Feeds

Microsoft enters the anti-virus bear-pit

Plus ça change

Internet Security Threat Report 2014

Analysis Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry.

Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own security product, Windows Live OneCare.

Virus Bulletin kicks off in Montreal on Wednesday and speakers include Microsoft techies Matthew Braverman and Jeff Williams. They will deliver two presentations I know what you did last logon: keystroke logging, spyware and privacy and Behavioral modeling of social engineering based malicious software.

In previous years, Microsoft's main representative was Randy Abrams, former release anti-virus specialist at Microsoft. Abrams, whose main job used to be ensuring that software shipped by Redmond was free of malware infestation, will speak at the conference on behalf of his new employer, antivirus firm Eset.

Volver

Abrams's presentation will remind us that Windows Live OneCare represents a belated return by Microsoft as a suppler of anti-virus software rather than its first foray into a mature industry the security shortcomings of its software (along with the relative ease of tricking users into running untrusted code or visiting dodgy websites) have been instrumental in creating.

Microsoft's first AV effort was in 1993, with the inclusion of Microsoft Anti-Virus within Dos 6.0. Abrams describes this as a "re-branded and ill-conceived entry into the anti-virus industry". Thereafter, Microsoft pointed Windows users looking for security protection to third-party developers.

It waited almost 10 years before deciding to return to the consumer security sector. In 2003, it bought Romanian AV firm GeCAD Software, and in December 2004 it bought Giant, an anti-spyware maker. Between these acquisitions, Microsoft released enterprise security software, in the shape of its Internet Security and Acceleration Server. But its decision to buy into the consumer security market again caused waves, which continue to reverberate around the industry.

Blunt razor-blades

Initially, it seemed that Microsoft's offering might challenge the much-criticised business model of anti-virus vendors. Critics, such as Rob Rosenberger, argue that the anti-virus scanner model championed by mainstream vendors involving selling "blunt razor blades". Signature updates could never hope to keep up with fast-spreading internet worms still less the current breed of targeted Trojan attacks, the argument runs. But anti-virus vendors have no real financial incentive for moving beyond the scanner approach because each high-profile outbreak boosted their sales (and share prices).

At the time Microsoft said it would use GeCAD's expertise and technology to "enhance the Windows platform" and extend support for third-party antivirus vendors. Microsoft's first move when it acquired GeCAD Software was to drop its line of anti-virus products for Linux servers (a process it repeated when it bought enterprise anti-virus Sybari specialist two years later).

That much might have been expected and we still harboured hopes that Microsoft's entry into the market will give the sector a much-needed shake up.

The anti-virus market is famously conservative (desktop-focused vendors spent years rubbishing more innovative firms like MessageLabs, for example). And the fruits of the GeCAD acquisition didn't arrive in public at least until Microsoft debuted what became Windows Live OneCare.

For $50 a year, US users got a software product that offered an antivirus program, firewall, backup utility, tune-up utility. Back-up features were arguably something of an innovation among consumer security suites but Redmond is essentially offering something similar to the security suites of partners turned rivals Symantec, McAfee, CA et al.

Redmond is offering Windows Defender (the fruits of the Giant anti-spyware acquisition) as a component of Vista or as a download at no additional cost. So, long-suffering Windows users have access to anti-spyware protection if not something more comprehensive that might change the business drivers that have long operated within the consumer anti-virus industry, although Microsoft's entry might reduce the cost of anti-virus protection.

Internet Security Threat Report 2014

Next page: The price is right

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.