Posted on 01/30/2006 11:00:56 AM PST by ShadowAce
Microsoft will omit anti-virus protection in Vista, the next version of Windows, which it plans to ship late this year. As with previous versions of Windows dating back to Windows 2000 at least, Redmond is promoting Vista as a landmark improvement in Windows security.
Jim Allchin, co-president of Microsoft's platform products and services division, told reseller magazineCRN that safety and security, improved user experience, and mobility features will be key additions in Vista. But there will be no anti-virus software, the Windows development supremo said during a questions and answers session with CRN. For unspecified business (not technical) reasons, Microsoft will sell anti-virus protection to consumers through its OneCare online backup and security service.
Symantec, though its assisted enquiries from investigators, has said it would rather take on Microsoft in the marketplace than cry foul to regulators over Microsoft's entry into the consumer anti-virus marketplace. McAfee has made no suggestion it's about to object to Redmond's encroachment on it traditional turf, either. So it seems Microsoft has either decided anti-virus technology is better delivered as a service or else figured out that's a better business model to pursue.
We're not sure which because Allchin ducked CRN's question on why anti-virus software won't feature in Vista by saying the answer was "complicated", but not based on technical concerns. Curiously, basic anti-spyware protection - via Windows Defender - will feature in Vista.
Vista will also include a major revamp of Internet Explorer (IE 7), features designed to thwart phishing, and group policy management features that make it easier to control the use of USB devices. Windows' built-in firewall will be revamped to filter malicious traffic originating from a Vista PC as well as ingress filtering, the half on the equation that came with Windows XP.
Allchin said security in Vista is far improved from Windows XP SP2, whose heavily touted security features include technology that has made computer worms (though not Trojans based on the recent Windows Meta File vulnerability) less of a problem. "SP2 was a very good system, but compared to Vista it's night and day," Allchin said.
In a separate Q&A session, Allchin was grilled by Redmond's local paper, The Seattle Times, during which he explained that Microsoft has changed its development program with Vista to include fewer release candidates for the operating system. New community-technology previews, with more frequent drops targeted at different audiences, will speed the development process, Allchin said.
The feature set in Vista has now been finalised and Microsoft's focus has moved on to quality assurance. "Between now and RTM we're doing nothing but listening to usability feedback, improving performance and quality," Allchin told CRN. ®
Legacy AntiVirus technology is useless against today's threats. Legacy AV is based off of 20+ year old threats. Simply put, it can't be updated fast enough and it is always reactive.
If you make the OS bullet-proof you don't need anti-virus protection in the first place...........
That's called OS X
I've been fooling around with Red Hat 9 Linux recently. For all that it's a couple of years old, it's pretty good; it seems a little 'quicker' than the W2K I normally use, but installing drivers and upgrades is still pretty grim. The real problem is lack of Linux drivers from peripheral manufacturers; SANE is a pretty good 'universal' scanner driver but my wife looks at the HP 6300C and wants to know why the buttons on the front don't work any more.
...or izzit SOX?..........
I'm betting that MSFT simply doesn't want to deal with the constant updating required by antivirus software. That and the risk that a nasty virus will get through and really tick off users.
Let Symantec and others bear this difficult burden. I think that's the "business" decision Microsoft is making here.
As someone said, "That way lies madness..."
Yea.
Step one. Remove 99.999% of the features of today's modern OSs.
Step two. Limit device support to a small number of devices that con be supported with simple drivers developed in house.
Step three. Do not allow any third party drivers to be loaded.
Step four. Only allow verified and tested third party software and only give that software a very limited API to interface to the OS with.
You've now got a decent starting poing for making a solid and secure OS.
Add in some rigid design procedures and outside test and verification, and if you're reasonably efficient, you'll only spend a couple thousand dollars per line of code for something arguably solid and secure.
For more information se the D.O. 178 standards for software design used in avaition system.
How interesting. Here is something to think about, given MS's new DRM policy of having to review every third party driver that goes into Vista: http://www.freerepublic.com/focus/f-bloggers/1567076/posts Anti-virus/spyware program developement are going to be dragged to the point where they will go months between driver updates/patches if ever considering third party anti-virus/spyware programers are going to have a difficult time telling the difference between Vista DRM and viruses/spyware.
The realities of the software industry in dealing with viruses and spyware is about to give MS a good hard slap over Vista plan DRM policies and programs.
See post 13.
See post 13 of this thread.
Step 0.5 Install OpenBSD out of the box!
Sounds a lot like MAC OS-xxxxxx.xxxx
Now, if MSFT decides to develop and market its own "Vista-oriented" AV system, now, that's another story. There's potential dollars to be found there.
No problem, plenty of good free AV, Spyware, Anti-trojan
software out there.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
See post 13, none of those programs will be allowed to run on Vista per MS's Vista DRM policy.
"I've been fooling around with Red Hat 9 Linux recently."
Try Fedora Core 4. It's not bad.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
OpenBSD is more secure and stable than Windows.
That's not saying much.
It comes no where near close to what I would consider secure or stable for an avionics application.
Actually Slashdot.org is the borg, but that's another issue.
Do you realize the ****storm MS is going to create because of this. When a major virus/spyware hits Vista, MS's Vista DRM policy will prevent third party patching to protect viruses/spyware for at least month if not longer, compared to the day or two it takes for anti-virus/anti-spyware programers to catch up and create patches for their programs.
The word of mouth from consumers will hurts sales because everyone will learn none of their old games, programs, freeware , nor hardware work will with Vista.
Most people do not have 2 grand in cash to shell out for not just a new computer, but a monitor and new software.
Keep in mind that legacy compatiblity was a new draw for previous Windows OS's.
MS is making the exact same mistakes that IBM and Apple made in the 80's, and they are going to hurt themselves by it.
"That's called OS X"
In a previously life it was called BSD.
There's more to it than that. Hackers also write viruses for bragging rights, and the fact is, OS X's UNIX roots make it much more difficult to crack than MS software.
Script Kiddies can write viruses for Windows, but you have to know your stuff to write a virus for OS X.
Ain't no such thing and never will be.
I'm sticking with XP. I have hardware that's good enough for it and I know how to protect-->>
antivirus
windows update
antispyware
use FireFox a lot
-->> my computer. I don't need any hand holding. But that's me. Doubtful-newbies, these people should buy an Apple or a Linux computer (cheap at Walmart_on_line) if they are worried about security. Or get solid advice on how to protect their computer though Vista just might make this a no-brainer
See post 13.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Simply put, there is no "bullet-proof" OS. If you think you have a bullet-proof OS then I invite you to keep on running it without any AV. All software is manmade and is therefore flawed. It is impossible to account for everything that could be attacked within a system.
You need to read this thread: http://www.freerepublic.com/focus/f-news/1567248/posts The RIAA and MPAA have lost a lot of their power in D.C. And since DRM is not going to be mandated by law, there will be alternatives.
I said you have to know your stuff to write a virus, not a program. There is a difference. A virus is intended to subvert the OS, a program is intended to cooperate with the OS.
Writing software for OS X is incredibly simple.
Well thank God. An OS should have an integral AV client.
Oh, please. When was the last virus that exploited a hole in a kernel mode driver?
And I'm asking you when was the last time a virus exploited a hole in a driver at all. If the answer is "never" (hint: it is), then the "problem" you're in such a panic about simply doesn't exist. There's no reason that software patches will be slowed by driver management, and drivers themselves are not a vector for virus infection.
You were asking about kernel mode drivers, not just drivers in general. Nice trick question. I have no time for your foolishness. But about drivers in general, drivers are parts of programs and as such some drivers can be exploited with viruses and spyware.
This always goes back to "no matter how well you build a lock, someone will figure out how to open it without the key".
I did you a favor by opening it up to any drivers that have ever been exploited by viruses. Nevertheless, only kernel mode drivers will require a signature - userland drivers can still be installed without one, and require no review, hence no delay in the off chance one becomes a virus vector.
Look, my man - there's plenty to criticize MS for on the security front, but this thing you've got here just isn't one of them. I'm sorry, but you don't know what you're talking about here.
Wrong, MS wants to approve every third party driver that goes onto Vista.
http://www.freerepublic.com/focus/f-bloggers/1567076/posts
From the first paragraph of that thread: in a new announcement, the company pledged to make it impossible to load any unapproved drivers under Vista.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.