Feeds

Microsoft enters the anti-virus bear-pit

Plus ça change

Top three mobile application threats

Analysis Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry.

Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own security product, Windows Live OneCare.

Virus Bulletin kicks off in Montreal on Wednesday and speakers include Microsoft techies Matthew Braverman and Jeff Williams. They will deliver two presentations I know what you did last logon: keystroke logging, spyware and privacy and Behavioral modeling of social engineering based malicious software.

In previous years, Microsoft's main representative was Randy Abrams, former release anti-virus specialist at Microsoft. Abrams, whose main job used to be ensuring that software shipped by Redmond was free of malware infestation, will speak at the conference on behalf of his new employer, antivirus firm Eset.

Volver

Abrams's presentation will remind us that Windows Live OneCare represents a belated return by Microsoft as a suppler of anti-virus software rather than its first foray into a mature industry the security shortcomings of its software (along with the relative ease of tricking users into running untrusted code or visiting dodgy websites) have been instrumental in creating.

Microsoft's first AV effort was in 1993, with the inclusion of Microsoft Anti-Virus within Dos 6.0. Abrams describes this as a "re-branded and ill-conceived entry into the anti-virus industry". Thereafter, Microsoft pointed Windows users looking for security protection to third-party developers.

It waited almost 10 years before deciding to return to the consumer security sector. In 2003, it bought Romanian AV firm GeCAD Software, and in December 2004 it bought Giant, an anti-spyware maker. Between these acquisitions, Microsoft released enterprise security software, in the shape of its Internet Security and Acceleration Server. But its decision to buy into the consumer security market again caused waves, which continue to reverberate around the industry.

Blunt razor-blades

Initially, it seemed that Microsoft's offering might challenge the much-criticised business model of anti-virus vendors. Critics, such as Rob Rosenberger, argue that the anti-virus scanner model championed by mainstream vendors involving selling "blunt razor blades". Signature updates could never hope to keep up with fast-spreading internet worms still less the current breed of targeted Trojan attacks, the argument runs. But anti-virus vendors have no real financial incentive for moving beyond the scanner approach because each high-profile outbreak boosted their sales (and share prices).

At the time Microsoft said it would use GeCAD's expertise and technology to "enhance the Windows platform" and extend support for third-party antivirus vendors. Microsoft's first move when it acquired GeCAD Software was to drop its line of anti-virus products for Linux servers (a process it repeated when it bought enterprise anti-virus Sybari specialist two years later).

That much might have been expected and we still harboured hopes that Microsoft's entry into the market will give the sector a much-needed shake up.

The anti-virus market is famously conservative (desktop-focused vendors spent years rubbishing more innovative firms like MessageLabs, for example). And the fruits of the GeCAD acquisition didn't arrive in public at least until Microsoft debuted what became Windows Live OneCare.

For $50 a year, US users got a software product that offered an antivirus program, firewall, backup utility, tune-up utility. Back-up features were arguably something of an innovation among consumer security suites but Redmond is essentially offering something similar to the security suites of partners turned rivals Symantec, McAfee, CA et al.

Redmond is offering Windows Defender (the fruits of the Giant anti-spyware acquisition) as a component of Vista or as a download at no additional cost. So, long-suffering Windows users have access to anti-spyware protection if not something more comprehensive that might change the business drivers that have long operated within the consumer anti-virus industry, although Microsoft's entry might reduce the cost of anti-virus protection.

Combat fraud and increase customer satisfaction

Next page: The price is right

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
Oracle working on at least 13 Heartbleed fixes
Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.