AV-Test Deems Windows Security Essentials "Very Good" 318
Posted
by
timothy
from the if-you're-in-the-right-demographic dept.
from the if-you're-in-the-right-demographic dept.
CWmike writes "Microsoft's new free security software, Windows Security Essentials, passed a preliminary antivirus exam with flying colors, said independent and trusted firm AV-Test, which tested Essentials, launched yesterday in beta, on Windows XP, Vista and Windows 7. It put it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers. 'All files were properly detected and treated by the product,' Marx said in an e-mail. 'That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet.' It also tested well on false positives."
I wonder how Symantec, Norton, et will react (Score:5, Interesting)
Anti-trust? (Score:3, Interesting)
Hitler's Kosher Hotdogs (Score:5, Interesting)
It's interesting, but at this point can Microsoft really convince anyone that they are serious about putting out a quality product? I think that is there biggest problem here... PR.j I will admit I laughed when I saw the article, and it is Microsoft's reputation that made me laugh. Maybe it is good, but I am I really willing to give them the chance with something that important?
I can remember articles talking about Windows Firewall in the past as being pretty darn good too, yet it seems the first thing a tech person does is to deactivate these days.
Let's face it. If Microsoft was seriously competent about doing these "core" activities, would the 3rd party market be as big as it is?
In any case it will be interesting if they start shipping Windows with this pre-installed. Then maybe the manufacturers won't be so quick to bundle Norton/McAffee with their products, and THAT will be fun to watch.
It makes sense (Score:5, Interesting)
That operating style is especially well suited to AV software, because it is a job that can be easily broken up and handed out to different programmers, and catching all the viruses is a job that can be easily helped if you have a lot of programmers and testers. It makes sense that Microsoft would write good AV software.
Re:Anti-trust? (Score:5, Interesting)
There was talk about antitrust suits when Microsoft first included the TCP/IP stack in windows. Before that you had to go to another vendor.
It made life a LOT more easy once it was built into the OS.
I'm pretty sure the same thing will be true of AV software.
Re:I wonder how Symantec, Norton, et will react (Score:5, Interesting)
claim anti-trust and attempt to sue.
How dare microsoft plug security holes themselves.
Come on EU, save us from a secure windows platform.
Re:Anti-trust? (Score:2, Interesting)
Great if you're living in one of 5 countries... (Score:3, Interesting)
Re:Microsoft Hate (Score:5, Interesting)
Try using it.
1.
A shell that uses objects is asinine.
It looks like a bunch of java idiots tried to make a shell. If I wanted objects I would use a programming language, this is supposed to be scripting.
2. No ssh, lame.
3. does not support anything like authorized_keys.
Re:It makes sense (Score:5, Interesting)
But the fact that all I need is a screwdriver does not lessen the value of having a well-stocked toolbox. The first time I had to create a web application that could consume and perform complex recursive logic on XML files created by a mobile application framework, I didn't have to wonder whether
I'm not going to sit here and tell you there aren't things about
By the way, I'm the Anonymous Coward that posted above. I just created a new Slashdot account so now I can be a Well-Known Coward.
Re:Anti-trust? (Score:0, Interesting)
So, in other words, Apple App Store?
Thanks, but no thanks. I deal with it on my iPhone, I don't want that restriction on my computer.
Re:Anti-trust? (Score:2, Interesting)
Let me rephrase. They don't consider bugs important unless someone can turn it into a vulnerability. Previous examples have shown that it is possible to turn a seemingly benign bug into a security hole, with a little flash of insight.
I should be able to submit bug reports directly to MS, instead of having to talk to a desk jockey at the OEM who never passes it on to the company that wrote the software. They would prefer you didn't do that. They will take your "send error report to microsoft" data, but at that point it's just statistical - whatever gets the most reports gets attention.
They should say at this point, you know what, let us know if you find something and we'll take a look at it to make sure it's not going to cause problems. You know how much that would cost? Probably not as much as you think if it's simple triage.
If I didn't work at a fortune 100 company, I wouldn't have a vendor support contact I could just call up and say hey this is causing problems, can you look at it? Smart people who know what they are doing can give great feedback and have it completely ignored because it doesn't seem worthwhile to look at something that might have problems.
They will always have problems with third-party code, and not much you can do about it. But you have to realize that the attack surface area increases, and have your bug-squasher team increase in surface area along with it. I don't see an equal response. Sure I'll be your effective beta tester, but I don't want to hear one more detailed report about bug reports getting ignored.
Simple, eh?
Re:Microsoft Hate (Score:2, Interesting)
"A shell that uses objects is asinine."
Right. We forgot that UNIX fans worship ASCII.
Re:It seems wrong for an OS vendor/maker to do thi (Score:5, Interesting)
Its a social problem, not a technical one.
All UAC did was train people to press "Yes" on every dialog even more zealously than before. A system based around asking important questions to people who neither understand or care is not a good one. sudo works because everyone using it does care.
What MS is doing here is clever IMO. Instead of trusting the user to not do anything dumb, they've instead given them a big "Press me to fix your computer" button to wail on. People will see their computer is being slow, hit the button and hopefully the problem will be fixed.
Re:Hitler's Kosher Hotdogs (Score:3, Interesting)
People forget (or weren't alive yet) that Windows roots are on a very limited platform that even a Linux kernel can't run on (no hardware support for "root" on a 8088)
Not exactly accurate. For starters, Windows NT 3.1/3.5 also ran on Alpha and MIPs, not just x86. More importantly, Windows didn't take off until the 386 came out (and i386 is still the basis for much code, including Linux). Almost no one ran Windows on a 286, and virtually no one on a 8086/8088.
Code originally designed to run on a 8086 and 286 won't even run on a 64 bit version of Vista (and 64 bit is the standard now, assuming you want over 3-4gb of ram, depending on BIOS). The 64 bit version doesn't have any 8 or 16 bit API support, only 32/64, unless you can hack it in virtualization. There really is no reason to run a 32 bit version of Windows 7 either, unless you need those old apps (not common) and will never need 4gb of ram (unlikely).
In short, Windows Vista/64 and 7/64 won't run DOS or 8088 code, and *isn't* backward compatible.
As a side note, I *think* you can install the 64 bit version of Linux and run DOS apps in a dosbox if you need. Will have to try that on the servers at work and see.
Re:Hitler's Kosher Hotdogs (Score:5, Interesting)
It's interesting, but at this point can Microsoft really convince anyone that they are serious about putting out a quality product?
Microsoft is strongly positioned as a client OS. On the server. In core business applications. In development tools. In console gaming....
In software software sales, MS Office is bigger than games.
Bigger than anything. It is the tail that wags the dog. The 900 pound gorilla. Choose whatever metaphor you like.
The Win 7 Beta opened to rock-solid reviews and has effortlessly claimed about half the market share of Linux on the desktop. Operating System Market Share [hitslink.com]
The geek knows all of this intellectually, but he can't process it emotionally. It is easier to live within the bubble.
I can remember articles talking about Windows Firewall in the past as being pretty darn good too, yet it seems the first thing a tech person does is to deactivate these days.
Windows Firewall wasn't designed for the techie.
It was designed for the user relentlessly nagged by requests to approve outbound access for the obscure subroutines of programs that already have his permission to access the net.
Re:Anti-trust? (Score:5, Interesting)
I should be able to submit bug reports directly to MS
secure@microsoft.com [mailto]
I have actually submitted information about a vulnerability that way. It was fixed.
Re:Maybe, but... (Score:5, Interesting)
Viruses don't target server environments. That's pretty much by definition - as they require active user interaction to spread.
Exploits are a different thing, but, really, have you looked at vulnerability stats in Apache vs IIS6/7 lately? Try it, you might be surprised.
Re:directed self-interest (Score:1, Interesting)
Re:Anti-trust? (Score:3, Interesting)
sudo is a manual control; You have to physically type the command into your shell to instigate a rise in privilege. UAC asks you if you want to raise privilege. To a (l)user, desensitised as they are by Microsofts' abuse of message dialogues, clicking "Yes" is almost coded into muscle memory, and it's between MS and the users to sort out who is responsible for that situation.
AFAICT, UAC is just a get-out. It shifts the onus for installing crapware onto users PCs onto the user, as MS can now say "Look, you had to type in the password! You didn't read the box? Oh, well then... That's not our fault!"
sudo requires knowledge. Pressing "Yes" only requires impatience.