“New security features in Windows Vista will largely eliminate the need to run separate antispyware or firewall software, according to a new analyst report. Due out early next year, the next major release of Microsoft’s flagship operating system promises not only to increase security for consumers, it will also dramatically affect the $3.6 billion market for Windows security products, according to a Yankee Group report scheduled to be published Monday.” That same report also claims that Vista’s security measures will hurt in the enterprise sector, and it advises companies to stick with XP SP2 until 2008.
It would make more sense if they only implemented those reminders in the home versions it’s somewhat insulting to have those on an enterprise level OS.
I guess a those people who blame windows for everything including there sink blocking have asked for it. Although windows is lacking in the security dept. most of the problems are down to lack of education IMV.
You can disable or change the behavior of UAC (and many other features) using group policy.
The report also suffers from analysis of UAC too early in the development process. It has improved a lot since the December build, and was both then and now in active development. An accurate evaluation can’t really be made until the release candidate stage, which still gives corporations and end-users months to decide whether to move forward.
Although windows is lacking in the security dept. most of the problems are down to lack of education IMV.
A computer science degree?
I owned a ZX spectrum when they were new does that count for anything?
It doesn’t count as much as my Commodore 64 :-p
Still one of the best computers ever, IMO.
It was Chuck Peddle and Commodore, not the Steves and Apple, that brought affordable and usable computing to the masses. The Apple I was abysmal where the Pet kicked ass.
no way. have clippy come up and ask, “It appears your server is at risk. Would you like help securing your server?”
And Microsoft bites the dust again, waiting for another antitrust lawsuit to be filled in.
Well, I know, the pleasing “security” out of the box without inviting the user to spend some extra bucks. But this is quite wrong. First off, there are competitors which will be quite harmed by this measure — another monopolist move from Microsoft.
Second, their approach is making patches instead of correcting the holes and all the mess they made. After all, 6 years for preparing Vista should be enough to rethink and rebiuld the whole architecture in order to minor security problems.
So, they deserve another antitrust lawsuit.
Nevermind, Microsoft’s strategy of trying to build earth-quake proof skyscrapers out of an endless series of wattle-and-daub bungalows will backfire in the end. And by the time it does, there will be real alternatives for 99% of the Windows users out there.
And Microsoft bites the dust again, waiting for another antitrust lawsuit to be filled in.
I wonder why noone suits iptables team for monopolizing firewall market on Linux & Co. …
Edited 2006-05-08 20:57
Because Linux (and BSD) had it in the first place, and did it well.
I can’t even understand how an OS could have ever been released as “Internet ready” and NOT have a firewall like Windows did for so long. I mean, that’s like selling cars with no locks!
I won’t even start on the Windows virus and anti virus topic…
Probably because there is no point in having other firewalls for Linux because it’s open source and they can’t compete based on price. I use Shorewall myself, but all that it does is simplify iptables.
You may as well ask why no one has sued OpenBSD for AuthPF.
There are commercial firewall systems on linux other than the native one, actually.
You just don’t see them on the desktop: CheckPoing Firewall-1 is such a firewall.
And don’t forget that vendors can still produce nice and fancy configuration GUIs and suites of alerts/monitoring tools for the linux desktop, using the native iptables firewall as engine, and doing much less work.
Apples to oranges, nimrod.
Who says they are not trying to fix the holes?
Maybe they have finally realized that you can’t make security perfect, so you should have a backup plan, just in case something goes wrong (as does on all operating systems). Something also to to reassure customers.
The $3.6 billion market for Windows security products…
…that shouldn’t have existed in the first place.
This is quite a true statement.
You don’t see a $3.6 billion dollar Linux or Mac security market because there is no need for one.
This is the whole reason that Windows is so damn vulnerable; there is a multi-billion dollar market that was created because of MS’s inability to secure their code…
Or is it a purposefully created endeavour to fuel extra money going back to MS or some other bureaucratic agency? I mean how hard is it to really secure software; the open source community patched gaping holes in a matter of weeks while Windows takes months or years to finally get fixed…
No, I think there is more to Windows being insecure than meets the eye…
Microsoft created that $3,6 billion market by making Swiss cheese operating systems and it is now the time to destroy that shameless business.
Fortunately I’ve never shelled out single penny for anti-virus, anti-spyware and anti-whatever software but
other people did and I think there must be the way for them to reimburse expenses they had for using Microsoft (insecure) code.
After six years of using various Linux distributions it has become my OS of choice and only MS OS I’m still using is Windows 2000 just for compatibility reasons.
I don’t think I will ever get back to MS crowd not even
with their “promissing” Vista OS.
I wasted too much time fixing-repairing-rebuilting my MS ran PC boxes so I think Microsoft made already irreparable dammages to its own renomee.
//You don’t see a $3.6 billion dollar Linux or Mac security market because there is no need for one. //
Nor are there NEARLY as many Linux/OS X users …
But you’re right. For now.
Two problems caused the security problems at Microsoft:
1) Windows application programmers. They have refused systematically to make their applications aware of the difference between admin and normal user.
2) Microsoft. They refused to make the first user in XP a non-admin user, while also not enforcing the admin/user divide strongly enough to programmers.
That’s the problem in nutshell. Let’s hope Vista changes all that.
Reputedly, it does, but also turns Vista into even worse nagware than XP was already:
Consider – drag an icon to the Recycle Bin. “Are you sure you want to drag this file to the Recycle Bin?”
Translation: “Are you sure you want to be nagged yet again about doing something that, if it’s a mistake, is *easily reversible*?”
Answer: “No! In fact I’m sure I f******* don’t!”
The Amiga had a Trashcan you could pull things out of again, and it didn’t ask stupid questions, iirc. I NEVER lost a file out of carelessness using it.
Windows application programmers. They have refused systematically to make their applications aware of the difference between admin and normal user.
I don´t disagree, but I have a couple of remarks.
Firstly, as a sad fact of life, many of the Windows application developers that systematically refused to make their applications aware of the users privileges, came from within Microsoft. Privilige management was never a part of their application development culture.
Secondly, the part of the security model that concerns userrights and permissions that a user require to perform his/her tasks is a mess. Often you end up requiring admin access to perform simple things.
The Windows security model offers terrific granular control of the users rights, but the nature of the registry, and the messy directory structure makes privilege management very very hard.
This was also claimed about SP2. It was claimed about XP as well…
Lets FIRST see the product and THEN talk about security consequences.
Amen.
How’s Marvin, btw?
He’s complaining.
deja vu all over again.
Microsoft has really dug itself into quite a hole now. It owns such a large market share that its a monopoly. And due to their short sightedness or maybe their money first attitude, has caused the creation of several markets based almost wholey on their product. NOw they are in a catch 22. If they fix the problems to make their product better, they eliminate the need for that market. And since they are a monopoly, everything they do has legal consequences to it. This is proof of why a multi vendor market is needed. Like it or not, we need Linux and Mac OS X, and so does MS. While you cant really put free out of business, think about the sh**storm that would ensue if Apple went under. The feds would have no choice but to break up MS just to jump start the OS market. Why do you think MS invested in Apple? To help preserve them as a competitor.
…Like it or not, we need Linux and Mac OS X….
Well, we need Linux. OSX, whatever its merits, is just not competing in the same space as Windows.
Why? Because the only way you can get it is by buying Apple hardware. This means it is not an effective competitor. Its competing in a different segment altogether.
Please note: I am not saying (here) that this is good or bad. I am not saying that Apple should or shouldn’t do anything different. This is a very restricted factual point about market segementation, not about company strategy. But, it is true. If Apple were to go away from the computer business tomorrow, it would make little difference to Windows’ competitive situation.
Now if Linux were to vanish….
First of all Microsoft has changed the Vista firewall to only protect incoming traffic just like the crappy XP firewall. This is supposedly because businesses don’t want a firewall that protects incoming and outgoing traffic since their firewall architectures do that. of course that makes o sense but thats what Microsloth is saying. Windows antipsyware is not all that good cmpared to something like SpySweeper and there are already indications that they let spyware through that may make them some money. Not to mention the rather obvious fact that Microsoft has created the problem by creating an OS that leaks like a sieve then they want to sell you the tools to plug the gap. Fortunately the answer is easy; buy a Mac! 🙂
I’m supprised how nobody has mentioned how this could make things worse for end users.
With Anti-Spyware baked into Vista, it’ll quickly become the number 1 targetted product by spyware makers, aiming to disable it first and then run rampant. Users will just get a false sense of security rather than protection that will last.
And what if Microsoft buys up a spyware vendor and then sends out updates to Windows Defender to now ignore their wares.
So,
1. Some people here are slamming Microsoft because they are including new anti-spyware measures.
2. Some people here are slamming Microsoft because they didn’t introduce anti-spyware sooner.
3. Some people here are slamming Microsoft irrespective of spyware ’cause they feel Windows was programmed badly.
4. And the rest are just wasting our time talking up their alternate OS no matter what the topic.
Tough crowd.
Tough crowd.
Yep, and rightly so. Had MS done things properly from the start they wouldn’t be in this mess.
Don’t blame the people complaining, blame MS for giving people the reason to complain.
//Had MS done things properly from the start they wouldn’t be in this mess//
Yah, a hell of a mess … US $250 billion market cap … $40 billion in cash reserves … 90% desktop marketshare.
Horrible. Just horrible. They should pack it in, they’re DONE.
<yawn>
“Yah, a hell of a mess … US $250 billion market cap … $40 billion in cash reserves … 90% desktop marketshare.
Horrible. Just horrible. They should pack it in, they’re DONE.
<yawn>”
That’s only because of their illegal market practices in the past. I have seen a somewhat slow, but noticeable market decline in Servers and some Desktops to Mac and Linux over the last few years. I think in the next 5 to 10 years, MS will only have 60% to 70% in either market (Maybe sooner judging by recent news of government’s migrating to Linux and other countries doing the same.)
Enjoy it while you can, Windows users, your days are in fact numbered…
//That’s only because of their illegal market practices in the past.//
If you honestly believe that’s the only reason, I’ve got some swampland in Florida for sale … cheap!
Keep spinning… the numbers tell a different story… Be prepared to be disappointed, though.
http://www.itjungle.com/two/two030205-story03.html
http://www.wininsider.com/news/?7124
http://www.serverpipeline.com/news/174401597
http://www.betanews.com/article/Microsoft_Makes_Gains_in_Server_Sha…
Keep spinning… the numbers tell a different story
I’m astonished that there are still people not getting the difference between market share and install base.
Those number only says that the MS raised it sales volume compared to others. It does not take into account
1) the number of OSes actually used (e. g. in our company, MS server hardware normally got “recycled” as SCO Unix server when the next iteration of MS bloatware was too demanding for the hardware).
2) The differences in price. E. g. if you buy a Linux distro for $100 or a licence for Win2003 for $1000 (numbers are for example only), then the market share of Windows is 10 times higher but the install base is equal.
So – keep spinning
I am not gonna sit here and claim that MS is in a bad position financially. Just that their past actions are going to catch up to them. The number of lawsuits against MS is rising at a very steep rate. MS will never go out of business, but the horizon isnt as sunny as it used to be. Consider the fact that even Bill Gates said that the future of MS is web services and the fact that AJAX is plaform independent. There is increasingly better quality software available for free. People aren’t going to keep paying the MS tax if they can avoid it. And MS hasnt exactly gone out of its way to persue brand loyalty. I think one of two outcomes will happen. MS will step too far out of line and end up like AT&T. Or, MS will become like Ford, just another player in the market.
Sure, and I agree that patching Windows to a toally secure point is a very difficult (some might say impossible) task.
All I’m saying is, the damage is done and we’re stuck with it, so let’s not blast them for trying to make it as secure as possible.
With regards to hindering competition, I think that security *should* be in built into an OS, and the market that evolved because Windows was missing a crucial component will just have to adapt or die out.
It’s not the same as Netscape versus IE. Internet browsing is an optional extra – security isn’t.
Happygod:
It’s not the same as Netscape versus IE. Internet browsing is an optional extra – security isn’t.
Tricky. Internet is more used than for example Office-tools. In case of s’thing like MS Live of eyeOS, internet is essential for Office, video or music tasks.
It might/could be that the next generation of OSes are only ment for connecting to internet and external storages. Protection of your loved ones are truly dependent of firewalls and virusscanners.
Here’s the thing. XP can hit those markets where it hurts if it’s setup right.
1. Use restricted user for just about everything. (This worked fine in Win2k too)
2. Activate software restrictions so that scripts and applications can’t run from any source that restricted users have write access to. By default, once it’s active and set to deny all applications, restricted users can’t run random crap unless the Administrator allows it by hash value, or the directory it’s in allows it (which they shoulden’t have write access to). Hell certificate code signing launch restrictions work great if you can do it. Generally the defaults on software restrictions simply work, though thought does need to be put in to how to allow .lnk files to operate. (Too bad software restrictions in Win2k are half-assed compared to XP/2003). Also, current Macromedia products need a hash value added to the allow rules for that Macrovision protection they are using. Always sticks it in a users temp folder.
3. Outbound firewall? Logging ain’t great, but I’ve used IPsec, which comes with Windows 2000-2003, as an inbound/outbound firewall. I don’t use it for inbound blocking anymore unless I need to actually setup subnet rules, but if I want to cut myself off from the outside world or cut the outside world off from me, IPsec does it. I have control of the rules, and nothing makes up it’s mind for me here.
So with that, I don’t really need any spywear software running or virus scanners, because none of them can infect me. There are a few ways to sneak past all the protection (perl and java are not secure compared to WSH in conjunction with software restrictions… at least, I have no idea if it’s possible to make them force signing or anything like that). Either way, it starts requiring multiple holes to take advantage of.
I was never hit with anything “bad” on 2000, XP, or 2003. And I’ve always used IE as my main browser. Never had any weird files start showing up on my systems or nothing.
Lodz
Edited 2006-05-09 07:43
“Fortunately I’ve never shelled out single penny for anti-virus, anti-spyware and anti-whatever software but
other people did and I think there must be the way for them to reimburse expenses they had for using Microsoft (insecure) code.”
This is why I am impressed with the Antivirus vendors who actually offer a USEFUL (fully functional, non-expiring, with updates) version of their product for free (mostly for home use).
Sure it might be wrong that the business exists in the first place, but at least these companies offer home users a choice.
Loads of people I know tell me I am crazy for not running XP with antivirus software on. They of course usually have that bottleneck called Norton installed slowing down their system to a crawl because “viruses are all around”. First thing I do on their machine is turn it off while using it.
They are all persuaded by the hype coming from antivirus compaines. Maybe those even helped develop some of the most popular viruses, who knows. I mean, this fear will remain long after Vista is here, so companies will still have huge market for at least few years.
In my opinion, using later versions of IE or other browser is more than enough to protect yourself, as long as you are smart enough to avoid spyware-infested software or not stupid enough to open attachments. Blaster days were an exception, there hopefully won’t be so fragile open ports on windows systems anymore.
This is the old “if you are paranoid, what do you do if they really are out to get you?”, attiute, that some Windows users see.
Windows malware does not need you to click on “dodgy” website, or open a porno attachement, you will get infected just by connecting to the internet if you are not protected.
YOU, might be protected a bit, if you are using a router, however, not all malware is virus, your machine might be a zombie, continually sending out spamm to MY email address.
See, if YOU have an insecure system, everyone else here suffers for it. Sort it out man.