Symantec/EU succeed in making Vista insecure

[S.MULLA]

symantec is absolutely a retarted company- i hope symantec loose millions over the next coming months in revenue- and i hope MS Onecare kicks off...

[halcyoncmdr]

See here is my problem with all of this. Since Symantec makes crappy software, tehy NEED access to the kernel, other BETTER anti-virus companies never needed acccess to the kernel, take Sophos, Trend Micro, etc. as perfect examples.

Blocking access to the kernel would have been a great feature, how long do you think it will be before there is a virus that takes advantage of this new API?

[The_Decryptor Veteran]

Well, PatchGuard is pretty pointless now, isn't it?

the software it was designed to protect against (rootkits) can now just use the API MS have to include for Symantec, and turn off the protection.

Edit: hmm, easy way for Symantec to get some money, cry Anti-Trust, MS backs down and neuters the feature, neutered feature allows rootkits, Symantec start selling anti-rootkit software.

Edited October 15, 2006 by The_Decryptor

[lgs]

Couldn't MS just write the API and digitally sign it and then issue it to Symantec, McAfee so that they have to have it at the beginning of there installation, instead of adding it directly to the Vista code so that the rest of us aren't affected.

The United Kingdom Labour party seems to like the US more than the EU perhaps we should just change to become the next US state

[TheDogsBed]

Microsoft releasing an API? Hmmm. I seem to recall having heard something similar before. Any bets that Symantec and others will still be waiting for it this time next year? It's just another tried and tested Microsoft strategy: Tell them what they need to hear for a while. Might end up in court one day, but that's what appeals are for. Business as usual, boys.

[LTD]

What ms needs to provide is a stable/documented interface for hooking the kernel (specifically the SDT). If they did this, they could keep patch-guard in place and still keep security vendors happy.

And the statement that patch-guard makes computers more secure is silly. In order to run at kernel-mode at all, you need a signed driver. What malware/rootkit is going to sign their drivers? There's an easy case that patchguard makes computers more stable, since SDT hooking is unstable, since there is no way to unload your hook once installed - the solution is to create a stable hooking api as I've said above.

I think we should give the above some consideration. People seem to have just passed over this.

[xxdesmus]

Edit: hmm, easy way for Symantec to get some money, cry Anti-Trust, MS backs down and neuters the feature, neutered feature allows rootkits, Symantec start selling anti-rootkit software.

You nailed that right on the head. :yes:

I am serious, we should boycott Symantec and McAfee :angry: :crazy:

[*John*]

I dont see the problem myself? Home computing has evolved with two industries, the OS and the security software. For the OS companies like microsoft to continue as they have, would have serious consequences for the security software industry. That cant be allowed, on moral grounds at the very least, and economic grounds. Think of the number of employees of the security software industry?

[LTD]

I dont see the problem myself? Home computing has evolved with two industries, the OS and the security software. For the OS companies like microsoft to continue as they have, would have serious consequences for the security software industry. That cant be allowed, on moral grounds at the very least, and economic grounds. Think of the number of employees of the security software industry?

FIANLLY! Someone understands BOTH SIDES. I've been waiting for you, John.

I posted this in the Main News area, and I'll post it here as well. I invite one and all to dive in an discuss!

-------------------------------------------------

I think alot of you are misunderstanding the issue as a whole. Don't confine your analyses to this single MS-EU-Symtantec/McAfee perspective.

Folks, a whole industry has grown up around Microsoft's horribly flawed operating systems. Companies like Symantec, Norton, et al, have staked everything on the antivirus/ant-malware market, that sprung up in the first place because . . . . . .

***drum roll**

WINDOWS IS (AND WAS) INSECURE BY DESIGN. Period. End of story. I'll get back to this point in a little bit.

And now, after years of serving the Windows community (on which these antivirus companies depend), they are faced with a situation in which they will be locked out. If I was at a board meeting with Norton or Symantec execs and my livelihood depended on feeding antivirus software to consumers, I WOULD BE DAMNED if that board simply allowed MS to suddenly walk away with an operating system which not only locks us out of our current business relationship, but seems to (at least in principle) take away the consumer's choice (which they have had for years) in regard to protective software. Put yourself in the shoes of this antivirus industry, and you'll understand why execs, programmers, and distributors take a dim view of MS giving the virtual finger to 3rd party developers of antivirus software and associated products.

It's simply too late for MS to provide its own security solutions and walk away. Blame Microsoft. MS has blown off security concerns for years, and has happily opened the door to 3rd party developers to come in and fill the need.

One would have thought that security concerns would have been taken care of with Win95 and 98, ME. But Windows XP Home Edition shipped with five ports open!!! And in 2001, no less. Mac OS X, by comparison . . . you guessed it. No open ports. Anything that tried to install itself on Windows, did. Not even a basic password prompt to warn users that crap was being installed onto their hard drive. It's so simple, so basic. But the last thing MS was going to do back then was to provide their own security solutions (as if ! ) when they knew full well that 3rd party developers would pick up the slack and fill store shelves with their own solutions. Far cheaper for Microsoft. Except who ended up paying for it? YOU. The user.

And now, here we are. The move by the EU and the cries of foul by antivirus developers is understandable. MS can't simply walk away from their business model without the interested parties blocking the exit. And only Microsoft is to blame.

As for Vista, I have no vested interest in it, as many of you have come to realize. I run OS X. But my best advice to you is this: either live with the lingering security problems that will certainly exist in Vista (on whatever scale), or just stick with XP for as long as you can before you deem Vista secure enough to use. Time will tell. If all else fails, you know that there are operating systems out there that can serve you just as well, at least in the home.

Edited October 15, 2006 by LTD

[Xerxes]

I'm not surprised, there is no money in a safe operating system (when your a security software company) so of cause they will try to make Vista unsafe, so you will need to buy their software...;)

[TruckWEB]

I dont see the problem myself? Home computing has evolved with two industries, the OS and the security software. For the OS companies like microsoft to continue as they have, would have serious consequences for the security software industry. That cant be allowed, on moral grounds at the very least, and economic grounds. Think of the number of employees of the security software industry?

You know what? I don't care! I really don't care about the security industries and software they build. Imagine for one moment that Microsoft could have done a secure OS from the start... This "security" industrie would have never existed in the first place.

Now that Microsoft is trying hard to secure a new OS, it gets shooted down by this industrie because now they are scared of loosing money... What the hell is wrong with the world?

As for EU : Microsoft should just give them a Vista-N version with NOTHING inside, only a core OS with all doors open, no IE, WMP, MovieMaker, Sidebar, Mail, no codec, .... nothing.

It's funny because many Linux distro come preloaded with much more software AND better security and you don't hear a bip from EU about it....

[Fourjays Veteran]

FIANLLY! Someone understands BOTH SIDES. I've been waiting for you, John.

I posted this in the Main News area, and I'll post it here as well. I invite one and all to dive in an discuss!

-------------------------------------------------

I think alot of you are misunderstanding the issue as a whole. Don't confine your analyses to this single MS-EU-Symtantec/McAfee perspective.

Folks, a whole industry has grown up around Microsoft's horribly flawed operating systems. Companies like Symantec, Norton, et al, have staked everything on the antivirus/ant-malware market, that sprung up in the first place because . . . . . .

***drum roll**

WINDOWS IS (AND WAS) INSECURE BY DESIGN. Period. End of story. I'll get back to this point in a little bit.

And now, after years of serving the Windows community (on which these antivirus companies depend), they are faced with a situation in which they will be locked out. If I was at a board meeting with Norton or Symantec execs and my livelihood depended on feeding antivirus software to consumers, I WOULD BE DAMNED if that board simply allowed MS to suddenly walk away with an operating system which not only locks us out of our current business relationship, but seems to (at least in principle) take away the consumer's choice (which they have had for years) in regard to protective software. Put yourself in the shoes of this antivirus industry, and you'll understand why execs, programmers, and distributors take a dim view of MS giving the virtual finger to 3rd party developers of antivirus software and associated products.

It's simply too late for MS to provide its own security solutions and walk away. Blame Microsoft. MS has blown off security concerns for years, and has happily opened the door to 3rd party developers to come in and fill the need.

One would have thought that security concerns would have been taken care of with Win95 and 98, ME. But Windows XP Home Edition shipped with five ports open!!! And in 2001, no less. Mac OS X, by comparison . . . you guessed it. No open ports. Anything that tried to install itself on Windows, did. Not even a basic password prompt to warn users that crap was being installed onto their hard drive. It's so simple, so basic. But the last thing MS was going to do back then was to provide their own security solutions (as if ! ) when they knew full well that 3rd party developers would pick up the slack and fill store shelves with their own solutions. Far cheaper for Microsoft. Except who ended up paying for it? YOU. The user.

And now, here we are. The move by the EU and the cries of foul by antivirus developers is understandable. MS can't simply walk away from their business model without the interested parties blocking the exit. And only Microsoft is to blame.

As for Vista, I have no vested interest in it, as many of you have come to realize. I run OS X. But my best advice to you is this: either live with the lingering security problems that will certainly exist in Vista (on whatever scale), or just stick with XP for as long as you can before you deem Vista secure enough to use. Time will tell. If all else fails, you know that there are operating systems out there that can serve you just as well, at least in the home.

Pretty much as I said on the main page...

Other security companies don't need kernel access, and have already made their software (or are making it) work on Vista with no problem. Symantec are just being lazy about it - they would need to rewrite their security software to run on Vista, instead of just making a few alterations to make it look new.

Personally, it makes no difference to me - I doubt I'll bother with Vista as it now seems to be nothing more than a horrible UI and more "user is a dumb s***" prompts, now that all the decent features have been removed for one reason or another. :(

OSX seems more attractive everyday. :p

[gxsaurav]

WINDOWS IS (AND WAS) INSECURE BY DESIGN. Period. End of story. I'll get back to this point in a little bit.

Lets assume what u r saying is correct for a minute. So now since Windows was insecure, they are trying to fix the problem. But they get sued, cos it's their own OS, & still they cannot make it secure

Now Microsoft should add one sticker to the Windows Vista retail box

Note - Due to European Commission strict rules & regulation, Windows Vista for Europe does not provide any security features at all, you are advised to use a third party security application or suite as per your requirement. Charges may very for these suits

[Noveed]

Lets assume what u r saying is correct for a minute. So now since Windows was insecure, they are trying to fix the problem. But they get sued, cos it's their own OS, & still they cannot make it secure

Now Microsoft should add one sticker to the Windows Vista retail box

Note - Due to European Commission strict rules & regulation, Windows Vista for Europe does not provide any security features at all, you are advised to use a third party security application or suite as per your requirement. Charges may very for these suits

what if everyone starts importing US version?

[Inplode]

:no: :no: :no: :no:

[gigapixels Veteran]

what if everyone starts importing US version?

That is very well their choice. Microsoft just has to offer the less secure version in order to make the EU happy.

[TheDogsBed]

I'm not surprised, there is no money in a safe operating system (when your a security software company) so of cause they will try to make Vista unsafe, so you will need to buy their software...;)

You mean, as opposed to the almost comedy situation of the maker of the O/S then selling you software to cover up the lack of security in their Operating System?

Now I'm no economist but doesn't it seem a tad silly to ship a product which people will only really buy if your core product has security holes in it?

[Mouldy Punk]

I haven't really been keeping track of the Vista versions. Are the N version basically just watered down proper versions? And are the N versions the only ones being offered to European countries or will the other versions also be offered?

[Andareed]

I posted this on the main forum because I think almost everyone posting here has no idea about how programs currently access the kernel:

*sigh*, I wish people would actually understand the implications of a disabled patchguard.

First, all drivers have to be signed to get access to the kernel - that means purchasing a $300 certificate. If malware/rootkits do get signed, ms can easily blacklist their certificate.

Second, drivers already have access to the kernel. It's already possible to hide registry entires and files using fully supported means.

The argument for patchguard should be stability not security. The unsupported patching that many vendors do is inheritely unstable (once you install a hook you can't unload it safely). What ms should do is create a stable api (which they might be doing according to this article) to patch the SDT.

Please understand the implications of patchguard before posting total nonsense!

I'm also curious to know if this will affect only the "N" editions or not. I suspect this will probably go into all versions, as supporting a special kernel with patchguard disabled seems unwieldy.

[Ambroos]

Anyway, the Vista Not-N editions will be probably available too...

[psyko_x]

I dont see the problem myself? Home computing has evolved with two industries, the OS and the security software. For the OS companies like microsoft to continue as they have, would have serious consequences for the security software industry. That cant be allowed, on moral grounds at the very least, and economic grounds. Think of the number of employees of the security software industry?

Symantec is deathly afraid that Windows will be as secure as Linux. Linux makes sure only administrators have access to do certain things. Windows has finally mimicked that behavior with UAC and also prevented kernel access with something that's apparently called PatchGuard. If the new Windows was as protected from viruses as Linux, Symantec would be in a lot of trouble. People don't sue Linux developers for making their OS so secure that they don't need antivirus companies. It's complete BS that people immediately blame MS for killing off competition when they write a secure OS, but the Linux community can make their OS as secure as they want. Why should Windows be forced to be insecure? Why should they be forced to open up the kernel when they don't want to even though Apple and Linux OSes don't have to take orders about their security features??

[LTD]

Symantec is deathly afraid that Windows will be as secure as Linux. Linux makes sure only administrators have access to do certain things. Windows has finally mimicked that behavior with UAC and also prevented kernel access with something that's apparently called PatchGuard. If the new Windows was as protected from viruses as Linux, Symantec would be in a lot of trouble. People don't sue Linux developers for making their OS so secure that they don't need antivirus companies. It's complete BS that people immediately blame MS for killing off competition when they write a secure OS, but the Linux community can make their OS as secure as they want. Why should Windows be forced to be insecure? Why should they be forced to open up the kernel when they don't want to even though Apple and Linux OSes don't have to take orders about their security features??

You don't get it. Read my previous post. This has nothing at all to do with Apple or Linux, either.

Windows has been insecure since 1995. They did nothing in 1998. They did nothing in 1999, 2000, 2001. And meanwhile, all that time, the antivirus industry has gorwn up around MS' flawed design, and both MS and the antivirus indistry have become dependent on one another. Largely due to MS' irresponsibility or ignorance from the very beginning.

And now, all of a sudden, after years and years of giving YOU the shaft and having YOU spend extra $$ on antivirus software, MS has decided it wants control over Windows security, and the antivirus companies can find something else to do.

No way. No dice. MS cannot simply end the relationship without facing possible legal/legislative consequences.

Who's to blame? MS. 100%. When there was a chance to actually address the problem and find viable in-house solutions, they decided to go the cheaper route and farm the security side out to other 3rd parties. And now MS wants to toss them out of the picture after so many years. Do you honestly think these antivirus developers are going to go quietly? Not a chance. More power to them. MS' chickens are now coming home to roost, and alot of you *still* don't understand the economics of the problem.

[MurrayF1]

whats a bet all the pro API comments are from employees of security companies.

[Fourjays Veteran]

You don't get it. Read my previous post. This has nothing at all to do with Apple or Linux, either.

Windows has been insecure since 1995. They did nothing in 1998. They did nothing in 1999, 2000, 2001. And meanwhile, all that time, the antivirus industry has gorwn up around MS' flawed design, and both MS and the antivirus indistry have become dependent on one another. Largely due to MS' irresponsibility or ignorance from the very beginning.

And now, all of a sudden, after years and years of giving YOU the shaft and having YOU spend extra $$ on antivirus software, MS has decided it wants control over Windows security, and the antivirus companies can find something else to do.

No way. No dice. MS cannot simply end the relationship without facing possible legal/legislative consequences.

Who's to blame? MS. 100%. When there was a chance to actually address the problem and find viable in-house solutions, they decided to go the cheaper route and farm the security side out to other 3rd parties. And now MS wants to toss them out of the picture after so many years. Do you honestly think these antivirus developers are going to go quietly? Not a chance. More power to them. MS' chickens are now coming home to roost, and alot of you *still* don't understand the economics of the problem.

Neither do you. MS ARE NOT stopping AV companies from making security software for Windows. They simply put protection on the kernel. Not a problem for most of the security companies. They have either worked around it, or it hasn't made a difference to their software anyway. That is what is so silly about this; only Symantec are complaining, and unnecessarily, as other companies have proven that MS has not locked them out, nor made it hard for them to make security software that works with Vista.

As far as I can see, Symantec are complaining because they will have to re-write their security suite to work without kernel access, rather than just altering a few things and changing "2006" to "2007".

[LTD]

Neither do you. MS ARE NOT stopping AV companies from making security software for Windows. They simply put protection on the kernel. Not a problem for most of the security companies. They have either worked around it, or it hasn't made a difference to their software anyway. That is what is so silly about this; only Symantec are complaining, and unnecessarily, as other companies have proven that MS has not locked them out, nor made it hard for them to make security software that works with Vista.

As far as I can see, Symantec are complaining because they will have to re-write their security suite to work without kernel access, rather than just altering a few things and changing "2006" to "2007".

It all depends on how that rewrite will affect them economically. This is a stretch I know, but I'd like to see - maybe you can tell me - just how much this rewrite will affect Symantec's bottom-line.

If I'm wrong, I'll be the first to admit it and do penance.