Vista vs the Security Vendors

Otherwise known as Vista vs the Selfish Security Vendors: Part Two

Here’s a follow-up to my earlier Vista vs the World post, where I noted I greatly preferred a stronger, more secure base OS, even if that inhibited some functionality for third-party security tools.

This morning, I came across the following post by Larry Seltzer of eWeek where he provides more background for the hypocrisy of both McAfee and Symantec(more the former than the latter) with regards to their Kernel Patching dispute.  This is clearly an example of the ISVs being focused on self-interest to the detriment of the customer that they’re alleging to provide value for.

The fact is that they’re only “losing” this functionality on the 64-bit versions of the OS, that the loss of this functionality for ALL code means that the OS is more resilient from many more forms of malware — particularly rootkits, and that they still have other viable mechanisms available such

And Microsoft’s stand-alone products are not going to be making use of kernel patching either, so they’re not going to gain any unfair advantage vs the competition.

This is just useless vendor whining, when they would be better served by producing a better product, at a better price.  The AV vendors should have nipped spyware in the bud years ago, but even though they already had agents on the desktop, and already dealt with a threat very similar in viruses, trojans, etc, they chose not to expend any useful energy on deal with spyware, until a massive cottage industry of antispyware tools exploded on the scene.  Why weren’t they thinking of the customer and innovation then?

BTW, I particularly like this response from a Microsoft employee

Update (06 Oct 2006): For more information on the Kernel PatchGuard functionality of 64-bit Windows, see this blog entry by Scott Field.

Update (08 Oct 2006): Here is an opinion on this same issue by Jesper Johansson, well regarded Security Professional, and former Senior Security Strategist at Microsoft.

Leave a Reply

Your email address will not be published. Required fields are marked *