Feeds

Microsoft enters the anti-virus bear-pit

Plus ça change

Internet Security Threat Report 2014

Analysis Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry.

Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own security product, Windows Live OneCare.

Virus Bulletin kicks off in Montreal on Wednesday and speakers include Microsoft techies Matthew Braverman and Jeff Williams. They will deliver two presentations I know what you did last logon: keystroke logging, spyware and privacy and Behavioral modeling of social engineering based malicious software.

In previous years, Microsoft's main representative was Randy Abrams, former release anti-virus specialist at Microsoft. Abrams, whose main job used to be ensuring that software shipped by Redmond was free of malware infestation, will speak at the conference on behalf of his new employer, antivirus firm Eset.

Volver

Abrams's presentation will remind us that Windows Live OneCare represents a belated return by Microsoft as a suppler of anti-virus software rather than its first foray into a mature industry the security shortcomings of its software (along with the relative ease of tricking users into running untrusted code or visiting dodgy websites) have been instrumental in creating.

Microsoft's first AV effort was in 1993, with the inclusion of Microsoft Anti-Virus within Dos 6.0. Abrams describes this as a "re-branded and ill-conceived entry into the anti-virus industry". Thereafter, Microsoft pointed Windows users looking for security protection to third-party developers.

It waited almost 10 years before deciding to return to the consumer security sector. In 2003, it bought Romanian AV firm GeCAD Software, and in December 2004 it bought Giant, an anti-spyware maker. Between these acquisitions, Microsoft released enterprise security software, in the shape of its Internet Security and Acceleration Server. But its decision to buy into the consumer security market again caused waves, which continue to reverberate around the industry.

Blunt razor-blades

Initially, it seemed that Microsoft's offering might challenge the much-criticised business model of anti-virus vendors. Critics, such as Rob Rosenberger, argue that the anti-virus scanner model championed by mainstream vendors involving selling "blunt razor blades". Signature updates could never hope to keep up with fast-spreading internet worms still less the current breed of targeted Trojan attacks, the argument runs. But anti-virus vendors have no real financial incentive for moving beyond the scanner approach because each high-profile outbreak boosted their sales (and share prices).

At the time Microsoft said it would use GeCAD's expertise and technology to "enhance the Windows platform" and extend support for third-party antivirus vendors. Microsoft's first move when it acquired GeCAD Software was to drop its line of anti-virus products for Linux servers (a process it repeated when it bought enterprise anti-virus Sybari specialist two years later).

That much might have been expected and we still harboured hopes that Microsoft's entry into the market will give the sector a much-needed shake up.

The anti-virus market is famously conservative (desktop-focused vendors spent years rubbishing more innovative firms like MessageLabs, for example). And the fruits of the GeCAD acquisition didn't arrive in public at least until Microsoft debuted what became Windows Live OneCare.

For $50 a year, US users got a software product that offered an antivirus program, firewall, backup utility, tune-up utility. Back-up features were arguably something of an innovation among consumer security suites but Redmond is essentially offering something similar to the security suites of partners turned rivals Symantec, McAfee, CA et al.

Redmond is offering Windows Defender (the fruits of the Giant anti-spyware acquisition) as a component of Vista or as a download at no additional cost. So, long-suffering Windows users have access to anti-spyware protection if not something more comprehensive that might change the business drivers that have long operated within the consumer anti-virus industry, although Microsoft's entry might reduce the cost of anti-virus protection.

Remote control for virtualized desktops

Next page: The price is right

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.