Microsoft Admits to Serious Problems with OneCare

ZDOne writes "A ZDNet reporter has gotten some truly amazing quotes out of a Microsoft product manager about the troubled OneCare product. Arno Edelmann, Microsoft's European business security product manager, was flagged down at this week's CeBit event, and had this to say about the service: 'Usually Microsoft doesn't develop products, we buy products. It's not a bad product, but bits and pieces are missing ... OneCare is a new product — they shouldn't have rolled it out when they did, but they're fixing the problems now.' The problem is apparently with the the GeCAD antivirus code, which has had problems harmonizing with the company's Exchange updates. While Exchange 2007 doesn't cause issues, users with older versions may see their email quarantined as a matter of course."

Far more interesting admission

[AKAImBatman (238306)]

Usually Microsoft doesn't develop products, we buy products.

I can't believe the guy just admitted that. To a major publication like ZDNet, no less. After all the trouble that Microsoft has gone through to convince the US Feds and EU committees that they "innovate", I can't help but wonder if a flying chair isn't in this guy's future.

Quick!

[Rob T Firefly (844560)]

Somebody get that quote onto a clever t-shirt on Cafepress or something, because I want to wear it NOW.

Re:

[JPyObjC Dude (772176)]

Actually this does show some maturity from M$ if this is a "approved" statement.

Scary thing is that only a year ago, it almost looked like M$ would not allow other security vendors to release virus software for Vista and OneCare was going to be the only option. ... Now that was completely ignorant and short sighted.

Re:

[Khuffie (818093)]

No, MS (note the lack of childish dollar sign in the abbreviation), did not want to allow security and virus software makers to hook directly into the kernel, which is a completely different thing.

Re:

[jimstapleton (999106)]

buying does not indicate a lack of innovation.

You can buy a product, and add new things to it to make it better than it was before, that is still innovated.

Look at word is now from where it started, or Windows for that matter.

MS /Bought/ DOS, and they innovated (or in some cases as another slasdotter mentioned, pilfered) quite a bit onto it to get another OS - the 9x branch of Windows.

Structure and design for that still exists in modern Windows. Of course, the holdover stuff is stuff that most of us would r

Re:

[Gr8Apes (679165)]

buying does not indicate a lack of innovation.

Look at word is now from where it started, or Windows for that matter.

Yes, let's. Word - POS that still cannot consistently print text from printer to printer. That may in part be because of...Windows a POS that still runs like shit, even after 15 years of "development".

OK, two bad examples:

MS /Bought/ DOS, and they innovated (or in some cases as another slasdotter mentioned, pilfered) quite a bit onto it to get another OS - the 9x branch of Windows.

Actually, MS were fortunate to be able to buy DOS after they'd effectively already sold it. And windows certainly wasn't much of an innovation. It was so bad, people regularly dropped out of it to actually get some work done. The later 9x versions were a little slicker and certainly work

Re:

[jimstapleton (999106)]

IE 5+ was faster and more stable than the alternatives (Netscape, Mozilla, and even [just barely] firefox) on windows, up to IE 6. I'm not sure about 7, speed isn't the only thing in the world, and I switched during 6's lifespan. Actually I find in any OS I've used Firefox 1.5 is less stable than IE under Windows. I can't use Firefox2 because it doesn't work with some webapps I have to work with.

Just because you don't like it and it doesn't have flaws does not mean that ActiveX was not an innovation. Please

Re:

[jimstapleton (999106)]

I found opera to be slow, unstable, rendered poorly, and to have a clunky, ugly interface compared to IE. I gave it a couple of months at someone's insistance during the IE5 days, and didn't like it. Tried it a few times since, most of the issues improved, and it may be competative now, but I find Firefox suits my needs well enough and don't feel the urge to try opera yet again, after finding it unpleasant several times before.

Re:Far more interesting admission

[dgatwood (11270)]

Case in point, iTunes started out life as SoundJam MP. I think it is safe to say that it, combined with the iPod that it enabled, has radically altered the landscape of music sales. Significant innovation, in large part stemming from an acquisition. Final Cut Pro and DVD Studio Pro have radically altered the landscape of the field of video editing and DVD development. Final Cut Pro was originally a Macromedia product called Final Cut. DVD Studio Pro? Astarte DVDirector. Both products have substantially improved since the acquisition, of course, but they are still innovation through acquisition and improvement rather than through starting from scratch.

Everybody innovates at least in part through acquisition. The difference is that Microsoft seems to innovate almost exclusively through acquisition. :-D

Re:

[jimstapleton (999106)]

Very good example. I don't like either product in the least, but I nonetheless will agree that they were innovative.

Re:

[suv4x4 (956391)]

"Usually Microsoft doesn't develop products, we buy products." - I can't believe the guy just admitted that. To a major publication like ZDNet, no less.

This is not bothering me, but this quote is:

According to the security manager, security is only a small part of what Microsoft does, suggesting it does not have as much security expertise as established security vendors.

I hope they really mean "security expertise" as in "antivirus detection and filtering software" and not as in *really* "security expertise"

Re:Far more interesting admission

[iabervon (1971)]

It's clearly their more business-friendly name for ADamn, which the EU has been trying, unsuccessfully, to make them give.

Re:

[Ilgaz (86384)]

The next part is to admit that when they cannot buy a product, they steal the idea instead.

Who doesn't steal ideas? Don't make me talk about a certain company which does provide better software/support or their fans will kill me. :) I am used to getting banned from IRC rooms using top of the line hardware from them anyway.

They steal down to $20 shareware.

This was exactly my idea.

[someone1234 (830754)]

Sometimes they don't steal the idea, they steal the code : anyone remembers Stacker?

Re:

[tb3 (313150)]

And QuickTime. Apple developed the video playback software, containers, codecs, the whole shootin' match. Microsoft stole great chunks of the code, and later got caught with their hand in the cookie jar. That's part of the reason for the contra-deals between Apple and Microsoft in the 1990's.

Re:This was exactly my idea.

[toadlife (301863)]

Most large software companies do this. Cisco and Oracle come to mind as companies that buy instead of develop new product lines all the time.

I wonder why people see this a such a bad thing. Reinventing the wheel is viewed as a anti-pattern in the programming world, but when a large company chooses to not do it through acquisitions, it's viewed as a bad thing.

BTW, I was never able to find Duvel locally. :(

You see that is the MS Advantage.

[jellomizer (103300)]

If something goes wrong Microsoft takes the blame not you. You could run Linux for years and when one thing goes wrong you can get fired. But by choosing Microsoft you have many many major problems a month and still keep you job and even get a raise because you can blame MS on them. Even though MS will only say sorry and do little to fix the problem but still your job is safe.

Re:You see that is the MS Advantage.

[kebes (861706)]

You're absolutely right, and I hate it.

I use Linux extensively (at home and at work), but I'm always afraid to suggest it as a solution for others. Because then somehow I become responsible when things don't go perfectly smoothly. If instead I just recommend a "status quo" solution, then any bugs encountered will just be treated as "business as usual." The reality is that any software deployment will have annoyances along the way (whether Linux-based or Windows-based). The difference is exactly what you describe: "No one is fired for choosing Microsoft" whereas if you recommend Linux, you become "the guy to blame."

I'm not sure how to fix this state of affairs. It's a totally unreasonable double-standard, but it will exist whenever there is a defacto standard like MS has become (and IBM was, at one time). I think this is actually one of the major (and usually unmentioned) roadblocks to Linux adoption. Yes, you have some vocal Linux advocates... but the majority of us who really understand the advantages of Linux are scared into silence. (Or maybe I'm just a coward.)

Re:You see that is the MS Advantage.

[by Anonymous Coward]

When I started at my current job, at a startup, they had WYSE terminals connected to a Windows Terminal Server. We were growing fast, and I was in a position to decide what technology we would deploy moving forward. I wasn't going to be personally responsible for Windows (they can't pay me enough) so I standardized on Ubuntu Linux on cheap desktop machines.

We ran like that for a year. Many of the people (especially the sales folks) would constantly complain about problems. Problems that would mysteriously vanish when I was looking. Things like "I don't know where I put such-and-such a file."

Then the real company leadership, who had all been busy with another project, came in. Literally overnight, they decided that we would replace all the linux desktops with Windows. Fortunately at this point we had several junior techs that could do the job. And did.

I now have the only Linux desktop at the company. The windows machines have constant problems -- (I can't read my email! I can't log into the domain! etc...) BUT -- the important thing here is, no one complains. When there are constant problems now, it's not about how much the system sucks. It's just the way things are. Whereas on Linux, it was Linux's fault.

I'm personally convinced that there are far more problems on the Windows installs than there ever were on the Linux installs. The other techs who have more involvement in the desktops these days agree. But it doesn't matter, because Windows is the standard, any problems are also the standard.

Screw 'em. I'm just glad it's not MY responsibility. And no, I didn't get demoted or fired, I got promoted out of having to deal with office matters. Now I just work on the production systems, which are 100% open-source based.

Re:You see that is the MS Advantage.

[Master of Transhuman (597628)]

I have to admit that while I believe Linux can be used to replaced Windows in a corporate environment, the REAL issue is precisely this sort of human relations problem.

It could be that when you put the initial Linux solution in, there wasn't enough "prep" of the users. So ANY change would have been resisted, not just Linux.

You get taught this in decent system analysis classes - the "user prep" is critical to making ANY IT change work.

I changed the user accounts on the machines of one of my clients from administrator to limited as the start of a basic security hardening. I explained to the users that this was a basic necessity - never run as administrator. The users complained they have to switch to administrator too often to run like this. Even after I pointed out the "runas" command, they still had complaints. They viewed their machines as if they were home machines, not corporate machines attached to a network. They couldn't see that running as administrator, while easier from a production standpoint, was a threat to the entire network and that if a virus got in, it could drop the whole network - a serious production impediment.

Finally, I had to switch them back to administrator mode. They were attaching customer hard drives to their machines (to convert customer video files) and the NTFS wouldn't allow anybody but administrator to access the drives. The files on the drives were owned by an SID which was not recognized by the host system. On XP Pro, you could change the permissions to give the Everyone account full control of those drives - but half their machines run XP Home (and the owner doesn't want to spend money upgrading them to Pro.) On Home you have to go into Safe Mode to access the system Administrator account (or use a command line tool) - which is way too much work. Even my admin-level account can't do it in XP Home. I considered having them take ownership - which could be done from my admin account - but the problem with that is that when the drives are returned to the customer, then the customer wouldn't be able to access them. Having the Everyone account have full control would have been an acceptable compromise, but isn't feasible under XP Home because of the need to do it from Safe Mode.

You just can't win. There are just too many mistakes compounded on other mistakes in the typical business environment.

Re:

[porkThreeWays (895269)]

HAHA. No, that's not the way the world works. They will then ask why you chose the product because Microsoft is notorious for bugs. There's no winning. I've NEVER heard of someone blaming a vendor and their boss just going "ok, not your fault". It's "you get on the phone right now and tell them if they don't issue patch X this second we are going to sue" etc etc. This is really why administrators need to be programmers as well. I find real programmers less susceptible to be fooled by clever marketing materi

Microsoft makes users do beta testing now?

[qwijibo (101731)]

How is this different from practically every other software company? Sure, it would be nice if users weren't the beta testers, but this isn't exactly a new tactic. This has been going on for at least 20 years. I just can't attest to having direct professional experience with the tactic prior to that.

Hitting aggressive(unrealistic) deadlines has always taken priority over testing or finishing products prior to the release.

Re:Microsoft makes users do beta testing now?

[MightyMartian (840721)]

I'm afraid you're right. In the olden days of software, money was made off of support contracts, and new version and new feature rollouts were relatively scarce. The whole purpose of software was so that some big guy in a suit could charge big dollars to maintain the system.

When that business cycle was finally toppled in favor of the "new feature every year, new version every three or four", pulling more of a company's revenue into the software itself, the necessity came to pump out new stuff with as much frequency as possible, or at least to keep promising new features even when the product didn't actually exist. MS really started doing it with Chicago, putting out artists' renditions of screen layouts in friendly mags, still missing deadlines, and ultimately coming out with a terrible product (remember for the first 32-bit version of Office... which wasn't really 32-bit at all).

Microsoft's AV software, which had the AV community flipping out thinking they were screwed, has turned into one of the company's biggest embarassments. But it's not the only one. Vista incompatibilities are a serious headache, and a lot of folks just aren't upgrading. With the US economy looking like it's going into downturn, they're not going to be making up for it in OEM boxes.

I'm sure they'll survive this time, but the business model they're running with is showing cracks. I'll wager the other AV guys like Symantec are rolling around on the floor laughing at this, while MS's reputation at being able to manage the viruses that are taking advantage of the vulnerabilities largely of their its own creation is going down the tubes.

Re:Microsoft makes users do beta testing now?

[morgan_greywolf (835522)]

I'm afraid you're right. In the olden days of software, money was made off of support contracts

That model really hasn't gone away with enterprise software, it's just morphed. You still need a support contract, and you still need to pay someone lots of money to maintain the system. The difference is that these days you need to pay a whole team of people to integrate and maintain the little pieces morphed together as a whole system -- this is usually called the 'IT Department' these days. :)

I'm sure they'll survive this time, but the business model they're running with is showing cracks.

Their business model has shown cracks for quite sometime -- the biggest of them being the wayyy late arrival of Vista, with most of its highly-toted promised features (i.e., WinFS, etc.) replaced with some shine and polish that's already been in its closest competitor, Mac OS X, for three years.

Re:Microsoft makes users do beta testing now?

[MightyMartian (840721)]

I'm afraid you're right. In the olden days of software, money was made off of support contracts

That model really hasn't gone away with enterprise software, it's just morphed. You still need a support contract, and you still need to pay someone lots of money to maintain the system. The difference is that these days you need to pay a whole team of people to integrate and maintain the little pieces morphed together as a whole system -- this is usually called the 'IT Department' these days. :)

Agreed. Now we've got the worst of both worlds. Big dollars for the product (particularly to keep up with the frequency of releases) and big dollars to keep said product functioning.

I'm sure they'll survive this time, but the business model they're running with is showing cracks.

Their business model has shown cracks for quite sometime -- the biggest of them being the wayyy late arrival of Vista, with most of its highly-toted promised features (i.e., WinFS, etc.) replaced with some shine and polish that's already been in its closest competitor, Mac OS X, for three years.

It's a pretty severe problem. There simply isn't very much in Vista to make jump and go "I NEED THAT!" Windows 2000 had it, particularly for servers, XP had it for finally producing an NT-based general consumer OS, Server 2003 had it for cleaning up the issues in Win2k, but Vista doesn't have anything that demands a good chunk of the marketplace turn into early adopters. A good many people are faced with hardware upgrades or replacement. Then they're faced with potential incompatibilities. Whether it's business users, home users or heavy gamers, Vista simply isn't ready yet, but like Chicago/Win95 before it, MS has to get something to market. Even if it isn't ready. Even if it hasn't half of what was promised. It makes no difference, because the marketing machine that Microsoft really is requires the Windows/Office behemoth keep playing the version trick every few years or risk the whole thing coming down around their ears.

Re:

[oconnorcjo (242077)]

Microsoft's AV software, which had the AV community flipping out thinking they were screwed, has turned into one of the company's biggest embarassments. But it's not the only one. Vista incompatibilities are a serious headache, and a lot of folks just aren't upgrading. With the US economy looking like it's going into downturn, they're not going to be making up for it in OEM boxes.

I'm sure they'll survive this time, but the business model they're running with is showing cracks. I'll wager the other AV guys

Microsoft is not a security company

[rainhill (86347)]

"Microsoft is not a security company. Security is important, but it's just a little part of Microsoft," Gee, that's new.

There is also no 64-bit support

[benzapp (464105)]

It's quite amusing when a person installs Vista 64-bit edition, and is prompted to install an antivirus product like OneCare. There is a link to the site right on startup where you can order. It actually lets you purchase it and everything, then you go to install it - and it tells you it's on an unsupported platform.

Whoever runs the OneCare group should be fired!

Re:

[Achromatic1978 (916097)]

Sure it does. /IF/ you want to buy it after ignoring the system requirements right off the product homepage, why should they stop you?

"Note that the x64-based versions of Windows XP and Windows Vista are not currently supported."

Pretty damned clear to me. If you want to act like you've been lobotomised, see that, and say, what the hell, I'll order it anyway, ain't no website programming that's going to save you from yourself.

Yay for FUD>

Re:

[Pollardito (781263)]

i think what he's saying is that the person installing 64-bit Vista shouldn't be prompted to buy OneCare, not that OneCare has to support every platform or that the OneCare website should detect that you're running an unsupported OS

Re:

[Achromatic1978 (916097)]

It should (but then, when it is supported, what is to happen? a patch to allow it to prompt?) - the website should note 64 bit Windows (although I can't remember if it's flagged in the User Agent, though of course you have ActiveX), but the page you go to has a lovely clear list of "system requirements" clearly specifying "XP and Vista 32 bit. x64 editions of each are currently unsupported".

Re:

[benzapp (464105)]

Ok, I haven't checked in a couple of weeks - but this was newly added. Check out the support.microsoft.com forums yourself. There are many posts there. There are also all of the retail boxes out there which proudly proclaim support for Windows Vista, without regard to the version.

Re:There is also no 64-bit support

[VEGETA_GT (255721)]

Whoever runs the OneCare group should be fired!

fired out of a cannon into the sun.

Glad when they do

[HangingChad (677530)]

Usually Microsoft doesn't develop products, we buy products.

And most times I'm glad for that. Because most of the time the products they buy at least start out good before they trash it with their corporate branding.

SQL Server was one of their better products for a long time. Not so much now but it used to be a reasonably-priced and functional piece of software, at least at the low end of the load scale. Now it's like most of their products: Easy to manage but bloated beyond all recognition.

Re:

[oliverthered (187439)]

that should be Easy to manage until you get a problem (usually caused by buggy software) and then it's impossible to do anything because your hands are tied.

I've never had a problem on Linux that I couldn't get to the bottom of, even if it meant I had to fix bugs in the kernel source, at least I had the source to find and fix the bugs.

GeCAD was actually decent

[RootWind (993172)]

GeCAD's RAV use to be decent back in the day. The problem seemed to be that they did pretty much nothing but sit around (or transferred to different projects) after they were bought by Microsoft. By the time Microsoft planned on having OneCare, RAV had pretty deteriorated in technology with an only half-heartedly updated detection database (no product to support after all).

Re:

[drinkypoo (153816)]

This is the most common story in technology buyouts. Here's another example: TGV's Multinet was the fastest TCP/IP stack for Windows 3.x. They were working on a product for Windows 95, another lightning-fast stack (windows 95's stack was a bit of a pile of shit, as I'm sure we all know) and Cisco terminated the project after letting them noodle around on it for months, and put the engineers on a team developing software for cable modems.

Too Funny, and RAV

[PhYrE2k2 (806396)]

Too funny: "Microsoft is not a security company. Security is important, but it's just a little part of Microsoft,"

Nonetheless, GeCAD had good software products in RAV Antivirus (the romanian antivirus) but it was never as consumer-friendly or effective as it needs to be. SHould have left it as RAV- those of us using it as a linux mail server would have been happier.

-M

And that sums up their problems.

[Stumbles (602007)]

To quote " Usually Microsoft doesn't develop products, we buy products... "

So much for Microsoft's mantra of innovation. How can you possibly be innovative when all you do is buy up existing technologies and try to bolt them onto a POS of an operating system? Don't answer because that is a rhetorical question.

Re:

[dthable (163749)]

The startup companies use the innovative business model. After going through the growing pains and figuring out how to use those great ideas, a large company comes in and buys them. The founders and owners are more than happy to sell the company and walk away millionaires.

Then the system resets and starts over again. Isn't capitalism wonderful?

Usually Microsoft doesn't develop products ...

[ubrgeek (679399)]

They develop "undocumented features" :)

Re:

[Master of Transhuman (597628)]

Microsoft's new slogans:

Microsoft - we innovate bugs faster than anyone.

Microsoft - we innovate bloat.

Microsoft - we innovate computer insecurity. Beat that, Linux!

Gee - we didn't see this coming, did we?

[GuyverDH (232921)]

I think scores of us pointed out the fact that since MS can't be trusted to write a secure operating system, that we couldn't trust them to write software to secure and protect said defective product.

ZDNet Editorial: "The slow poison of OneCase"

[Keeloid (116585)]

If you thought the original story was embarrassing, check out the editorial on OneCare http://opinion.zdnet.co.uk/leader/0,1000002208,392 86364,00.htm [zdnet.co.uk]

MS Doesn't Develop Products?

[cmacb (547347)]

Usually Microsoft doesn't develop products, we buy products.

And all this time I thought Bill and Steve chanted "innovate" a few dozen times and new products just sprang into existence!

More brilliant ideas on security from Microsoft

[Master of Transhuman (597628)]

Microsoft security guru wants Vista bugs rated less serious [computerworld.com]

Any more questions?

Free beta testers

[HomelessInLaJolla (1026842)]

Companies roll it out before it's finished, or tested completely

That's what consumers are for. :-()

Their new Seuse line

[jd (1658)]

OneCare 2.0 Care, RedCare, BlueCare.

Re:

[pandrijeczko (588093)]

you can't get fooled again.

Especially if you're Roger Daltrey.

Re:

[Master of Transhuman (597628)]

Heh, heh, wait until you have to UPDATE Norton - which will then fail one of its updates - not the actual AV update, one of their other half dozen different updates - TWO of my clients have this problem now.

Or wait until it tells you that it has an "internal problem" and must be uninstalled and reinstalled - one of those two clients has THAT problem on yet another machine. TWO different Norton problems on two machines out of 22 machines - that's a ten percent failure rate.

Then wait until you have to uninsta