Recently, Neowin has acquired some insider information stemming from a Windows One Care (WOC) beta chat. Below is a snippet of a question asked by a user:
What this means, is that its very likely that the development of the current Microsoft antispyware program will be dropped until it becomes integrated into Windows One Care. Due to the fact that Windows One Care will be subscription based, the Microsoft antispyware tool will no longer be free. Users will be required to pay annually to use Microsoft's Anti-Spyware tool along with some other Helpful Windows tools.
Additional Information:
Screenshot: One Care Beta Chat
View: Windows One Care Live site
| QUOTE | |
|
What this means, is that its very likely that the development of the current Microsoft antispyware program will be dropped until it becomes integrated into Windows One Care. Due to the fact that Windows One Care will be subscription based, the Microsoft antispyware tool will no longer be free. Users will be required to pay annually to use Microsoft's Anti-Spyware tool along with some other Helpful Windows tools.
Additional Information:
Screenshot: One Care Beta Chat View: Windows One Care Live site
Neowin ed - welcome Anthony to the neowin news team!
IMO, the only reason I can see why they would change this is if there's pressure from competitors and regulators that don't want to see MS releasing a free product that competes with pay products.
Doesn't make sense. There are many free ones available. Spybot and AdAware come to mind among others.
Also, it's not that's free that would be the problem.
The problem would be that it's free and from Microsoft, and could be interpreted by some as an attempt to use its dominance of one market to affect another.
Which is unfortunate, because making Microsoft charge for AntiSpyware would be very bad for consumers. Basically you'd be saying that Microsoft can't fix problems with Windows if others are making money off of those problems.
If Linux was the dominant OS, we wouldn't have these large security problems. Norton, mcafee, lavasoft, etc. are all profiting from microsoft's crappy security.
Also, if Linux was as big as Windows, and when viruses and spyware are in the wild for it, I'm sure the open source community would have issues fixed faster than Microsoft could.
Please look on page 3 of Nick Petreley's security analysis.
I do agree with the rest of your post. A lower marketshare OS is not as profitable of a target as Microsoft's Windows is (with 90-something percent of the market)
Thank you for that.
From what I've seen, vulnerabilities have followed the pattern exactly. See here: http://www.eweek.com/article2/0,1759,1666134,00.asp.
Also, have a visit to www.securityfocus.com/vulnerabilities/ to look at alerts for IIS6 and Apache v2.0. Apache seems to have more vulnerabilities, and more market share.
Let me refer you back to the document I linked-to above, and please read the section on the problem with using a "single metric" (like your number of vunerabilites example) to base a conclusion. It starts on page 5. Plus, the point wasn't on the "number of vunerabilities", it was on malware & exploits.
Fedora Linux has low market share, yet more vunerabilites than XP with an astounding lead in the market. Yet, Fedora has no open advisories of any sort, according to Secunia and XP is rated "highly critical". Regardless of what your stance is on how Secunia may rate these things, you have to admit that market share has no relationship to the number of vunerabilites, nor to the severity or time to fix them.
ook at the overall picture, and stop the focus on a single item. I don't care if my FC3 has had 132 advisories in under a year. They have all been patched, and none of them received Secunia's highest 'Criticality' rating.
Now, what was the point your link was trying to make? That there are IIS servers not counted in the Netcraft survey? I'll bet the same logic would apply to Apache servers, as well.
Last edited by 36818 on 11 Aug 2005 - 16:38
I'll admit I did confuse vulnerabilities with malware at first. Based on malware, yes IIS has had more problems in the past. With my link, I tried to establish that with IIS6 those problems have largely went away while Apache still has problems. Neither are really getting hit by worms anymore, however Apache is having more vulnerabilities which could possibly lead to them (based on SecurityFocus). I'm not saying one is better than the other, nor that one platform is better than the other. I just don't see the myth being broken by the IIS/Apache example.
I'll also concede that while market share doesn't directly affect vulnerabilities, I think it does influence others to look for problems in that particular product. Bad code is bad code in any program by any vendor, but I think it's more likely to be found in a popular one.
Also I could do without your sighs.
As for IIS6, yes Microsoft seems to have done an excellent job this time around. It has been long needed (like how XP SP2 has improved security for home users).
My point in this thread has always been to refute the claim that marketshare and vulnerabilities and malware were all proportional.
Are you a lawyer? Have you studied the intracacies of the consent decree? Somehow, I doubt it.
http://bink.nu/Article4686.bink
Will Neowin post a correction please?
Microsoft's statement is not very clear to make a concrete judgement.
Too early to say what is the final plan will be.
BTW, I was one of the users who filed a bug that Anti-Spyware is not part of OneCare beta.
I'm interested to know because, as of now, I recommend MS-AS to my friends and family since it's one of the easiest to use.
Well, as the quote says, there are plans to incorporate it in OneCare, so if they do this, I doubt they'll concurrently develop and support two packages covering the same ground. Sounds pretty redundant to me.
i agree, untill its official on their site its anybodys guess. They could offer a lite version down the road.
What, me worry?
It all makes sense now.
I think these people deserve to be profited upon with such a product.
Anyway, its not like Antivirus and antispyware DIDNOT exist before MS started making one. So I guess Norton and McAffee should be part of your theory too.
For computer literate people like you and me clicking dialer.exe or double clicking xmas_lights_anim.vbs is clearly stupid, but how is the average users supposed to know that it could harm your computer?
I work as a computer repair technician and the most common problem I see is spyware/adware/viruses, due to the many many many holes in Internet Explorer. The average, everyday computer user doesn't know about these holes and why they shouldn't be using Internet Explorer. Norton and McAffae aren't responsible for these problems, they have a right to charge for their products.
It's no different than creating a plague that infects millions and then sellling the cure.
I know i'm not alone when I say that I believe Microsoft is responsible for these security problems - THEY should be the ones paying to fix them, NOT us. Bill Gates did mention that AntiSpyware would be free when released, didn't he?
And besides, it's not like Microsoft is running low on money.
i work in an IT department. part of me is always astounded at the stupidity of users, the other part of me is glad, it pays my mortgage and keeps me fed.
microsoft realise there's two ways to 'fix' the current state of windows security. for the current release of windows invest in the age old firewalling, malware-checking. for the next release of windows look at changing the security / user model to prevent harm when a user clicks on I_will_delete_your_life.com. It would be too expensive, too time consuming, and too late for microsoft to look at re-coding the entire security model this late in windows XP's lifecycle
I'll tell you a little story real quick. I went out on a nearby lake with a buddy of mine and his family in May. We hopped on some jetskis to get the refueled before the docks closed, and I didn't put on a lifejacket. I just didn't think about it. It can't be against the law since I'm only endangering myself, right? Wrong. I was pulled over and written a ticket.
We all have out areas of expertise, and you should not fault others for not being Windows specialists. I can remove malware with the best of them, but I had no clue there was a law saying you have to wear a lifejacket on a jetski. Did I deserve that ticket merely because I was ignorant of the effect of my choice?
It isn't a perfect analogy, but my point is don't be so quick to judge others based on their actions.
1) charge money for operating system that has flaws in it allowing malware and spyware to be installed without the users consent. profit.
2) create 'free' tool that will fix this. take a coffee break.
3) charge for previously free tool. profit.
See my above post about people being the main entry point for exploits and such. I don't have an A/V or anti spyware, I have XP and have NO virus or spyware of any kind.
So there ya go
I cleaned out an infected PC yesterday. I ran spybot and removed everything. adaware and removed everything. I ran ms antispyware and it still found things! these things aren't perfect.
then kill bill for all the broken promises he did... just like those politicians.
@ all the MS Antispyware haters...
are you flaming MS antispyware because it can't run on your machine?
i mean, in a way, IF it were possible for Microsoft to secure Windows to the point that Antispyware tools aren't needed. do you think they would do it? if it meant losing the revenue from the Antispyware line....
this is kinda like selling an adicting drug and a cure for the drug at the same time, i guess. by keeping both forms of revenue going. you make twice the money lol
I couldn't agree more. Bad move MS!
I really don't want to have to go back to any of them other crappy antispyware programs after using the best there is for so long now.
I sell computers for a living and I know for a fact that users aren't educated, they have every tool and resource to learn about them at their fingertips but they opt not to use them...they are in fact lazy and too stupid to care about the proper use and mantainance of their PCs.
I would say 90% of my customers come in and buy a new computer because their old one was so virus and spyware ridden it wouldn't even boot Windows. I will grant the argument that Windows is buggy. Then again how many millions lines of code is there...as long as anything is made by humans it will be imperfect and have flaws.
MS has really stepped up to the plate and made a concerted effort to fix their flaws. Critical updates will still be free, and that is all most people really need. However, if Microsoft can make a buck off of the stupid users out there in the process...hell, why not? This is America the Land of Capitalism.
In fact I'll use WOC (I'm testing it) instead of Norton (a good AV, but a resource hog) most likely from now on. I only hope that MS sells it retail so I can make a buck off of installing it on stupid user's hard drives.
Have you ever thought that they don't have time? They aren't technology inclined like we are. They are doctors, appraisers, landscapers, etc. How many years did it take you to learn what you know now? Now try to squeeze all of that into the schedule of the average computer user. Why are you complaining? These are the same users that put food on your table.
True, but most will try to get help first. They aren't as stupid as most computer literates make them out to be.
Sure, there are flaws in Windows, but it is far from "buggy." I've never heard of someone not being able to boot into Windows because Windows is too buggy. It's normally because of something done by the unsuspecting user.
And how many computer illiterate users do you think will buy OneCare? Maybe 10%? This isn't targetting the majority of users.
You seem to speak sarcastically, yet...
Do I sense a little hypocrisy?
-d
1) free - antispyware / basic firewall
2) subscription - free +full firewall + antivirus + system tuneup
just my impression after using oneCare beta for the last week.
If Microsoft makes AntiSpyware free, they are just asking for more lawsuits.
Now antivirus is another matter. it's untested terrain and there is a lot of big players in that field. Making a package like onecare containing and antivirus tool free and integrated in windows would most likely result on lawsuit.
As for the "anti-MS n00bs STFU now" .... errr right .... Anyway
I don't know what you all have praising ms antispyware... it didn't impress me much. but it would seem i'm spyware free so well i cannot judge of it's detection quality. Still it's really easy to use. Idiot proof really. Now if all antivirus and antisyware where that way ......