the OS.
But, by that same token, Microsoft should NOT be selling anti-virus software.
Parent
Re:No, not part of the OS, just fix the OS. (Score:5, Insightful)
No, they don't. Worms and trojans frequently exploit holes in the OS, but traditional viruses work by modifying executables. Unless we disable the ability to write to the disk (or disable the ability to execute code), viruses aren't going away.
Parent
Re:It should be part of the OS! (Score:5, Insightful)
Microsoft refers to this as "a business plan for generating recurring revenue".
Parent
Re:It should be part of the OS! (Score:3, Funny)
Hey how come there is no antivirus software needed on unix platforms?
Re:It should be part of the OS! (Score:4, Insightful)
Parent
Re:It should be part of the OS! (Score:4, Insightful)
Microsoft Crash Protect 2006
Microsoft File Restorer 2007
Microsoft Wormguard 2008
Can we see the problem?
Parent
Re:It should be part of the OS! (Score:5, Informative)
Essentially, a TCPA compatible computer will refuse to run all code which hasn't been pre-approved by some "trusted" organisation. This would make not-for-profit software development almost impossible.
And yes, except for a few cases like blaster, viruses don't exploit a vulnerability in the OS. They exploit human stupidity and naivity. An OS which isn't "vulnerable" to viruses is an OS which doesn't obey the user and let them run arbitary programs. Such an OS is usless.
Parent
Re:It should be part of the OS! (Score:3, Insightful)
And yes, except for a few cases like blaster, viruses don't exploit a vulnerability in the OS.
There's a difference between vulnerability due to an intentional mistake, and a vulnerability due to poor design, but in the end they're functionally the same.
An OS which isn't "vulnerable" to viruses is an OS which doesn't obey the user and let them run arbitary programs.
Useless? All the Mac and Linux users would disagree. Anyway, it's not even a matter of running "arbitary" (sic) programs, it's a m
Re:It should be part of the OS! (Score:4, Informative)
No, if I can run any code I want then I can run any binaries I sign (or people/companies I have decided to trust sign). I assure you I do not want to run trojans, worms, etc so I will not sign those. Or do you think for some reason I will not be able to specify which software signers I trust, including myself. If so I invite you to research the TCPA. Preferably not relying on uninformed rantings on
Of course as a side effect, you can't run free hippie operating systems unless and until their code is certified to be corporate-friendly.
Sure I can, corporations do not control which digital certificates I accept, I do.
Since I took the day off and frankly have nothing better to do right now, I will explain to you how this works. Let me start by saying I am not a fan of the TCPA, but not for the reasons you think.
Under the TCPA the user has complete control over which binaries he wants to run. Or it is possible to just turn off the thing altogether. I can say I only want my system to run binaries signed by Redhat, or Debian, or me, or GNU, or any combination of signers. I can limit my system to only running Microsoft binaries if I want, or IBM, whoever. I can run binaries signed by Kazaa and Limewire if I so desire. This is something of a major misconception by people who hate the TCPA without actually understanding it. The reality is a bit less evil, but much more subtle and (to me) frightening because it can slowly be introduced, like boiling a frog.
Which brings us to the two words at the core of this: Remote Attestation. Without getting too technical let's just say that remote attestation means that a client (or server, or peer, anything communicating over the network) can verify who siged the binary that it is communicating with on the remote machine. The obvious use case for this is media players. Hollywood wants to release movies on the internet but wants to make damn sure you are only viewing them in a media player that will respect it's DRM wishes, like not saving the stream, etc. With remote attestation they can be sure that the only client software that can connect to it is Windows Media Player running on a trusted Windows platform. The protocol can be completely open and documented, and it will not matter because to fake out the server, something like xine will have to be able to effectivly break RSA digital certificates to remotely attest itself as something signed by Microsoft.
Now if you are like me, the first thing you think about is Samba. Suddenly MS can comply with everyone demanding they open their protocols. They just make Windows so that it can only do file and print sharing with other Windows machines. Samba will not be able to fake it out like today. Now sure MS would not do this, it would piss off way too many people. But if their market share suddenly declines, and their stock goes down, it would be fiscially irresponsible of them not to leverage their advantages wouldn't it?
Another scary though is IIS servers that only respond to IE. Fake the browser string all you want, it will not help. This also works both ways if you run an Apache server and want to piss off IE users
There was talk a while ago that MS wanted to create their own TCP/IP like stack that was propritary to Windows, remote attestation is basically it when you think about it.
So recapping, while TCPA does not enforce what binaries you run on your system, it can be used by services to enforce who is talking to them over the internet.
Fortunately things have been changing a bit lately. Samba is much more widly deployed and legit, being used by plenty of well known companies both internally and as part of their product lines. Firefox has taken some of the lock that IE has on the web browser market, forcing many online banks and other historically
Parent
Re:It should be part of the OS! (Score:4, Insightful)
OK, I'm seeing a lot of this "lUser stupidity" argument. Unfortunately, that argument is flawed. Let me demonstrate:
Parent
This ought to be illegal. (Score:5, Insightful)
It seems to me that a company profiting from its own security holes is a serious conflict of interest.
From TFA:
Let's break this down into steps, shall we?
I'm wondering when M$ is going to cut out the unnecessary fluff in their operation and just get a license to print money.
Re:This ought to be illegal. (Score:5, Insightful)
Bad, man. Just BAD.
Parent
Re:This ought to be illegal. (Score:3, Insightful)
Don't get me wrong. I think the SPREADING of viruses should be stopped. But I think that falls into the internet connection. Adding a REAL firewall, and fixing IE. But I don't think it's the O/S's fault.
Re:This ought to be illegal. (Score:3, Insightful)
Viruses by and large run due to exploits in code. They exploit the code, placing themselves as the executable to be run, which then runs on that machine, exploiting other machines. On windows systems, the most commonly exploited code is the OS itself, or other Microsoft code commonly bundled [mssql, iis, ie]. So yes, it is the OS's fault.
Trojans, spyware, and other maladies are a different beast. They're commonly referred to as viruses by the masses, but
Why doesn't anyone point out the alternatives? (Score:5, Insightful)
Ah, good, someone else thought of the mob protection analogy. "Nice computer you have here. Shame if any viruses were to harm it."
What I wonder is why more people (you know, average computer users, not /. posters) don't think about alternative platforms such as Linux or Mac. But last night I was watching the local news and they had one of their typically sweeps-inspired scare stories about how letting your kids use their computer to go to gaming sites will lead to spyware, and adware, and who knows what else! Aaaaaah!
OK, ignoring the stupidity of tying gaming to evil, I found the reporter's conclusion interesting. Noting the steps that could be done to protect yourself, he said keep your OS up-to-date, run anti-virus software, run a firewall, and monitor what your kids do with their computer. I kept waiting for the obvious other solution: Get rid of Windows and move to a Mac. End of problem. I could just imagine the reaction of Joe Average watching this report if the reporter had said, "Or you could just switch to a Mac and have virtually none of these problems." Joe Average would have sat up and said, "What? Really? I had no idea!"
And that's the point, most people have no idea there are alternatives out there that minimize the problem. Not that Linux or OS X-based systems are totally invulnerable, but it's a lot harder for a virus even directed at such OSes to get traction when the first thing they have to do is explicitly ask the user for permission to run and ask for a password!
Watching that news report, I realized this is what my sister-in-law would be going through if she were using a Windows box. She is clueless about computers, checks her email faithfully every month or two whether she needs to or not (sarcasm), and is always connected through broadband. That's a recipe for disaster...except I recommended she get an iMac. Instead of having to clear out adware and spyware every time I visit, she just uses her computer as she wants without any problem in the 2+ years she has had the box. No way a clueless Windows user on broadband would be so lucky, but a clueless Mac user? No phone calls to me with tech support issues in 2+ years. If only more average users knew this kind of computing experience was possible.
Parent
So, let me get this straight? (Score:5, Insightful)
its like paying to have GM take care of your car when they built it without brakes!
Re:So, let me get this straight? (Score:3, Insightful)
Except a new car comes with a warranty, and if the defect is bad enough (such as no brakes), the product would get recalled.
Microsoft's EULA absolves them of responsibility for almost all defects.
Nice... (Score:5, Funny)
This isn't the first time (Score:5, Informative)
A cure for their own disease? (Score:5, Funny)
No, that would be Linux.
Microsoft To Offer Virus Defense (Score:3, Interesting)
Market Penetration... (Score:5, Insightful)
Really, don't most major-brand PCs (Macs not included, but this isn't an issue related to Macs as I doubt MS will make antivirus for OS X) come with AV? And people who build their own, I would guess, are a bit less likely to buy *cough* a Microsoft AV.
Didn't they try this already? (Score:4, Informative)
Outrageous (Score:3, Interesting)
Don't blame Microsoft (Score:5, Insightful)
FROM: sploitr@fishyware.com
SUBJECT: DO0D YOO gotta secyurtee pr0b/.
BODY: Yer eemail will be canc3lled if y00 do not click the a7tached fil3.
ATTACHMENT: malware.exe
The only way you can seriously argue that this is Microsoft's fault is by saying that they made it possible for people *this* clueless to get on the Internet.
Re:Don't blame Microsoft (Score:3, Insightful)
Wrong. At most it would wipe out their home directory, but not before emailing itself to their entire address book . Then it could attempt to remotely gain access to anything sitting on the local network - likely much easier than if you're attacking from outside - and email the results to the author. Insecure servers beware.
This isn't dramatically different to the worst that can happen in a prope
Prediction (Score:5, Insightful)
Expect a "trial" copy to be included in Longhorn that'll bug the fuck out of users until they break down and subscribe.
Microsoft will get its annual user subscription fee. It'll have NO incentive to fix its security problems. And we'll get shafted.
Thanks Bill!
This will just kill the industry (Score:3, Interesting)
I MUST be a prophet. Ten years ago I said that you will either run Microsoft software entirely or you won't run it at all. Adobe will be all thats left on the Windows side for off the shelf software.
Traditionally and additionally (Score:3, Interesting)
Several of the posts here are already agreeing with my thinking of "Microsoft, it's your crappy code that's causing the problem. Why should we pay you to fix something you broke but we bought in good faith?" Granted, I'm speaking mostly for my customers here as I am slowly moving completely away from Windows, but the point still remains the same.
It's come to the point where you have to question Microsoft at this point. If they start making money from Anti-virus subscriptions, what's their incentive to fix the flaws in the software that are causing the problems in the first place? The consumer already has a false idea that viruses and malware are just a fact of life and they WILL get infected without doing anything so they just live with it. If a peice of code is flawed that will allow introduction of malicious code of any type without user intervention, it falls to the software producer to fix it, not charge to protect against it. If you ask me, this is Anti-trust #3 in the making.
Look at Ford awhile back when all those Firestone tires were causing havoc. Did the customer have to pay to get new tires? No! This is the same thing. I would urge ANYONE that's considering using any MS products like this that they should reconsider. It will only support Microsoft's belief that they can milk money out of their customers for producing a crappy product.
Huge profits for Microsoft! (Score:3, Insightful)
Leave it to Microsoft to make money off their own incompetency!
Virus scanning is futile. Limit authority instead. (Score:3, Informative)
Downloaded software should not be given the power to mess with your system in the first place. This is a fundamental flaw in the design of Windows. Because it gives every running program the full power of the user account, Windows is B. A. D. (Broken As Designed). Linux and Mac systems have the same flaw.
To truly solve the virus problem, limit the authority of running programs. [skyhunter.com]
They'd be more successful (Score:3, Interesting)
They could use any methods if necessary, but no disintegration!
A Little Play (Score:4, Funny)
Salesman: Mr. Smith, here's your new car.
Mr. Smith: Thanks, Bill. Say, where's the seat belts?
Salesman: Oh, that'll be extra.
Mr. Smith: There's no windows or doorlocks either?
Salesman: Oh, that's extra, too.
Mr. Smith: I'm confused, Bill. Isn't my car supposed to be fully functional and include safety features?
Salesman: Well, Mr. Smith, we can include them on a trial bases for 30 days, but you'll have to return them or pay the subscription price.
Mr. Smith: What the f*ck, Bill? You mean I have to PAY repeadetly for something that should come with my car?
Salesman: Yes, Mr. Smith. Did you not read the EULA?
Mr. Smith: I think I want my money back.
Salesman: I'm afraid I can't let you do that, Mr. Smith.
Mr. Smith: Why the f*ck not?
Salesman: Because by opening the car door, you agreed to the EULA and you are bound to its terms and conditions.
Mr. Smith: You're a bastard, Bill.
Salesman: Actually, I'm the spawn of Satan.
If MS follows the strategy it has used in the past (Score:5, Interesting)
Then it's likely that every time you get an update, it will make any competing anti-virus product stop working. Some of us still remember the old rhyme: The code's not done till WordPerfect won't run.
If MS eliminates all other anti-virus vendors then we are put in an interesting situation. We have all heard the rumors that some AV companies have made deals with some spyware vendors and with the government to ignore programs that the vendors don't want scrubbed from your computer and that the government uses when investigating criminals. If there is only one vendor of AV software on Windows, there is only one company anyone has to negotiate with to keep their software from showing up as a virus.
On the other hand, I believe that the security of the computer is fundmentally the job of the operating system. So the software designer in me says that's where it should go. It should be a loadable module of the OS and it should be layered so that it doesn't just look for signatures but for suspicious behavior. It should check the logs for bad behavior, etc.
Finally, I simply will never fully trust any software that is built from sources that I can't inspect. I dont' care if it's the OS or the anti-virus software. I don't believe in security by obscurity. I want to be able to make sure that my AV software isn't excluding some malware because of a little money changing hands. My computer is MY property. If the government want's to know what's on it, I think they should bring a warrant, not plant programs on it.
While I recognize the value of "wiretaps" in law enforcement, I think that establishing a back door through which the government can load malware onto your computer will quickly turn into a backdoor that any hacker can and will use. Whatever technique they come up with, someone will figure it out, steal it, or buy it from some under-paid government worker. It will only leave all of our computers open... kind of like they are now.
I strongly suspect that Microsoft is going to try to dominate the AV market and use that domination to push their "Trusted Computer Model," where, effectively, MS owns your computer and controls what you can and cannot do with it.
All of this reinforces my commitment to never buy another MS Operating System. I only use Windows now because I love computer games and computer game manufacturers have not, for the most part, embraced the Linux market. I wish they'd hurry up and start porting.
Re:We'll give you virus protection (Score:5, Funny)
Yeah...."nice computer you have here...it'd be a shame if anything were to happen to it..."
Parent
Re:What disease is that? (Score:5, Insightful)
Finkployd
Parent
Re:What disease is that? (Score:4, Funny)
To use an analogy I saw a couple posts up, that would be like GM selling cars without any brakes, and then charging later for their add-on high-impact bumper, so when you hit stuff, you won't break hte car. They should just sell a goddamn working car in the first place.
-Jesse
Parent
Re:What disease is that? (Score:5, Insightful)
Yes Windows isn't the most secure environment in the world, but any intelligent user taking reasonable precautions doesn't have much to worry about. The reason there are so many virii, malware, etc for Windows is because there are so many Windows boxes out there. Put Fedora or Mandriva on 90% of the desktops and laptops in the world, and see how soon before there are Linux virii. The most insecure thing in Windows is the user. Social engineering, ineptitude, and sheer stupidity can bring down the most stable OS, even DOS.
People rant about how Windows was designed to be insecure, and, in a manner of speaking, that's true. Windows 9x was designed for easy conectivity. Networking and the internet was exploded around them, and they made a conscience decision to write the OS "just work" as much as possible. Fastforward a 5-10 years, and we see that that might not have been the best approach. Hindsight is 20/20. Can we say that MS is evil/inept because they made the wrong choice? Was IBM evil/inept for trying to implement MCA architecture? Was Churchill evil/inept for trying to stop a second world war with appeasement? It's easy to be a "Monday night quarterback"
Parent
Re:Is it just me ... (Score:3, Insightful)