Symantec/EU succeed in making Vista insecure

By maash
in Back Page News

 Share

Recommended Posts

Experienced

bennett

Posted
Posted

LTD. i don't think MS is 100% to blame for not giving Anti virus company's access to the kernel, they where going to be doing it by having a special key or some certificate that they would give to all the anti virus company's so that they don't have to worry about that (there was an article posted up here about it), but it has been symantac that has been crying about not being able to get FULL access witch they don't really need. There was even an article posted up here saying that Kaspersky found no problem with vista kernel access. They said it was a good thing, It might be since that kaspersky are made by people that know there stuff.

I don't really mind all the kernel access stuff i thought that was going to be sweet, it might of even stopped a few viruses, but now it is going to just be stupid. Symantec have ballsed this one up. Doesn't really matter tho they are a lame company and i will just stick with kaspersky

Grand Master

Jerry Grey Member

Posted
  • Member
Posted

I believe Ms can do anything they want to their OS, after all it is THEIR software, and there more then 3 other OS software on the market, so if you don't like it change.

Why would a ani-virus/firewall software company want their software to have kernel access? :blink:

They do not need it, other ani-virus companies is rewriting their software so it works with Vista, why can't Symantec do the same??

Experienced

grik

Posted
Posted (edited)

hey, im EU citizen, and im a bit offended with things that are beeing said here.

Why do you care so mutch about what comes to EU? If you are citizens of EU you should know that you can get any version you like, american, brasilian or whatever. My point is, most of you are too mutch worried what EU deserves or not about this matter.

If you arent EU citizen, just whatch your tongue, you have many things to protest in your own region.

EU will regulate the best way for their citizens. Dont be worried. Thanks

Edited by grik
Grand Master

Denis W. Veteran

Posted
  • Veteran
Posted

Although I don't agree with a whiny ass "security" company crying rivers over a potential threat to their pockets, it's funny how they're whining over a security feature on a platform that won't be mainstream for at least the next two years, Vista x64.

Oh well. We have incompetant corporations and legislators talking above all. C'est la vie.

Experienced

psyko_x

Posted
Posted

Windows has been insecure since 1995. They did nothing in 1998. They did nothing in 1999, 2000, 2001. And meanwhile, all that time, the antivirus industry has gorwn up around MS' flawed design, and both MS and the antivirus indistry have become dependent on one another. Largely due to MS' irresponsibility or ignorance from the very beginning.

They've been trying to make their OS more secure each time but it's hard when you allow admin rights to every user on the computer. Now comes UAC and kernel protection. Why are you so against MS trying a new approach to protect their OS? Should they just not try at all?

No way. No dice. MS cannot simply end the relationship without facing possible legal/legislative consequences.

What are you talking about??? Do you think Symantec's board members go to Bill Gate's house and bake him cookies every Sunday? What about the creators of Adaware and spyware removal software? Think they have some kind of unbreakable contract with MS? They're completely different companies and MS couldn't care less if Symantec went bankrupt.

Today's automobiles need gasoline and no one cared about gas guzzlers until recently (relatively). Should oil companies be allowed to sue and prevent car manufacturers from creating cars that run on electric power or some other energy source because theres some magical "relationship" between them you speak of? The car manufacturers don't give a damn about the oil companies. They continue to pour billions of dollars into research for cars running on alternative energy sources.

Experienced

bennett

Posted
Posted

^^

w00t

yea, that was well said.

Why should an Operating system have to change its new security fixing the problem that users have been complaining about for so many years.

Maybe it will hurt symantec and other people but they will just have to remake a new application that will fit around vista because no doubt vista will get its share of viruses.

Grand Master

NightmarE D

Posted
Posted
Windows has been insecure since 1995. They did nothing in 1998. They did nothing in 1999, 2000, 2001. And meanwhile, all that time, the antivirus industry has grown up around MS' flawed design, and both MS and the antivirus indistry have become dependent on one another. Largely due to MS' irresponsibility or ignorance from the very beginning.

Microsoft has made it known very clearly that Vista would be more secure than all the previous versions of Windows. This has been said since they started on Longhorn 5 years ago, especially when they switched over to the Windows 2003 code and said they were making big changes in security.

Symantec and the others should have known what was going to happen a long time ago. Now they wait until the last minute, a couple months before Vista is released, to start crying about this. All the others have just re-written their software to work with Vista. Symantec and the others crying over it, are simply too lazy to do this.

About boycotting Symantec and the others crying, I don't really see a need. In the last few years that's pretty much been happening since more and more people are either switching to free anti-virus program like Avast or AVG and others switch to a completely new OS like Linux or OSX. IMHO the free software like Avast or AVG do a much better job at protecting a system than the Symantec or others do. They're also a lot less bloated and don't use nearly as much system resources.

Just my opinion

Grand Master

jamend

Posted
Posted
You mean, as opposed to the almost comedy situation of the maker of the O/S then selling you software to cover up the lack of security in their Operating System?

Now I'm no economist but doesn't it seem a tad silly to ship a product which people will only really buy if your core product has security holes in it?

:rolleyes:

Almost all viruses spread because people are idiots and they think they can get free screensaves of nude celebrities in their emails. Exploit-based viruses are very rare (so they get a lot of media attention), and even then most of those exploits are already patched.

Grand Master

Brandon Live Veteran

Posted
  • Veteran
Posted

I'm anxious to find out what changes are being made to PatchGuard. Everything I've heard about it from folks in the core OS division who worked on it stated that it was a significant step forward in building a more secure Windows platform.

I hate, hate, hate when governments favor "anti-consumer" decisions over those that are called "anti-competitive."

Grand Master

Brandon Live Veteran

Posted
  • Veteran
Posted

Windows has been insecure since 1995. They did nothing in 1998. They did nothing in 1999, 2000, 2001. And meanwhile, all that time, the antivirus industry has gorwn up around MS' flawed design, and both MS and the antivirus indistry have become dependent on one another. Largely due to MS' irresponsibility or ignorance from the very beginning.

BS. Go troll somewhere else. Each of those release of Windows was more secure than the last. Windows 2000 was a huge improvement in security - and so was XP if you were coming form 9x. Obviously pre-SP1 XP wasn't built with the assumption that people would be plugging their computers directly into cable modems without a router/firewall, and that was probably a mistake. And clearly there have been security problems with Windows XP, but SP2 was a major improvement to that and Windows Server 2003 was also built with a strong focus on security and it shows. Just look at how impenetrable IIS 6 has been after all these years and tell me Microsoft can't make secure software.

Since then the amount of work done at Microsoft to improve security (in all its products, but especially Windows) has been unexplainably enormous. Windows faces challenges that no other software product worries about. You can't say "They should have been doing this all along" because a lot of these techniques didn't exist five years ago - and some still don't exist at any other company. Tons of security work in the compiler, libraries, APIs, and analysis tools had to be invented along the way for Vista/Longhorn. I'm not saying Vista will be perfect, but the bar for OS security has been raised.

Proficient

badazzEVO8

Posted
Posted

what if everyone starts importing US version?

thats your governments problem, not ms

The sad things is symantec will still dominate the market because average joes will still buy their products. That is total bull****, Symantec's sales should plummet after this.

should but they wont, especially when i see them give it away for free at bestbuy almost every week it seems. i got suckered into it for free. that was before i found about the better free programs out there. too bad their isnt a way to mass advertise these good ones so people know about more than norton and mcafee

Grand Master

NightmarE D

Posted
Posted
too bad their isnt a way to mass advertise these good ones so people know about more than norton and mcafee

A lot of forums usually have a section or thread dedicated to all the free alternatives out there. This includes Neowin. Plus there's a lot of people who run websites who add buttons to help advertise free or alternative software like Firefox or Avast. It's just that there's still a lot of people who don't go to a forum section of a site or completely ignore ads/buttons.

Just a shame it's soo damn expensive to even do like a small 10-20 second commercial. It wouldn't have to air constantly, just enough to start getting the name of a free product out there for others to see.

Grand Master

Miuku.

Posted
Posted

I'm not saying Vista will be perfect, but the bar for OS security has been raised.

How can a product that has been playing catch up in security for the last 10 years be ever referred to as "raising the bar" when it doesn't even come close to products such as *BSD?

Grand Master

Brandon Live Veteran

Posted
  • Veteran
Posted

How can a product that has been playing catch up in security for the last 10 years be ever referred to as "raising the bar" when it doesn't even come close to products such as *BSD?

Huh? Unless * is "Open" then I don't even know what you're talking about. And to whoever mentioned Linux (who probably has never run it himself), claiming Windows XP is inherently less secure than Linux is a load of crap - I can't think of any OS that's easier to compromise than Linux. Although if you want to be pedantic it's usually because of the services running on it (Apache, PHP, X). FreeBSD might be on par with XP / Server 2003 - but they're usually pretty behind-the-times feature-wise. OpenBSD is the clear security winner, at least on its default install - but only because it doesn't actually "do" anything useful.

Sure, each of these OSes faces different challenges. For Windows, it's mostly the gullible-user challenge. In fact, Windows faces every challenge any other OS might face and more, because it's used for so many purposes (every kind of server, workstation, , desktop, mobile, etc) and by so many different kinds of users (enthusiasts, professionals, families, newbies, whatever). But in every technical way, I believe Vista is more secure than anything comparable (OS X, desktop Linux, etc).

Oh, and for the record: UAP itself isn't what makes you more secure. UAP makes it bearable to run in a more secure environment, where there were obvious useability gaps if you ran a LUA account in XP. But you always could.

Grand Master

HawkMan

Posted
Posted

Funny how everyoen post as if MS bent over and just disabled patchguard

1st I'd like to remind everyoen of a while backon the discussion over this when everyone said they agreed that MS should keep Patchguard, but didn't agree witht he decision to force everyone to MS own security center. A LOT of people, those that now complain over this change, complain about this.

Now then

1: PatchGuard was not disabled.

2: you can still nto real time patch the kernel, the kernel is safe.

3: MS did exactly what everyoen thoguht they should do.

The patch adds an API call to disabel MS own security center so AV vendors can replace it with their own if they don't want to rebrand the MS built in one. Basically virus vendors woudl still have done this. this API call only means that users won't have to deal with both the built in defense shield in vista and the warnign from the AV vendors own security center.

Windows has NOT been made less secure. And for those AV Vendors who wish to add their own extra bloated security centers can now do it. those that just wish to rebrand the MS security center with thir own stuff can just do that.

Symantechwill still need to recode their AV to not patch the kernel for all the stuff they used that for. just like they had to for XP x64.

Collaborator

miniM3

Posted
Posted

This is stupid. People taking this like it's the end of the world, RUN FOR THE HILLS!!!! is more stupid. Security wise nothing has changed. Why are people are so intimidated I will never understand. People HACKERS ARE GONNA GET YOU!!!! FLEEEEEEE!!!!

sigh....

Need I remind that xp had a gazillion more holes and still nobody complained?

This thread is pointless.

Mentor

Andareed

Posted
Posted

@Brandon Live: Can you give me some insight into why patchguard makes windows more secure? Imo, mandatory kernel driver signing is more of a step forward than anything. The security argument I've heard for patchgaurd is that it will stop rootkits from hiding themselves. However, it seems unlikely that "real" rootkits will be signed - ms can simply blacklist their certificates if so.

As for unintentional rootkits, the holes are caused by driver ioctl-style interfaces not validating requests from user-mode. If I make a CreateProcessAsSYSTEM ioctl (starforce did something like this a while ago) function, I don't need to patch the kernel, I can just use standard API's to implement it. I suspect the same is true of sony's "rootkit".

The argument for patchguard should be stability. The current method of patching doesn't allow unloading of a driver after it patches the kernel. A while back, people used to (still do I suspect) patch the SDT to hook registry access. I suspect ms created CmRegisterCallback (for XP and later) and enhanced it in 2k3 to supply a reliable means of hooking the registry. The new API extensions are likely a generic way of hooking SDT entries in general.

Grand Master

theyarecomingforyou

Posted
Posted
The patch adds an API call to disabel MS own security center so AV vendors can replace it with their own if they don't want to rebrand the MS built in one. Basically virus vendors woudl still have done this. this API call only means that users won't have to deal with both the built in defense shield in vista and the warnign from the AV vendors own security center.

Windows has NOT been made less secure.

Yes, but you can't let the truth stop people bashing the EU / Symantec / McAfee / [insert unpopular brand here]. It's pretty obvious to anyone with some common sense that Microsoft wouldn't just disable one of the key security components of Vista willingly - the article clearly states that Microsoft was happy/willing to make the accommodations requested. I really don't like Symantec but I'm fed up with everyone bashing them because it's the "in" thing to do. Unless they EU actually required Microsoft to disable key security components I wouldn't blame anyone except Microsoft - they decided to make these (rather small) concessions, so it is THEM you should blame.

Still, it's pointless trying to inform other people as they'll just read the headline / skim read the article and come in here guns-a-blazin'. Sadly we just have to watch people festering in their own ignorance. The topic starter is as much to blame as the plebs in here - it's not possible to make the headline much more sensational.

Grand Master

Antaris Veteran

Posted
  • Veteran
Posted

I believe one of the core issues here is that companies like Symantec and McAfee now have to create an entirely new codebase because they can no-longer use unsafe kernel level code. PatchGuard is a brilliant idea, but it kinda locks Vista into a single kernel until a major or critical level patch/service pack is applied. This is a good idea, as kernel stability shouldn't really change. It is when these 3rd parties start patching in additional, uncertified kernel level code that it all goes ###### up (how many people have noticed their system start lagging and hanging after installing symantec/mcafee apps?). I believe these companies are causing a stink for two reasons:

1. Vista is now much more secure, which means less functionality is needed by a 3rd party application (if there are fewer holes in the ground, you need less mud!), which of course would mean they need to reasses their entire price line -> software profits are likely to decrease....

2. They would need to re-evaluate how they implement their software, this takes time, and money, and opens the door for other companies to start grabbing market share -> software profits are likely to decrease....

Grand Master

LTD

Posted
Posted (edited)

What BrandonLive is saying is:

1.) Windows design is inherently insecure because "back then" they didn't know any better, and now, Windows is fraught with the most problems because it faces the most challenges.

2.) The *other* operating systems, notably OS X, are not designed *as* inherently insecure as Windows, but they face fewer challenges anyway and have a much smaller installed user base.

And it is only with XP SP2 (or was it SP1?) that for the first time, the user was actually warned/prompted when something was trying to install itself on Windows without their prior consent (for example.) I'm assuming that at that time (XP SP2), no other OS had this feature ;-) , and since MS only *began* to face challenges in 2003-04, they worked hard to innovate and build this in to the system. Before 03-04, MS saw absolutely no use for user-permission prompts (among other secuirty features), because they simply did not really face any challenges pre-2004. Hence, WindowsXP (quite understandably!) shipped with FIVE open ports.

Is this correct?

Edited by LTD
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Still using Classic Outlook? Microsoft highlights 15 reasons to switch to New Outlook

      By Usama Jawad96 · Posted

      Still using Classic Outlook? Microsoft highlights 15 reasons to switch to New Outlook by Usama Jawad As many of you may know, Microsoft has been trying to get customers to ditch Classic Outlook in favor of New Outlook for quite some time now. To that end, it has added numerous capabilities to the latter, including PST features, and it is working on several more, such as a unified inbox. However, customer response has been a bit lukewarm so far, with many considering the New Outlook to be "hot garbage". Now, Microsoft has highlighted 15 features that users can leverage in New Outlook in yet another attempt to get customers to migrate. Although not all of the 15 capabilities are exclusive to New Outlook, in fact, most of them are available in Classic Outlook as well. But Microsoft hopes that this combination of familiar and fresh features will be able to attract existing users as well as new ones. For ease of readability, we have summarized the 15 features below: Pin an email: This makes it easier to track important emails Snooze an email: You can temporarily snooze an email thread for a specific time frame until it becomes relevant again. This can be very useful in scenarios where you don't feel like actively following a thread or simply want to follow up on a later date Add multiple categories at the same time: You can assign multiple categories to an email through a single, simplified interface Sweep: As the name implies, you can define automated move processes on your inbox to declutter it, rather than cleaning it up manually Schedule send: Does exactly what it says on the tin, and can be useful when accommodating recipients in different timezones Simplified folder sharing: The sharing process has been simplified so permissions are automatically applied on parent folders Follow a meeting: This is an RSVP option that lets people know that you won't be able to join the meeting but would still like to access a recap Save calendar views: You can save different views for the calendar based on different workflows Improved meeting tracking: Organizers have more controls in viewing meeting responses, such as the ability to sort and download them. Typically useful when there is a large audience Meeting recap: The Outlook Calendar surfaces a meeting recap with recordings, transcripts, and shared files Filtered views: Allows you to declutter your Calendar so that it's easier to scan and schedule Change a recurring event: Users can modify future events of a series of meetings while preserving the configuration of previous ones Rename your email account: This labeling makes it easier to identify multiple accounts in Outlook Modern themes: Exactly what the name says, plus Dark Mode Keyboard shortcuts: This facilitates flexible user behavior as customers can choose between Outlook for Windows shortcuts, Outlook for the web, or turn them off completely There you have it. It's a decent list, but it remains to be seen if it will move the needle in a meaningful way for users who are attached to Classic Outlook. Again, a lot of the aforementioned features are already available in Outlook Classic, but for some, native functionality is not present, and people typically resort to workarounds. Microsoft will be hoping that it's primarily those capabilities that get people to finally switch.
    • CANT FIND SECURE BOOT ON BIOS

      By mobandz · Posted

      Please I need help I been trying to find this secure boot on my ColorFul motherboard in the bios But i cant i turned off CSM everything watch every video i cant find it. BATTLE-AX B660M-HD DELUXE V20
    • LibreWolf 151.0.3-1

      By Copernic · Posted

      LibreWolf 151.0.3-1 by Razvan Serea LibreWolf is an independent “fork” of Firefox, with the primary goals of privacy security and user freedom. It is the community run successor to LibreFox. LibreWolf is designed to increase protection against tracking and fingerprinting techniques, while also including a few security improvements. This is achieved through our privacy and security oriented settings and patches. LibreWolf also aims to remove all the telemetry, data collection and annoyances, as well as disabling anti-freedom features like DRM. LibreWolf features: Latest Firefox — LibreWolf is compiled directly from the latest build of Firefox Stable. You will have the the latest features, and security updates. Independent Build — LibreWolf uses a build independent of Firefox and has its own settings, profile folder and installation path. As a result, it can be installed alongside Firefox or any other browser. No phoning home — Embedded server links and other calling home functions are removed. In other words, minimal background connections by default. User settings updates Extensions firewall: limit internet access for extensions. Multi-platform (Windows/Linux/Mac/and soon Android) Community-Driven Dark theme (classic and advanced) LibreWolf privacy features: Delete cookies and website data on close. Include only privacy respecting search engines like DuckDuckGo and Searx. Include uBlockOrigin with custom default filter lists, and Tracking Protection in strict mode, to block trackers and ads. Strip tracking elements from URLs, both natively and through uBO. Enable dFPI, also known as Total Cookie Protection. Enable RFP which is part of the Tor Uplift project. RFP is considered the best in class anti-fingerprinting solution, and its goal is to make users look the same and cover as many metrics as possible, in an effort to block fingerprinting techniques. Always display user language as en-US to websites, in order to protect the language used in the browser and in the OS. Disable WebGL, as it is a strong fingerprinting vector. Prevent access to the location services of the OS, and use Mozilla's location API instead of Google's API. Limit ICE candidates generation to a single interface when sharing video or audio during a videoconference. Force DNS and WebRTC inside the proxy, when one is being used. Trim cross-origin referrers, so that they don't include the full URI. Disable link prefetching and speculative connections. Disable disk cache and clear temporary files on close. Disable form autofill. Disable search and form history...and more. LibreWolf 151.0.3-1 changelog: Upstream release, see the Firefox 151.0.3 Release Notes Notable changes: Clears the preference toolkit.winRegisterApplicationRestart, which may otherwise trigger an upstream bug on Windows (librewolf/issues#3056) Download: LibreWolf 64-bit | Portable 64-bit | ~100.0 MB (Open Source) Download: ARM64 | Portable ARM64 Links: LibreWolf Home Page | Addons | Screenshot | Reddit Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Apple reluctantly forces strict new age checks on Texas users starting today

      By excalpius · Posted

      Unsurprisingly, there's what the law says and what the old white wealthy males legally enforce...
    • [NEWS] Over 105000 games are available to play on Linux.

      By Circaflex · Posted

      Or anything online that requires an anti-cheat

  • Recent Achievements

    • Apprentice
      fernan99 went up a rank
      Apprentice
    • One Month Later
      nothanks earned a badge
      One Month Later
    • One Month Later
      B2Proxy earned a badge
      One Month Later
    • One Year In
      MadMung0 earned a badge
      One Year In
    • Week One Done
      jefred earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      479
    2. 2
      PsYcHoKiLLa
      248
    3. 3
      Skyfrog
      79
    4. 4
      FloatingFatMan
      77
    5. 5
      Michael Scrip
      60
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!