Microsoft To Offer Free Anti-Virus Software 448
Dynamoo writes "The good news is that Microsoft have announced free anti-virus software for consumers, dubbed Morro, available late next year. The bad news is ... well, exactly the same. Although Microsoft's anti-malware products are pretty good, this move could drive many competitors out of business and create a dangerous security monoculture; major rivals will be lawyering up already. On the other hand, many malware infections could be prevented even by basic software. So is this going to be a good or bad thing overall?"
re Hard to decide ... (Score:5, Interesting)
If it comes free with the OS it will drive away competitors because Joe-sixpack is
not going to spend any money to replace something he got for free, even if it sucks.
On the other hand, if any feature needs to be part of the OS is precisely a form of
protection against malware.
Come to think of it, if MS does a bad job of protecting PCs and drives away
competition on virus protection, maybe the company will finally implode and let other OSes
get a greater market-share.
Re:re Hard to decide ... (Score:5, Interesting)
Its illogical. How can you produce a product that attacks things attempting to exploit your holes when you have the ability to patch the holes?
If they sold it, it would be a conflict of interest.
Re:re Hard to decide ... (Score:5, Insightful)
Antivirus guards against trojans, too. Not much Microsoft can do to patch if the user is insistent upon running that program (i.e. the security hole is in the meat), but a whole lot of them will sit up and take notice if their antivirus pops up and warns them away.
Re:re Hard to decide ... (Score:5, Interesting)
but a whole lot of them will sit up and take notice if their antivirus pops up and warns them away.
You'd think so, but that's simply not the case. In my time as a PC tech. I saw all too many PCs where the user had clicked on something, seen repeated antivirus/anti-spyware warnings and still continued with the installation. Basically, it comes down to an issue of trust. People distrust their antivirus as much as they distrust the random crapware they download from the Internet. So, when the antivirus pops up and tells them, "Hey, this software is going to bring along a virus," they feel safe in ignoring it, since they've seen all too many false alarms for other things (like tracking cookies).
Re:re Hard to decide ... (Score:5, Insightful)
Well, I said a lot, not all. Remember, as a PC tech, you've got a locality bias. You're seeing a lot of people whose PCs were infected. The ones who practice safe computing probably don't come in as much.
Re: (Score:2)
Fair point. I do know of a lot of people who haven't bothered running anti-virus in years, and have never been infected because they simply use safe computing practices (like staying diligent with patches, avoiding warez and other suspicious executables, etc.). However, I somehow doubt that this 'Morro' will be targeted towards that demographic.
Re:re Hard to decide ... (Score:5, Funny)
Yeah, they probably even use Linux. Savages.
Re:re Hard to decide ... (Score:4, Insightful)
Don't forget the ones who click on misleading popups that say "You may have a virus", thereby installing malware.
Re:re Hard to decide ... (Score:5, Interesting)
It is much worse... I got a trojan on my system, a Net Devil, roll-your-own type. Before I went to uninstall it, I debugged it and got the ICQ account details. I used the credentials to log into the account and changed the password. I watched as the victim IP addresses poured in! To investigate, I downloaded the client half of Net Devil and connected to a few victims. Total access!
Screen capture, key logger, executable, download, upload, you name it! It had a feature to send popup messages that I used to tell the victim they had a virus and they should take steps immediately to remove it. Some would unplug their computers immediately, while others would just click OK and keep going. I would send another message like "No really! You have a virus!" and they still just pressed OK and just kept typing their IM. Of course, it usually got their attention when I opened 30 message dialogs in a row. The most effective way I got their attention was to turn their graphics upside-down and open their CD/DVD tray :) Nothing like a ghost in the machine to wake them up.
It had an option to remove the trojan from the host, so I cleaned up a few, but the IP addresses kept flowing in worldwide (esp. France?) and it was rather depressing trying to help users that pretty much ignored anything but the blatant scare tactics.
Re:re Hard to decide ... (Score:5, Insightful)
How did you get the ICQ password? If it was used by the trojan to log into an ICQ account and send messages, then after you changed it no other clients would have been able to send messages.
It's a good story, but smells a little fishy right there...
Re:re Hard to decide ... (Score:4, Insightful)
Also, remember that to really "fix" Windows, an intense redesign of user permissions and system architecture would really be needed, something that MS has yet to suck up and do, for a variety of reasons (I'd posit that they misstepped by not doing it for Vista, but that's with hindsight).
If, however, MS wants to continue to capture the developing world market, this is something they simply had to do. The TCO of a MS deployment has a huge recurrent cost just for A-V licensing, especially when you get the low-entry-cost "Unlimited Potential" and "Starter Edition" licenses for XP.
Now, the real question is how will McAfee respond to this? I always harbored a conspiracy theory that MS was getting some form of kickbacks from the various A-V vendors in return for not doing this exact thing.
Re: (Score:3, Interesting)
Because if they don't, it takes away a perceived level of control from the user, and users like at least having the feeling that they're in control.
Also there are often false positives, and it would be extremely annoying to be unable to install something useful because it's mistakenly detected as a virus.
From the perspective of malware authors tho, microsoft taking over the anti malware market and driving all the other competitors out of business is the best possible outcome. You now only have one anti malw
Re:re Hard to decide ... (Score:5, Insightful)
Re: (Score:3, Interesting)
In the pre-Vista age perhaps, but with UAC [...] Joe Sixpack is going to just click allow
I wish this myth would die. UAC fires off a dialogue in the following instances:
- Changes to system-wide settings or to files in %SystemRoot% or %ProgramFiles%
- Installing and uninstalling applications
- Installing device drivers
- Installing ActiveX controls
- Changing settings for Windows Firewall
- Changing UAC settings
- Configuring Windows Update
- Adding or removing user accounts
- Changing a user's account type
- Configuring Parental Controls
- Running Task Scheduler
- Restoring backed-up system
Re:re Hard to decide ... (Score:5, Insightful)
"Now I ask you, is any of the above something a normal user (without administrative rights) should be able to do?"
Emphatic NO!
I do not know anything about Vista first-hand. I have info from my co-worker(he said that it is 'different' from XP,sort of, but overall not bad-seems to like it a little better than XP, but dislikes some changes. I had previously set him up with Kubuntu 8.04, and he has become partial to that over Xp or Vista, but still dual boots with more time spent in Kubuntu than Vista.), and what I 'hear' here and elsewhere on the internet.
I understand(from above info) that Vista is a positive step forward for MS on the security front, and can only applaud that-diminishing malware is a GOOD thing no matter which OS someone is using.
Having said that, I do have to admit(from personal experience as a PC tech, and as a self-employed in spare time 'Window' cleaner and tuner-upper, that MS has inadvertently 'trained' users to click on the 'allow' button on pop-ups during upgrafes/installs/changes since at least the Win95 days to 'just get stuff done'.
"I wish this myth would die."
Good luck with that. /., but I don't hold my breath. I suggest you don't either.
I have been wishing the same for the '*nix is too hard to learn for a n00b'* meme that even pops up here on
Your list seems accurate to me, and I have to agree with you.
We should be more objective here, but it seems that religion/politics/OS discussions seem to bring out the trolls and flamers.
Loyalty for what you believe in(human nature-at the risk of an off-topic thread/flamefest) is deeply embedded here.
*disclaimer: I have been 'anti-MS since the whole WGA implementation' days when I switched to *nix, but I agree with everything you said.
Re:re Hard to decide ... (Score:4, Insightful)
Why does everyone seem to think Windows somehow allows malware due to 'holes' in the OS? Malware isn't any different to normal software from the OS' perspective. If you can write legitimate software than can send an email, or download an image and display it to the user, then you can write 'malware' that can send spam or display advertisements. Idiot.
Re:re Hard to decide ... (Score:5, Insightful)
Why does everyone seem to think Windows somehow allows malware due to 'holes' in the OS?
Because, statistically speaking, malware running is the result of holes in the OS and most infections are worms that run with no user interaction at all. The malware you describe is called a trojan and, while a serious problem, is still not the most common type of malware infection (note there are more trojans than worms, but each trojan hits a much smaller number of systems).
Re:re Hard to decide ... (Score:5, Insightful)
> Why does everyone seem to think Windows somehow allows malware due to 'holes' in the OS? Malware isn't any different to normal software from the OS' perspective. If you can write legitimate software than can send an email, or download an image and display it to the user, then you can write 'malware' that can send spam or display advertisements.
Windows think. Installing software can indeed be made totally different to normal software from the OS perspective.
Windows will just blindly and happily execute anything it thinks it has been requested to execute.
On Linux or BSD, files aren't executable by default. The OS just won't run them. Any attempt to make a file executable requires a local user to manually enter a password. Hence, if a user is asked for a password ... especially the administrator password ... they are immediately alerted ... "hang on a minute, I wasn't trying to install anything just then, or make a change to the system". Having to enter a password is like waving a great big red warning flag. "Whoop, whoop, install happening!! Attention, attention ... did you mean this?"
Amongst Windows users (being used to the complete lack of concepts such as these), Windows' complete lack of adequate security is often confused for security being impossible to achieve.
Windows think. Its everywhere.
Re: (Score:3, Informative)
Saying it doesn't do anything to your computer. If you meant typing it, than it requires a console, something Joe the Plummers are soooo afraid of...
On a more serious note, Linux can indeed be configured to prevent execution of a file from a folder which owner isn't root.
Re:re Hard to decide ... (Score:5, Insightful)
On many fronts, the malware situation on Windows is the OS's fault.
First, OS files should not be writable by random executables on the system. Period. The idea that bobs_your_uncle_32.exe, installed on a user account, runs as a superuser and can modify important system files is completely idiotic. The inability of Microsoft to implement a basic separation between privilege levels is the root of the problem (pun intended)--and they don't get to weasel out of it by saying "you COULD run/install software as a local user" because their FUBAR'd implementation meant that wasn't a realistic option.
Secondly, a lot of malware installation has historically been the result of stupid things that Microsoft did to be "helpful"--like automatically executing scripts in Outlook's preview pane. Or the idea that installation of software should be "silent"--where a program can be downloaded and installed without any user interaction. Brilliant.
Microsoft has made (some small) improvements in these areas. But they're not off the hook by any means.
Re: (Score:3, Insightful)
"The idea that bobs_your_uncle_32.exe, installed on a user account, runs as a superuser and can modify important system files is completely idiotic."
It would be, if that was even close to how it worked. Instead the problem is that bobs_your_uncle_32.exe is installed and run by an administrator, and if you ban admin from modifying important system files you run into a host of other issues.
MS needs to start pushing (as in, default case) low privileges for default accounts and the ability to sudo an app up to
Re:re Hard to decide ... (Score:5, Insightful)
That would mean that all legacy SW, including MS's own, would stop working. They all rely on being able to write all over the system. And without backwards compatibility, what's the impetus to stay with Windows?
Backwards compatibility is why they needed something as screwy as UAC.
Re:re Hard to decide ... (Score:4, Informative)
Microsoft very heavily considered making Vista have a user-level account that required UAC to prompt for an admin account and password. Of course, you can set up your computer like that, but picking good defaults is something every programmer is aware of.
Unfortunately, Microsoft is all too well aware that picking the low-level user default means a lot more people would complain about their computers being 'broken,' because of the following reasons: ...
1) Microsoft had not fully transitioned its own services and utilities to use UAC tokens well, which results in multiple dialogs when trying to perform a single action on a protected file in a protected folder. Technically it's multiple actions, but they didn't make any way for a UAC token to apply to multiple events like that. (I leave the reasoning behind that to the reader.)
2) ISVs had not, until this point, had to deal with any more than an insignificant fraction of the users running without admin access. Even in internet cafes, the default user is typically an administrator that has had certain privileges removed, because it's easier to start from admin and start taking things away than it is to start from a low level account and add all the myriad, complex ACLs that you need to make 99% of programs work flawlessly.
3)
4) Profit: by making Vista annoy users and developers sufficiently that fewer applications will need administrator to run. According to Microsoft's data from opt-in user information, there has been a marked drop in applications that request administrator rights, about 50%. That's -tremendous- news, and there is still a downward trend. Fixing the Microsoft default security settings over a series of OS releases makes the entire thing less expensive, and with all the flak Vista got, their decision to not add one more thing to the pile of bad things Vista does by default is the only sensible one.
Windows 7 fixes many unnecessary UAC prompts and allows you to set users to have different levels of prompting, and I would put money on Windows 8 using a default low rights user as the final step in the transition. Reply here if you want to set it up :)
Re:re Hard to decide ... (Score:5, Insightful)
It would be a very difficult stretch for MS to sell an anti-virus program for Windows. That would be like selling defective car tires, and then charging extra for the patches.
I don't think that most AV vendors have to worry though; Microsoft's AV division is likely to be as good at plugging security holes and patching exploitable bugs as the rest of the company.
Re:re Hard to decide ... (Score:4, Insightful)
Yeah it would be like selling a car and including a jack and wheelbrace. Or providing a repair service for your phone in case you drop it.
Or wait... I know... Microsoft could just plug this hole by preventing users from getting admin privileges at all! Also from now on, all data should carry the NOEX bit - wherever it exists - which would be a trivial modification to IP/HDDs/etc. Sucks for anyone that wants to use a compiler - but you just can't be too safe.
Re:re Hard to decide ... (Score:5, Insightful)
What monopoly? Last time I checked Mac and Linux existed.
You obviously don't understand what MS's market for desktop OS's is. They sell very few of them as boxed copies to individuals. They have a small market selling site licenses to corporations, but by far their largest market is computer OEMs like Dell. So if you were running Dell, would you license OS X to run on the computers you sell? Nope, because Apple isn't selling them. Hence, OS X and Macs are not a valid competitor. Would you pre-install Linux? Well maybe, but it is not a valid competitor in most cases because of software lock-ins. It has basically no market share and certainly not enough to affect whether or not MS has enough market share to unduly influence other markets (70% is the amount regulators start looking hard at). Generally, if the closest thing you can find to a competitor is a product developed by hobbyists disgusted with having no choices and given away for free... well that's a bloody good sign there is a monopoly at work.
MS has a virtual monopoly by merit of being the most used but that's not the same as an actual monopoly. As long as other choices exist any monopoly argument falls apart.
Legally and economically, you don't have to be the only option to wield undue influence in markets and undermine the benefits of capitalism. You're not going to find any reputable economists not being paid by MS who claim MS does not wield monopoly influence in the desktop OS market and MS has, in fact, been found to have such influence by the US courts, the EU courts, and several other nations. Sorry, but at this point the argument that MS doesn't have a monopoly can only be the result of burying your head in the sand. What, do you think it's all some sort of global conspiracy of lawyers, judges, and economists?
More akin to there being 3 power companies and one following the practices you describe while the others don't, and people just being too lazy, stupid, or in the dark to switch to another company.
Not at all. The analogy holds up very well. MS is the power distribution monopoly in your geographic location. Apple is the guy who sells solar cells and windmills and fuel cell generators which cost a bundle but are economic for some uses in some locations over the very long term and prevent you from having to deal with the power distribution company (but do not distribute power themselves). Linux is the guy who drives a big truck full of car batteries to the nearest power plant, pays to charge them all up, then drives back home and hooks them up to run his house for another couple of days. They are alternatives that allow one to avoid MS, but not much in the way of actual competitors in the same market.
Re: (Score:2)
Re: (Score:3, Insightful)
That's not the problem at all.
Most people don't understand security, period. The variants of Windows that most people use these days (XP and Vista) are just as secure as NT or 2000 was at the time... but running a securely locked down operating system requires a knowledgeable and motivated administrator.
There is nothing that is inherently insecure about Windows. UAC, for all that people criticize it, is a genuine security advantage... if you bother to use it, which few people do.
People don't wonder why thei
Re: (Score:3, Informative)
Re: (Score:3, Informative)
Re:re Hard to decide ... (Score:5, Insightful)
If it comes free with the OS it will drive away competitors because Joe-sixpack is not going to spend any money to replace something he got for free, even if it sucks.
Agreed. If there were to be real competition for OS's then consumers could choose the OS with the best anti-virus and we'd still have competition. Right now, that is not the case though.
On the other hand, if any feature needs to be part of the OS is precisely a form of protection against malware.
Again, I agree that the technology needs to be there, but not necessarily the data. If the DOJ had a clue they'd see this as an antitrust issue and order Microsoft to implement the technology, but open up the whitelist, blacklist, and detection heuristics as an open spec and then require MS sell their service separate from the OS and on even ground with any other company that wanted to compete. Hell, require the data feed to be an open standard so Macs and Linux could implement it and plug in to the same anti-virus blacklist feeds and we'd have some real progress in the industry, for a change.
Re: (Score:2, Interesting)
This is definitely a good thing for consumers.
If there's any antitrust directives that come out of this, it's that at some later point in the future (if/when the big competitors have disappeared) MS will not be allowed to start charging money for the suite -- it has to remain free.
About the move itself: it gives less people a reason to be running without antivirus sw., it enables more OEMs to sell PCs with AV pre-installed (which will not nag users in 1 month/3 months/1 year/whatever), and OneCare is less l
Re: (Score:2)
Your assuming that Microsoft is competent and this new software actually does a effective job and continues to do so in the future.
Presumably for windows 7 (Score:3, Interesting)
Re: (Score:3, Interesting)
I've been saying for years the same thing, every desktop OS should have av and anti-spyware protection built in.
No. I totally disagree. The OS should be out of the way and not mess with anything. The OS should be patched to a reasonable degree of security and be configured with permissions, limited user accounts and limited applications. Perhaps if this was some F/OSS project it might be ok to build into the OS with, but as MS has shown, they can't do security. They either overload the user with annoying messages at the slightest change (UAC) or totally ignore security (like pre-SP2 XP installs)
About bloody time (Score:5, Insightful)
That's all I have to say.
I don't know... (Score:5, Insightful)
I don't believe in trusting the wolves to guard the sheep.
Why would anyone sane trust the company that either a) couldn't be bothered to fix exploits, or b) doesn't have the smarts to find the exploits, to protect them?
If Microsoft can afford to find these exploits and block them using their AV product, why can't they just patch the OS? It could be the deafening sound of greed... or some other, more mundane reason.
But my basic question stands: if they can do this in AV, why can't they do it in their OS?
Yeah, but (Score:5, Funny)
Does it run on Linux?
Re: (Score:2)
Does it run on Linux?
More importantly, does it make Windows as secure out of the box as Linux?
Re: (Score:2)
http://en.opensuse.org/Buy_openSUSE [opensuse.org]
Re: (Score:3, Insightful)
Security vs backwards compatibility (Score:5, Interesting)
Microsoft has done enough to break backwards compatibility already. They should just go the whole hog and on their next iteration, do a ground-up security analysis and refactoring of their OS, instead of trying to prevent & remove malware that latches onto existing API problems that some software might use legitimately.
It wouldn't be impossible to give private sandboxes to "legacy" apps that don't use the new secure APIs.
Re:Security vs backwards compatibility (Score:4, Interesting)
Re: (Score:3, Insightful)
It wasn't from scratch, although it *was* useful. Legacy compatibility will always be a tough one-- but why should we constantly have to continue to buy upgrades anyway? Why is there a MacOS 10.5? The others were no good? Windows 7-- because the other six sucked?
We want life. We want to extend our investments for as long as its reasonable and especially beyond the tax depreciation life if we can. Free virus software is backhanded at best from Microsoft. Watch it become a target in and of itself.
Re: (Score:3, Insightful)
In order to support quite a few common and popular programs, a Windows legacy sandbox would have to replicate a legacy windows environment, including provisions for installing kernel drivers and similar.
With the state of virtualization technology today, the only tricky part is figuring out the best way to allow the sandboxed app to communicate with other apps (either native or in their own sandboxes) in only completely safe ways.
In other words, if the sandboxed app tries to enumerate all running applications, it would see only itself (and maybe a virtualized Explorer), or if it tried to read the raw display to see if other windows were there, it would see itself and a virtual desktop. Then, only things li
Re: (Score:2)
Honestly, Microsoft should build upon a BSD-type kernel the way Mac OS X did. They can keep it close-source, and build as much of the Windows API on it as the want, or develop a new API from the ground up. The EU can't bug them about interoperability anymore, the system will be easier to administer and secure, support won't cost Microsoft as much, and backwards compatibility can be handled in sandboxed emulation layers.
It makes entirely too much sense, but Microsoft is so worried about appearance and kill
Re: (Score:3, Insightful)
The NT kernel isn't the problem really. They don't need a new kernel, they just need far better auditing of the attendant software that surrounds it.
Re: (Score:3, Insightful)
Isn't this what OSX currently does - not for classic, but for windows via parallels, virtualbox, vmware, ... Windows apps are the "legacy".
For Microsoft to inflict so much native breakage on the app base would cut off their own air supply. A marketing decision by Apple to unbundle OSX, or a Linux distro would have the same footing as Windows. Microsoft would have to compete for the first time in 25 years. I really doubt they would take the risk.
To natively maintain the current APIs may not be possible w
Re: (Score:3, Insightful)
Sandboxes for legacy apps will remind consumers that they didn't want to upgrade in the first place.
Of course, they can't help but upgrade since their new computer came with the new Windows and they're not going to go spend $100 on XP since they already have an OS.
Re: (Score:2)
Not necessarily. As I recall, Apple ran OS 9 apps in a sandboxed/emulated environment after they made the switch to OSX (but before they made the switch to Intel chips), and there wasn't too much complaining.
Of course, I'm not really attuned to the Mac end of this business, so I might just be misinformed.
Decent free stuff already available (Score:4, Informative)
I've used both Avast and AVG freeware products with good results. Zero infections over the last couple of years.
As a consumer, it sure would be nice to have the OS actually ship with something that keeps the naughty people out, but there are a number of freely available alternatives already.
http://www.avast.com/eng/download-avast-home.html [avast.com]
http://free.avg.com/ [avg.com]
'course, if you use Linux then you can probably safely ignore the threat for now.
Cheers,
Re: (Score:2)
I haven't used a virus scanner and have also detected zero infections. Avast & AVG both score the usual 80-90% of new threats, which is why I can't be bothered running them.
Re: (Score:2)
Re: (Score:3, Interesting)
I had enjoyed AVG even though I didn't frequent sites or normally present infectable machines to the Internet. However, with their latest version (v8), I've found this to be the case as well, it quarantines legitimate files. Specifically, a program I used with nLite to create add-in programs for build CD's was flagged as dangerous and to be quarantined. I sent it in and AVG basically told me it was detected properly.
I've uninstalled AVG and don't plan to look at it for AV protection in the future.
Re: (Score:3, Informative)
The tag says it: fuckno. (Score:3, Insightful)
(Which of course brings up: if they create rich fertile soil, what does that make them? But I digress...)
Then, as Microsoft so famously does, it reverses its strategy and promises to partners, when it becomes convenient for them.
The free products are probably better anyway. Sorry, Microsoft, but you are reduced to catering only to fools. Admittedly, that is a rather large market.
Won't hurt competition. (Score:2, Interesting)
Re:Won't hurt competition. (Score:4, Funny)
For example, somebody suggested the Clam AV for Windows and it all it did was turn my screen into a black box [softpedia.com] with gibberish in it. If it wasn't for my swift hard reset, CLAM AV may have broken my computer!
I hate to say it but: (Score:2, Insightful)
I know they are not making their O/S's more secure, but isn't anything they do to reduce malware a good thing. Aren't these other companies only existent because of Microsoft's poor quality in the fist place?
1) Find a company that make a product with a defect
2) Make a process for improving the flaw
3) Sue when they try to fix the flaw
4) Profit for life?
Oh Yeah? (Score:2)
Re:Oh Yeah? (Score:4, Insightful)
Bring the users who won't do shit like that, adn then we will all have software that doesn't need anti-virus.
Comment removed (Score:5, Interesting)
Re: (Score:3, Insightful)
Look, I did OS/2 support back in the day, and there was quite a lot of concern that we'd never be able to convince the user to click "Shut down" prior to turning off his machine "Because you don't have to do that in Windows." Then Microsoft rolls it out and all of a sudden everyone is used to it, pretty much overnight.
They could have pushed separate administrative
Er... (Score:2)
"...major rivals will be lawyering up already."
Interesting mix of tenses.
My thanks (Score:5, Funny)
It will fail.. like the Morro Castle (Score:3, Insightful)
From Wikipedia [wikipedia.org] :
Built initially in 1589 in response to raids on Havana harbor, el Morro protected the mouth of the harbor with a chain being strung out across the to the fort at La Punta. It first saw action in the 1762 British expedition against Cuba when Lord Albemarle landed in Cojimar and attacked the fort defended by Luis Vicente de Velasco e Isla from its rear. It fell because the English could command the high ground
More competition in this sector may be good. Or? (Score:4, Informative)
Odds are... (Score:5, Insightful)
2. It will be a basic virus scanner and will probably not replace NOD32 or another fully featured scanner.
3. Webroot seems to be doing just fine even though Windows Defender has been around for a few years now. Same for Spybot, Ad-Aware, and any number of other apps.
4. Compounded with #3, Microsoft Antivirus will be entering a well established field with plenty of household name competitors. Norton and McAffee are well known names that most consumers know and will probably opt for (quality of software notwithstanding).
5. Many smaller firms (Kaspersky comes to mind) have consumers as their small-fry and make their big bucks off volume licenses. It appears that Morro isn't competing here.
6. Whether accurate or not, perception or reality, many people consider Microsoft Security Solutions to be an oxymoron. So long as it can be uninstalled, people will be free to add their own antivirus software (see point #4).
Joey
Re: (Score:3, Informative)
cout >> "I have no patience to program anything useful and I hate having to write code";
You're right about this one, because you got the operator [cplusplus.com] wrong: :)
cout << "I have no patience to program anything useful and I hate having to write code";
I guess I was wrong in the first place
because most anti-virus is useless and expensive (Score:3, Interesting)
That is if it works. Windows defender, in my experience, does not work nearly well enough. I have it on my MS Windows computers because it is installed by default by MS. I still run spybot to actually protect the machine. My fear is that MS is not going to that good of a job, but people are going to feel that the MS protection is enough, and not lay in that second line of defense. Maybe the company that built all the security holes is the best to build the defense against them. Maybe not.
Re:because most anti-virus is useless and expensiv (Score:4, Informative)
The reasons why antivirus software exists is because Microsoft software security uniformly sucks, almost all software for the platform is pathetically vulnerable to exploitation and people don't patch it - mostly because the patches themselves are often toxic and because the patching system is so archaic every program needs its own update monitor and installer, each with permission to update software on the box and each subject to its own vulnerabilities. People also don't patch because many of them are using pirated windows or other software and are leery of getting the WGA virus, so they don't patch and become a persistent blight on the global network.
Microsoft making an antivirus isn't going to solve any of these problems, and Microsoft making the quality of antivirus software that matches their anti-malicious software effort will make things worse. It will, however, drive yet another category of software partner out of business. It's good to have goals, I guess.
Makes sense (Score:2, Offtopic)
Who do you trust? People who come in from all over the place with their "security experience" who build antivirus software that can protect against exploitation of all the security holes in Microsoft products, or the people who develop the Microsoft products that have those holes in them?
I say stay with the people who know the holes best, and who knows a child better than its parent? Microsoft!
Souldn't be needed, but... (Score:3, Insightful)
Anti-virus really shouldn't be needed (Obligatory XKCD [xkcd.com]), but if they are going to offer the updates for free as well, that could be a good thing.
It could also be a very bad thing, since it would lead to a near monoculture of OS+antivirus, so you only have to crack one platform and the associated antivirus to write a virus, and don't really have to worry about other antivirus software products.
Antivirus is "enumerate the bad" which generally doesn't work well, instead of having a whitelist of acceptable software.
Is it a vacuum cleaner? (Score:2, Funny)
No? Then it's gonna suck.
Hilarity ensues (Score:5, Funny)
The opportunities for humor start here and go on forever. I guess we might as well start:
"My God! Its full of fails!" "Like buying antibiotics from the hooker." "TrunkMonkey equipped with chair." "Would you like Warez with that?" "Antivirus vendors: Oooh. That's what 'gold partner' means!" "Hi, I'm a Mac ... and I'm a PC (achoo)." Good Lord this stuff writes itself. Hold on while I microwave some popcorn.
OK, I'm back (Score:3, Funny)
Mr. Obama: "And now Mr. Ballmer, let me show you my fully armed antitrust division."
AV companies: "I can haz bailout?" Paulson: "No can haz. Not yours."
But will there be a Linux version?
Of course it requires WGA. Why wouldn't it require WGA?
Somebody stop me please.
I think this will improve AV quality (Score:2)
There is already free AV software, yet the commercial vendors are still in business. In fact, the quality of commercial offerings seems to be dropping to a really low level recently, so the free stuff cannot be much of a threat. Knowing Microsoft, their free stuff will also not perform well (even their paid for stuff is mediocre at besst and that across the board) but many people will be usiong it as default. I think this ia actually a good thing and it will force AV vendors to clean up their act and offer
Good Grief (Score:2)
This is a clear anti-trust violation. Whatever the explanation for this move, the fact is that for the better part of two decades an industry has been built out of the security flaws in Microsoft operating systems, and now, as if a replay of the whole Internet Explorer-Netscape debacle, Microsoft is giving away a product where competition with for-pay products currently have a share.
But the economic woes that will preoccupy most governments will let them get away with this, where in fact Microsoft should b
Trust issues (Score:2, Interesting)
Netscape Part Deux (Score:2, Offtopic)
In the beginning there was windows and Netscape.
Then MSFT decided to include their own browser, and most users didn't think they needed _another_ browser, so they stuck with IE.
Eventually, Netscape ceased to exist.
IE stagnated for years and this led us to Firefox.
Most users still use IE (70%) http://en.wikipedia.org/wiki/Image:Usage_share_of_web_browsers.png [wikipedia.org]
Will McAfee go down the same roads at Netscape? Will the average user go out and buy McAfee when Microsoft's might just be "good enough"?
Re: (Score:3, Insightful)
Also, I can't really feel to sorry for the AV providers. For years, people have been clamoring for Microsoft to improve security. They tried some fundamental architecture changes with Vista, knowing it would break backwards compatibility. That's what everyone wanted, right? Well, turns out it was a huge PR shit-storm. Now they are creating s
anti-MS already? (Score:4, Informative)
It's free. If ANY other company (Apple, HP, anyone) decided they were going to release free antivirus software, anti-malware, blah blah blah, it'd probably be a good thing. MS does it and it can't be good, they're just fixing their own software, it is their own fault to begin with, etc. One would think we'd have gotten at least more creative at blasting MS.
On a more constructive note, it doesn't matter if MS ships it free with Windows. IE ships free with Windows, Safari ships free with Mac, Konqueror ships free, etc. The user that doesn't know any better to begin with is not going to go out and look for the best (out of 25) anti-virus and anti-malware solution possible. The user that doesn't know any better will use what Windows comes with. So what's wrong with MS providing free software with it's own product? Nobody seems to gripe about Konqueror being default in KDE, even though I presonally dislike it as a web browser.
Now, if they do other shady things like make it hard to uninstall, or whatever, that's different. But "free anti-virus software" and "shipped with Windows" in the same sentence doesn't mean we should get out a Gates-shaped guillotine.
Re: (Score:3, Informative)
On a more constructive note, it doesn't matter if MS ships it free with Windows. IE ships free with Windows, Safari ships free with Mac, Konqueror ships free, etc.
You understand jack and shit about how monopolies are abused and why that abuse is illegal. Bundling products is not illegal. Bundling a monopolized product with a product from a different market is illegal. It's like shooting pistols. It isn't illegal to shoot a pistol. It is illegal to shoot a pistol into a person's head and murder them. It's like trying to defend Seung-Hui Cho murdering 32 people on the campus of Virginia Tech by saying all he did was pull the trigger on a gun, just like Alexander Mele
Not such a shame... (Score:2, Informative)
Driving out the big players in the commercial antivirus market will do consumers a world of good. If you've had to use a computer infected with Norton or Symantec antivirus anytime in the past few years you'll know what I mean.
It's a trap! (Score:3, Insightful)
And what to you do when someone finds and exploits a security hole in what many users will use as their sole means of computer protection?
I've got a bad feeling about this...
Why now? (Score:3, Interesting)
But it's been how many years now that they've really had the reputation for
Why are they doing this now? Did they just now get the guts to roll out an AV since the whole integrated IE issue? What was the trigger point, really? How long have they been working on it? Are they giving up on the likes of AVG, Avast, Norton and McAfee? (I know I gave up on the latter 2 back in 2000, 2001, personally)
Is it because they think they can do it better? Are they realizing that Norton and McAfee are CRIPPLING their operating system, giving them an even worse reputation?
I guess it ISN'T so obvious why.
Like many slashdotters, I'm "The Guy" people come to and ask questions like "Which Antivirus should I use? Why is my cupholder broken? Can you help me dust off my 386 and put it on the interwebs? Why is XP slow when I have 64 megs of ram on my celeron 233?" I need to know why MS is doing this and if it is any good.
Overall its good ... (Score:3, Interesting)
MS providing a free AV solution will put pricing pressure on 3rd party providers and add some competition.
A decent basic malware package (AV and spyware -- not a security suite) should not cost more than $15 to buy and $10-$15 a year subscription
Good Idea (Score:4, Interesting)
It's a good idea. sure Symantec, McAfee, and the rest are going to lose some business - I doubt it'll be a big enough dent to notice. Folks that will rely on the microsoft offering will be the same people that rely on Defender for malware prevention. Those slightly more technology minded will identify the need for something more robust.
Chalk my vote up in the "its better than shipping it with a trialware sales pitch for some other crap" column.
OK, let me get this straight (Score:5, Insightful)
Let me see if I get this correctly.
MS has supplied bad code for so long that an entire market has evolved around keeping that creaky wagon a bit safe. A bit like some dominant car manufacturer supplying cars without brakes, thus creating a whole aftersales market for brakes, parachutes, airbags and wall padding..
In other words, NO track record whatsoever (nil, nada, zilch) of writing anything that actually fixes the problem they have created themselves (which figures, if they ever fixed the OS properly they would no longer be selling hope - that's the whole Vista vs XP problem), and someone is supposed to trust THEM to get it right? I bet there are plans to charge for this "feature" as well at some stage.
(shakes head in disbelief that people continue to fall for this)
Re: (Score:3, Insightful)
3 of your links are 404. The rest are just anecdotal. Pointing out flaws in system A doesn't rule out the possibility that there are similar flaws in system B. Without a thorough comparison it doesn't support the hypothesis that system A is "the worst." Additionally, "putting on the net" is ill-defined. By "put on the net," do you mean, run a malicious executable? That could potentially reduce any system to a pile of slag, REGARDLESS of the OS installed, and many users practically do it willfully by running
Correction (Score:3, Insightful)
Next OS release will finally be patched. There. Fixed that for ya.
Seriously though, how can the AV vendors have any leg to stand on? Whatever happened to that suit the makers of patches for inner tubes brought against the tire companies when tubeless tires were introduced?
As for this creating a security monoculture, and for that having an impact, then AV companies will just re-emerge.
Sorry. I have a hard time shedding any tears for AV companies. I don't run AV, it just slows down your machine. I'm vigilant, and have occasionally had to manually remove infections over the years. It's high time MS itself addressed the issue. If there's anything wrong it's the way they're doing it.
Instead of presenting their solution as AV software, they should present it as better control over the installation and running of executable code. That's all infection really is anyway--the undesired modification or introduction of executable code. If you can control that, you have solved the AV problem. The challenge is that there are so many legitimate executables, DLLs, processes, threads, etc. on a box that it's information overload even for technical users. Some of the solution's I've had in mind are a bit too much for a /. post.
DEP was a step in the right direction. I've seen it in action a couple times now.
Bottom line though, is that AV should have been nipped in the bud long before AV companies became so big. I mean, not just one, but a whole category of companies based on fixing a fundamental flaw in another company's software. I mean, just... wow.
HaHa (Score:4, Funny)
MS gets to track license numbers (Score:3, Interesting)
A side effect of this will be that MS will be able to readily identify where license numbers are being used more than once. If they take the opportunity to remotely shut down ''illegal'' PCs, the whole exercise might make them money.
I wonder if they will do an Apple and disable s/ware that they don't like (pronounce as malware) -- because it competes with some MS s/ware.
Microsoft products are NOT "very good" (Score:3, Insightful)
They consistently test near the bottom third of all the malware test suites I've ever read about.
Windows Defender in particular irritates the crap out of me because it reports tons of "suspected software" in the Windows event logs without being able to do anything about it - either shutting off the spurious messages or specifying that the software is safe. It's pathetic. It also detects things like Adobe's crappy License Manager creating bogus "services" repeatedly.
Use Spyware Terminator or SuperAntispyware instead of Windows Defender and use a decent brand name AV instead of anything Microsoft might sell OR give away free.
The only advantage to a free Microsoft product is that the company idiots who don't run AV because they're too cheap might actually use it. I've got one small business client I had to put Comodo AV on their machines - even thought Comodo detection rates suck - because they're just too cheap to pay for Kaspersky or Avast.
Re: (Score:2, Funny)
Well a virus is an irritating program that eats up resources, making your computer unstable, interfering with hardware, replicates and repairs itself when you attempt to delete it, and drives you insane.
I can't imagine why someone would describe Windows as a virus.
Re:The real question is... (Score:5, Insightful)
Well a virus is an irritating program that eats up resources, making your computer unstable, interfering with hardware, replicates and repairs itself when you attempt to delete it, and drives you insane.
The sad thing is, a lot of system-tray startup software that insists on self-installing does the same things too. No acrobat, i don't need to be running all the time. You listening, Apple? Heck, a lot of AVG software bogs down the system so much I'm wondering if the cure is worse than the disease.
Re:The real question is... (Score:4, Insightful)
If you think AVG is bad install NortonAV. You I've never EVER seen a computer with worse virus problems then the resource hogging that AV does. I've cleaned 500+ infected machines and NOT a single one was as screwed up as just installing norton. If you use FF you don't get popups from the virus anyways. The only real problem is if the pc is added to a botnet. I'd only recomend norton to the worst 1 of 30 users. I mean they'd have to be dling kiddie porn labeled as pron.jpg.exe through IE 1.0 while uninstalling windows patches and opening every attatchment they find while shitting on hackers. (Having worked tech support yes i do believe 1 in 30 people are that stupid)
Re: (Score:3, Funny)
No acrobat, i don't need to be running all the time. You listening, Apple?
Apple might be listening, but it's unlikely they can do anything about Adobe Acrobat starting when you log in to Microsoft Windows.
Re: (Score:3, Insightful)
The cure, of course, would be to use an OS that was designed with security in mind, and patched as quickly as possible when a security vulnerability turned up. Anti-virus software isn't a cure, it's a band aid, and it's always going to be at least one step behind the black hats. There's no way it can work, let alone be effective, without using up system resources, and from what I gather, getting more bloated, more of a resource hog and less effective a
Re: (Score:3, Insightful)