MS To Build Antivirus Into Win8: Boon Or Monopoly? 748
jfruhlinger writes "Microsoft has quietly announced that it's planning on baking anti-virus protection right into the Windows 8 OS. Users have been criticizing Windows' insecurity for years — but of course this move is raising howls of protest from anti-virus vendors, who have built a nice business out of Windows' security holes. Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"
Argh. (Score:5, Insightful)
So making an OS more secure (I know, they could get rid of security holes... but...) is also monopolistic?
To me, this is kinda like saying IrfanView should sue because MS includes Paint or Picture Viewer or whatever they include.
IE was a bit trickier, because they did their own thing with HTML and stuff and you HAD to use IE in order to view some stuff, so it was a bit nastier. But a virus detector? What are they going to do, write viruses that only their software can find... but then they wouldn't work on other OSes... so it wouldn't be much of a lock-in.
Perspectives (Score:5, Insightful)
The capitalist in me screams, "Anti-competitive!"
The IT guy in me exclaims, "It is about time."
The consumer in worries, "How will this impact performance?"
Re:Anti-Trust (Score:5, Insightful)
I look at anti-virus as a compression bandage. It staunches the bleeding, but does nothing to prevent the injury....
Maybe a more secure OS from the get-go might help? Although Win 7 seems to be a step in the right direction....
Depends on if it can be turned off and if its good (Score:4, Insightful)
Re:Anti-Trust (Score:5, Insightful)
And also - what kind of anti-virus will be first on the list of the malware producers to circumvent?
Today there are many different AV solutions and it's almost impossible to evade them all, but now there will be one main target.
AV is a band-aid (Score:1, Insightful)
Imagine if God gave humans band-aids instead of giving humans blood clotting. Microsoft should fix their software so AV isn't a requirement.
Why dont they just change the user security system (Score:0, Insightful)
and force people to use a non-administrator account for applications?
Re:Anti-Trust (Score:5, Insightful)
Because there are no virus scanners, rootkit detectors, etc. for Linux, right? Oh wait there are...
Linux virus-scanners are primarily used to detect Windows viruses on servers so the Windows machines accessing those servers don't pass their infections around.
When was the last active Linux virus released?
Re:Perspectives (Score:5, Insightful)
The capitalist in me screams, "Anti-competitive!"
The IT guy in me exclaims, "It is about time."
The consumer in worries, "How will this impact performance?"
Did you have the same worries when MS put a firewall in XP with Service Pack 2 in 2004?
Re:Anti-Trust (Score:5, Insightful)
Re:Argh. (Score:4, Insightful)
To me, this is kinda like saying IrfanView should sue because MS includes Paint or Picture Viewer or whatever they include.
I would see a main difference is that you normally can't run 2 different AV software packages at the same time. It brings the machine to a screeching halt as they fight each other (and they run always in the background). Having Paint or Picture Viewer doesn't hinder IrfanView from working right. Now if MS made it easy enough to turn off their AV so you could use another package, I don't have issues with it.
Re:Anti-Trust (Score:5, Insightful)
This whole Microsoft witch hunt is ridiculous.
MS does lots of things that should get people and governments mad but including necessary software is not one of them.
First off you need a browser on OS install, and you really really should have a antivirus so that you don't get infected while searching the internet for one.
Whats next, MS is evil for including paint and notepad?
Or it is unfair for the game industry that solitaire is installed along with the OS?
Re:Anti-Trust (Score:3, Insightful)
MAC
(and I don't mean the computers from Cupertino)
Re:Anti-Trust (Score:5, Insightful)
You can't have an OS that is secure against viruses, so long as 1) it allows the user to install software, and 2) it does not provide a strict sandbox for said software.
Linux, for example, permits viruses to be written. So does OS X. The reason why viruses do not proliferate on those systems is because they're not a particularly interesting attack target, and because (specifically in case of Linux) they are typically run by competent users who don't run random binaries off the Net.
iOS, on the other hand, does not have viruses, because 1) all software comes from a trusted location with no way to circumvent this, and 2) software is sandboxed such that it cannot modify other binaries on the system or create new ones, even in directories otherwise writable by the user who runs the software.
TL;DR version: the kind of security that you want is called a "walled garden". Furthermore, you're going to get just that in Win8. When there'll be the next Slashdot story on the horrors of iOS lockdown, keep that in mind.
Re:Anti-Trust (Score:2, Insightful)
Actually, you should not be to sure about that. A quick search on techniques to avoid AV detection reveals that there are not only suits but services for malware producers to try out their new malware in and to see if they get caught by the most widely used AV software. And the techniques to avoid catching, well, there are plenty a quick search will reveal that.
The Technologist Perspective (Score:5, Insightful)
The Technologist in me screams: "Spend more time making your OS secure and less time trying to band-aid it with virus protection!"
Re:Anti-Trust (Score:5, Insightful)
An application doesn't "need" access to all of the user's data. But how do you prevent code that runs at the users' access level from being able to access all of the data that the user has access to? If the app developer can get users to grant access to their data (not hard to do) how can the OS prevent them without having a locked down environment?
Re:Monopoly (Score:4, Insightful)
That, and Norton slows down and generally screws up Windows so much that it makes Microsoft look bad. I've never found a problem that couldn't be fixed with "uninstall Norton", because the damn thing is worse then most of the viruses it supposidly stops.
The user experience matters. Microsoft limited what sound drivers could do in kernel space years ago for the same reason - Creative's drivers were so bad that they made Windows as a whole look bad.
Re:Anti-Trust (Score:5, Insightful)
How else would you do it? What if you have a file you want to open up in more than one application? In entirely plausible to have multiple processes operate on a file in series. For instance, you use a photo editor to manipulate an image. Then you insert that image into a document. Then you compress that document. Then you send that document via email. That document has been around the block through several applications. What are you supposed to do, give each application individual permissions to access the document? Is this the height of productivity?
Re:Anti-Trust (Score:5, Insightful)
Linux, for example, permits viruses to be written. So does OS X. The reason why viruses do not proliferate on those systems is because they're not a particularly interesting attack target
LOL you must be new to this "internet" thing or channeling 1995.
because (specifically in case of Linux) they are typically run by competent users who don't run random binaries off the Net.... iOS, on the other hand, does not have viruses, because 1) all software comes from a trusted location with no way to circumvent this,
The linux and ios situation are closer than you seem to think.
I would guess than 99.999% of Debian installs have nothing but debian.org packages and perhaps a handful of nvidia drivers, multimedia repo files, and maybe some weird firmware files. All my "server" type boxes are 100% nothing but Debian packages, only my desktops and mythtv frontends have anything else.
Make it impossible to circumvent, people get annoyed at the restriction, simply because it is a restriction, regardless if they intend to actually go beyond it. Make it really inclusive, easy to add, as open as possible, and inconvenient to avoid, and people are OK with it. Golden handcuffs, sorta.
Re:Anti-Trust (Score:2, Insightful)
Comment removed (Score:4, Insightful)
Re-arranging the deckchairs on the Titanic (Score:4, Insightful)
Is this a good move by Microsoft, or a leveraging of their monopoly as bad as bundling Internet Explorer?"
If the authorities feel they should "do something" about the MS monopoly then they should force them to spin off MS Office and other business apps as a separate business, look deeply into how their Windows licensing deals with OEMs work, and require open standards for all Government contracts. Without that, arguing over whether they can bundle minor utility "x" is just inconsequential.
Modern operating systems are expected to include a pretty comprehensive suite of utilities, protocol stacks and basic applications. Monopoly or no, its getting a bit silly if OS X, iOS, Android, and the major Linux distros can bundle a web browser (or, more specifically have HTTP and HTML APIs in their OS) but Windows can't.
Re:Anti-Trust (Score:5, Insightful)
In Linux you have a "default walled garden" that is your distribution and related repositories. You can jump out the garden, but is not so trivial for the casual user and gives time to think what they are really doing.
Still, nothing forbids you to install a .rpm/.deb that as root do evil things in your own system, if you really try and accepts all warnings, root passwords questions and install the needed certificates. There is nothing foolproof if the fool is smart enough.
Re:Perspectives (Score:4, Insightful)
The capitalist in me screams, "Anti-competitive!"
You do realize that all businesses successful under capitalism engage in anti-competitive behavior, right? It's called competing, ironically enough. You compete by beating down other competitors, and if you actually care at all about profits and/or actually believe you have the best product you hope you beat them dead.
I personally think the only capitalist system which won't be anti-competitive in practice and eventually miserable for the general public is one so heavily regulated it occasionally teeters on the brink of socialism. I'm also not averse to actual socialism, but I think pure capitalism was a cruel, inhumane fiction from the beginning (and now that I've said that this comment will be modded down into the depths of -1 troll/flamebait/'overrated').
You can believe in the benefits of more than one of the fundamental economic systems at once. I promise you won't die. You can even mix them together; it's usually even better that way. It's like a tasty, tasty swirl cone with both chocolate AND vanilla!
Re:Anti-Trust (Score:5, Insightful)
Linux, for example, permits viruses to be written. So does OS X. The reason why viruses do not proliferate on those systems is because they're not a particularly interesting attack target
LOL you must be new to this "internet" thing or channeling 1995.
No, he's completely right. Windows is still 90%+ of the desktop usage and so is the most interesting target for that reason alone.
The fact that it's also historically been an easier target is gravy.
Re:Anti-Trust (Score:5, Insightful)
I would guess than 99.999% of Debian installs have nothing but debian.org packages and perhaps a handful of nvidia drivers, multimedia repo files, and maybe some weird firmware files. All my "server" type boxes are 100% nothing but Debian packages, only my desktops and mythtv frontends have anything else.
That's because you're not in the "casual user" category. Any sane Linux user would use his distro's package repository first and foremost, and yes, this does reduce the risk of infection down to practically zero. But, so long as you can manually install a downloaded package - and in most Linux distros you can do so by e.g. downloading an .rpm/.deb file and clicking on it (and elevating) - you have to convince non-tech-savvy users that, no, "BARELY_LEGAL_THREESOME.rpm" or "Angry_Birds_2.deb" dropping into their mailbox is really not from some mysterious but benevolent stranger, and they shouldn't try to install it.
In short, you need to make installing software not from repositories so hard that a casual user wouldn't know how to do so, and any instruction for him would be too complicated to be follow on a whim.
Re:The Technologist Perspective (Score:2, Insightful)
You should remind the technologist in you that those two things are not mutually exclusive/
Re:Anti-Trust (Score:4, Insightful)
A large chunk of the enterprise sector uses Linux, as do a large chunk of web servers.
There is a large and interesting attack target. Usually when they do find exploits for a LAMP stack, it is within PHP or Apache, and not the Linux kernel. So both parties are correct in that Linux does have vulnerabilities as well, but even when people are targeting Linux, it proves to be more secure on the whole than Windows.
A big part of the problem is that Unix and Unix variants have been designed for security from the beginning. They've been designed to sandbox apps, and not run everything with full rights.
Windows was designed for users to have admin rights from day 1. Even when Windows started to introduce UAC, they did so in a manner that just annoys most people into turning it off. And so many Windows applications need full rights (because of the Windows mindset that they always could before) that it is difficult to properly sandbox everything.
Windows has made great strides in security over the past 10 years, but that doesn't make it a secure OS.
Re:Perspectives (Score:5, Insightful)
The reason I started using it on Windows desktops is I saw a fairly comprehensive review of 19 different popular anti-virus products.
Security Essentials had the second lowest footprint, and the second best detection engine. And given the price (free and doesn't harass you to upgrade to a paid product) and I think it is hands down the best solution for the average user.
You can blast Microsoft for a lot of products, but Security Essentials is pretty solid.
Re:Either sub-accounts or Bitfrost-style capabilit (Score:3, Insightful)
So how do you keep the same user who downloaded malware in the first place from granting rights to the app? What if you want to use four or five different apps with the same document? iOS has one model where you send a copy of a document to another app, but who wants to do that?
And you have dozens of different permissions that the app asks for (see RIM). How do you keep granny from granting unnecessary rights to the app?
Re:Anti-Trust (Score:5, Insightful)
He's right about the "typically run by competent users" (or in the case of embedded devices, typically built by competent engineers) but "interesting attack target"?
Hackers and botnet owners would love to have access to the millions of always-on Linux servers (often in colos with huge bandwidth available) or the hundreds of millions of TVs, BD players, and (again, always-on) DVRs that run Linux.
Re:Anti-Trust (Score:5, Insightful)
Including a default browser is one thing. Compiling *your* browser into the innards of *your* OS tends to put the competition at a disadvantage. Not to mention opens your OS up to even more security hacks.
If one could remove IE from Windows it would one thing, but you simply can't. It's baked in. Even if you remove the interface for it, the innards and all it's security issues still remain.
Re:Anti-Trust (Score:4, Insightful)
Anti-competitive? (Score:5, Insightful)
How the hell is making your OS behave the way your customers expect anti-competitive?
What if MS made their OS inherently secure, such that it didn't need AV? Would that also make it anti-competitive? That would completely eliminate the AV software companies!
Ridiculous...
I have ragged on Microsoft here before... (Score:5, Insightful)
But the sooner the anti-malware "ecosystem" disappears the better.
You should not have to purchase third party software to keep an operating system secure or from eating itself (all the snake-oil "registry cleaners" and "application uninstallers"). Such functions should be part of the OS at worst, or better yet, unnecessary.
--
BMO
Re:Anti-Trust (Score:5, Insightful)
Personally, I don't care much about the user. I care about the system. I have no control over the user. He can delete every single file in his workspace, for all I care. He can download and run viruses intentionally, for all I care. My concern is, he doesn't compromise the system, the network, or his fellow workers. The user is responsible for his own stuff. Kinda like, the guys I work with are all responsible for their own tools, their own desks, their own housekeeping. I'm not vacuuming cookie crumbs out of their desks, but I'll make sure that the workspaces are locked after hours.
Re:Anti-Trust (Score:4, Insightful)
How did that work in Vista with UAC?
Re:Anti-Trust (Score:5, Insightful)
Too true! Capability computing has for so long been neglected but it could solve many of the current security issues.
For instance: I would love to grant any new app the following rights:
- interact with my screen
- interact with folder X and subfolders (read-only) in the program location
- interact with folder X and subfolders (read-write) in the data location
- interact with folder X in the registry (read-write)
For games additional rights would be:
- interact with my graphics card directly
- interact with my soundcard directly
Actually, there isn't a single reason why programs shouldn't be sandboxed like that as a default, and only getting additional rights when specifically requested and granted by the OS. Combine that with transparent redirects and most programs should run okay. Sandboxie (http://www.sandboxie.com/index.php) already does it so how hard would it be for the Windows engineer to incorporate something like that into the OS?
Re:Anti-Trust (Score:2, Insightful)
The cost of Internet Explorer is bundle into Windows, or do you really think Microsoft develops IE as a charitable activity?
Did you even bother to think before posting?