lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: mvp at joeware.net (joe)
Subject: MS Anti Virus?

I think you believe MS is going into the AV market because it wants to. I
don't think that is the case. In fact I think they would rather not be in
that market. I take as evidenced the fact of going into that market once and
then dropping out of it. I also recall hearing the rumors that the bought
the AV company and started working on it because they wanted to give this AV
away for free with SP2 and then realized that they would be back in court
over it. 

I believe MS is doing this strictly as a means to protect itself and
possibly help users at the same time. With luck as the OS features get
better and better the reasons for AV should hopefully reduce (but again I
doubt entirely dry up) thereby reducing the market that you think they are
going into to make cash on. 

Since they will have to charge for it, I hope to see them do a small charge
once up front, and then free updates for the time frame you have the OS
loaded. A lot of folks lose their protection after the free update period
expires with the third party stuff. Many, myself included aren't willing to
pay monthly or yearly fees to AV companies. 


> since M$ products account for a majority of the A/V infections

This is on par with saying most cars crashed are from GM without stating the
point that GM has the most cars on the road. You can say MS has the most
inept users, most inept admins, most viruses, most bugs, most lots of things
because they simply have the most period. 


I was chatting with some friends the other day and the conversation turned
to the idea that had MS initially started with the implementation of fewest
services running as possible on their machines, we wouldn't know about a
great deal of the bugs/holes that were in there as they would still be
buried. Why? Because there would be no point in attacking the service if
only a small subset of people were running it. The bugs could sit in there
and live forever until someone accidentally stumbled on one. You wouldn't be
cool for finding a hole in say the messenger service if hardly anyone was
running it, people would simply say big deal, the press wouldn't be
reporting "Hole found in messenger service, thousands in danger of illicit
penetration!". As an aside, I think we would also have less penetration of
computers in general in the market place.  Most people started using
computers in the home because they were easy to use and MS made it that way.



 

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Gregory A.
Gilliss
Sent: Thursday, June 17, 2004 2:03 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] MS Anti Virus?

Dan et al:

You are missing the point here. While it matters little *who* is in the A/V
market, it matters very much when one player is Microsoft, because the M$
business model (according to them and to the US DOJ) is to enter a market,
undercut the market, co-opt the market, drive out the competition, and move
on to the next market (not unlike a virus, as told by Agent Smith).
So if M$ enters the A/V market and "bundles" their solution with Windows
whatever, they likely will drive Symantec and McAfee out of the market over
time by co-opting the A/V subscription market.

The security ramifications of a M$ only A/V marketplace relate to Dan Geer's
monoculture argument (already well discussed here) and also a conflict of
interest (since M$ products account for a majority of the A/V infections).
Can we "trust" an A/V solution from M$ that addresses virus infections of M$
products? And is M$ controls both the virus host and the A/V inoculation,
does that not create a potential area of abuse - no
license/upgrade/whatever, no A/V subscription/update/whatever?

As Reagan told Gorbachev, "Let me tell you why we do not trust you..."

G

On or about 2004.06.17 15:51:19 +0000, DAN MORRILL (dan_20407@....com) said:

> You make anti virus software sound like a gun lock on a 9MM.
> 
> Does it really matter who is in the anti-virus market? If Microsoft 
> goes that way, and they have the best knowledge of what they created, 
> what we can reasonably expect to see in the words of Bill Gates 
> "Innovation, with rich user features, deeply embeded in our software".
> 
> So, we can have an AV product that does great things, but maybe only 
> 2% of it will be used, and because it is a microsoft product, we can 
> expect patches every month, with known and unknown vulnerabilites from day
one.

-- 
Gregory A. Gilliss, CISSP                              E-mail:
greg@...liss.com
Computer Security                             WWW:
http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C
A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ