Vista and Security

Regarding Windows Vista am i right to believe that Microsoft are taking full control of the security of this system and other vendors software e.g nod32 and the rest wont run properly on the system ?

I would have to say no to that one.Even if microsoft wanted to employ this they wouldnt get away with it monopoly and all that

And then of course theres Avast that states it works with it now http://www.avast.com/eng/avast-antiv...ows-vista.html

[dilli-theclaw]

Quote:

Originally Posted by zinglebarb

I would have to say no to that one.Even if microsoft wanted to employ this they wouldnt get away with it monopoly and all that

And then of course theres Avast that states it works with it now http://www.avast.com/eng/avast-antiv...ows-vista.html

Now that I downloaded the latest version I am using avast with vista. Oh and the vista narrator is much better than xp

Quote:

The award-winning avast! antivirus product line was recently updated to accommodate these enhacements and provide Windows Vista users with maximum security against all kinds of malware.

Thats a bit of a cop-out - I was expecting a bit more of a technical answer to that one...

most people wouldnt understand it so why should they post it?

Its just that i was reading an article were the firms were complaining that they werent being allowed to see the code. http://news.zdnet.co.uk/software/win...9283471,00.htm

[Graham M]

1. Dont beleive everything you read on ZDNet
2. You're reading it wrong, the software makers want to replace the security centre, not the security components.

[Gareth]

Haven't read the article linked above, but I'm assuming this is to do with McAfee and Symantec complaining at not having access to the kernel in Vista, as per the FT advert...?

If so, it's an interesting debate... McAfee's and Symantec's products work differently to those from other AV vendors, e.g. Sophos, Nod32, etc... McAfee and Symantec need more direct access to the kernel (I believe they both do kernel-mode scanning), which is what MS are allegedly disabling in Vista.

I can see Microsoft's argument - restrict access to the kernel and you'll mitigate virtually all of the recent exploits that have hit XP, 2003, 2000, etc... However, I can also see Symantec/McAfee's argument in that the kernel won't stay un-hackable for long, and once it gets pwned it will bring down 97% of the world's desktops.

Unfortunately, MS can't win in this situation. If they didn't use PatchGuard then they'd be criticised for not having such protection in Vista, yet when they do implement it, they still get criticised.

I'm partly wondering if this is just a case of the 2 AV vendors suffering from "sour grapes syndrome"... they've successfully built their businesses for many years on products which exploited flaws in Windows, and now that MS is attempting to fix these flaws, they're no longer able to use their products to generate income in the same way.

There's an interesting article here [betanews.com] which gives the response from Sophos to the Symantec/McAfee complaints.

Quote:

Originally Posted by Sophos Spokesperson via Betanews

Conceivably, if Sophos wanted to provide a "total security solution," given this new set of circumstances, wouldn't it need to understand some of PatchGuard's secrets? Surprisingly, O'Brien told us no. "At this point in time, Sophos does not see the need to be able to access the kernel within the Microsoft operating system," he said.

"If there is a point in time where the kernel becomes the subject of malware being written specifically to it, then I would expect that we would go back to Microsoft and tell them we need to be able to access the kernel. But at this point, it doesn't appear to be necessary."

so 97 % of the worlds desktops are going to be running vista? somehow I dont think this will be the case full stop. This isnt going to happen ever . And seeing as older versions of windows can be scanned at the kernel level I cant see this being a problem
Im going with the sour grapes theory

[Gareth]

But it is going to happen... MS have confirmed that PatchGuard will be implemented in Vista to protect the kernel. Unless the EU step in and prevent it - which I hope doesn't happen, as it's not really necessary - then Vista will ship with PatchGuard enabled by default. The only reason I could imagine the EU intervening would be if MS blocked access to all AV vendors but allowed their AV product to access the kernel - then there'd be cause for concern and a case for the EU to act accordingly.

As for the 97% figure quoted by McAfee's CEO in yesterday's FT, well that's the supposed amount running a flavour of Windows at the moment, and as XP gets sunsetted, it'll only be a matter of time before all those users have upgraded to Vista. Not sure what the %age of Win98 users compared to XP users is, but I don't know anyone still running 98 any more.

no way imo XP has a long term of running left in it years I believe.They have not long dropped support of win98 some 7 years and 2 operating systems later theres still a lot of pcs that will be used for years to come that simply will not run Vista.The AV companies are imo over projecting the take up of Vista. I would say 30 / 50 % of all pcs running globally do not run xp and remember that 89 % of all statistics are made up to support an arguement

[Gareth]

Quote:

Originally Posted by zinglebarb

no way imo XP has a long term of running left in it years I believe.They have not long dropped support of win98 some 7 years and 2 operating systems later theres still a lot of pcs that will be used for years to come that simply will not run Vista.The AV companies are imo over projecting the take up of Vista.

I guess this will all depend on how long it takes MS to release Vienna. When Vista and Vienna are both out, XP won't be supported any more. XP was released 5 years ago (minus a few weeks) so judging by their past record, maybe there's not that much life left in the old dog after all

Quote:

Originally Posted by zinglebarb

I would say 30 / 50 % of all pcs running globally do not run xp and remember that 89 % of all statistics are made up to support an arguement

Not sure what the market penetration of XP is... might see what stats I can come up with, but it is almost home time, so might not

As for stats being made up, this was posted in the FT yesterday, so I'd hope the CEO of McAfee did a bit of research before opening his mouth

ps - just read the original article over at ZDnet... it's not the same thing I was referring to.... I'm on about this one - http://ca.today.reuters.com/news/new...OFT-EU-COL.XML [reuters.com]

Quote:

Originally Posted by Gareth

... they've successfully built their businesses for many years on products which exploited flaws in Windows, and now that MS is attempting to fix these flaws, they're no longer able to use their products to generate income in the same way.

Absolutely - well said Gareth!

There was a feature on the BBC tec page about the security issue yesterday. See here:- http://news.bbc.co.uk/1/hi/technology/5399534.stm

[AntiSilence]

Lets face it, if MS managed to include something that stopped nasties 100% no questions, the EU would moan about it being a monopoly and make them take it out. They can't really win.