Symantec/EU succeed in making Vista insecure

[maash]

http://it.slashdot.org/article.pl?sid=06/10/14/0832202

Microsoft Agrees to Changes in Vista Security

Posted by Zonk on Saturday October 14, @09:27AM

from the those-waters-were-a-mite-too-deep dept.

Security Microsoft Windows

An anonymous reader writes

"Bowing to pressure from European antitrust regulators and rival security vendors, Microsoft has agreed to modify Windows Vista to better accommodate third-party security software makers. In a press conference Friday, Microsoft said it would configure Vista to let third-party anti-virus and other security software makers bypass 'PatchGuard,' a feature in 64-bit versions of Windows Vista designed to bar access to the Windows kernel. Microsoft said it would create an API to let third-party vendors access the kernel and to disable the Windows Security Center so that users would not be prompted by multiple alerts about operating system security. In addition, Redmond said it would modify the welcome screen presented to Vista users to include links to other security software other than Microsoft's own OneCare suite. From the article: 'It looks like Microsoft was really testing the waters here, sort of pushing the limits of antitrust and decided they probably couldn't cross that line just yet.'"

http://www.washingtonpost.com/wp-dyn/conte...6101301280.html

Microsoft Now Decides to Accept Outside Security for Vista

By Brian Krebs

Special to the Washington Post

Saturday, October 14, 2006; Page D01

Microsoft Corp. did an about-face yesterday, agreeing to make it easier for customers of its forthcoming Vista operating system to use outside security vendors, such as those who make popular antivirus and anti-spyware programs.

Until now, Microsoft had planned to block those companies from installing their products in the deepest levels of the new operating system, which is scheduled for release early next year.

The company said it was doing so to address the concerns of security and performance in Windows XP and apply them to Windows Vista.

Microsoft's shift means that users would continue to have a choice in the programs they use to protect their computers and not be tied to something that Microsoft offers.

Microsoft is getting into the established, multibillion-dollar Windows security market with its own antivirus and anti-spyware services. The European Commission, which has fined Microsoft nearly $1 billion for antitrust violations, told the company that it was concerned that Vista's system for alerting users about security weaknesses might confuse customers who were using a similar alert system with other security programs.

Symantec Corp., maker of the Norton security programs, specifically took issue with what Vista users will see when they start their computers: a screen that advertises Microsoft's own antivirus and security services.

Symantec spokesman Cris Paden said the company was encouraged by Microsoft's announcement, but noted that it had not received any technical details about the plan.

"Right now we're in wait-and-see mode, but we're hopeful because it looks like customers are now going to have the right to use whatever security solutions they want with Vista," Paden said.

Microsoft said it is still gathering information from the software security vendors and will respond case by case.

The company said that blocking the core area of the operating system was also meant to enhance the performance of the entire computer, noting that unsupported access by outside software programs could affect the overall stability of the machine.

Stephen Northcutt, president of the SANS Technology Institute of Bethesda, a computer-security training group, said the changes that Microsoft agreed to make with Vista would help ensure that consumers continue to have a choice in security software.

"It looks like Microsoft was really testing the waters here, sort of pushing the limits of antitrust and decided they probably couldn't cross that line just yet," Northcutt said. "That's a good thing, because it's just too easy for mistakes to happen when you are only left with a single security provider."

[1759]

Potential for profit >>> security - I have to side with Microsoft on this, even though I dislike Vista a great deal, but they at least attempted at securing the system and get complaints about it in the process.

[whitebread]

Man. Symantec sucks b***s. They really **** me off :angry:

[ViperAFK]

the likeliness of me ever buying a pc with vista on it is rapidly decreasing.

[Allan]

the likeliness of me ever buying a pc with vista on it is rapidly decreasing.

I have to agree with you. I wonder, if Win 98 is still used 8 yrs after release ... how long will XP remain used for?

[Express]

Symantec related changes are only in Vista SP1.

The release that is scheduled for next month will not have the changes.

[L3thal Veteran]

Symantec and their best buddies, EU, at it again.

[MindTooth]

The ****ers over at the Symantec office, should have been dragged out on the street, and knocked **** outta them.. All this **** about the PatchGuard crap from Symantec, is just crap. Nothing else..

[Stunna]

This is stupid

MS should make two more versions of vista

Actually just release a powertoy to re enable the patch guard

[MindTooth]

Symantec is just getting Microsoft make Vista as insecure as other Windows versions before. Just to make more money.. It is just absurd...!

[xxdesmus]

Well this is too bad. It's groups like Symantec, McAfee, and the EU that generally suck at life.

We go from a good idea that will make all of our millions of Windows computers that much more secure, to Microsoft essentially being forced to give in to these self serving douche bags. This annoys me to no end.

I say we boycott Symantec (and Norton) and McAfee products here in the US! :angry: (Y)

[Andareed]

What ms needs to provide is a stable/documented interface for hooking the kernel (specifically the SDT). If they did this, they could keep patch-guard in place and still keep security vendors happy.

And the statement that patch-guard makes computers more secure is silly. In order to run at kernel-mode at all, you need a signed driver. What malware/rootkit is going to sign their drivers? There's an easy case that patchguard makes computers more stable, since SDT hooking is unstable, since there is no way to unload your hook once installed - the solution is to create a stable hooking api as I've said above.

[primexx]

wtf, disable the security center? is this in the US version too? ****ing bastards.

[Argi]

They should add an option to disable that API if anyone from microsoft is reading this.

My understand is that only Symantec and Mcaffee are using this API, and that others companies aren't have any trouble. Mabye it should only be in the "N" (lol) version.

[MindTooth]

Hehe, that is one heck of a suggestion.. Feature list for Windows Vista N: PatchGuard disabled (This is to make it more insecure, and pleases Symanted and McAfee).

[5Horizons]

Microsoft said it would create an API to let third-party vendors access the kernel and to disable the Windows Security Center so that users would not be prompted by multiple alerts about operating system security.

All I can say is that I'm glad the EU is here to protect me from Microsoft. Without this new API, the SuperPornoToolbar I just downloaded might not have been able to disable the security center!

[Soham]

haha European version = Buy Protections from Symantec and Rest of world = Thanks you Microsoft. Apple, Looks like our fame of secure OS is gone. :D

[whitebread]

Here's a question... A program like Novell (the client for NetWare) seems to integrate fairly deeply into the OS (even going as far as replacing the logon process). Would they not have problems if they could "play" with the kernel? Perhaps this might have more practical uses for companies aside from Symantec/McAfee? :unsure:

[gdodson]

Now to make Windows Defender mark McAfee and Symantec products as system security compromising software.

[nvllsvm]

Lame.

[Andareed]

@guylaroche: Logon is mostly handled in user-mode. Most likely novel is using a gina replacement dll, which is supported and documented by ms.

[remix17]

Super lame. Symantec just lost all respect I had for them, which was not a lot to begin with.

[Danrarbc]

Vista just lost it's major under the hood advantage.

It is now effectively a useless upgrade.

Congrats Symantec.

[Sartoris]

They should only allow symantec to alter Vista-N as it is the European version. The EU can't force them to change the other versions.

[psyko_x]

Why the hell would I trust Symantec to protect my system over the company that wrote all the code and knows the OS inside and out??? %#@ing ridiculous that MS spent so much time trying to make the OS secure and now they have to scale back on their efforts.