Linked by Thom Holwerda on Tue 6th Feb 2007 16:34 UTC, submitted by Governa
Windows Security tools that work with Windows Vista have failed tests to see if they can detect viruses circulating online. Microsoft's Windows Live OneCare security tool was one of four products that failed independent tests carried out by the Virus Bulletin. The security testing group found that Live OneCare missed far more active viruses than any other program tested.
Order by: Score:
RE
by Kroc on Tue 6th Feb 2007 16:49 UTC
Kroc
Member since:
2005-11-10

Are they going to sell a fix for the fix for the inherent problem with Windows?

Reply Score: 2

...
by tspears on Tue 6th Feb 2007 16:51 UTC
tspears
Member since:
2006-05-22

I bet no one saw this coming

Reply Score: 1

Not a Vista fan...
by brewmastre on Tue 6th Feb 2007 17:05 UTC
brewmastre
Member since:
2006-08-01

But honestly, I hoped that things would have turned out better than they have so far. I use Linux as OS of choice, but it gets downright depressing to here how MS just can't seem to put out an OS that doesn't suck. And I will be the first to admit that i think Vista looks nice and is a big improvement in a lot of ways, but when you have critical things like this popping up all of the time, it doesn't matter how nice the OS looks or acts. Vista is like a hot girl with a highly contagious disease that she doesn't tell you about until after you've gone to bed.

Reply Score: 5

RE: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 17:07 UTC in reply to "Not a Vista fan..."
CPUGuy Member since:
2005-07-06

How is it critical that an add-on virus scanner doesn't work well?

Reply Score: 2

RE[2]: Not a Vista fan...
by brewmastre on Tue 6th Feb 2007 17:12 UTC in reply to "RE: Not a Vista fan..."
brewmastre Member since:
2006-08-01

"How is it critical that an add-on virus scanner doesn't work well?"

Its critical that Vista has Malware being written for it faster than Anti-malware can be written...that actually works. I consider that to be very critical.

Reply Score: 5

RE[3]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 17:26 UTC in reply to "RE[2]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

And how exactly did you come to that conclusion?

A virus is still a virus whether it's on XP or Vista. UAC and running as standard user does limit what these viruses can do, but that can't stop people from writing viruses.

*Nix is no less vulnerable than Windows is.


Also, Live OneCare (the worst according to this groups test) caught 99.1% of everything thrown at it.

Edited 2007-02-06 17:31

Reply Score: 3

RE[4]: Not a Vista fan...
by Duffman on Tue 6th Feb 2007 18:00 UTC in reply to "RE[3]: Not a Vista fan..."
Duffman Member since:
2005-11-23

*Nix is no less vulnerable than Windows is.

Mwahahahahaahahahahahahah. Yeah we saw that.
On Unix, during the last 20 years we got almost ... 30 virus (thanks linux...) while windows gets more than 140 000 virus during the same time.

http://en.wikipedia.org/wiki/Computer_virus

Reply Score: 2

RE[5]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 20:34 UTC in reply to "RE[4]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

All a virus does is exploit the rights given to the user. If a user is running as a standard account, then the malware is limited to what that standard account can do (including deleteing files in their own user directory, and change a few settings here and there).

This is no different on Unix. The number of viruses is completely irrelevant.

Reply Score: 2

RE[4]: Not a Vista fan...
by velko on Tue 6th Feb 2007 19:19 UTC in reply to "RE[3]: Not a Vista fan..."
velko Member since:
2006-06-19

Also, Live OneCare (the worst according to this groups test) caught 99.1% of everything thrown at it.

Wow! That's pretty big!

Now double, tripple and quadruple the test sample size and you'll see how the result is approaching 100% with the same old boring 37 not detected malware programs ;-)

Reply Score: 1

RE[5]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 20:35 UTC in reply to "RE[4]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

And what exactly is your point?

Reply Score: 1

RE[4]: Not a Vista fan...
by dylansmrjones on Tue 6th Feb 2007 20:37 UTC in reply to "RE[3]: Not a Vista fan..."
dylansmrjones Member since:
2005-10-02

So 9 out of 1000 gets through. That's horrible. It's at least 9 times higher than the highest tolerable failure rate (1/1000). Come again when the break-through rate is 1/10.000 viruses.

Reply Score: 2

RE[3]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 17:29 UTC in reply to "RE[2]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

Also, this article says nothing about what the malware is able to do, if anything at all, or what exactly got through the virus scanners (other than just saying that 37 viruses got through).

You are drawing a conclusion from something that has no basis for said conclusion... I doubt you even read the article.

Reply Score: 2

RE: Not a Vista fan...
by MollyC on Tue 6th Feb 2007 17:22 UTC in reply to "Not a Vista fan..."
MollyC Member since:
2006-07-04

According to the article, "Live OneCare caught 99.91% of the known active viruses it was tested against. This left it vulnerable to 37 separate malicious programs." And that was the *worst* result. A 99.91% success rate isn't exactly horrible.

The article also has quotes from the MS and the other vendors saying that they'll look at the results and make improvements. I don't know anything about malware protection, but it seems to boil down to comparing files on the computer against signatures, and that you try to detect as much malware as you can while limiting the false positives. This may be just a case of tweaking the threshold of the respective algorithms, such that all malware would be detected, but maybe you'd get more false positives.

I'd be interested in seeing the results on XP. I'd think that if these malware detectors use the same malware detection algorithms on XP as they do on Vista, then you'd get the same results. Which would mean that this is not a Vista issue at all, and that this article is just another Vista hit-piece. But that's just speculation until I actually see some XP results.

Reply Score: 2

RE[2]: Not a Vista fan...
by archiesteel on Tue 6th Feb 2007 17:24 UTC in reply to "RE: Not a Vista fan..."
archiesteel Member since:
2005-07-02

I don't know anything about malware protection

...and yet you felt compelled to jump to Vista's defense on this very subject...

Reply Score: 5

RE[2]: Not a Vista fan...
by audunn on Tue 6th Feb 2007 17:28 UTC in reply to "RE: Not a Vista fan..."
audunn Member since:
2006-04-06

37 malicious programs sounds too many for me.
While 99.91% sounds not too bad, take into consideration the thousands of active windows viruses and it turns out to be not good.

Reply Score: 2

RE[3]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 17:30 UTC in reply to "RE[2]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

But what is this malware actually able to do? What malware is it? Is it one basic virus with a bunch of different variations?

This article has very little substance.

Reply Score: 1

RE[4]: Not a Vista fan...
by brewmastre on Tue 6th Feb 2007 17:42 UTC in reply to "RE[3]: Not a Vista fan..."
brewmastre Member since:
2006-08-01

I don't disagree with you that the article doesn't really say a lot. What I do disagree with is the fact that if Vista were as secure as MS has been claiming that such 'Add-ons' wouldn't be necessary. Do you know how many Viruses I've had on my Mac's in the last 14 years? 0. My Linux boxes in the last 7 years? 0

Reply Score: 2

RE[5]: Not a Vista fan...
by CPUGuy on Tue 6th Feb 2007 17:52 UTC in reply to "RE[4]: Not a Vista fan..."
CPUGuy Member since:
2005-07-06

Do you know how many viruses I have found on my Windows computer in 14 years? 0.

These things aren't necessary especially if you have good computing practices.

Once again, what exactly are these viruses able to do? Just because they can get on the system (a matter of opening the file that contains it) doesn't mean they can do much of anything, if anything at all.

Reply Score: 2

RE[6]: Not a Vista fan...
by brewmastre on Tue 6th Feb 2007 18:03 UTC in reply to "RE[5]: Not a Vista fan..."
brewmastre Member since:
2006-08-01

Oh come on! Almost nobody writes a virus that doesn't do anything. Besides, what you saying is that its OK as long as the virus doesn't cause harm to your computer. Thats like saying thats its OK that burglars can break into my house, as long as they don't take anything.

Reply Score: 1

RE[7]: Not a Vista fan...
by pr0c on Tue 6th Feb 2007 19:08 UTC in reply to "RE[6]: Not a Vista fan..."
pr0c Member since:
2005-07-06

He didn't say that a virus was written to do "nothing", he is questioning if they were able to do anything.

And no it isn't like saying it is ok that a burglar can break into your house; it is like saying, if you have a friend over who brings his friend with him that happens to be a burglar but doesn't take anything, that is ok. Not that I agree with that idea but it fits better...

Reply Score: 1

RE[7]: Not a Vista fan...
by Rayz on Tue 6th Feb 2007 19:19 UTC in reply to "RE[6]: Not a Vista fan..."
Rayz Member since:
2006-06-24

It's not actually burglars breaking into your house really though is it? If catching a virus was anything like burglary, then that would mean that viruses would actually infect your machine when it was turned off and your were out of your den for a few hours.

No, a virus-type burglary would look like this.

Someone who you don't expect, knocks on your door. They say they're a friend, and you see no reason to doubt him, even though you have never met him. He then tells you that if you let him in, give him a room for a few nights in the same room where you keep the safe, and a nice strong cup of tea, he will show you the really s**t hot porn stash he has in his rucksack. That seems like a really fair deal to you, so you let him in ...

That is how viruses get in; by folk just running anything that knocks on their door.

Now by my rather bad maths estimating, a 0.09% miss rate and 37 viruses not found, means that they must have managed to detect round 40,000 viruses(?), which isn't bad going in my book ... but it isn't good enough. So let's look at the actual testing.

But we can't yet, because we have no details of when it was run, what versions of the packages were used in the test and anything about the testing methodology used.

But if we give them the benefit of the doubt, we still have 37 viruses that weren't picked up. Is this a problem? Well, to do anything harmful to the system, the user still has to run the virus, and along the way, they will be warned by the UAC that this program is trying to gain restricted access to their system. At this point, common sense should tell them, that there is no good reason why 'goodporn.exe' needs admin rights to your machine; but then common sense should have told them not to let that dodgy looking bloke with the bag full of skin mags, anywhere near the safe either ...

Reply Score: 2

RE[3]: Not a Vista fan...
by MollyC on Tue 6th Feb 2007 20:47 UTC in reply to "RE[2]: Not a Vista fan..."
MollyC Member since:
2006-07-04

Of course 37 is "too many". 1 is "too many".

But I was responding to the tone of the guy who wrote that this article is evidence that "Microsoft just can't seem to write an OS that doesn't suck", and went on to compare Vista to a "hot girl" with a "contagious disease". I assume he wrote that before reading the article and seeing the actual statistics therein. If you read his post without reading the article, you'd get the idea that malware was getting through right and left. I thought it would be nice to bring the actual stats into this discussion before more posts like that were made.

99.91% isn't evidence that Vista "sucks". And you know what? A 100% detection rate does not indicate that Vista is great. This test is about security programs, not Vista. (That didn't stop people from modding the post in question to a 5.)

I want to see evidence that this is a "Vista" issue. Would you get the same results on XP? Would you get the same results on Linux or OSX, if you put the malware files on the harddrive of a computer running those OSes and then used the same malware-detection algorithms to try to detect the files?


A few years ago there was a piece of Mac OSX malware that was a trojan masquerading as a pirated copy of Mac Word 2004.
(You can read about it here http://www.macnewsworld.com/story/33790.html and in many other links that are turned up via Google (or your favorite search engine.)) You could get it by downloading it from the warez sites it was on, receiving it in email, etc (i.e. it's not a self-propgating virus). Supposedly, it looks like a Mac Word 2004 installer, but when you launch it, it erases the files in your home folder. Now, ideally, if you ran this "installer", then the security software you were running would detect it and block it from doing damage (not that Mac users run security software; I admit that I don't on my Mac (which may be foolish), while I'd be loathe to run my XP machine without security software). Now, if the security software was unable to detect this trojan, is that evidence that Mac OSX "sucks" or that the simply that the security software was not able to detect it?

Unfortunately, this thread continued down the road of assuming that this test was about Vista rather than these security programs, thus deraling the thread into yet another "my OS is better than yours" pissing contest.

Reply Score: 3

RE[4]: Not a Vista fan...
by cyclops on Wed 7th Feb 2007 12:15 UTC in reply to "RE[3]: Not a Vista fan..."
cyclops Member since:
2006-03-12

"I want to see evidence that this is a "Vista" issue. Would you get the same results on XP? Would you get the same results on Linux or OSX, if you put the malware files on the harddrive of a computer running those OSes and then used the same malware-detection algorithms to try to detect the files?

(Cut out MAC drivel)


Unfortunately, this thread continued down the road of assuming that this test was about Vista rather than these security programs, thus deraling the thread into yet another "my OS is better than yours" pissing contest."

@MollyC OneCare is a new product *launched* with Vista...and its not as good as its competitors. This does not bode well.

I'd love to see the results of these Virus' working on OS X and Linux. I for many years have been disappointed by the lack of cross-platform virus'. The FSF has put creating more Virus' for GNU a top priority.

Richard Stallman was heard to comment "I will not compromise. I am deleting and corrupting my own files. We intend to liberate this area of computing as soon as possible"

Its not a "pissing contest"(euhhhh). Microsoft got battered; 140,000 vs 37, and thats without the spyware built into the OS, or any of the other malware that plagues Microsoft like DRM.

Edited 2007-02-07 12:16

Reply Score: 2

RE[2]: Not a Vista fan...
by linux-it on Tue 6th Feb 2007 18:22 UTC in reply to "RE: Not a Vista fan..."
linux-it Member since:
2006-07-13

well, with virus scanning and malware detection, there is no such thing as 99.91% being "not exactly horrible".

Problem here is that even a single non-detected piece of code can and probably will cause havoc.

So, 99.91% may seem a high value but in real life, you would end up dead because you've just encountered one of the 37 most deadliest viruses....

It boils down to one thing -- they don't even grasp their own products that well to prevent damages and that's pretty scary.

Reply Score: 2

RE[3]: Not a Vista fan...
by tomcat on Tue 6th Feb 2007 20:26 UTC in reply to "RE[2]: Not a Vista fan..."
tomcat Member since:
2006-01-06

So, 99.91% may seem a high value but in real life, you would end up dead because you've just encountered one of the 37 most deadliest viruses....

So what. An airliner could crash into your house at any time and, yet, for some reason its vulnerability doesn't render your house unusable or unsatisfactory. Point is ... there's no such thing as absolute safety or security. Holding out for such ridiculously high standards is an exercise for morons.

Reply Score: 2

RE[2]: Not a Vista fan...
by dylansmrjones on Tue 6th Feb 2007 20:36 UTC in reply to "RE: Not a Vista fan..."
dylansmrjones Member since:
2005-10-02

Actually a 99.1% success rate is a major fiasko. This means 0.9% are getting through which is truely horrible.

What matters is not what gets caught, but what slips through.

The successrate should be in the range >99.9%. Anything lower is embarrasing and a prove of poor development(resources) or poor use of that/those.

Reply Score: 2

RE[3]: Not a Vista fan...
by MollyC on Tue 6th Feb 2007 20:52 UTC in reply to "RE[2]: Not a Vista fan..."
MollyC Member since:
2006-07-04

"Actually a 99.1% success rate is a major fiasko. This means 0.9% are getting through which is truely horrible.

What matters is not what gets caught, but what slips through.

The successrate should be in the range >99.9%. Anything lower is embarrasing and a prove of poor development(resources) or poor use of that/those."


------------

Just to correct you, the success rate was 99.91% (not the 99.1% that's getting thrown around here), which is in the range that you, yourself, consider acceptable. And again, that was the *worst* rate, and again, has nothing to do with the OS in question.

Reply Score: 3

RE[4]: Not a Vista fan...
by dylansmrjones on Tue 6th Feb 2007 22:31 UTC in reply to "RE[3]: Not a Vista fan..."
dylansmrjones Member since:
2005-10-02

99,91 is just slightly better than the lowest acceptable success rate (1/1000)- There is still much room for improvement.

However, it has everything to do with the OS in question, since the amount of viruses for Windows is several thousand times larger than any other platform. We can not afford as much as a single failure.

Reply Score: 2

RE[5]: Not a Vista fan...
by MollyC on Wed 7th Feb 2007 07:51 UTC in reply to "RE[4]: Not a Vista fan..."
MollyC Member since:
2006-07-04

Wow, you couldn't just admit that you were mistaken when you ranted about the 99.1% figure, and then thank me for correcting you so as to save you from ranting further based on false stats? Are internet egos so fragile that people need to defend each and everything that they say even when shown that they were speaking based on incorrect info?

The fact is, Live One Care is within the range *you* put forward for acceptibility. End of story (as far as your rant is concerned). *You* put that range forward, nobody else. (Though, I suspect that if you knew that the real success rate was 99.91%, you'd have ranted about how horrible that was, and that the minimum acceptible success rate would be 99.991%, no?)

As for there being room for improvement, nobody denies that. Microsoft says they will take steps to improve, and McAfee claims (or implies, at least) that their latest update would catch 100%. Given that the vendors are going for 100% detection rates, what exactly was the point of your rant to begin with? That improvements should be made? Duh!

Reply Score: 1

RE[6]: Not a Vista fan...
by cyclops on Wed 7th Feb 2007 12:26 UTC in reply to "RE[5]: Not a Vista fan..."
cyclops Member since:
2006-03-12

"As for there being room for improvement, nobody denies that. Microsoft says they will take steps to improve"

I actually say its a disgrace, Microsoft have taken steps to deliberately put other competing companies at a disadvantage using their Monopoly status...and Microsoft is not as good as the competition.

Reply Score: 2

Go Linux!
by stestagg on Tue 6th Feb 2007 17:42 UTC
stestagg
Member since:
2006-06-03

From a Linux advocate's (not mine!) POV, this is great news. Joe user might not see this story, but if they do, they're just going to equate Vista with letting in viruses.

Whatever the reality, the more times people see Virus and Windows Vista in the same article (Especially one from the beeb), public confidence in Vista is going to fall.

Reply Score: 2

haha
by SK8T on Tue 6th Feb 2007 17:52 UTC
SK8T
Member since:
2006-06-01

as bill said, "you shouldn't try to hack windows"
now we know why: it's boring easy! xD

okay just the funny side of itů

but 6 years of development didn't make windows secure. I think Vista is not more secure than XP. XP is "proofen" and pachted a lot of times.

Reply Score: 1

ctl_alt_del
Member since:
2006-05-14

Well, according to the Virus Bulletin's website, http://www.virusbtn.com/ , it appears that they use the current "in the wild" virus list from http://www.wildlist.org/ for the basis of this test. Unfortunately 4 of the 15 products tested, failed to detect 100% of the "bad guys" on the wild list. I don't care what OS you're running this is not a very acceptable result. Close doesn't count, this isn't horseshoes. I hope all the products that failed get fixed *soon*. In the meantime, I'd suggest using a product that works 100% of the time and currently that doesn't include Microsoft OneCare.

Reply Score: 2

PlatformAgnostic
Member since:
2006-01-02

I personally think that the only kind of thing currently called "malware" that should count against an OS's security are worms or other files that take advantage of coding or design flaws in the OS to get on the machine. For example, if I can get a program through the simple act of visiting a webpage without confirming it on my machine, then that's bad.

On the other hand, so much of what these people seem to call viruses are more likely instances of the "dancing pigs" problem, wherein a user is tricked into installing bad code through some incentive (like seeing Britney Spears' naked body). I don't think an OS can put up with this, and I suspect that this sort of virus makes up the 37 that got through. If the user actively tries to install a program, what is the OS really to do in order to stop them?

Reply Score: 3

MS just doesn't get it
by TechGeek on Tue 6th Feb 2007 21:29 UTC
TechGeek
Member since:
2006-01-14

MS still doesnt get it. And I guess the pro MS crowd here doesn't either. It doesn't matter how stupid the user is or how many virus there are in the world. What matters is how MS designs its OS. When your main and only user account is the administrator you are gonna get screwed. That is still the case in Vista. Even with the pop-up warnings, its a problem. Pop-ups will just be ignored. Then there are things like the mail program having write access to system files. (although I think this may have been fixed) MS uses stupid design decisions and this is why Windows will always be less secure than OS X and Linux. 99.91 percent isnt too bad, unless that .09 % is the code red virus and then your f**ked.

Reply Score: 0

RE: MS just doesn't get it
by stare on Wed 7th Feb 2007 00:40 UTC in reply to "MS just doesn't get it"
stare Member since:
2005-07-06

When your main and only user account is the administrator you are gonna get screwed. That is still the case in Vista.

When your main and only account is root you are gonna get screwed. That is still the case in Linux. Whats your point? In Vista administrator account is disabled by default and all users - including administrators - run in a limited user account.

Even with the pop-up warnings, its a problem. Pop-ups will just be ignored.

Really? Try to ignore popup like that:
http://windowsvistablog.com/photos/blog_photo_gallery/images/481734...

MS uses stupid design decisions and this is why Windows will always be less secure than OS X and Linux

What exact "stupid design decisions" MS uses in Vista, and how they make Windows "less secure"?

Reply Score: 3

RE[2]: MS just doesn't get it
by hal2k1 on Wed 7th Feb 2007 01:36 UTC in reply to "RE: MS just doesn't get it"
hal2k1 Member since:
2005-11-11

//What exact "stupid design decisions" MS uses in Vista//

Design decision = binary backward compatibility with executables for XP/2000/NT/98/95.

That design decision also means binary backward compatibility with literally hundreds of thousands of active malware & viruses out there.

That is just asking for trouble.

Reply Score: 2

RE[3]: MS just doesn't get it
by MollyC on Wed 7th Feb 2007 07:40 UTC in reply to "RE[2]: MS just doesn't get it"
MollyC Member since:
2006-07-04

You honestly advocate that Microsoft make Vista so that it doesn't run any XP/2000/NT/9x apps?
Good grief.

Reply Score: 2

RE[4]: MS just doesn't get it
by cyclops on Wed 7th Feb 2007 12:22 UTC in reply to "RE[3]: MS just doesn't get it"
cyclops Member since:
2006-03-12

"You honestly advocate that Microsoft make Vista so that it doesn't run any XP/2000/NT/9x apps?
Good grief."

I am. Lets see whats a new technology, having functionality built into chips, all the cool OS's are doing in now begins with V

Reply Score: 2

Favorite quote of the article.
by cyclops on Wed 7th Feb 2007 12:40 UTC
cyclops
Member since:
2006-03-12

@MollyC for you

""Although many improvements have been made, Vista cannot fend off today's malware without help from security products,"

From the horses mouth.

Reply Score: 2