MS names ship date for free security suite Microsoft is launching its free security suite next week - the 23rd of June to be precise. It was going by the funky codename Morro, but is launching under the duller name of Microsoft Security Essentials. It replaces Windows OneCare - and yes we do know what that sounds like. Microsoft Security Essentials will be available …
Dumb.
One would think that the point of this whole package is to limit collateral damage caused by pirated and not secured Windows machines attached to Internet (i.e. zombies), but this does not seem to be the case.
Of course, users of these machines could have just installed recent service pack + some hotfixes and some free AV (there should be some left on the market) instead of getting package in question, but "every little helps".
"One would think that the point of this whole package is to limit collateral damage caused by pirated and not secured Windows machines attached to Internet (i.e. zombies), but this does not seem to be the case."
Why would one think that would be the point of it? Limiting collateral damage to the rest of the world (though if the rest of the legitimate world keeps their systems secure in the first place, all you're limiting is collateral between pirates, the opposite of what MS want) is all well and good, but what possible business sense is there in spending development time producing addon products for a product people illegally refused to pay for in the first place?
"Ah yes good day sir, I see you stole that car - Here's a voucher for a free advanced driving course and test, paid for by the manufacture, so you can joyride in safety." I dont think so.
These days I'm amazed there a computers out there without decent AV since it's so easy to get hold of top end AV gratis. All sorts of companies hand out free AV to their customers. From the obvious (such as ISPs) to the less obvious (banks) it's hard to believe that there is a PC owner out there who doesn't have access to top quality AV software for free. I have a choice of three different packages offered free by four different companies who I deal with.
As for the free AV packages out there (rather than getting hold of a free licence for a non-free package) I have to say I've tested them all and they are all pretty feeble when compared to the big commercial packages. You could say they are better than having no protection, but I'm not so sure they are. I've had to clean up a lot of malware that has strolled undetected through the likes of AVG and Avast and the problem there was that the end users were complacent because they assumed their free AV protected them. The less technically literate trust antivirus software because it says it blocks malware. Even the good stuff is only as good as it's last update, but I've come accross countless PCs that haven't updated for some time, usually because the EU has changed a setting somewhere. I even came across one EU who clicked "Ignore" on a warning that the AV was out of date and had been doing so for over a year.
I wait with baited breath to see if Morro is as good (hah!) as all those other free packages.
And as for OneCare it's not quite as funny as good old Wang Care, if you're old enough to remember that.
Mcafee: updates every day just when you start playing the game you like causing distress.
Symantec: Right-Click uninstall...lol yea right /lockdown computer activated /error flag on startup/shutdown.
Idc if M$ offered free AV with/without WGA i'd rather pay a little for a decent AV like Kaspersky.
Why the negative comments?
Yes, free Antivirus is available, and probably has better detection rates, less false positives etc. than this MS version, but isn't that always the way?
MS haven't released anything new in years, they just emulate something good and bring it to the masses in a half baked, bug ridden release... Once they iron out the bugs they can start charging people for it... Thinking about it, they should have released Vista in the same way.
Thats the world of MS...
Maybe Ubuntu should follow suit, and make an AV suite?
Oh hang on, there are NO viruses or exploits in Linux so its not necessary. :), or at least thats the opinion of every linux user on here that i've seen, but I'm rambling...
Chow.
It's for the millions of unprotected computers.
Would they be the ones running windows os's to start with,
All the way back, prior to 95,98,ME,2000,XP,Vista and to come Win7, patch,patch,patch,service pack,patch,patch,patch, service pack.
Perhaps if M$ ditched their current architecture,and started using something secure to start with.................
If the other OSes are not that secure relative to Windoze, i.e. Linux. Why hasn't someone (M$) assembled some code ninjas and launched an attack on Linux systems to kill FOSS? It's not like they haven't used under handed tactics in the past to quell an upstart competitor.
Damn... what did I just do?
Because Linux is not and never will be a threat. And do you think Microsoft has the time to spend on searching through badly-commented speghetti code and stepping through an unbelievable number of dependancies to find something to be exploited when they could just continue to sell a usable product.
Okay, let me see if I get this right...
Microsoft has buggy products full of security vulnerabilities. Suddenly MS is on the security scene announcing it has a security product which will protect users from the security flaws in Microsoft's other products.
Thus we should all go with Microsoft's free product and dump the people who really know security. How is this a good idea?
I'm sure it's worth every penny. The old-timers among us undoubtedly remember that this isn't the first time Microsoft is trying to distribute a free AV product with their OS. (MSAV, anyone?) Perhaps they'll get it right on the sixth or seventh time... Nahh, what am I thinking.
More fun stuff about this thing. Take a look at the quality of its Web page on Microsoft's site:
http://www.microsoft.com/security_essentials
Undoubtedly, representative of the quality of the product itself...
Also, according to my sources, in order to update itself regularly, it will FORCE Windows Update in fully automatic mode. So, if you prefer to know what WU wants to push on you and decide for yourself whether you want it or not, you'll have to use a different AV product...
<will be available for users in Brazil, Israel and the US initially>
Great! My licence for F-Prot runs out 24-06-09 & I live in the UK! So it's AVG for me then!
Why has it taken M$ so long to realize their buggy O/S's NEEDS built-in AV?
Oh, no Sir, you need ANOTHER multi-megabyte add-on, so we can slow your PC to 386 speed & force you to up-grade your (perfectly working HW), again!
{Bloke across the road still uses his '60's Ford!}
True, piracy causes real loss of money for Microsoft. They have means to fight it and it is not my fight. In short : I do not care.
What I care about is over 100 spam messages I'm receiving, every day. Sent by army of unsecured zombies. I would really, really like Microsoft to take steps to reduce this army.
Why is everybody talking so negative about free product? If this would be released by Apple, all of you would pay $19.99 for "free" upgrade.
The only thing MS is offering is free product you can but don't have to use. as Bronek said, If this helps to reduce spam by 1% then I'm happy as well. Yes there is AVG, AVAST, .... this is just another product and Microsoft is actually not releasing more advanced version for $$$ like other companies do.
also, please stop using M$, this is so not original and you just show how unprofessional you are. There are tons of other sites where you can talk like that, Let's keep Register on the professional level.
All four of my desktops had legit XP installs, yet *all* have failed GA validation at some point or another, and numerous calls to MS didn't solve the problem, meaning I had to use 'other methods' to get them working again.
Does anyone really trust an MS security product anyway?
Malware often spreads because of users not the OS they use. One of my biggest bugbears as a support technician is the fact that users routinely make their OS (and other software) less secure. People switch off security functionality in order to make life easier. Hell even support technicians do it. I've lost count of the number of instances I've come across where the helpdesk have made a user a local administrator or given root privilege to make particular piece of software function correctly rather than finding out what permissions need changing.
Many users won't go to a supposedly more secure OS than Windows because security does not sit well with use friendliness. The most common complaint I've heard about Vista is nothing to do with the things talked about in the technical world, like performance and driver compatibility, and everything to do with security. The average end user hates being asked to click continue in when some software wants to perform an administrative task. Can you imagine the reaction of these idiots if they were asked to provide a root password every time they needed to do something like that? I regularly have to explain to EUs of Linux that certain features are there for their own protection, not to make their life difficult.
And as for OpenBSD's claims of security. It's easy to talk about the number of remote vulnerabilities DISCOVERED in your software when hardly anybody is trying to find them. The black hats spend their time looking for vulnerabilities they can exploit in popular software, which is probably why the rate of discovery in Linux software is so much higher than it was a few years ago. Look at apps that run on Windows rather than Windows itself. Is Adobe Acrobat inherently less secure that it was a few years ago? Or is it that people are spending time looking for vulnerabilities in it now that a few have been found?
No matter how secure MS made Windows it would suffer from two security problems; firstly the users who want everything to be easy and would therefore switch off every security feature; and secondly the fact that the black hats will always look to attack the most popular OS because that's the only way to get returns. After all since OpenBSD sits in 55th place in free OS popularity according to distrowatch that would put it behind Windows, Mac, umpteen flavours of Unix plus 54 other free distros. What percentage of market share do you suppose that gives it? No wonder then that people don't discover vulnerabilities in it. Nobody is looking.
I'm no Microsoft fan. My preferred OS is Debian (although I did used to like Macs when I could afford them) and most of my work these days is done on Cisco kit, but I get bored of listening to anti-MS arguments that have been formed without the most rudimentary of thought.
<QUOTE> Flame
It is pretty simple really... Windows is attacked more because it is the most widely used OS in the world. Why would hackers/pirates/etc. bother creating exploits for an OS that a very small majority of people use?
Sorry if this makes too much sense... </QUOTE>
This is simplistic. Apart from desktop, a huge number of Linux & BSD systems provide web and database services. The Internet is not run on windows. Then there are the large number of embedded linuxes on devices eg routers, DSL modems etc. If " hackers/pirates/etc" wanted to write exploits for this OS they have plenty of targets. Linux is targetted, especially through web service languages like PHP.
What is vastly different between Linux (&BSD) & windows is the security models. In Windows OSes it is easy to write self-replicating code which can infect whole networks. This is very difficult in any Linux or BSD environment - because of the security models, NOT because of popularity. PS: in the 'hacker' world, there would be a lot of kudos for writing effective self-replicating Linux code - ie a virus or worm. Hasn't happened yet (aside from a few poor attempts).
'There are tons of other sites where you can talk like that, Let's keep Register on the professional level.'
Have you just started reading the comments section, Jimbo lad? Brace yourself for disillusionment - and the manfrommars.
Mines t'one with 'I welcome our new priggish overlord' on the back, and Paris because ...
So how long before MS suddenly put this new product onto Windows Update as a critical install? If MS want to give Anti-Virus away to compete with things like AVG free then that's fine, if anyone is mad enough to think a 140MB download is worth it, but the minute they start using Automatic update as a way to push it out to customers without them even knowing it I expect the lawyers will start rubbing their hands in glee.
>> What is vastly different between Linux (&BSD) & windows is the security models.
I believe what is vastly different is that windows is an all-inclusive statement. Linux community never compares linux to "Windows Server xxx"). Only... windows. Well, golly gee, you are comparing linux - used PRIMARILY in server environments to XP, Vista, 98, etc. (cause, well, as a workstation it's a POS. Period.) Whine... But.... But... OpenOffice!... Cry. but... but... Flash!
Shut. up. Don't have time to search the world over for an application or applet that already exists for a windows machine Walk into Best Buy to purchase an application for Linux.... pathetic.
Security? As a penetration tester, it's fairly irrelevant. Sure - "PROPERLY secured" Linux boxes take a bit *longer* to hack... in *SOME* instances compared to a "PROPERLY secured" Windows SERVER, but does that make them more secure? I think not... if money is involved, then a few extra days of hacking is a toss. Or, by more secure, were you trying to say that it is unhackable?
haha. hehe.... harharhaha. giggle.
"Malware often spreads because of users not the OS they use."
Ah, rudimentary thinking right there. So it's not really about the OS after all, is it?
Before you answer that, take a moment to chew on the fact that UNIX, and all our *NIX derived friends, were all designed from the very start, from top to bottom, to be multi-user, with separation between user and system. These systems are inherently more (I said more, note that too) secure than any Windows created by Microsoft, as they designed their system to be single-user, from the start, throughout the entire system. Anything they have started since XP and then pushed through more with Vista, and now shoved it further into 7 with some minor 'usability' tweaks, is all afterthought. "Hmm, people are having problems.. guess we need to fix that thing they call an 'issue' some time." it echoes in the boardroom after a long late lunch. Forget about educating the users too, manuals are so passé, right?. Too little, too late guys.
Be realistic about it. Microsoft's lack of vision in the security department still causes endless streams of drama all over the planet, in every home, in every business. Sorry, but that's a cold hard fact. Yes you can secure Windows to a degree, but that's a whole other can of worms right there mate, and you know damn well as I do that it ends in the same answer. Afterthought! after all we're all the user needs right?.
Call me a basher, but I grew up with this crap. I use Microsoft products every day for a good 15 years now, and I sure as hell don't need any glasses to see what's going on here.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
