Microsoft's Free AV App May Be a Non-Starter 251
CWmike writes "Microsoft is preparing to launch a public beta of Morro, the free anti-malware it announced last November, according to reports. Morro will use the same scanning engine as Windows Live OneCare, the software that the free software will replace and Microsoft's first consumer-grade antivirus package. OneCare is to get the boot as of June 30 (along with finance app Microsoft Money). John Pescatore, an analyst at Gartner, has questioned whether users would step up to Morro even if it was free. 'Consumers are hesitant to pay for a Microsoft security product that will remove problems in other Microsoft products,' he said. 'Think of it this way. What if you smelled a rotten egg odor in your water and the water company said, "Sure, we can remove that, but it will cost you $50." Would you buy it?' Not surprisingly, competitors have dismissed Morro's threat to their business. 'We like our chances,' Todd Gebhart, vice president in charge of McAfee's consumer line, said when it was announced OneCare was a goner. 'Consumers have already rejected OneCare,' added Rowan Trollope, senior vice president of consumer software at Symantec. 'Making that same substandard security technology free won't change that equation.'"
Re:Viruses Aren't a Problem in Linux (Score:3, Informative)
Right, there's no way you could have, say, a malicious perl script.
No thanks (Score:2, Informative)
Re:Viruses Aren't a Problem in Linux (Score:1, Informative)
"Right, there's no way you could have, say, a malicious perl script." - by sqlrob (173498)
on Friday June 12, @09:46AM (#28307331)
Agreed, 110%... And, "right, there's no way you could have, say, a malicious javascripted page or malicious javascript adbanner affect Linux either"
(NOT! Mainly because javascript runs everywhere & is the "vector for infection" across any OS there is, via webbrowsers themselves - correct me if I am wrong on this account fellas, but, it's right along the same lines that sqlrob is hitting upon...).
APK
P.S.=> And, as far as the subject-line above? "Yea, right" (sarcasm) again, because these items show otherwise:
-----
Bitten By the Red Hat Perl Bug:
http://linux.slashdot.org/article.pl?sid=08/08/29/1423201 [slashdot.org]
(Per SQLRob's statement, no less)
-----
Linux.Slapper.Worm:
http://www.symantec.com/security_response/writeup.jsp?docid=2002-091311-5851-99 [symantec.com]
-----
New worm targets Linux systems (Lupper):
http://news.cnet.com/New-worm-targets-Linux-systems/2100-7349_3-5938475.html [cnet.com]
-----
But, then again, because it was said on SLASHDOT that "Viruses aren't a problem in Linux", per the subject-line above (again)?
"Well, heck, those other sources I just put out MUST be lies"... right, Linux Penguins?
Hate to tell you this truth then: "NOT!"
Because the main thing defending Linux vs. these "heinous machinations" is the fact it is less used than Windows (The most used OS on the most used hardware platform for personal computers in x86 that there is, bar-none)...
I.E.-> Security by obscurity, as the saying goes, IS what defends Linux from attacks! IF Linux is ever as widely used as Windows is, you can bank on it that it will be just as oft attacked as Windows is & has been the past decade++ now, because it will be the most used. MacOS X, once it started gaining market share, began to be attacked a lot more than any other *NIX variant I know of, because of it gaining ground... same thing WOULD happen to Linux, should it start stealing personal computer desktop share worldwide.
(Mainly because today's malware makers aren't out to "wreck your machine", as they used to be - now, it's a far more serious game: They're after your personal information & monies (such as stealing credit card #'s &/or other personal info.) OR turning your machine into a zombied DDOS slave, so it can be used to attack others - so, to do that? These malware makers did the LOGICAL thing (from their pov), & that's to attack the most widely used body of systems there is, Windows NT-based ones!) apk
Re:As long as.. (Score:5, Informative)
Bad analogy (Score:5, Informative)
'Think of it this way. What if you smelled a rotten egg odor in your water and the water company said, "Sure, we can remove that, but it will cost you $50."
I think that analogy is broken. Very few malware use the holes in MS software these days. Most of the viruses spread by user error, email, IM, flaws in Flash/Acrobat etc. MS is offering a service to clean them up and does provide free fixes for bugs in their software. Obligatory car analogy, car company sells insurance for breakins and accidents and charges extra. Why not pay for it if the deal is good?
Re:Am I missing something? (Score:4, Informative)
Try one of these:
http://www.wikihow.com/Remove-the-Popup-Ads-in-Avira-Antivir [wikihow.com]
http://www.tipsfor.us/2007/08/15/make-avira-antivir-free-edition-more-usable/ [tipsfor.us]
Latest AV-Comparatives report.. (Score:3, Informative)
As much I would like to bash Microsoft from time to time. latest AV-Comparatives report [av-comparatives.org] has them up there with ESET NOD32. With Microsoft you never know if that included some sums of money, but yeah.
Re:Am I missing something? (Score:3, Informative)
For one, it creates lots of temporary files for every file it scans, trying to extract them like an archive whether they really are or not. That's why it scans so slowly, and will thrash your hard drive even if you're scanning files elsewhere, like over the network.
Re:Am I missing something? (Score:4, Informative)
And rebranding can make a big difference-- look at the recent success of Bing, for instance.
Bing is, technically, far superior to Live Search. It's not just a re-branding.
(With one exception: people raving about Bing's image search UI obviously never used Live Image Search, which is nearly identical UI-wise. Bing still returns better, more relevant, results though.)
Microsoft's disjointed AntiVirus strategy (Score:5, Informative)
Microsoft Windows Malicious Software Removal Tool [microsoft.com]
You gotta read this page. They release a new version every month. It apparently cannot remove viruses which are not actively running. Why is this tool not built in to Microsoft Windows Defender?
Windows Live One Care [microsoft.com]
This link shows a forum moderator, chastising a poor infested user for asking a question about a different Microsoft antivirus product -- Microsoft Windows Defender. Why are these separate products, again?
Microsoft Windows Defender [microsoft.com]
Formerly known as Microsoft AntiSpyware.
These should be one product. The fact that Microsoft maintains three separate products to deal with this problem is, itself, an indication of a very serious ongoing problem at Microsoft. As a company, they still don't take this seriously.
Re:You gotta love it (Score:3, Informative)
Which is where linux has several inherent advantages over windows....
A trusted package repository - if you can, try to get all your software from the repository, it will be signed by your distro and therefore somewhat trusted, and is much easier to maintain (update) etc... Users are far less likely to be downloading and running random arbitrary binaries.
Files being executable are based on file permissions rather than the name, a malicious file being delivered by a website can easily control the filename, but it cannot control whether your system gives it execution rights or not, that you have to do yourself creating an extra step in the process.
Extra to the above, linux does not hide file extensions in the same way windows does by default, on windows icons are stored in the executables themselves, so its possible to create an executable with the same icon as a more innocuous file, eg a jpeg picture... then you can call it "blah.jpg.exe" and windows will hide the .exe part by default, making it look exactly like a jpeg picture in explorer.
Linux users won't have root privileges by default, so a piece of malware needs to elevate privileges first before it can do serious damage or try to hide itself thoroughly, windows (and shoddy third party apps) has always encouraged users to run as admin, although vista is trying to address this.
Linux has no concept of autorun, windows will automatically execute files on inserted media by default, some malware takes advantage of this to spread.
Diversity - there are many versions of linux with various differences between them, even including processor differences (linux/ppc on ps3 or old macs, arm or mips based netbooks etc), meaning that a piece of malware written for ubuntu/x86 may not operate correctly on fedora/x86 and certainly won't run on yellowdog/ppc... for instance the init scripts differ between fedora and ubuntu, so the malware may have difficulty configuring itself to start at boot....
This isn't a comprehensive list, and it certainly isn't flawless, but it highlights several things that make linux a tougher proposition than windows for malware authors.
Re:Microsoft's disjointed AntiVirus strategy (Score:5, Informative)
The "Malicious Software Removal Tool" is pushed through Windows Update. It's not meant to be a full-blown virus scanner, just an install script that will neuter a few of this month's viruses. It's created for the computer illiterates with no virus scanner in the hopes that they left Automatic Updates on.
Windows Defender was supposed to be a very basic, lightweight application to provide some warning that you're infected It's part of Windows Vista, installable on Windows XP, and has some nifty functions that fall between msconfig and HijackThis. I can't speak to it's detection rate, but our help desk has gotten a few calls from people who didn't realize they were infected until Windows Defender told them so.
Windows Live OneCare was their attempt at competing with Symantec or Network Associates. They bought the basic engine from some other company, saw that the entire thing was written in VB 6, facepalmed, and rewrote it as OneCare. It also helps with remote backups and whatnot.
They really shouldn't be all one product, as they serve completely different purposes. Although if they made Windows Defender a bit more powerful, they'd have an uninstallable version of Live Care.