Feeds

Microsoft enters the anti-virus bear-pit

Plus ça change

SANS - Survey on application security programs

Analysis Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry.

Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own security product, Windows Live OneCare.

Virus Bulletin kicks off in Montreal on Wednesday and speakers include Microsoft techies Matthew Braverman and Jeff Williams. They will deliver two presentations I know what you did last logon: keystroke logging, spyware and privacy and Behavioral modeling of social engineering based malicious software.

In previous years, Microsoft's main representative was Randy Abrams, former release anti-virus specialist at Microsoft. Abrams, whose main job used to be ensuring that software shipped by Redmond was free of malware infestation, will speak at the conference on behalf of his new employer, antivirus firm Eset.

Volver

Abrams's presentation will remind us that Windows Live OneCare represents a belated return by Microsoft as a suppler of anti-virus software rather than its first foray into a mature industry the security shortcomings of its software (along with the relative ease of tricking users into running untrusted code or visiting dodgy websites) have been instrumental in creating.

Microsoft's first AV effort was in 1993, with the inclusion of Microsoft Anti-Virus within Dos 6.0. Abrams describes this as a "re-branded and ill-conceived entry into the anti-virus industry". Thereafter, Microsoft pointed Windows users looking for security protection to third-party developers.

It waited almost 10 years before deciding to return to the consumer security sector. In 2003, it bought Romanian AV firm GeCAD Software, and in December 2004 it bought Giant, an anti-spyware maker. Between these acquisitions, Microsoft released enterprise security software, in the shape of its Internet Security and Acceleration Server. But its decision to buy into the consumer security market again caused waves, which continue to reverberate around the industry.

Blunt razor-blades

Initially, it seemed that Microsoft's offering might challenge the much-criticised business model of anti-virus vendors. Critics, such as Rob Rosenberger, argue that the anti-virus scanner model championed by mainstream vendors involving selling "blunt razor blades". Signature updates could never hope to keep up with fast-spreading internet worms still less the current breed of targeted Trojan attacks, the argument runs. But anti-virus vendors have no real financial incentive for moving beyond the scanner approach because each high-profile outbreak boosted their sales (and share prices).

At the time Microsoft said it would use GeCAD's expertise and technology to "enhance the Windows platform" and extend support for third-party antivirus vendors. Microsoft's first move when it acquired GeCAD Software was to drop its line of anti-virus products for Linux servers (a process it repeated when it bought enterprise anti-virus Sybari specialist two years later).

That much might have been expected and we still harboured hopes that Microsoft's entry into the market will give the sector a much-needed shake up.

The anti-virus market is famously conservative (desktop-focused vendors spent years rubbishing more innovative firms like MessageLabs, for example). And the fruits of the GeCAD acquisition didn't arrive in public at least until Microsoft debuted what became Windows Live OneCare.

For $50 a year, US users got a software product that offered an antivirus program, firewall, backup utility, tune-up utility. Back-up features were arguably something of an innovation among consumer security suites but Redmond is essentially offering something similar to the security suites of partners turned rivals Symantec, McAfee, CA et al.

Redmond is offering Windows Defender (the fruits of the Giant anti-spyware acquisition) as a component of Vista or as a download at no additional cost. So, long-suffering Windows users have access to anti-spyware protection if not something more comprehensive that might change the business drivers that have long operated within the consumer anti-virus industry, although Microsoft's entry might reduce the cost of anti-virus protection.

High performance access to file storage

Next page: The price is right

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.