Microsoft To Offer Free Anti-Virus Software 448
Dynamoo writes "The good news is that Microsoft have announced free anti-virus software for consumers, dubbed Morro, available late next year. The bad news is ... well, exactly the same. Although Microsoft's anti-malware products are pretty good, this move could drive many competitors out of business and create a dangerous security monoculture; major rivals will be lawyering up already. On the other hand, many malware infections could be prevented even by basic software. So is this going to be a good or bad thing overall?"
re Hard to decide ... (Score:5, Interesting)
If it comes free with the OS it will drive away competitors because Joe-sixpack is
not going to spend any money to replace something he got for free, even if it sucks.
On the other hand, if any feature needs to be part of the OS is precisely a form of
protection against malware.
Come to think of it, if MS does a bad job of protecting PCs and drives away
competition on virus protection, maybe the company will finally implode and let other OSes
get a greater market-share.
Re:re Hard to decide ... (Score:5, Interesting)
Its illogical. How can you produce a product that attacks things attempting to exploit your holes when you have the ability to patch the holes?
If they sold it, it would be a conflict of interest.
Security vs backwards compatibility (Score:5, Interesting)
Microsoft has done enough to break backwards compatibility already. They should just go the whole hog and on their next iteration, do a ground-up security analysis and refactoring of their OS, instead of trying to prevent & remove malware that latches onto existing API problems that some software might use legitimately.
It wouldn't be impossible to give private sandboxes to "legacy" apps that don't use the new secure APIs.
Won't hurt competition. (Score:2, Interesting)
because most anti-virus is useless and expensive (Score:3, Interesting)
That is if it works. Windows defender, in my experience, does not work nearly well enough. I have it on my MS Windows computers because it is installed by default by MS. I still run spybot to actually protect the machine. My fear is that MS is not going to that good of a job, but people are going to feel that the MS protection is enough, and not lay in that second line of defense. Maybe the company that built all the security holes is the best to build the defense against them. Maybe not.
Re:re Hard to decide ... (Score:2, Interesting)
This is definitely a good thing for consumers.
If there's any antitrust directives that come out of this, it's that at some later point in the future (if/when the big competitors have disappeared) MS will not be allowed to start charging money for the suite -- it has to remain free.
About the move itself: it gives less people a reason to be running without antivirus sw., it enables more OEMs to sell PCs with AV pre-installed (which will not nag users in 1 month/3 months/1 year/whatever), and OneCare is less likely to use rootkit techniques etc. that symantec and others have used in the past.
Presumably for windows 7 (Score:3, Interesting)
Re:Security vs backwards compatibility (Score:4, Interesting)
Re:re Hard to decide ... (Score:5, Interesting)
but a whole lot of them will sit up and take notice if their antivirus pops up and warns them away.
You'd think so, but that's simply not the case. In my time as a PC tech. I saw all too many PCs where the user had clicked on something, seen repeated antivirus/anti-spyware warnings and still continued with the installation. Basically, it comes down to an issue of trust. People distrust their antivirus as much as they distrust the random crapware they download from the Internet. So, when the antivirus pops up and tells them, "Hey, this software is going to bring along a virus," they feel safe in ignoring it, since they've seen all too many false alarms for other things (like tracking cookies).
Trust issues (Score:2, Interesting)
Re:Decent free stuff already available (Score:3, Interesting)
I had enjoyed AVG even though I didn't frequent sites or normally present infectable machines to the Internet. However, with their latest version (v8), I've found this to be the case as well, it quarantines legitimate files. Specifically, a program I used with nLite to create add-in programs for build CD's was flagged as dangerous and to be quarantined. I sent it in and AVG basically told me it was detected properly.
I've uninstalled AVG and don't plan to look at it for AV protection in the future.
Why now? (Score:3, Interesting)
But it's been how many years now that they've really had the reputation for
Why are they doing this now? Did they just now get the guts to roll out an AV since the whole integrated IE issue? What was the trigger point, really? How long have they been working on it? Are they giving up on the likes of AVG, Avast, Norton and McAfee? (I know I gave up on the latter 2 back in 2000, 2001, personally)
Is it because they think they can do it better? Are they realizing that Norton and McAfee are CRIPPLING their operating system, giving them an even worse reputation?
I guess it ISN'T so obvious why.
Like many slashdotters, I'm "The Guy" people come to and ask questions like "Which Antivirus should I use? Why is my cupholder broken? Can you help me dust off my 386 and put it on the interwebs? Why is XP slow when I have 64 megs of ram on my celeron 233?" I need to know why MS is doing this and if it is any good.
Re:re Hard to decide ... (Score:3, Interesting)
I've been saying for years the same thing, every desktop OS should have av and anti-spyware protection built in.
No. I totally disagree. The OS should be out of the way and not mess with anything. The OS should be patched to a reasonable degree of security and be configured with permissions, limited user accounts and limited applications. Perhaps if this was some F/OSS project it might be ok to build into the OS with, but as MS has shown, they can't do security. They either overload the user with annoying messages at the slightest change (UAC) or totally ignore security (like pre-SP2 XP installs)
Comment removed (Score:5, Interesting)
Re:re Hard to decide ... (Score:2, Interesting)
Microsoft may not have the best OS out there, but it suffers from the same design linux does: it has to be able to run third party applications, including the shoddy exploit-inducing ones.
Welcome to 1993 (Score:1, Interesting)
I wonder which vendor they will buy the code from.
Just like MSAV was re badged CPAV (CheckPoint Anti Virus) from central point.
Overall its good ... (Score:3, Interesting)
MS providing a free AV solution will put pricing pressure on 3rd party providers and add some competition.
A decent basic malware package (AV and spyware -- not a security suite) should not cost more than $15 to buy and $10-$15 a year subscription
Good Idea (Score:4, Interesting)
It's a good idea. sure Symantec, McAfee, and the rest are going to lose some business - I doubt it'll be a big enough dent to notice. Folks that will rely on the microsoft offering will be the same people that rely on Defender for malware prevention. Those slightly more technology minded will identify the need for something more robust.
Chalk my vote up in the "its better than shipping it with a trialware sales pitch for some other crap" column.
Re:re Hard to decide ... (Score:3, Interesting)
In the pre-Vista age perhaps, but with UAC [...] Joe Sixpack is going to just click allow
I wish this myth would die. UAC fires off a dialogue in the following instances:
- Changes to system-wide settings or to files in %SystemRoot% or %ProgramFiles%
- Installing and uninstalling applications
- Installing device drivers
- Installing ActiveX controls
- Changing settings for Windows Firewall
- Changing UAC settings
- Configuring Windows Update
- Adding or removing user accounts
- Changing a user's account type
- Configuring Parental Controls
- Running Task Scheduler
- Restoring backed-up system files
- Viewing or changing another user's folders and files
Now I ask you, is any of the above something a normal user (without administrative rights) should be able to do?
Re:This begs the question.... (Score:3, Interesting)
Because if they don't, it takes away a perceived level of control from the user, and users like at least having the feeling that they're in control.
Also there are often false positives, and it would be extremely annoying to be unable to install something useful because it's mistakenly detected as a virus.
From the perspective of malware authors tho, microsoft taking over the anti malware market and driving all the other competitors out of business is the best possible outcome. You now only have one anti malware program to test your malware with (ie ensure it doesn't get detected) and one anti malware program that your malware needs to disable.
MS gets to track license numbers (Score:3, Interesting)
A side effect of this will be that MS will be able to readily identify where license numbers are being used more than once. If they take the opportunity to remotely shut down ''illegal'' PCs, the whole exercise might make them money.
I wonder if they will do an Apple and disable s/ware that they don't like (pronounce as malware) -- because it competes with some MS s/ware.
Re:re Hard to decide ... (Score:2, Interesting)
Oh yes. And it gets annoying as hell when you need thing done in a hurry and plug your flash drive or something else in your PC and you are working writing something in word. All of a sudden you have to halt everything just to say allow to something else, that could just go in background and not put everything in background.
Don't fucking ask me if I want to install something if I have the stupid autorun removed, just ask me when I want to access the device.
There are the little things in Vista that makes it so ugly. Like trying to change the screen resolution, why the fuck do I have to open 3 windows just for that and close them one by one? What was wrong with 2000/XP way of doing it?
Why on earth would I want 6 ways to get to the same option opening as many windows?
Or why not just give me a command line to get where I want. I can type faster then mouse navigating to what I want.
I know I'm not your average PC user, I'm a PC tech. But if you are making my job harder I'll go my way around to swing my customers away from it, not that I need to do that anymore.
Re:re Hard to decide ... (Score:5, Interesting)
It is much worse... I got a trojan on my system, a Net Devil, roll-your-own type. Before I went to uninstall it, I debugged it and got the ICQ account details. I used the credentials to log into the account and changed the password. I watched as the victim IP addresses poured in! To investigate, I downloaded the client half of Net Devil and connected to a few victims. Total access!
Screen capture, key logger, executable, download, upload, you name it! It had a feature to send popup messages that I used to tell the victim they had a virus and they should take steps immediately to remove it. Some would unplug their computers immediately, while others would just click OK and keep going. I would send another message like "No really! You have a virus!" and they still just pressed OK and just kept typing their IM. Of course, it usually got their attention when I opened 30 message dialogs in a row. The most effective way I got their attention was to turn their graphics upside-down and open their CD/DVD tray :) Nothing like a ghost in the machine to wake them up.
It had an option to remove the trojan from the host, so I cleaned up a few, but the IP addresses kept flowing in worldwide (esp. France?) and it was rather depressing trying to help users that pretty much ignored anything but the blatant scare tactics.