Linked by Thom Holwerda on Mon 4th Jun 2012 19:28 UTC
Windows "Microsoft's Windows 8 will activate its built-in antivirus software only if it senses that the PC is not protected by another security program, according to AV vendor McAfee." That's one way to appease antivirus companies, I suppose.
Order by: Score:
WildSubnet
Member since:
2012-01-24

They make some coin on pre-installing trail versions of the stuff.

Reply Score: 7

bassbeast Member since:
2007-11-11

Bingo! Give that man a ceeegar! Do you have ANY idea how many stupid trialware installs of Norton and McAfee I have to get rid of in an average month? Too dang many. Every single OEM out there just loads up the crapware and those two companies are usually right at the top of the list, ironically along with trial versions of MS Office products.

Personally I am glad there will at least be something on there if they have nothing but the thing I'm wary of is this: Will this thing suddenly show up if you are tossing some trialware for something decent? or will it at least give you the option to say no?

Reply Score: 4

tanzam75 Member since:
2011-05-19

Indeed. Remember that the DOJ anti-trust supervision of Microsoft has ended. Thus, Microsoft is not as scared of the AV companies as it used to be.

With the introduction of Windows RT, though, Microsoft needs the OEMs more than ever. They're already grumbling about being forced to ship a Windows RT in a clean configuration. Apparently Microsoft had to throw them a bone -- which is to permit them to continue loading down Windows 8 with trialware.

Reply Score: 1

That's almost how Windows is today.
by MollyC on Mon 4th Jun 2012 21:25 UTC
MollyC
Member since:
2006-07-04

Although you *can* have multiple A/V's running, Windows' security center control panel will pop-up a warning saying, "this is bad" (not the exact wording lol), because two A/V's running at the same time will step on each other's feet, get in each other's way, and degrade system performance.

Reply Score: 3

Hm?
by WereCatf on Mon 4th Jun 2012 21:40 UTC
WereCatf
Member since:
2006-02-15

The article is quite light on details, leaving me wondering if these 3rd party AVs must be somehow signed by Microsoft for Windows to 'detect' their presence or will they just use some built-in functionality to alert Windows to their presence?

This is important because if it's the latter then what's stopping malware from doing that same thing? If it's the first then that would obviously be the safer choice, though it creates some extra steps for 3rd-party AV-makers to take.

Off-topic: I personally wouldn't touch any 3rd-party AV even with a barge pole anyways, so this doesn't affect me. I still loathe Microsoft and dislike how they do quite a few things, but Microsoft Security Essentials has so far been nothing short of excellent, both in terms of speed (also in the background), non-intrusiveness and actual detection quality. As such I applaud Microsoft for including it as part of W8, that'll save quite a few Joe Blows from malware attacks.

Reply Score: 5

RE: Hm?
by bassbeast on Tue 5th Jun 2012 03:50 UTC in reply to "Hm?"
bassbeast Member since:
2007-11-11

I'm sorry Werecat but as a small shop owner while I use MSE myself on my gamer machine (because that's all it does and the only time I use the browser at all is when its sandboxed) I'm afraid as an AV that MSE leaves quite a lot to be desired.

For example, I bet you've never seen MSE block a website that has malicious code on it have you? me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't. It seems to be great for detecting downloaded bugs, but how many bugs these days come from downloading infected .exe files anyway?

That is why I give my customers Comodo or Avast, as both have automatic sandboxing and both do scan before load on web pages, although lately I've been leaning towards Comodo as Avast has gotten too "chatty" with their plugs for other services. But with both I've yet to see a bug where the user didn't actively ignore it (such as the brainiac that disabled Comodo so he could install "the new Limewire' which of course was just a malware payload labeled limewire) but I have seen browser bugs get past MSE, especially if they had an out of date Java or Flash installed.

While I'm glad it works for you, and again on my gamer machine I do use it myself because I know what to watch out for, I'd strongly suggest keeping vigilant when using MSE on a day to day machine and the occasional scan from Trend Micro's online Housecall wouldn't be a bad idea. Remember that MSE wasn't even an AV originally, it was Giant antispy before being bought and rebranded by MSFT. It still does great against spyware, against browser bugs and drivebys? Not so much, at least from what i have seen.

Reply Score: 4

RE[2]: Hm?
by WereCatf on Tue 5th Jun 2012 05:07 UTC in reply to "RE: Hm?"
WereCatf Member since:
2006-02-15

For example, I bet you've never seen MSE block a website that has malicious code on it have you?


I do admit that the answer is no. But then again, I don't visit such websites anyways.

me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't.


If that is true then it is indeed quite a big shortcoming, though MSE is designed to go hand-to-hand with IE so most Joe Blows will likely be quite fine. I would try this myself but I'm not aware of any website to try with.

Gonna make a Windows - installation in a VM and try to find some driveby to try with.

Reply Score: 2

RE[2]: Hm?
by n4cer on Tue 5th Jun 2012 13:57 UTC in reply to "RE: Hm?"
n4cer Member since:
2005-07-06


For example, I bet you've never seen MSE block a website that has malicious code on it have you? me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't. It seems to be great for detecting downloaded bugs, but how many bugs these days come from downloading infected .exe files anyway?



On my work computer (running Windows 7), I've actually had MSSE block malicious javascript from running while I was looking for product info about a customer's Android phone. It also stopped a trojan dropper embedded in (or disguised as) an mp3 file.

Reply Score: 5

RE[3]: Hm?
by WereCatf on Tue 5th Jun 2012 15:39 UTC in reply to "RE[2]: Hm?"
WereCatf Member since:
2006-02-15

I had to Google around for a while to find some infected website with a driveby, but yes, I finally found a few myself, too. MSE did pop up and warn about them so I have to guess that the reason why bassbeast's MSE didn't is because he was running Windows XP; I tried with Windows 7 in a VM and so far it's still clean and MSE works as expected. Oh, and yes, it does catch javascript - attacks, too.

As such I am still going to continue recommending MSE to people.

Reply Score: 5

RE[4]: Hm?
by bassbeast on Thu 7th Jun 2012 03:53 UTC in reply to "RE[3]: Hm?"
bassbeast Member since:
2007-11-11

Thanks for bringing that up Werecat as i probably should have been more clear. For my test bug boxes i use WinXP because 1.-I am always getting WinXP boxes traded in so they are plentiful and have been freshly wiped by me and 2.- With so many XP units out there and with MSFT supporting XP until 2014 I think its a more fair test of the AV itself, as Win 7 has several security features of its own like UAC, ASLR and low rights mode so its hard to tell what was the AVs doing and what was the OS.

I'll be the first to admit that Win 7 is a MUCH safer OS, that's why i use it at home with MSE, but again i have to wonder how much of the bugs are being stopped by MSE itself or whether its simply reading cues fed it by the Win 7 security features.

So I wouldn't have a problem recommending MSE if I KNEW for sure they were going to be using win 7, since they will have all those other layers of protection on top of MSE. But I do think MSFT either needs to stop supporting MSE running on anything below Vista or step up to the plate and make their AV better because i can tell you that on XP its performance is really poor, so poor I wouldn't dare run MSE on XP IRL, it just doesn't catch the bugs before its too late.

So for WinVista and Win 7 thumbs up for MSE, for WinXP or XP X64 its thumbs down for MSE and thumbs up for Avast free or Comodo CIS.

Reply Score: 2

RE[2]: Hm?
by WorknMan on Tue 5th Jun 2012 18:14 UTC in reply to "RE: Hm?"
WorknMan Member since:
2005-11-13

ut I have seen browser bugs get past MSE, especially if they had an out of date Java or Flash installed.


Flash (and optionally adblock) should be blocked by default on every browser, and only whitelisted when necessary. And who the hell installs Java anymore? ;)

Reply Score: 1

RE[3]: Hm?
by darknexus on Tue 5th Jun 2012 20:48 UTC in reply to "RE[2]: Hm?"
darknexus Member since:
2008-07-15

And who the hell installs Java anymore? ;)


OEMs, unfortunately. Most users do not install it, it comes preloaded. I have seen Toshiba, Fujitsu, Asus, and HP computers come with an outdated Java preloaded on these machines and in the recovery image.

Reply Score: 3

RE: Hm?
by DrillSgt on Tue 5th Jun 2012 14:13 UTC in reply to "Hm?"
DrillSgt Member since:
2005-12-02

The article is quite light on details, leaving me wondering if these 3rd party AVs must be somehow signed by Microsoft for Windows to 'detect' their presence or will they just use some built-in functionality to alert Windows to their presence?

This is important because if it's the latter then what's stopping malware from doing that same thing? If it's the first then that would obviously be the safer choice, though it creates some extra steps for 3rd-party AV-makers to take.


If it works like it does now, they do not have to be signed by Microsoft, though they are detected. As it works currently, the Windows Security Center will warn you if you have no AV installed, and if you do have an AV installed, it will warn you if it is out of date.

There already is malware that detects certain AV and even disables them so the malware goes undetected. When that happens the AV companies are normally extremely quick to send an update, so most people don't even notice or get infected.

Reply Score: 2

RE: Hm?
by zima on Mon 11th Jun 2012 23:55 UTC in reply to "Hm?"
zima Member since:
2005-07-06

excellent, both in terms of speed (also in the background), non-intrusiveness and actual detection quality

NOD32 is very much like this, too (perhaps even better WRT speed, how "light" it is) ...or at least was half a decade ago, when I decided I don't really need any AV (so, yeah, I can't vouch personally for its detection quality - which supposedly is decent - since it pretty much had nothing to detect with me; I'm running the past few years without any AV, and I'm clean / yes, I do occasionally check HDD, also in "offline" mode - not running the OS instance that's on it). Doesn't seem it changed much. But yeah, not free.

Reply Score: 2

A question from a non-IE user
by darknexus on Tue 5th Jun 2012 04:28 UTC
darknexus
Member since:
2008-07-15

Can I turn this off completely, even if I have nothing installed? I use Chrome with Notscript and Firefox with NoScript, plus my own common sense. I haven't had a virus in years and the last thing I need is something I don't want sucking my battery.

Reply Score: 4

RE: A question from a non-IE user
by WereCatf on Tue 5th Jun 2012 05:08 UTC in reply to "A question from a non-IE user"
WereCatf Member since:
2006-02-15

Can I turn this off completely, even if I have nothing installed?


You can just open MSE and turn off real-time protection.

Reply Score: 4

darknexus Member since:
2008-07-15

Yes, I can turn off MSE now. What I was actually wondering is if I could do the same in Windows 8 once Microsoft has released it, i.e. do they plan to retain the ability to turn it off?

Reply Score: 1