Microsoft to Buy Anti-Virus Software Firm

thejuggler writes "Excite News is reporting that Microsoft is planning to buy Sybari Software Inc., which makes programs designed to protect business computer networks from viruses, worms and other threats. This is Microsoft's second purchase of an anti-virus company. The article states that Microsoft is thinking about charging for their anti-virus and anti-spyware software."

Microsoft Business Plan

[Anonymous Coward]

1. Make bad software 2. Acquire and sell software to repair original bad software 3. PROFIT!!!

Wouldn't it be better?

[Russ Nelson]

Wouldn't it be better if Microsoft was to fix their bloody insecure software instead??
-russ

Re:Wouldn't it be better?

[Metteyya]

You obviously haven't read the summary:
The article states that Microsoft is thinking about charging for their anti-virus and anti-spyware software.

Internet Explorer

[morcheeba]

I wonder how they can argue that IE has to be a fundamental part of the operating system that they give away*, but a virus scanner is an add-on? Controlling which programs run seems like it should be an OS fundamental.

(* re: IE vs. netscape browser wars and the monopoly verdict)

Build it and they will come...

[donnz]

Microsoft have certainly done a first class job in creating a demand for these services. Kudos.

Re:Nothing for you to see here

[bwalling]

This is vertical integration. They are purchasing software to make their product more complete. Antitrust would be involved if they purchased Apple, Sun, IBM or Red Hat, as they have Operating Systems.

Tell that to Real or Netscape.

Only "thinking about" charging?

[jd]

Well, they've almost four years before anyone is even remotely likely to take them to court for anti-trust/anti-competitive behaviour.

I guess it comes down to this - can they bankrupt enough of the opposition, within the four years, to seize control of the market and prevent anyone else entering it?

As for arguments that Microsoft should fix their software - nice try, but the lemon laws don't apply to software and there's nothing else that's likely to compell Microsoft to change. Unless someone would like to try talking the most conservative Congress in living memory into applying standards to software - are there any geeks rich enough, other than Bil Gates? - I don't see a single reason for Microsoft to change what has always been a profitable tactic - sell trash, then sell an even trashier "upgrade" for lots of money, and THEN convince the consumers that they have the better end of the deal.

Re:Nothing for you to see here

[Anonymous Coward]

That's a different matter. In both those cases, the product involved was given away free. In this case, Microsoft is looking to charge money.

It's like complaining about Antitrust because Microsoft bought Bungie.

Slight correction:

[mrchaotica]

1. Make bad software
2. PROFIT!!!
3. Acquire and sell software to repair original bad software
4. PROFIT MORE!!!

Re:Hmm......

[Anonymous Coward]

If you don't feel comfortable trusting companies that leave holes in software then unplug your computer because ALL software is riddled with them.

Re:And in other news...

[PaulBu]

That's a rather bad analogy unless you're implying that Microsoft are somehow responsible for writing and distributing viruses.

Of course they are! ;-) Long gone are the days of a lone virus writer coding in assembler for bare hardware, occasionally assisted by INT 13. Now, having access to gigabytes of supporting DLLs and applications provided by Microsoft (s)he can achive so much more!

Or do you think modern virus/worm/spyware writers re-implement TCP/IP stack (hmm, bad example, would put some blaim on U. of Berkeley ;-) ), then SMTP on top of that JUST to sent a spam message or two??? Or do they re-implement the whole word processor complete with built-in BASIC? ;-)

Paul B.

Re:Slight correction:

[DaHat]

How is this any different than the Linux business model?

Step 1: Find useful piece of software
Step 2: Change name strings to claim as own
Step 3: Note that it is your special version of previous software
Step 4: Sell
Step 5: Profit

Re:Wouldn't it be better?

[fireman sam]

The biggest difference is that with open source I can fix the bugs myself if I want to. With Microsoft software I cannot.

Microsoft are not doing the same as the open source businesses(sp?). Microsoft sell you the product, sell you the support, sell you the fixes.

Re:Wouldn't it be better?

[Mr. Slippery]

You get paid for selling support, right? But that means fixing bugs that you, yourself wrote. There's a clear conflict of interest there, right?

Except that:

• support doesn't just mean fixing bugs, it can mean configuration, integration, and custom development;
• I can be hired to support software I didn't write;
• other people can be hired to support the software I wrote

Great idea...

[808paulson]

I'll make a vulnerable product and then charge money to protect it.

Bad move for Linux

[Locutus]

This is Microsofts second purchase of Anti-Virus sofware which runs/ran on Linux. Sybari announced Linux support last year and RAV was a very popular Linux based product already.

Good for Microsoft, bad for Linux and bad for consumers.

LoB

Re:More likely if bundled

[Locutus]

yup, and all the while their intent is to also remove the advantages these products have running on Linux. Now MSFT has both GeCADs and Sybaris anntivirus software and both DID support Linux.

Just like a halloween doc said that they would hire key open source developers, this is just a variation on that. They're purchasing products/companies which help enhance the usefulness of Linux in the enterprise. They did this to JAVA too.

LoB

Missing the real danger!

[DaveJay]

You folks are all missing the true danger here, I suspect...

Anti-virus software companies tend to share virus definitions. They race to find them and release them first, but for the most part (not always) they share the definitions for the damaging stuff. This is the only way for these companies to keep up with the flow of viruses. Microsoft has access to this same information.

However, Microsoft also has (a) a vested interest in NOT telling people about viruses until it can plug the hole, (b) the bank account to make their anti-virus product really good AND give it away for free as part of the OS, and (c) the ability to have a big "REPORT A POTENTIAL VIRUS" button on the desktop by default.

As a result, many (not all) viruses would be reported by users directly to Microsoft instead of other companies. Microsoft could then create and quietly distribute a signature to their users, without disclosure to the public or other companies. Their users would be protected, while other companies were still finding out about the virus.

Now, Microsoft also gets a jump on fixing the exploit for this virus, and can sit on it while the other companies first discover the new virus themselves, then share the information with the public.

So now the other companies are scrambling to create a signature. Meanwhile, Microsoft announces that they already have a fix to the exploit (the one they were sitting on) and -bing- here it is -- "we fixed this exploit a few minutes after it was discovered!" they'll say.

Far-fetched? Well, consider that the antivirus software community will already be weakened by users who choose the free Microsoft solution over their own, which means fewer people collecting and studying new viruses. As the community shrinks, it will take them longer to discover and share new virus signatures, which will lose them still more customers.

In other words, this is a really good business decision for Microsoft.

Re:Well, of course.

[ad0gg]

They are screwed either way. If they give it away for free, people will complain that microsoft is product dumping. If they charge, people will complain that they are making money on their software bugs.

Re:Wouldn't it be better?

[TheCabal]

I want to fix bugs, but not knowing various implementations of C, where does that leave me?

Re:Wouldn't it be better?

[pipingguy]

Sure, if you are a savvy computer person.

What about the rest of us?

One slightly tinfoilish concept is that there is plausible deniability (and we thought that was only for US presidents and stuff) when using commercial software. In other words, since it was paid-for, blame can be placed elsewhere so that everyone "gets off the hook".

Given most users'/executives' level of knowledge about software and hardware, this is maybe an effective "out" for problems whose origins are probably elsewhere. After all, who has the patience/critical analysis ability to listen to/can comprehend stuff like the following:

"Well, you see, at the specific time you saved the file, the cron job was interrupted due to an unscheduled backup caused by an errant RAM issue on the server. Not the server you actually were using, but because the upgraded version of the current database was not compatible with the..."

Re:Nothing for you to see here

[Anonymous Coward]

This is vertical integration.

I wouldn't be so quick to rule out Commerce looking into this matter as anticompetitive and potentially not compatible with other product liability regulations. As always, follow the money:

Microsoft established in the past decade that it was not selling software, but a license to software (hence pushing EULA down the justice system's throat). This model was important to convert software to a quasi-recurring revenue model. Microsoft's rationale was that it needed to expire software licenses out in order to provide features and bugfixes.

This was a stretch from how commerce has been regulated with respect to product liability, but had foundations to build upon. E.g. milk expires so you cannot reasonably expect to hold the dairy liable for bad milk past the expiration date (ala Windows versions). Likewise, purchasers of software have a reasonable lifespan, just as a 20-year-old car has a lifespan. Commerce bought it.

But requiring customers pay additional money to fix design or syntax flaws in your product, and depriving non-subscribing parties of this necessary repair? Commerce may throw a fit. Consider if these scenarios were handled in a similar manner:

o Ford discovers the Pinto has a novel feature called "instant fuel tank explosion" when rear-ended. Ford announces to its paying subscribers of Ford AntiDefect service ($100 per month) that there is a flaw, and they may take the Pinto in for a free repair. Those who don't pay for an AntiDefect subscription are left to content with an explosion waiting to happen.

o Tylenol discovers cyanide in some capsules. For a monthy fee, customers can look up the box batch serial number on a website to verify it it is affected or not.

And so on. There is a significant conflict of interest between the Microsoft antivirus profit motive (more viruses created, found and fixed = more subscriptions) and Microsoft the application and operating system vendor. There is a tremendous opportunity for collusion and intentional distribution of flawed products ("let's leave that for antivirus to discover and fix - make sure we send them a memo that we didn't address so they can be heros next month.")

I'd have to guess that Microsoft is testing the waters with the acquisitions one-by-one to see how far Commerce will let them go. Respective to whether this is good for Linux or Windows customers, I would be increasingly wary if my operating system vendor was aggressively seeking a financial benefit from shipping flawed software.

Re:Slight correction:

[XMyth]

I don't really see your point since I wasn't bashing Microsoft in my post, only rebutting your comment about Linux.

Stupid for Microsoft

[erroneus]

*IF* Microsoft were to become a big player in the anti-malware arena, it would add even more weight to the belief that Microsoft creates a bad product by design. Current percieved motivation for making inferior products:

1. Create user desire to upgrade
2. End of life for products meaning no more security updates, goto 1

there will be a third -- to keep their antivirus business running.

Microsoft is partly responsible for this problem and now they intend to profit from the problems (the millions of dollars lost in time wasted, the vast amounts of data, on and on) for which they are responsible? I think even pro-microsoft people would think badly of this move.

But to buy businesses that utilize and support Linux? Highly anti-competitive and I'm surprised the DOJ isn't raising an eyebrow to this one.

Re:What?!?!?!?

[BurritoWarrior]

I see. So I have a $1. I should give that dollar to Microsoft. Who takes 90 cents. Which then gives 10 cents to Bill as salary and stock. Who then takes 9 cents. Who then gives 1 cent to the poor.

Or, I could still have the dollar and give it to the poor myself. Of course, I don't make the newspaper, as I only give in the hundreds, not the millions. Of course, there are also billions of "me"s and only one Bill Gates.

Re:Wouldn't it be better?

[Malc]

I'd rather be down the pub with my friends than fixing somebody else's bugs.

If I'm at work it's going to piss my boss off if I have to fix somebody else's bug instead of doing the job that I'm paid to do.

Re:Wouldn't it be better?

[TheCabal]

And that answer is exactly why Linux won't make it to the desktop.

What the hell?

[Anonymous Coward]

This is crazy. This just shows you how completely ruthless and unethical Microsoft is, but I guess that's how you become the "best". Isn't this like a car manufacturer releasing a car that doesn't have a lock and can be broken as easily as opening the door? Then buying a car alarm company instead of putting locks in the car?

Re:Wouldn't it be better?

[benjamindees]

It leaves you with a free market of people who *do* know various implementations of C and are willing to help you at a market rate.

With Windows, you're stuck with a binary that you can't decompile, and a single company with the source and little motivation to fix your bug.

Re:Bad move for Linux

[Donny Smith]

Utter nonsense.

If anything,
a) that gives legitimacy to Linux
b) that encourages A-V development on Linux because if you do it right, you'll get acquired by Microsoft (or some of their Linuxless competitors)