Microsoft Begins anti-virus Software Development 199
An anonymous reader writes "From the article: Microsoft's announcement that it will enter the AV market next year, with initial trials starting next week, could be a sign of many things to come, says SecurityFocus's Kelly Martin. " Not unexpected, given their recent purchase.
Start the week with a dupe (Score:3, Informative)
RAV Antivirus (Score:2, Informative)
Re:MSAV? (Score:3, Informative)
My first pc, a packard bell (very sad) included dos 6.22 and windows 3.11 for workgroups. Microsoft antivirus had a dos and windows graphical interface and basically did a checksum test on all the files. It created files to remember what it checksum'd in each directory as I recall.
It took forever to scan and obviously didn't catch much and had many false positives. Imagine using tripwire to check for viruses except on a dos partition with nothing to check but byte size and maybe the modify date!
It was credited to symantec in the about box I think.
This is nothing new.. just a comeback!
Re:Goals? (Score:4, Informative)
And MS has agreed with this since NT4. Remove your user account from the Administrator group and. surprise, your system is fully protected, and spyware/viruses aren't a problem because executables cannot modify system folders or system registry. In fact, Win2k/Xp/2k3 have much richer access implementations than the unix filesystem protection in vanilla linux distribution -- you'll need to get the ACL kernels for matching capabilities.
The real problem is the MS marketing dept, which opted to not confuse Grandma and make accounts Admin by default. Longhorn will make accounts limited by default, and in addition when logged in as admin it will drop priviledges of all apps that don't need admin priviledges (like IE), which is pretty cool.
Re:MSAV? (Score:1, Informative)
I was involved in an early UK Government initiative to evaluate AV products. At that time, the Government Rep indicated to us that, as a rule of thumb, the evaluation processes proposed would be tested to ensure that they failed MSAV, since that would be a good indication of a suitable evaluation process.
Re:Slashdot search sucks (Score:2, Informative)
Your memory fails you (Score:1, Informative)
Re:Goals? (Score:3, Informative)
In some cases yeah, but I've had some malware (ok not a virus as such, but close) completely kill a Windows 98SE box's network stack after it got in by trying to "patch" the Winsock libraries and assuming it was XP.
By Comparison (Score:2, Informative)
You might be thinking "if a car malfunctions it's a life or death matter but who cares if a computer crashes or gets a virus?" But what if that computer is part of the air traffic control system? Windows (for some reason) is used in a lot of important environments. Sometimes it really is life or death.
Re:Start the week with a dupe (Score:1, Informative)
Re:Goals? (Score:5, Informative)
Even better, some apps won't run except as admin because they try to fiddle bits of the registry and/or filesystem they assume they'll have access to, because "everyone runs as administrator". Games are the #1 culprit here, but a large proportion of general use software has that problem too. It's not Microsoft's fault that app developers are idiots, but it still makes the limited privelege accounts nigh useless. Unfortunately, they can't conjure a long history of least-privelege-by-default so they're stuck with breaking compatibility with old apps (90% of users would equate "need to change user account to run program" with "broken OS") or retaining the current braindead defaults.
I do agree with you on the fine-grained priveleges in NT, though I wish they were consistently inherited instead of propagated through the filesystem tree. The issue with ACLs is that unless very carefully administrated they tend to become a hideous and unmanageable rats nest where nobody can clearly state what happens in a given case. This is as true on UNIXes with ACLs as it is on NT. I've always been way happier with the groups-within-groups model, which lets you get 90% of the benefits of ACLs with 10% of the complexity. It never seems to have become all that popular, though