Brou-ha-ha erupts (over spilt milk) between Microsoft and security vendors

Brou-ha-ha erupts (over spilt milk) between Microsoft and security vendors

Summary: According to a Reuter's report, Microsoft is saying that security solutions provider McAfee was out of line when it basically brushed off the software giant's promise to give third party security companies the information they need in order intercept certain security componentry in the 64-bit version of Windows Vista.

SHARE:
TOPICS: Security
16

According to a Reuter's report, Microsoft is saying that security solutions provider McAfee was out of line when it basically brushed off the software giant's promise to give third party security companies the information they need in order intercept certain security componentry in the 64-bit version of Windows Vista.  After Microsoft announced it would be making the information available to companies like McAfee and Symantec in attempt to assuage the concerns of European antitrust officials, McAfee officials referred to the promises as "hollow assurances."  According to the Reuters story:

U.S. software giant Microsoft last week promised the European Commission, with which it is embroiled in a long-running legal battle, that it would provide necessary information to security firms.

But, it's apparently Microsoft's open-ended timetable that caused the security community to bristle. Said the Reuters report:

Microsoft said on Thursday it could change Vista to deal with the concerns of security software makers only when an update came out. It gave no timetable. 

The stinging criticism comes on the heels of earlier skepticism on behalf of McAfee and other security vendors that basically amounted to a "we'll believe it when we see it" attitude -- an attitude that was largely affirmed by the lack of any specific target date.

Microsoft itself was a bit frosted over the recriminations:

Microsoft said on Friday that security software firm McAfee's criticism of its provision of security information on the new Vista operating system was "inaccurate and inflammatory."...."It's unfortunate that McAfee's lawyers are making these kinds of inaccurate and inflammatory statements," said Ben Fathi, corporate vice president of Microsoft's security technology unit....He said Microsoft was being even-handed in developing the needed software, which would happen "in the months ahead."

But other security vendors appear to be equally concerned. For example, today, on his company's corporate blog, Mikhail Penkovsky, director of marketing and sales at firewall solutions provider Agnitum stated:

The game of ping-pong between Microsoft and third-party security software vendors seemed to be over last week when Microsoft announced its plan to share the source code of its Kernel Patch Protection mechanism.

Kernel Patch Protection (KPP), also known as PatchGuard, is a new security measure introduced by Microsoft for the Windows Vista x64 operating system. Its goal is to prevent malware from replacing a part of Microsoft's core code with its own, thus exploiting the operating system. An unfortunate side effect, however, is the limitations this places on third-party vendors of security software – limitations that are confirmed by security researchers from around the world....

....On Friday October 13th, Microsoft said it would modify KPP to let third-party security vendors bypass it with their software and give end users the ability to choose their preferred security supplier. To do this, Microsoft would create an Application Programming Interface (API) to let third-party developers access the kernel and disable the Windows Security Center in Vista...

...I guess we should also have taken note that Microsoft made this announcement on Friday 13th – not a date known for good news over the course of history. Because what did we learn today? According to TechWeb

“Microsoft won't roll out the APIs for PatchGuard in the first edition of Vista, but will unveil them with the first Service Pack. Typically, Microsoft deploys an initial Service Pack 12 to 18 months after the release of an OS.”

We’ve contacted Microsoft to try to get this sorted out. We hope. From Agnitum's point of view, Microsoft has made a positive decision – but we don’t have the API yet to analyze it. And of course the biggest losers here are going to be the users. Unless Microsoft makes good on its original announcement to make the KPP APIs available this week, the likelihood is that Vista will ship with a “choice” of security solutions from one vendor – Microsoft.

This of course cuts straight to the antitrust scenario that has European antitrust officials worried. To what extent, if any, will Microsoft's late delivery of those APIs undermine the vibrance of the cottage industry in all of the third party security parties participate? If you ask me, the answer has less to do with when Vista ships than it has to do with when Vista starts to get widespread adoption. That's at least a year away if not more as it has become customary for many users to wait until Microsoft issues an operating system's first service pack before putting that OS into production use.  And keep in mind we're talking about the 64-bit version of Vista here. So, while I understand why security vendors wish they had the information sooner rather than later, my personal feeling is that this isn't the sort of issue that's going to make or break their businesses.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

16 comments
Log in or register to join the discussion
  • Let's be honest here...

    MICROSUCKS = SCUM

    The courts have already ruled that MICROSUCKS has violated and continues to violate anti-trust laws in their efforts to maintain the illegally derived monopoly. One of the ways they perpetuate their ill gotten monopoly is by refusing to provide the proper O/S documentation to allow competing apps to interface properly and easily with Windoze and now Vista.

    MICROSUCKS has a history of criminal activity and prosecution for same. The Vista deal is nothing new, just more of the same. In the end MICROSUCKS will get sued and will lose in court. Let's hope this time the U.S. judicial system grows some BALLS and actually punishes MICROSUCKS for their crimes instead of allowing to PACT money on Capitol Hill to buy off any accountability for MICROSUCKS crimes.
    BeGoneFool
    • symantec / mcafee suck

      I would rather run a MS solution than anything from Symantec or Mcafee. I won't let anything from them near my equipment or my family and friends.
      bigjon-x64
  • What access do other Os's provide?

    All this talk of kernel access makes me wonder what the other OS venders provide. Does Apple, UNIX or Linux provide access to the core of their OS's?
    GScully
    • Access that other OS's provide

      As I recall, that is one of the greatest strengths of the *nix OS, that they are open source. The question you haven't asked, howeve, is whether or not a third-party security firm NEEDS said access. You will note that there isn't a great market for malware/spyware/virus software for *nix systems. The threat isn't there, due to the specific architecture of said *nix systems.

      Please note that I am not a member of the 'cult of the penguin'. It has it's weaknesses too (specifically a higher learning curve than Win* systems, which is why I don't use it personally), but when it comes to security, the Penguin shatters Windows like a F5 tornado.

      As for Mac, I don't have enough experience to talk about it.
      meradudd
      • ok, Linux antivirus products exist so what access...

        That is fine but there are AV products out there for them, do they get kernel access? I see device drivers virus' are effecting all OS's now.

        Maybe MS is trying to plug the holes that have giving them so much trouble and these security firms are actually hendering these efforts.
        GScully
        • Sure they have access to it- the source is GPLed

          Although it would require a custom kernel they in fact do have the full source and permission to rewrite the kernel however they feel fit.

          Also the MAC OSX kernel is available under another free license called the APL- never heard of Darwin??

          BTW with device drivers... with Linux they all mostly contain kernel source code. This is why technically, legally it is impossible to create a closed source device driver.
          Edward Meyers
  • What It All Really Means

    "Kernel Patch Protection (KPP), also known as PatchGuard, is a new security measure introduced by Microsoft for the Windows Vista x64 operating system. Its goal is to prevent malware from replacing a part of Microsoft's core code with its own, thus exploiting the operating system."
    WHAT IT REALLY MEANS IS: End users will not be able to use the os for their own purposes.....they will be serving Mirosoft. Users won't be able to install or run ANY 3rd party apps that don't have Microsoft's "blessings" (for example a registry checker or editor). To sum it all up, Microsoft now has it sewed up tight so that no one can or cannot do anything unless Microsoft allows them to do or not to do it.
    IF THEY LOCK THE BAD GUYS OUT, THE GOOD GUYS WILL BE LOCKED OUT AS WELL (INCLUDING YOU). CAN'T YOU SEE THAT THEY CONSIDER YOU A "PIRATE" UNTIL YOU PROVE (WITH THEIR METHODS) THAT YOU ARE INNOCENT?
    All in the name of security!
    Tell you what, if you want to be secure that bad, I could lock you up in a 6X8 concrete room with no windows and gaurantee you that nobody would mess with you. All for the low, low price of $500 (or $35/month when my subscription becomes available).
    Sound anything like the kingdoms of old?
    HAIL MICROSOFT!
    HAIL GATES!
    LONG LIVE KING GATES!
    Ole Man
    • You've convinced me!

      Seriously, your logic is truly compelling! By giving you PatchGuard, something that prevents malware from accessing the code, you will apparently be "serving Microsoft." Yeah![/sarcasm]

      Oh wait, no, that argument is about as retardation-induced as the one called "Loose Change." Seriously, you could maybe make a case of Microsoft being monopolistic with the Vista licensing change, but you're just looking at every revision in Vista as a bad thing.

      You are the dumbest thing alive, Microsoft-hater.
      A_Pickle
      • We'll See

        Who is dumb and who is stupid when the time comes.
        Dumb can get an education, but stupid is hopeless.
        Ole Man
    • 3rd party AV's are ghouls and

      the minute I get Vista I'm kissing Trend goodbye and good riddence!
      workit9
  • Wha....???

    So David, you're saying that all those got-to-be-first-with-the-latest-so-we-look-good companies are this time going to throw in their past poor practices, listen to all the good sense here and elsewhere about Vista, and wait for the first service pack?

    My guess is that Vista uptake may be more sluggish than for past upgrades of the OS but that will be mostly in the consumer market. 70% of the PC market is still a huge market and MS will be a monopoly security vendor for a whole year. Do you think that those companies that have Vista can afford to wait or will they be forced to accept MS?

    So the other security companies will have to wait one year, then beta test their products with the new service pack. So let's see, isn't that about 18 months of a radical drop in their revenues?

    And when they do that, golly, after 18 months, all those companies that have switched are going to switch back? What would be a good guess? That about 20% of the clients that those companies did have will revert back immediately, and that after a couple of years it might be back to 70% of what they originally had?

    So it's going to take a couple of years for the security vendors to get the share of the market that they should have had on day 1.

    Don't get me wrong. I think Symantec and McAfee need a shake-up. But I don't want more of Microsoft's monopoly and more of the stagnation that has occurred with Office products in the very products that keep my computer safe.
    Langalibalene
  • Just like the early days of cars---

    If you could get them to run---you were there first!
    BALTHOR
  • Why so late?

    Why didn't McAfee and Symantec bring this up when 64bit XP shipped? Why didn't they bring it up over a year and a half ago when they started taking a look at early builds of Vista. Why do they only bring it up now when MS threatens thier marketshare? Nobody cared until OneCare went #2 in consumer AV sales in it's first month. Funny how MS cutting into thier cash cow makes them cry foul. I have no sympathy for McAfee or Symantec.
    erniescar99
    • You will be the one crying

      You Will be crying when Microsoft kernel protection updates do not keep pace with new threats and there is no one left to turn to but Microsoft.

      Microsoft has done more to destroy computer and software technology than it has ever contributed. Once Microsoft Kills off Symantec and other security vendors by incorporating yet more embedded applications in Windows, there will be no competition and Microsoft will let its Kernel protection slide into obsolescence.

      Microsoft is notorious for this practice. Look at MS Word and IE both of which have remained stagnant for years. Once MS killed of Word Perfect they had no real competition and as a result MS word has not improved one bit since Word 6.0. Sure MS added all sorts of useless bells and whistles that barely work, but basic functionality has not been improved in years. If anything its become far worse as user's are forced to deal with myriad of new useless features, code bloat and constant crashes not to mention macro Viruses.

      Now look at IE how many years did users have to suffer with a barley functional web browser. After MS Killed of Netscape MS no longer had any real competition and users of IE suffered. It wasn't until Firefox released a far superior product to compete with IE6 that Microsoft finally got off their asses and fixed IE.

      Competition Keeps MS on its toes and they don't like it. Microsoft has never killed of a competitor by releasing a superior product, They do it by embedding competing software directly in Windows and then making 3rd party apps incompatible by not releasing the full specifications to the API. Further more If MS cant kill off competition in that manner, they simply forcefully take over the company and put all its development in the trash or steal the code for future development.

      Keep supporting MS illegal business practices and pretty soon you will find yourself sending huge monthly checks to the one and only Software, ISP, and Entertainment company in the world, merely for the privilege of using their software and watching their entertainment content. You wont have much of a choice as they will be the only game in town.
      blaze1024
      • Your Message

        Is as one crying in the wilderness.
        The wild jackasses aint gonna listen. They will follow their master all the way to hades, or wherever he's going.
        Ole Man
  • RE: Brou-ha-ha erupts (over spilt milk) between Microsoft and security vendors

    The Best <a href="http://www.iphone-ringtonemaker.net"><b>iphone ringtone maker</b></a>, a smart iPhone ringtone creator and uploader, provides an all-in-one iPhone Ringtone custom solution.<a href="http://www.iphone-ringtonemaker.net/iphone-ringtone-maker-for-mac.htm">iPhone RingTone Maker for Mac</a>
    hwr