Security solution provider Agnitum claims that Microsoft's kernel patch protection will shut out competing products unless competitors resort to hacker tactics.
In an article posted to the company's Web site, Agnitum said that because of the way Microsoft designed its kernel patch protection "it will be more complicated for third-party security software companies to install and maintain their software on Windows PCs. In some circumstances, kernel patch protection may even block the installation of third-party security software."
The brunt of the complaint centres around the way some vendors hook into the kernel in order to gain enough control to defend the system against attacks. Agnitum said in order to protect a system developers sometimes resort to patching the kernel. Such a patch might involve changing a service number in the system's Service Dispatch Table so that it points to third-party code. Then when that particular service is called by a program the third-party code is invoked instead of the original kernel code.
Read the full article: winsupersite.com
In an article posted to the company's Web site, Agnitum said that because of the way Microsoft designed its kernel patch protection "it will be more complicated for third-party security software companies to install and maintain their software on Windows PCs. In some circumstances, kernel patch protection may even block the installation of third-party security software."
The brunt of the complaint centres around the way some vendors hook into the kernel in order to gain enough control to defend the system against attacks. Agnitum said in order to protect a system developers sometimes resort to patching the kernel. Such a patch might involve changing a service number in the system's Service Dispatch Table so that it points to third-party code. Then when that particular service is called by a program the third-party code is invoked instead of the original kernel code.
Read the full article: winsupersite.comBut that method of hooking into the lower levels of the operating system won't be possible with the new kernel patch protection, which will be a standard feature of Windows Vista and the upcoming Longhorn server operating systems. Kernel patch protection was introduced with the release of Windows Server 2003 Service Pack 1 for x64 platforms and Windows XP x64 Edition.
In closing its article Agnitum said that "Under Microsoft's proposed solution [of using its published APIs], a rootkit that could previously be detected by and remedied with anti-virus software will now cause the [system to crash]. The same result will occur after installation of security software that is not compatible with kernel patch protection technology. [We] believe this move by Microsoft is designed to force users to rely on Microsoft and only Microsoft for Windows security, removing the option to use third-party security solutions that, if past experience is anything to go by, are likely to be more robust and provide better protection than Microsoft offerings."
Further, there are supported methods of registry/file hooking. Using the CmRegisterCallback function, it is possible to hide registry keys. Using file system filters, it is possible to hide files.
Until I hear something from vendors like ESET or Kaspersky, both of whom really know what they're doing, I support Microsoft's decision.
Making a more secure Windows benefits the user and not the 3rd party app provider.
Most providers THRIVE on Windows's lack of security.
Now...they may actually have to work for their money.
Outpost is actually one of if not the best firewalls out there. I dont agree with their stance here but they are a company that knows how to make a good program.
I agree. These companies make their money off Microsoft's past mistakes in security, they're just annoyed that they're not needed as much in Vista as they are in other Windows versions.
In any case, are they known for their antivirus? No.
And if a firewall needs to get into lower levels to do its job, then that's going over the top.
No, that is due to the seperation of user and system services; Norton Anti-virus assume that the system services and user exist in the same account, where as in Vista, they've seperated it and lowered the permissions on the default accounts created.
What you need is an anti-virus which is Windows Vista compatible, and recognises those changes which Microsoft has made; I'd say you won't start to see it being released until around 2007, slightly before the release of Windows Vista.
avg works in vista
unless there going to take away options like personal firewalls.
They have been hacking into the kernal themselves from a long time, & they say Windows is less secure
Now when MS is making the product secure, which will actully make the need of NAV & other antivirus apps low, they are crying that MS is killing bussines
can't they simply talk to MS, & find other method to do so, cos seems now they must have to make good product, cos people will be safe without buying anything too
Really, do you expect us to believe that after vista launches you will not have a security product that is compatible with it. And also even Symantec seems to claim that their security suite provides better protection than microsoft's offerings, but every year they seem to get worse and worse.
Basically, I think this is trying to hide the fact that they don't like having a microsoft security product, that is actually very good, competing with them...
Really, do you expect us to believe that after vista launches you will not have a security product that is compatible with it. And also even Symantec seems to claim that their security suite provides better protection than microsoft's offerings, but every year they seem to get worse and worse.
Basically, I think this is trying to hide the fact that they don't like having a microsoft security product, that is actually very good, competing with them...
Or the fact that every security and anti-virus product I've ever ran on Windows has caused applications to fail to install properly, destablised Windows, slow game performance down to 386 speeds, slow down internet surfing (can't work out how the hell that happened, but it did) and slowed down the boot up time.
I can't possible think of *one* positive thing that these security people bring to Windows; having kept my Windows XP Pro installation up to date, I don't download and run application from dodgy locations, I've yet to experience viruses and the likes.
I can't possible think of *one* positive thing that these security people bring to Windows; having kept my Windows XP Pro installation up to date, I don't download and run application from dodgy locations, I've yet to experience viruses and the likes.
Have you only tried McAfee and Norton? AVG has some performance hits as well. If you tried a good AV you would see that's not how it is. I use NOD32 and my gaming performance is as good as if I didn't even have it running. My internet surfing is just fine and my boot up time has taken little to no hit because of it. Oh, and Windows is as stable as ever, and I have no application installation problems AT ALL.
Get yourself a good product and you'll see that doesn't happen.
I can't possible think of *one* positive thing that these security people bring to Windows; having kept my Windows XP Pro installation up to date, I don't download and run application from dodgy locations, I've yet to experience viruses and the likes.
Have you only tried McAfee and Norton? AVG has some performance hits as well. If you tried a good AV you would see that's not how it is. I use NOD32 and my gaming performance is as good as if I didn't even have it running. My internet surfing is just fine and my boot up time has taken little to no hit because of it. Oh, and Windows is as stable as ever, and I have no application installation problems AT ALL.
Get yourself a good product and you'll see that doesn't happen.
This was on a Dell P4 3.2Ghz, Windows XP Professional, 512MB RAM; I tried Norton Security Suite which caused all sorts of problems when running applications, and the constant popups when trying to access a site, or loading up applications that connect to the net; I also gave McAfee and Kaspersky a go; sorry, they're as crap as Norton.
To use an anology; I'd rather get f*cked bareback and ask the guy to pull out, rather than using something that makes the experience completely unworkable (I do use condoms, but this is just an analogy for argument sake).
I can't possible think of *one* positive thing that these security people bring to Windows; having kept my Windows XP Pro installation up to date, I don't download and run application from dodgy locations, I've yet to experience viruses and the likes.
Have you only tried McAfee and Norton? AVG has some performance hits as well. If you tried a good AV you would see that's not how it is. I use NOD32 and my gaming performance is as good as if I didn't even have it running. My internet surfing is just fine and my boot up time has taken little to no hit because of it. Oh, and Windows is as stable as ever, and I have no application installation problems AT ALL.
Get yourself a good product and you'll see that doesn't happen.
I beg to differ. I'm currently running NOD32 as it seems to be the most performance friendly AV. However it has it's problems too - i notice a significant increased windows boot time (time for desktop to become usable), and significant performance degradation with Outlook. When processing hundreds of emails (eg. move from one folder to another), NOD32 crashes. Full Windows restart seems to be the only real solution, unless i turn off email scanning.
Hence making windows secure from the core is a lot better than making windows secure from applications.
Vista is a very big step forward in terms of security, and its blatently obvious to everyone here that they can't handle it. Security suites were made because there was a need. Now, the need is lessened, so the solutions are not as popular. That said, many people not knowing just how far Vista is actually protecting them, will probably buy security suites anyway.
Really, the biggest gateway to malware is IE. IE in Vista runs in Protected Mode, which basically means it can't modify or execute anything without your permission first. How on Earth do you get around that? I would call Protected Mode an ingenious an apparently watertight way of sealing Vista. But then, there are many other security improvements which complement it.
Also how much reliable its microsoft security its?, i think that they still have a lot of work to do.
As a eset and agnitum user, i tried microsoft one care solution i dont see how much better its microsoft doing to protect us so far the only good thing so far its windows defender.
Also how much reliable its microsoft security its?, i think that they still have a lot of work to do.
As a eset and agnitum user, i tried microsoft one care solution i dont see how much better its microsoft doing to protect us so far the only good thing so far its windows defender.
Most people stopped reading after you put M$. grow up.
no you stopped, you are the one who need to grow up
so he used the $ symbol, omfg the end of the world is near -_-, if he had trolled or something you would have had a valid point
I'd link to the PA comic that shows my sentiments exactly... if I bothered.
Guess what? Because of that quote, you are NEVER allowed to be seen complaining about Windows security holes EVER again. You basically just said it's a bad thing for MS to fix their security holes. Good job.
-Spenser
Guess what? Because of that quote, you are NEVER allowed to be seen complaining about Windows security holes EVER again. You basically just said it's a bad thing for MS to fix their security holes. Good job.
-Spenser
LOL; true, true; I'll put money on it, if Microsoft made their operating system 100% secure, stable and reliable, there would be whiners, fanboys and paid shills complaining that this 'perfect operating system' has put them out of business! Shock bloody horror, a good quality product!
Here is a suggestion, maybe these companies should invest some money into producing products that provide features which people want and improve productivity rather than relying on the failings of another company to justify a product range.
Guess what? Because of that quote, you are NEVER allowed to be seen complaining about Windows security holes EVER again. You basically just said it's a bad thing for MS to fix their security holes. Good job.
-Spenser
LOL; true, true; I'll put money on it, if Microsoft made their operating system 100% secure, stable and reliable, there would be whiners, fanboys and paid shills complaining that this 'perfect operating system' has put them out of business! Shock bloody horror, a good quality product!
Here is a suggestion, maybe these companies should invest some money into producing products that provide features which people want and improve productivity rather than relying on the failings of another company to justify a product range.
Also they want to instill a fake sense of security and trust, by telling you to "trust" the windows firewall, to "trust" using internet explorer... among other things.... and IE will NEVER beat firefox in security and configurability, etc..... IE is the windows ME of browsers! and you all know how that sorry ass excuse of an OS ended up! And they want you to trust them with thier current insecure reputation and thier current flop of an OS that isnt even out yet, vista...... They put on the flashy interface soley to sell it and nothing more. Like those supermodels out there, what lies beneath the beautiful exterior lies a disturbed and ugly interior. It's all airbrushing and smoke and mirrors. Vista is going to be like this. How could we trust them after the major security faults they have had all this time? They have a centrallized method of messing with windows systems today imagine what they can do tomorrow! Thye will build more "protective" crap into windows that will spy on us and take away our freedoms. I know it will.
Last edited by japanesetea on 31 Jul 2006 - 04:02
Silly.... They stop kernel patching and you liken this to controlling what web sites we can go to? An API should have been there from day one, and all users should rejoice in this stance. And while Im at it, you criticize ms guis and then champion those dreadful security center tools? Come on.
-d
So u r saying that, the interface many of the MS apps have are not made for power users? then I wonder why we see windows classic interface, still running on most of the workstation out then.
Vista experience is sad, have u even tried it
MS is not shutting down competition, these 3rd party companies are freaked out cos now with Vista, no one will actually need their product that much, & with all the automatic updating & other security enhancement, Vista is already pretty secure. But, nothing can be so secure, sure there will be viruses for vista there is no denying it
& what u saying means, that MS should not secure their OS, & let the third party vendors do it for them? they never stop u from using whatever application u want, & even adobe, Autodesk applications also come in the trusted category in Windows
One thing, which OS R U using, Windows? I dare u to switch to any other OS, Linux Mac or anything else, first stop using windows itself, and then blame MS
I think I see a future lawsuit
Symantec, Mcafee, kaspersky & many other such security brands suing Microsoft, the reason "U cannot make your OS secure, it has to be insecure. U cannot make it secure for the average joe out there, else no one will buy our product, which kills competition "
Last edited by gxsaurav on 31 Jul 2006 - 05:38
The funny thing is that once you make the switch, you don't bother whining anymore. You just laugh at all those poor MS-owned souls and enjoy your life.
The funny thing is that once you make the switch, you don't bother whining anymore. You just laugh at all those poor MS-owned souls and enjoy your life.
Interesting, so rather than hearing Windows users moan about problems, you hear Linux users moan about the crap quality ATI and Nvidia drivers, and the fact that they don't work properly with their distribution, then moan and bitch because none of the big commercial software companies and games providers won't provide the latest and greatest games for their said platform.
Sorry, I've lived in the UNIX camp, and sure, its a great operating system for the server or very specialised uses, but for mainstream desktop use, nothing can beat Microsoft Windows or Apple MacOS X - they've got their faults, but for the vast majority, they "just work"™
and what if someone cracks this!!! then what
Why would a person need a commercial security product with Linux, like Windows, a firewall, spam protection etc is already provided with most distributions as standard; infact, during installation of Fedora, you are asked what level of protection you require from the firewall (IIRC it uses IPFilters) and SELinux.
But its nice to see that MS has really taken security into thought and that it's stopping most kernal exploits
Microsoft is innovating it's operating system. Maybe these security companies should look that word up and give it a try before they complain or launch baseless lawsuits in pursuit of some quick cash.
I'm with Agnitum on this one. If Microsoft thinks it can compete with 3rd part security companies, then it can bloody well do so without shuting everone else out of the market. Once again, anti-competitive behavior from Microsoft. Golly gee oh my, what a surprise. :|
You appear to be the one who needs to RTFA.
"[We] believe this move by Microsoft is designed to force users to rely on Microsoft and only Microsoft for Windows security, removing the option to use third-party security solutions that, if past experience is anything to go by, are likely to be more robust and provide better protection than Microsoft offerings."
So, what part of "anti-competitive" don't you understand, Danrarbc? Learn how to read and then come back and try to bash me again, OK? I'll have moved on my then, but you can have fun trying to bash me.
Time to move on, if say AVG and Spysweeper want to move with Vista they need to come up with a new way of thinking.
I do not want MS to back the truck up just so these clowns can jump on the train to millions at our cost.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.