Microsoft Accepts Outside Security for Vista

[freakitude]

Microsoft did an about-face yesterday, agreeing to make it easier for customers of its forthcoming Vista operating system to use outside security vendors, such as those who make popular antivirus and anti-spyware programs.Until now, Microsoft had planned to block those companies from installing their products in the deepest levels of the new operating system, which is scheduled for release early next year.

Symantec spokesman Cris Paden said the company was encouraged by Microsoft's announcement, but noted that it had not received any technical details about the plan.



Microsoft said it is still gathering information from the software security vendors and will respond case by case.


Source

 

[anandk]

it had to happen, though i m a litl disapointed...
thanx 4 d info

 

[abhi123]

will microsoft's security b enough?

 

[gxsaurav]

the main emphasis in Vista is given to security, Kernal patchguard is one of it, mostly if the user is not idiot enough to click on a banner saying "Nude pics of Anna kurnicova", there PC will be protected

UAC is nagging, but only for Power users, who know what they are doing, i agree to the fact that UAC nags have to be decresed, but it's an idiot proof way to protect computers

with vista the requirment for a Antivirus app is quite low....u just need a firewall.

 

[anandk]

it looks like microsoft will give only controlled access to the kernel and will only turn off the alert feature in security center. so the 3rd parties r a little skeptical...

 

[iMav]

well there shud be 2 versions 1 with this option and 1 without .... btw is this across the globe or only in europe and korea????

 

[navjotjsingh]

Very obvious it was...MS just can't lock security softwares from being installed...its a world known fact that MS default OS Security does not work anyways...and onecare live is still not very good...so let someothers come in and take control of Vista Security!

 

[iMav]

@navjot only high level professionals hv been to able to crack thru vista's security and that too when MS invited them to do so .... in which case now MS knows wat those guys mite hv done and we can expect a more secure version

 

[rajas]

MS allowed antivirus makers to kernel of XP. I thought it would be case this time as it want to market One care live. finally It had to support others for its own survival.

 

[tarey_g]

EU sucks.

 

[George66]

If you think EU sucks, try this:
Working in a big firm in EU, being a system administrator and most employees are middle age and higher, and trying to explain to them that "that kind of a banner shouldn't be clicked" or "you should watch out for suspicios file extensions"....Now that is fun

Edit: I want to see Vista's security with my guys !!

 

[Zeeshan Quireshi]

EU sucks.

yeah , n by blocking access to kernel MS is also bloking most viruses , if they allow acces to kernel by security producs then some malicious software could also exploit n get access to kernel . btw , EU has too many probs with MS , i think there's some other motif behind it !

 

[jz2linkinpark]

let EU go to hell....at least it wont affect Asian versions of vista..or will it?

 

[tarey_g]

People like me who dont use these stupid crappy antivirus programs are really dissapointed , antivirus is as worse as a virus . EU sucks.
__________

If you think EU sucks, try this:
Working in a big firm in EU, being a system administrator and most employees are middle age and higher, and trying to explain to them that "that kind of a banner shouldn't be clicked" or "you should watch out for suspicios file extensions"....Now that is fun

Edit: I want to see Vista's security with my guys !!

Vista just got more unsecure. thx

___________


some quotes i read on *www.dailytech.com

Norton is bloatware and messes up many a machine. I know, I've made a lot of money fixing problems Norton causes. Too bad they are so prevalent in the retail market, and thus the name most people know. I applaud Microsoft's efforts here, as they are trying. To all of you Microsoft naysayers who have once again managed to crawl out from under your rocks, please go back. It cracks me up to read things like "if they would only make Windows secure". It cannot be done. The only secure operating system is the one that is never used. Any code written by a human can be cracked by human. It's just too bad we have way too many useless people out there with talent trying to do so for bad purposes. You people talk as if Microsoft isn't even trying. Why don't you shut up and give it a whirl? Don't like Windows? Don't use it. That simple. What's that you say, you need Windows so you can do some things you like to do that you can't with others? Don't blame Microsoft for that. People complain about Windows security then as soon as they try to do something useful, people complain about MS "locking them out". It's their OS, it's not open source or public domain. I applaud Kaspersky for not being another whiner, and seeing it for what it is. Last, when you're the far and away number one in anything, you'll face the most attacks and have the most people after you. People don't typically target the lesser knowns and lesser used. Thus it is logical that Microsoft faces, by far, the most attacks from hackers, crackers, or whatever you want to call them. Thus, this makes it appear that there are more secure OSs out there than Windows. That may be true. But I, nor can anyone, say for sure. Until such time that Linux, Unix, OSX, etc., gain the market share that MS currently has, and then faces the bulk of attacks, could we know for sure. So if you're tired of hearing this, too bad, get used to it, it's true

Well, we wouldn't have to pay for Defender at ALL if it wasn't for stupid anti-trust laws (and especially the EU). Microsoft was originally going to include it for free, but sadly, Microsoft isn't even ALLOWED to make their software the way they want it because of whiny *bleeps*.

AV companies should not whine so loudly that their gravy train is drying up. They only exist because of the exploitable nature of OSes and those willing to exploit them. It is the OS provider's responsibility to secure the OS, when it does so don't complain, just accept that AV companies now can't exploit the OS (and it's customers) anymore either.

Uh...the point of locking non-MS code out of the kernel is to make it secure. If AV companies can't touch the kernel, virus's can't either. I'm sure someone will figure out how to hack it regardless, its just a fact of life. No matter how much Microsoft tries, they will always get hacked because people such as yourself see them as this devil and feel you can prove something by creating a virus which causes other people a headache, not Microsoft. No software is ever 100% secure. Just you have about 10 million hackers going after Microsoft, and only a few handful going after Linux, Unix, and OS X.

If you want my opinion as to who's more "evil", go after Macintosh. They control their stuff way more than Microsoft does.

Just because the Vista kernel is locked down doesn't mean that someone can't write AV software for Vista. They will just have to put more work and make better products. It's a fact that AV software from the big vendors have declined in the last few years.

What it does mean is that everyone except MS has access to the kernel. Meaning that outside of flaws in the Kernel Patch Protection scheme, no one outside of of MS can modify the kernel in any way. AV vendors will have to improve thier products to better detect virii and malware without relying on unsupported and undocumented hacks into the Windows kernel.

You do realise that the Kernel lock-down is something Microsoft should have done a long time ago. Othere Oses don't have open Kernels like Windows does (did) and Microsoft are making the right move by protecting the guts of the system from changes. There is absolutely no need for anyone to make any changes in the Kernel whatsoever.

And before you attack Microsoft again, it would be worth you reading up on OneCare and Defender and you'll realise that neither of these products require Kernel access in the way that Symantec want. So if MS can write security software that doesn't need access to the Kernel, so can Symantec.

Its only Symantec and McAffee who are *****ing about this. All the other players in the inductry are quite happy with the change. Kaspersky has openly stated as such. The reason behind this is simple, Symantec and McAffe have made their ends meat of writing "cheap and easy" software that uses, effectively, bugs in the Kernel to provide their security features. Now, due to this change, they will have to write a totally new suite that does the job properly and that will cut in to their profit-margin.

If you want to attack a company for writing poor software and keeping us flooded with new security problems, blame this pathetic excuse for a company (and McAffee, too)

Microsoft have made the best move they could in providing a stable and secure OS by locking down the Kernel. If these companies don't want to develop for the platform, then no-ones forcing them to. But they CAN still develop their software for it, if only they'd do some actual work in designing it.

Symantec is just pi*sed that MS killed their entire business model: Protect against MS Windows Viruses that we created.

IMHO a company is weak if their entire revenue model revolves around one product from one company. They attempted to create AV software for Mac, but it's not universal binary--thus nobody new to the Mac world uses it.

Exactly what I was thinking. MS's original screw up in writing Windows gave Symantec and others an opportunity to start and grow a business. Now that MS is trying to rectify the issue , Symantec is crying the blues. Sorry, get over it and find a new business to get into.

Been happening in the auto industry for years. Whenever the aftermarket guys come up with a great little idea, the manufacturers eventually incorporate that item directly into the car design cutting the aftermarket out. They (the aftermarket that is) just have to find a new idea.

Maybe what Symantec and McAfee are really afraid of is that Microsoft's security approach genuinely will make Windows far more secure, and that no one will need their products any more.

As it is I haven't bothered with anti-virus or anti-spyware on my own computers for years, and I probably will continue not bothering with Vista. Even my customers, who do have anti-virus and anti-spyware software, either go for years without seeing a single message about a virus or malware (and have no problems), or they frequently get infected anyway (and still get no message from their security software).

In other words, even now I find little benefit to having real-time anti-virus and anti-spyware software on a computer. The only use I find for such software is after-infection cleanup, after doing the initial dis-infection by hand.

From the MSDN blog quote:
"It's important to note that Kernel Patch Protection applies uniformly to Microsoft products as well as third party products. No code is allowed to modify the kernel using unsupported patching techniques. Security products developed by Microsoft only have access to the same supported interfaces that any other vendor would use."

So Symantec and Microsoft have a level playing field already.

Kernel patching should never be allowed. Period. The only reason that the kernel should be patched is when the kernel is being upgraded to a new release version of the OS. The point of the kernel is to have a stable base platform for the rest of the OS to build upon, and patching the kernel only ruins this stability, even if the person patching the kernel knows what he's doing.

 

[anandk]

Last Minute Changes to Windows Vista
*www.winsupersite.com/showcase/winvista_changes.asp

 

[Kiran.dks]

Hmmm..I expected this. Antispyware and firewall companies must be very happy with this decision. Antivirus market was never threatned by Microsoft.

 

[George66]

Tarey_g I was only being sarcastic .

 

[tarey_g]