Operation Vista: An Exercise in Greed

Filed under: Technology — one October 7, 2006 @ 1:24 pm

I know, it's all too popular to slam Microsoft and these days it's especially common to slam Windows Vista, but hear me out because I'm going to do my very best to approach this even-handedly.

If you've been reading tech news in the past few weeks you assuredly know all about how Symantec and McAfee have made public claims that Vista is insecure.  You may not have heard that F-Secure is also on-board with them.

The playing field is confusingly split, however. Some big security firms like Sophos are defending Microsoft and casually dismiss concerns by other security software vendors.  Russian security outfit Kaspersky has categorically stated that Microsoft has done absolutely nothing to make it difficult for third parties to develop security software on the Vista platform.

So what the heck is going on?  Well, the uproar is primarily over two things.  One is a feature called "Patch Guard" which locks the kernel (the core of the operating system) to prevent it from being modified.  From a security standpoint, this could be a very good thing providing no malware is developed that can break through and modify the kernel anyway.  If that happens the good guys will have some difficulty removing the virus from the kernel because Patch Guard will still be keeping every other piece of software, including them, out.

In any other situation, no piece of software should ever need to modify the kernel.  Due to that, and the fact that Microsoft unrealistically believes their Patch Guard to be virtually impenetrable, not even "good guys" will get the code they need to get past it.  Some security firms are fine with this because in their judgement the danger of a kernel breach is low and if (or when) it happens Microsoft can release a patch that corrects the issue.

In fact, Microsoft has regularly scheduled patches for all its currently-supported operating systems.  The fact that they need to release new patches every few weeks is frightening in itself, but with the Internet Explorer VML bug two weeks ago the regularly scheduled patch day played an even more dangerous role as Microsoft played down security concerns over the exploit and initially insisted there was no need to release a patch for the problem any sooner than the next scheduled patch date — more than two weeks away.

The flaw in the VML allowed a remote website to download and run spyware on the users' local machines, but only if the website being visited was serving the trojan up to visitors.  The exploit appeared on sites of ill-repute from day zero, but the black-hat cowboys behind the plot had a trick up their sleeve in the form of a cPanel exploit, allowing them access to sites on web servers running that particular software.  Very shortly there were over a thousand innocent sites whose operators had no idea they were infecting every IE visitor that browsed through.

Yet, Microsoft continued to play down the scope and severity of the problem.  They did eventually relent to outside pressure and release a patch for the IE bug prior to their regular update, but only after a week had passed.  ZERT, an independant group of engineers, released an unofficial patch for the problem much earlier in the crisis, but Microsoft counseled their customers not to use it.

Microsoft's track record on security is not good. Before this VML exploit there were many, many other examples of poor security response by Microsoft including their regularly scheduled habit of releasing new operating systems that are not, by most professional standards, ready to be released.

So there is certainly cause for concern, and McAfee, Symantec and others are not completely daffy.  On the other hand, there really is no immediate problem.  Patch Guard works.  In fact, it's not even new.  It has already been incorporated into the 64-bit version of Windows XP and Windows 2003.  That being the case begs the question, why is this suddenly an issue now?

To explore that let's take a look at the second of our two reasons these security firms are upset: The Vista Security Panel.  This feature has essentially the same purpose as the security center found in the control panel of Windows XP, but with some differences in functionality. The biggest difference, as far as Symantec, McAfee and the entire European Union are concerned, is the fact that third-party security software won't be able to turn it off.

According to Microsoft it can be turned off manually by the user (no information on how easy or difficult this is to do), but cannot be disabled by software.  There are legitimate security reasons to support the decision to do this, but at the same time this poses a bit of a problem for any security software vendor who want to use their own customized and branded security panel.  The computer will have two security panels running at all times and the average computer user could become confused and frustrated.

This is a major reason why the playing field is split.  Security vendors who specialize in direct-to-consumer products have an additional hurdle to overcome while companies focusing primarily on corporate and enterprise solutions, or security products that are just plain not-as-flashy are unaffected.

At its heart, this issue is about Microsoft using its muscle (as opposed to superior product offering) to squeeze itself deeper into the security software industry.  What's at stake is, all other concerns being unrealized as of yet, branding.

Personally, I find Symantec and McAfee's consumer products abhorrent.  They drain system resources and their pop-up messages are beyond annoying.  But the point remains that these companies represent recognizable brands; Brands whose sales are in-part driven by brand-reinforcement such as found throughout the products in question.

What does it all come down to?

Microsoft makes very flexible operating systems which also happen to be riddled with flaws.  C'est la vie.  They also use their operating systems to push other software vendors out of the market under the guise of offering users more features.  Internet Explorer, Unzip, Software Firewall and now these new features in Vista: It's obvious to anyone paying attention that third-party software products suffer serious blows when Microsoft adds new features to Windows.  The question to ask, though, is whether or not this is "wrong", and by wrong I mean bad for the consumer, Anti-Trust lawsuit kind of wrong.

My answer is, "yes".  The simple reason for this is that in many cases Microsoft's offerings are often inferior and they represent hurdles (which translate to time and money) for third-party vendors to overcome.

With regards to Symantec, McAfee and the rest of those criticizing Vista for the above reasons I would have to say their concerns are valid, but not cause for alarm.  Additionally, the "big stink" being made is likely fueled more by concern for their share of the security software market than by concern for average-joe computer user.  Having said that, keep in mind that they have as much of a right to defend their brand and market share as Microsoft has to diminish it.  More, in fact.

- one

Spread the Word These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Reddit
  • Netscape
  • NewsVine
  • co.mments
  • Technorati
  • Ma.gnolia
  • blogmarks
  • TailRank
  • Fark
  • StumbleUpon
  • del.icio.us

5 Comments »

  1. An interesting article for sure, however, there could also be another way to look at it. For sure the Symantec and McAfee camp have a right to defend their branding and market share, but they feel the need to do so by attacking Microsoft and making what amount to, false accusations.

    You rightly point out that they are well known name brands, which means that if their software is as good as they would clearly like to think it is, and IF Microsoft’s built in software is NOT as good, and not up to task, then they have little to worry about.

    If well known name brands have a right to defend their brand and market share then Microsoft have an equal right to improve their own brand (Although I use the term ‘improve’ loosely at this juncture!). There is nothing that says Microsoft MUST allow third party software agents to make their money by installing onto Windows.

    If Microsoft create an updated version of Windows, and people buy into it then all power to them. If third parties then have to adjust the way they do their business, business which relies on their abilities to install and function on Microsoft Windows, then they had better stop whining about changes and get with the program! No one is stopping them from aiming their software at Linux users!

    All of the companies whining about Vista have made their money by installing onto a Microsoft operating system. That DOES NOT give them the right to dictate how that OS will develop and what it can and cannot do. They are the parasites that exist because of Windows. Not the other way around.

    I understand your point that they have the right to defend themselves if Microsoft looks like diminishing their market shares, but they got those shares because of Microsoft in the first place, so rather than whining about their host, they should do what is needed to embrace the changes that it has made.

    Just as a final point - I use Ubuntu and I own a laptop with XP on it for work purposes only.

    Comment by Huw Janus — October 7, 2006 @ 2:17 pm

  2. Some day all this may not matter.

    Companies are starting to preinstall Desktop Linux.

    http://lxer.com/module/forums/t/23168/

    Comment by cyber_rigger — October 7, 2006 @ 3:29 pm

  3. Microsoft is doing much more than just “fixing some security bugs”. They are doing much more than “unfair bundling” to compete against competitors. Microsoft has now taken the technological leap to demand “total loyalty”, to expand it’s control over the desktop and laptop PC to the point of locking out ALL competitors, and even ALL software providers of third party software.

    The new technology being promoted by Microsoft make it impossible to install hardware drivers, system softare and libraries, and even 3rd party software, without being “approved” by Microsoft.

    In effect, Microsoft is defining Linux, Solaris, SCO Unix, FreeBSD, and VMWare to be a “Virus” and will have the ability to “lock out” all of these “viruses”. In effect, Microsoft will now have more control that it has ever had before, and more monopoly control than it had prior to the start of the antitrust trial in 1998.

    Comment by Rex Ballard — October 8, 2006 @ 4:04 pm

  4. > There is nothing that says Microsoft MUST allow > third party software agents to make their money > by installing onto Windows.

    Maybe not — but what about the user who has paid money to purchase the physical hardware?

    Does that person, the owner of the computer on which said software runs, get a say about whether or not they wish to purchase and install third-party software that alters the way Windows works? Or is that a matter only for Microsoft to decide by themselves?

    Comment by Mercury Merlin — October 8, 2006 @ 5:20 pm

  5. Students that want have high grades find a professional sociology essay writing service to order their good essay at. That actions I do as well.

    Comment by OdryPz21 — February 13, 2010 @ 11:09 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment
Calendar

October 2006
M T W T F S S
    Nov »
 1
2345678
9101112131415
16171819202122
23242526272829
3031