Zone Labs CEO: Microsoft's OneCare will not stomp us out

Zone Labs CEO: Microsoft's OneCare will not stomp us out

Summary: It has happened so many times before and now the question is whether it will happen again.  In the past, when Microsoft has decided to provide the same utility around which a cottage industry has formed, the cottage industry subsequently vanished.

SHARE:
TOPICS: Security
25

Download this PodcastIt has happened so many times before and now the question is whether it will happen again.  In the past, when Microsoft has decided to provide the same utility around which a cottage industry has formed, the cottage industry subsequently vanished.  Such was the case with memory managers.  Such was the case with disk drive compression.  Microsoft officially enters the subscription-based anti-malware business when it roles out its OneCare service at the end of this year. What impact -- if any -- will the move have on vendors like Zone Labs, Symantec, McAfee, Webroot, Tenebril and others -- all of which are in that same business of protecting PCs from malware by regularly issuing the sort of information that PCs need in order to spot malicious software? 

Comments on the news by ZDNet's audience members appear to be zeroing in on at least two major themes.  First, given Microsoft's track record when it comes to securing Windows, users are asking whether or not the company can succeed in such categories as anti-spyware and anti-malware.  Second, readers are complaining of the gall that any software company has in selling an insecure product, and then charging for the solution that might secure it. 

But there's another point of view on these issues.   For example, if Microsoft gave away OneCare for free, or if it takes advantage of its dominance in desktop and notebook computers to promote the service in ways that other anti-malware cannot, the entire desktop security software sector might go running to the trustbusters.  By charging for the service, Microsoft keeps itself on an equal playing field with the rest of the solution providers and is therefore playing fair.  The same could be said of the fact that the service isn't built into the operating system.  At least not yet.  It remains to be seen how or if the service will appear in Longhorn (the next version of Windows) when it ships.

Gregor Freund, for one, isn't worried.  In my interview with the CEO of anti-malware solution provider Zone Labs (available as an MP3 that can be downloaded or, if you’re already subscribed to ZDNet’s IT Matters series of audio podcasts, it will show up on your system or MP3 player automatically. See ZDNet’s podcasts: How to tune in), Freund talks about why Microsoft will never be able to secure Windows as effectively as can a developer that's dedicated to security.  Freund also takes issue with my assertion (see The missing glue in the fight against malware) that no single vendor can successfully build a whitelist of applications that should be given a hall pass with the anti-malware products.  He says Zone Labs has done just that, and goes on to say that, compared to the infrastructure Zone has in place, companies like Symantec simply can't scale or compete.  

But, in the same breath, Freund says that if the various vendors want to form a consortium for building the ultimate database of legitimate applications and what they're expected behaviors are, he's all for it.  I think this is the way to go.  Not only does a single database make it easier on vendors who, in order to get the necessary "hall passes," would have no choice but to submit the details on their software (component names, expected behaviors, etc.), it can also include the expected behaviors of Web pages. For example, now that Web sites are getting hacked, if a certain Web page tries to redirect your browser to a place it shouldn't be going and that redirection doesn't match the expected behavior (according to the Web site publisher), then the redirection wouldn't be permitted.

Should we demand more cooperation amongst security solution providers?  Will Microsoft's OneCare snuff the lights out of Zone, Webroot, Tenebril, and the rest?  Listen to the interview and Talkback below. 

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion
  • Translation: Because we know MS is highly incompetent.

    It still amazes be the sheer arogance Microsoft has for charging to fix their flaws.

    Oh well.. at least the rest of the world is on to them!
    Xunil_Sierutuf
    • Doesn't matter

      Even if Windows WanKer is a worthless product, MS will use it to shoehorn other competitive advantages. Other articles point to this as aimed towards licensing (sign up or you don't get updates) rather than the oxymoron of Windows security.
      jmervyn
  • fox guarding the henhouse

    if all you are bent on is world domination, then the microsoft solution is fantastic. Maybe we can offshore all the tech jobs so that the US can become a big theme park for all our new "allies"
    pesky_z
  • Basic lack of understanding of antitrust legislation

    "But there?s another point of view on these issues.? For
    example, if Microsoft gave away OneCare for free, or if it
    takes advantage of it?s dominance in desktop and notebook
    computers to promote the service in ways that other anti-
    malware cannot, the entire desktop security software sector
    might go running to the trustbusters."

    Price doesn't have anything to do with it. MS wasn't in
    trouble for a free IE, it was in trouble because they bundled
    it to destroy Netscape which they saw as a threat to the
    WIN32 API barrier of entry used to maintain its monopoly.

    MS wasn't in trouble for a free WMP, but that its inclusion
    skewed future competition in digital entertainment.

    MS wasn't in trouble for its workgroup protocol because
    they charge for windows and windows server, but because
    they deliberately prevented others from being able to offer
    workable alternatives (eg Novell).

    It was found TO HAVE ILLEGALLY ABUSED its position in
    these markets. MS could supply OneCare for free, and they
    should, or at the very least improve their OS.

    "By charging for the service, Microsoft keeps itself on an
    equal playing field with the rest of the solution providers
    and is therefore playing fair."

    No, it's not an even playing field and never will be
    regardless of what MS charges. MS has much greater
    access to windows consumers than any other company
    could ever dream of.

    Defend MS charging for OneCare if you like, but please
    don't use antitrust as an excuse. The reasons are GREED,
    and that they can.
    Richard Flude
    • Take a sniff of reality for a minute...

      [i]"But there?s another point of view on these issues. For example, if Microsoft gave away OneCare for free, or if it takes advantage of it?s dominance in desktop and notebook computers to promote the service in ways that other anti-
      malware cannot, the entire desktop security software sector might go running to the trustbusters."[/i]

      So, if MS gave this away it would be deemed to be bad. Ok, but:

      [i]"Defend MS charging for OneCare if you like, but please don't use antitrust as an excuse. The reasons are GREED, and that they can.[/i]

      So if MS charge for this it is deemed to be bad again.

      I'm noticing a trend here. Let me summarise:

      [i]"Whatever Microsoft does shall be deemed as bad."[/i]

      So what is it? Do they:

      a) Charge and be accused of greed, or
      b) Don't charge and be accused of anti-trust

      Talk about hard-to-please audience....
      Scrat
      • Microsoft should neither charge nor give it away...

        They should fix their operating system instead of creating a new service to mask their incompetence at designing and developing operating systems and applications.
        jmarinis
      • Option C

        Microsoft should neither charge or make this service free. They should scrap this OneCare initiative, leave this area to a more dedicated third party with greater skil and experience, and avoid all the problems they'll create by taking this on themselves. Take any effort they throw at this service, and put it towards making their software more secure from the start. They're the only ones in the position to get rid of vulnerabilities from the get-go which saves countless hours trying to fix it after the fact, and if they want to do consumers a favour, they should focus there.
        bobbled
        • Option D

          I think a change of attitude is in order! Entering my 'puter is the same as entering my house and should be treated as any thief!! This "spyware" should be illegal PERIOD!!
          Plan and simple
          schlicht@...
    • Basic lack of understanding of antitrust legislation

      This poster is right. The article mentions several companies that I've not heard of, so I'm sure that Mr. and Mrs. home pc user don't know them either. Microsoft doesn't even have a product yet, but ma and pa pc user already know that Bill's going to make their computer safe to use. Call that brand awareness, or call it fame, it doesn't matter because to compete with Microsoft you have to spend big $$ just to get your name out there and all Bill has to do is bundle the unregistered version of the product you are competing with into the OS installation package.

      You have to have the OS install pack, but you don't have to have a CD from some company that is selling some software that you never heard of.

      Bill is using this, always has. Even if his OneCare is a pay service, Bill still has the upper hand until he is forced to bundle competitors software with every product he ships to users for free.

      If the OS disk comes with IE, it should also have Firefox etc.
      If the OS disk comes with WMP, it should also come with a version of Realplayer and Quicktime etc.
      And on and on... This is the only way that Bill can be seen as competing fairly. Well, he could just not ship those for free, so that users will have to download or buy a CD for all those products, causing them to think what they are spending their money on, not just using what they get for free.
      zappepcs
    • Greed is what drives business

      I'm sorry, but GREED is what drives big business. Bill Gates is no more greedy than Steve Jobs or J.P. Morgan.
      bammike
  • Whitelist endangers IP rights.

    The whitelist idea sounds like a good one. However, being forced to turn over the behaviors of all your dlls, exes and web pages would severely endanger one's copy-rights. It wouldn't take much for a person to reverse engineer the software knowing all that. Granted it doesn't take much now, but why make it easier?
    Also, most companies would not want to spend the money to have people generate the required documentation. I'm not sure I'd like to be on the receiving end of millions of corrections a day from web sites all over the planet. I'm also not comfortable with the bandwith needed to update that database every day, or every few hours.
    Zorched
  • Microsoft's OneCare Service

    Again, Microsoft comes to the table long after other companies and private parties have created and maintained applications that do things their products don't do.

    I don't believe it will be good for Microsoft or any Microsoft product user that has to "Pay" to fix the problems that Microsoft products inherently have.

    Perhaps Microsoft should spend more TIME and less MONEY in getting their products BUG PROOF.
    Evisscerator
    • For Every action there is an equal and opposite HACKER reaction

      Why is it that Microsoft gets blasted for the actions of the scum of the computer world. Following the logic used by people like Eviscerator, GM should be held liable for every car that has ever been stolen that did not have OnStar service installed.
      If I own a company that manufactures door locks I would not expect to be blamed if a burglar kicked in a door, or even picked the lock. I would do exactly what Microsoft is publicly attempting to, review the data on how my product was compromised and attempt to develop a more secure product. I would do this not only to better serve my customers, but if I don't my completers will.
      I don't blame Microsoft for the majority of their "security flaws". I blame the hackers and scumware developers out there for being themselves. I actually applaud Microsoft and every other company legitimately attempting to make the computer using experience safer, easier, and more productive.
      bsmith@...
  • Microsoft's OneCare

    So Microsoft leaves huge holes in its products so it can later build what should have been in the product in the first place? Then Gates has the audacity to charge for the fix. I don't think so!!! I'll stick with the third party suppliers who are "really" looking out for the end users. I have already quit using the buggy "Internet Explorer" and am in the process of resigning from the "Outlook Express" club. Of course MS (Multiple Screwups) has made it impossible to take them off my machine and the courts stupidly allowed it. So as long as I keep using Windows I'm stuck with their bugs. Thank God for products like ZoneAlarm, Spybot, and AdAware.
    rcooper
  • Business 101, anybody?

    I get sick and tired of all the negativism regarding Microsoft every time they do something to improve/patch/fix Windows! Lesson #1, nobody is perfect! Not any individual, not any business! So quit complaining when the biggest, most widely used software company in the world comes up with a way to make things better for anyone using their systems. Then they might want to charge for it? Duh! They are a business, and they have lots of stockholders who expect them to operate like a business. That means making a profit for products/services rendered. This isn't like free security patches/updates. This is for protection against viruses and spyware. To me, this is like buying new tires, and then purchasing the road hazard add-on. It's not covered by the tire warranty because it's something beyond the manufacturer's control. Also, there is no evidence that MS will roll security patches/updates into this subscription service. That rumor only exists because it makes it easier to bash MS rather than deal in facts. Ya know, I read through these talkbacks, and it just amazes me... "MS should just make their product secure!" "It's MS's fault the problems exist in the first place!" Blah, Blah, Blah! Just so were on the same page here, you want a product from Microsoft that will fix every past, present and future security hole, right? You guys want them to fix the exploits that no one has found yet? If that's the case, then let's hold everyone up to that standard! I want virus software that will protect against every virus that could EVER be written! How is that any different? Sheesh, do any of you actually work for a company that develops and sells software? I suppose it's all at version 1.0 because you got it absolutely right the first time, right? Sheesh...
    If MS wants to charge for virus/malware protection then fine, let them. I don't believe for a second they will drive McAfee or Norton's out of business. Those companies have been around almost as long as Microsoft, and their products are a familar sight on the shelves of our software stores. To a lesser extent, the same goes for Zone Labs and Sunbelt. There may be other smaller companies that could suffer or even go out of business, but competition is the lifeblood of our economy.
    Swinky
    • How about Economics 100

      swinky: "There may be other smaller companies that could suffer or even go out of business, but competition is the lifeblood of our economy."

      Quite so. Now here's your Economics 100 question: what is the effect of (and, indeed, the whole motivation for creating) an unregulated monopoly in any market?

      Can you say "the elimination of competition"?

      More to the point, did you even READ the article to which you were responding? Did you miss this part?:

      "In the past, when Microsoft has decided to provide the same utility around which a cottage industry has formed, the cottage industry subsequently vanished."

      It's the lack of a proper edjumacation system in the country these days, I tell ya....
      the_doge
      • Here we go again...

        swinky: "There may be other smaller companies that could suffer or even go out of business, but competition is the lifeblood of our economy."

        the_doge: "Quite so. Now here's your Economics 100 question: what is the effect of (and, indeed, the whole motivation for creating) an unregulated monopoly in any market?

        Can you say "the elimination of competition"?"

        Prove to me this is an attempt to create an unregulated monopoly. Once again, I'm amazed at how many anti-trust experts are here on these boards instead of working for the government to bring down big bad Microsoft!

        the_doge:"More to the point, did you even READ the article to which you were responding? Did you miss this part?:

        "In the past, when Microsoft has decided to provide the same utility around which a cottage industry has formed, the cottage industry subsequently vanished.""

        Yes I read the article, and I'm even able to use a quote and not take it out of context like you did. I believe you forgot "Such was the case with memory managers. Such was the case with disk drive compression." Pretty obscure references that haven't had any meaning since MS-DOS 6.xx and Windows 3.11. But hey, I guess you gotta get your punches in where you can. When was the last time you heard someone mourning the loss of DoubleSpace and QEMM?

        the_doge:"It's the lack of a proper edjumacation system in the country these days, I tell ya...."

        Personal attacks seem kind of juvenile, but if that's all you've got going for you, then fire away!
        Swinky
  • Microsoft OneCare? Are you kidding me?

    If Windows and Explorer were designed with security in mind, all of us wouldn't be spending a fortune securing our networks. There is no way that I would trust Microsoft to provide my company with security services until they demonstrate that they can build secured systems. Every critical alert just distances us further away from MS security solutions.
    GaryS_z
  • Microsoft will open new avenues of proliferation

    The first thing that will happen is the hackers will attack through channels left open by MS OneCare.
    support@...
  • as if windows and IE are not slow enough already you want to put a database

    lookup on every web browser click.

    that is not acceptable.

    we need the ISP's to take some responsibility here and stop that junk before it gets to the user.

    i know that's the big 'R' word that nobody likes to admit to. but it's true. the ISP has to bear some measure of responsibility for allowing this stuff just as a reporter has to bear some for shouting something from the rooftops that ends up getting people killed.

    if it takes a neighborhood to raise a child then it's gonna take everybody pulling together to stop unscupulous marketers.

    yo.
    wessonjoe