Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

MS to McAfee: Stop Lying to the Public

By Scott M. Fulton, III, BetaNews

October 20, 2006, 11:51 AM

A statement released to the press very early this morning from Ben Fathi, Microsoft's corporate vice president for security technology, gives some subtle but clear indications that, if McAfee wants to take its claims against Windows Vista security features off the streets and into a more formal setting, Microsoft might be willing to make a battle of it.

"It's unfortunate that McAfee's lawyers are making these kinds of inaccurate and inflammatory statements," Fathi's statement opens, apparently referring specifically to claims made against Microsoft's forthcoming 64-bit kernel protection scheme before the European Commission, and not to open letters from McAfee executives published by the Financial Times and ZDNet.

While McAfee and Symantec have been complaining publicly that Microsoft's new architectural choices lock them out of being able to provide heuristic security features for anti-virus and anti-malware products, privately, McAfee's complaint is that Microsoft is failing to provide its partners with the information necessary to enable them to alert users to vulnerabilities using their own tools, rather than Microsoft's.

European news sources this morning cite McAfee attorneys in Brussels as saying that Microsoft has failed to live up to its "hollow assurances" of providing this information to security partners.

Fathi's statement continues with a timeline, down to the minute, of delivery times when McAfee received documentation and sample code from Microsoft last Monday and Tuesday. This code apparently gives vendors new APIs for providing users with their own security alerts, in place of Microsoft's. A new build of Vista, Fathi said, which incorporates this third-party alert system, was delivered to McAfee last Wednesday, and a tutorial briefing was given Thursday at noon.

McAfee's original complaints before the EC, however, pre-date this timeline by weeks.

Nonetheless, Microsoft is now maintaining it has lived up to its commitments, at least as of today. "We believe McAfee and all our other security partners have the information they need to replace our alerts with their alerts, and we are completely available to answer any questions," stated Fathi.

The second part of Fathi's statement this morning confirmed news that BetaNews first reported late yesterday: Microsoft is holding a series of conferences with security partners to propose a comprehensive security services API for Vista, to be developed in a relatively open process that would involve security partners and Microsoft working in tandem.

Fathi confirmed this API would be an alternative to the kind of exclusive PatchGuard bypass key that some vendors have requested, which Microsoft contends could effectively disable its Kernel Patch Protection feature. These proposed services, Microsoft says, would enable the class of security features that vendors are looking for, without having to compromise PatchGuard's lockdown of the 64-bit Vista kernel.

"These discussions are underway between our engineering teams and our third-party security partners about the functionality they are seeking, and how to prioritize this significant work in the months ahead," wrote Microsoft's Ben Fathi. "We are implementing the commitments we made to the European Commission, to develop these new interfaces in the months ahead after consultation with our security partners. Our goal is to provide an initial set of documented, supported kernel interfaces in the Windows Vista SP1 timeframe, recognizing that this will require collaboration from our industry partners."

Again, we see reference to the "Vista SP1 timeframe," without a specific time attached. Yesterday, a Microsoft spokesperson declined to specify to BetaNews how far out SP1 might be, on an actual time scale.

Fathi concludes by reaffirming that bypassing Kernel Patch Protection is not an option from Microsoft's vantage point - and, contrary to many reports, never was.

"We are committed to providing our customers with a more secure and reliable operating system," he writes, "by protecting the core of the 64-bit kernel in Windows Vista with Kernel Patch Protection, while also working with our security partners to provide the kernel functionality they need without bypassing Kernel Patch Protection."

Add a Comment

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By icollect

edited Nov 4, 2007 - 11:45 AM

One of the most amazing scams of the century is being perpetrated by a security company. Mcafee is a known criminal rouge company. this is a matter of public record.

http://www.google.com/se...J:en&q=mcafee+fraud

The site Advisor component of this product supposedly protects users from malicious websites. It does this through the use of Bots and it's anonymous reviewer system. If you look at McAfee's own numbers, the truth is painfully obvious. A site reviewer that has an expert rating has the ability to turn a site red. Meaning that this site is dangerous. McAfee's own numbers state that so far 394,399 reviews have been written. Many of these reviews have been directed at independent webmasters or McAfee competitors. Of these 394,399 reviews, the top 10 reviewers have written 179022 of these reviews. This means that 10 people, supposedly with no affiliation to McAfee have not only turned hundreds of thousands of sites red, but those sites that link to them. That's right folks, the future of the web, what you see, what you read, what you do, is being controlled by 10 anonymous reviewers. Are you wiling to give that much power to McAfee and it 10 henchmen. The only solution is to boycott McAfee and all it's products. They are using your money to extend their control over the content of the web, a far greater threat than any virus.

If any law enforcement officer is reading this review, I am asking for a complete investigation of this scheme. It is a mathmatecial immposibility, for such a small number of reviewers to have written so many reviews. McAfee's servers are slow, I know I have A T1. It would take years for 10 users to do this many reviews.

Score: 0

By k33l0r

edited Oct 23, 2006 - 7:58 AM

Personally I find it highly suspect that Microsoft is planning a Vista SP1 to fix bugs before the damn OS is even released.

==
http://korhonen.matt.googlepages.com

Score: 0

By CMSTech

posted Oct 23, 2006 - 5:29 PM

It is apparent that you have never developed any large applications.

There has to be a point the software version has to be frozen to be stamped to the CDs to be sold, and of course development is always on going...so yea there will be updates to any major application do to the lag between freezing the version and it hitting consumer hands.

When was the last time you purchased any peripheral and the CD it included contained the latest driver? There is always a newer one available on the manufacture’s website.

Score: 0

By Xentar

edited Oct 23, 2006 - 4:52 AM

I am no lawyer so i can hardly judge the accusations by McAfee or Symantec. I just dont understand, how it is possible to have already Vista ready anti-virus and anti-spyware software ready with full inegration with vista security center - AVG by GRISOFT already announced availability of AVG Anti-Virus and Anti-Spyware working under Windows Vista.

Or, if the problem is in McAfee wanting their own security center to overrule Vista's own, i dont understand it. I never used the feature on my PC as it only eats resources providing no real benefit. For common joe user is better to have one standardized interface for all products in same category (be it antivirus, text editor, web browser or anything else).

Score: 0

By drviper76

posted Oct 22, 2006 - 8:18 AM

maybe if microsoft built all the operating systems they ever had properly we would not need virus scanners firewalls etc we just lucky they are not car manufacturer.

Score: 0

By brien@suite304.com

edited Oct 21, 2006 - 9:10 PM

Good for you Microsoft! I'm glad you're not letting anyone tap your Kernal. That would totally have defeated the security of Kernal Patch Protection.

I hope you make your API as slow as possible. I don't want to buy my security software from a third party. I don't want to buy my anti-virus, spyware, etc. protection from anyone. I want it to be included with the OS.

I'm glad to see that MS is moving towards giving us free security in the OS. That is what always should have been done.

The current anti-virus crowd (McAfee, etc) are a problem, not a solution. Who do you think writes most viruses? ...Just ask yourself this question, "Who stands to gain the most from a virus?" ...Yep, the anti-virus companies. Similarly anti-spam companies produce tons of spam, etc. It's common sense really, but the facts serve as proof.

Score: 0

By cranbers

edited Oct 22, 2006 - 6:15 AM

You know I always suspected that a av engineer in his spare time or heck even company time write sa virus then finds the perfect avenue of attack to get it out there. They would be the first to identify it, therefore seeming to be more informed etc. The worst part is that they wold know exactly the perfect idea to design a great virus or worm. It's all about ethics and in this day and age its about money.

As for microsoft providing security, I think locking down the os and making it impossible to write virus's and malware for it would make more sense. They made a multi billion dollar industry out of protecting windows from malware for 10 years now. So to take away those companies livelihood by providing their own security and locking out all others is kind of wrong and is no different then integrating everything else to the os. I can guarantee the next version of windows has one care live integrated into windows itself just like defender.

Can you imagine what would happen if xp source code was released? You might as well be running file sharing wide open on a open wifi connection the security will be so bad. Also add a open remote desktop link ability. Linux and os x all have their source code freely available to anyone. Yet they have few viruses, pretty sad isnt it.

Score: 0

By The MAZZTer

posted Oct 22, 2006 - 1:02 AM

I wouldn't go so far as to say AV companies write viruses, but they ARE only profiting from a combination of factors:

1) Viruses exist
2) The OS has vulnerabilities that open it to viruses

They're just pissed MS is closing off 2, which would help keep the user secure WITHOUT their software.

The whole AV industry is like a life support system for a hospital patient. As long as taking the patient off the equipment and letting them recover on their own is impossible, the equipment is useful and necessary. But once the patient inevitably gets better the equipment is now useless to them...

Score: 0

By cranbers

edited Oct 21, 2006 - 6:59 AM

The days of mcafee and symantec are numbered anyway. Now that microsoft has put out their own security software with unlimited free marketing from within the os itself and free alternatives to 3-100 dollar security suites I think the 3 main security providers for windows are in trouble anyway.

In a few years time these companies will be a shadow of what the are now. Unless of course they change their strategy.

I personally would never buy a retail copy of mcafee or symantec's software. I beta test for symantec and well they have nothing special in the pipe. Simply adding another number to the release. Corporate software is a joke as wel for symantec. I have had virus infections even though the software was up to do and was running. It didn't detect the virus until after I did a scan! As for mcafee it seems they are more interested in advertising other products then giving you a slick clean interface. As for their security center want to tell me the point? Mcafee's security center was ugly annoying and was showing windows info plus some advertising of other products.

I currently use free avast and zone alarm and I am very happy. It is small, clean and does the job best of all its free.

Score: 0

By bsf

posted Oct 22, 2006 - 4:23 AM

those smaller companies need to do a better job in advertisment. And I don't mean popping up stupid pop ups to let people click on it.

Score: 0

By wincement

posted Oct 20, 2006 - 11:00 PM

Wow. I can actually agree completely with something Microsoft said. Amazing.

Score: 0

By zhengx

edited Oct 21, 2006 - 1:08 AM

Evil MS.

Score: 0

By Johnbald01

posted Oct 20, 2006 - 10:34 PM

I really concur with the majority on their opinions of Symantec and McAfee, two companies with mediocre products, over priced, overbloated now crying about how Microsoft should release their product information. It is laughable. They should be paying attention to the loss of revenue and customers based upon lousy products and not worry about Microsoft.

Score: 0

By crashoverride

posted Oct 20, 2006 - 8:54 PM

The security landscape is clearly changing. There is a clear solution for companies like symantec and Mcafee.
Adapt or die!!

Score: 0

By Registered

posted Oct 20, 2006 - 8:20 PM

i think microsoft needs to start demanding better internet explorers before they start ditching security developers, how can they b**** at symantec (no not there retail £30 crap, there corp software), when they can;t even get internet explorer sorted,

IE 6 was suppose to be the best secured yet, what a joke that turned out to be,

and IE7 has already 2 vulnerabilties, and it's only just came out,

MS is not ready yet to go at it alone, they really need 3rd party security developers still,

although mcafee do need to get there act together,

and symantec needs to put there retail software back to the basics, small, fast, and reliable,

not massive, buggy, and dead slow,

Score: 0

By GS5

posted Oct 20, 2006 - 7:47 PM

Why is McAfee and Symantec complaing about M$ making their product better??? At least they're trying to make their product better which is more than I can say for McAfee and Symantec. The last couple for years both have gone down hill. Especially McAfee, now it's just a name that people knew.

Score: 0

By ericeberg

posted Oct 20, 2006 - 2:55 PM

Who else is sick and tired of McAfee and Symantec's whining? One, Kernel Patch Protection is not new: it debuted with the x64 versions of Windows. So the whole argument about this being something that Microsoft just introduced is crap. Two, if you open up the kernel to undocumented patching, then attackers and other kernel abusers (think Sony DRM rootkit) will have the same freedom for abuse they've always had. Sure, KPP may not be faultless (even though the much-publicized KPP bypass at that security conference has been fixed), but it at least makes the job of rootkit-writers that much more difficult. Which comes to Three--what USER believes Microsoft is really trying harm users by building in protective features to its product? The only reason this is coming up now is because the industry is moving to 64-bit, Vista will be sold in retail boxes with the x64 version included, and McAfee and Symantec don't want to invest in their customers by making their stuff work with Microsoft's new platform.

McAfee and Symantec - are you listening? You're spreading FUD, and everyone knows it.

Score: 0

By kmashr

edited Oct 20, 2006 - 2:29 PM

People really don't get it do they? Microsofts operating systems till date were poor pieces of software engineering. So much so that they had to have a whole slew of companies queing up to provide security to the horrible kludge of code called MS Windows. As we got supposedly more secure (refer to the original release hype on MS Windows XP) than the previous version of MS Windows we found that third party security tools got more complex and became a liability on the performance of the OS. I would like to think that the third party security vendors actually were covering MS Windows axx by doing so and getting blamed for it. Stupid of them of course. But in the 'corporate' world it is first about making money then comes the rest. There are enough people who believe that 'corporate' culture guarantees 'quality'. Well then folks take your ride and drown in a leaky boat that is all flash on the outside and all holes in the inside.

Score: 0

By jshurst

posted Oct 23, 2006 - 8:47 AM

"Microsofts operating systems till date were poor pieces of software engineering." - Get real. You may not like Windows, but to call it that is just naive. It's the OS that changed the world - and Bill Gates has the money to prove it.

Windows works with pretty much every computer hardware configuration. Also it is very stable (especially compared to linux running KDE). Plus, out of the box it just works. I don't have to spend hours setting things up for it to work.

Score: 0

By uberfly

posted Oct 20, 2006 - 9:52 PM

If Microsoft had wrenched windows into a tight little ball from the start, a lot of its extensibility would have been lost for 3rd party software developers. The 'people's OS', by its very nature, is going to have the kind of security issues we've all seen. I'd still rather have those issues than use the oh-so secure MAC. Using a MAC is like living under Mussolini (and somehow apple's convinced them their the free-thinkers). Good grief.

Score: 0

By RandyP

edited Oct 20, 2006 - 2:54 PM

All this controversy is for the X64 version of Vista. Unless I'm mistaken, like XP, the 64 bit version will be a small part of the total. Won't most users be using the x86 32 bit versions which are less secure than the x64 versions? And won't the 32 bit versions provide a home for the McAfee and Symantec products? See Paul Thurrott's article of the versions at http://www.winsupersite....ase/winvista_ff_x64.asp

Score: 0

By Intrusive_Rogue

edited Oct 20, 2006 - 1:53 PM

Is me or has the entire anti-virus world turned into a bunch of Crybabies?

"Whaaahhhhhh, the product that our entire business model depends on is now making their product so good that our products aren't needed.....Whaaaaahhhhh."

At least when my 3 week old daughter cries it's for a legitimate reason! (or maybe McAfee has poopie in their pants too.)

Score: 0

By cranbers

posted Oct 21, 2006 - 6:49 AM

Sounds like you need some sleep buddy. As for your comment antivirus companies should be put out of business because there is nothing left to secure not because microsoft thinks its what's best. The problem here is that microsoft locked the kernel to everything which means reverse engineering or hacks will be needed in order to get by it. I can guarantee black hatters will be there soon enough. The real problem is no one will be able to protect against these issues because the good guys will be locked out as well.

So its like guarding the treasure when everyone is locked out of the building where it's kept. Including the security guards, so someone can be inside doing whatever they want with no one to stop them. At least now you have mcafee and symantec that can guard the kernel using heuristics.

Score: 0

By jricha34

edited Oct 22, 2006 - 11:26 AM

So you are saying the black hats who are funded by mom and newspaper routes are smarter and more resourceful than AV companies with billions available for R&D? I would think if anyone would figure out how to crack the OS, the security companies _should_ be ahead of the black hats. If not? Why would someone pay the security companies to protect them? They obviously don't understand what they are trying to protect you against.

The issue is that McAffee and Symantec don't want to "lose" previous code capability that they picked up from others smarter than them because it translates to less features in their product and less reason to shell out cash for it. It also means for them to attempt to maintain functionality _they_ need to come up with something new and I think MSFT is far more advanced in new developments than those other two companies ever could be even though MSFT gets ripped pretty regularly for that.

I am very much for MSFT doing this. Even if they have to have different SKUs, one SKU has the feature, one doesn't. Alternately all have it but it is something you can enable/disable but that can only be done by inserting a separate boot CD making changes that require the user to enter specific set of fairly painful commands and then reboot. That way, people are well aware that they are doing it and have to be involved, some piece of software can't just do it for them behind the scenes.

Score: 0

By dougau

posted Oct 20, 2006 - 1:40 PM

As McAfee and Symantec both are admitting they haven't a clue how to get their high priced products to work, it would be a good time for everyone to try the free Avast and AVG lines of security products.

Does anyone know if Microsoft One Step has to rewrite the Windows Kernel to work? If not, why does McAfee and Symantec feel they have to do this?

Score: 0

By GoodThings2Life

posted Oct 20, 2006 - 1:45 PM

It's called OneCare* (FYI), and yes, Microsoft is developing a special x64 version for Vista that doesn't require Kernel hooks. They are NOT exempt from PatchGuard protections.

Score: 0

By Black-Wolf

posted Oct 20, 2006 - 12:42 PM

McAfee sux crap.

Their products are just worthless.

Score: 0

By mjm01010101

posted Oct 20, 2006 - 1:42 PM

Agreed. Probably the worst software I've ever come across, that still is installed like gangbusters.

Score: 0

By Ramhound

posted Oct 20, 2006 - 12:20 PM

I have said this I think three times

If Microsoft can build a product around the Patch guard system, then so can EVERYONE else. Granted they will have to request information about the system, ERROR and RETURN values of calls, that sort of thing.

Hell even within Microsoft programmers need that I am sure, so it already exists.

The write up, although perhaps internal does exist on this sort of thing. If it doesn't then somebody at MS will get fired, because its not possible to do something that huge without some sort transcript and documentation.

Score: 0

By jbaltz69

edited Oct 20, 2006 - 12:13 PM

Symantec and McAfee products suck. I don't see why people use them. Trend Micro makes a great lightweight antivirus solution and AVG is free and works great too. I was also very impressed with Windows One Care Live as well. All of those are much better at protecting in my experience then any McAfee or Symantec products. Although McAfee's stinger releases (used to target/remove a specific virus) work very well too.

Score: 0

By jshurst

posted Oct 23, 2006 - 9:17 AM

I've been using Trend Micro for a few years now, and I've liked them. That is until the 2007 version. I installed it a few weeks ago and it is a lot worse than it's previous offerings. It takes forever to scan my computer, locks up on me quite frequently and for some reason it didn't update my renewal date (even after talking with customer service).

I think that I'm going to revert back to the old version.

Score: 0

By nosake

edited Oct 21, 2006 - 5:32 PM

Until recently, I would have agreed that TrendMicro was a good alternative to Symantec and McAfee, but testing proved they're no better. All three are guilty of arbitrarily interfering with internet access, without alerting the user to that fact.

Only ZoneAlarm's Suite passed the test, but even there, armed with a good AV program and XP's own firewall, Steve Gibson's ShieldsUp was unable to decipher the difference.

And, just because I wanted the opportunity to say so: Symantec and McAfee are stellar examples of consumer fraud.

Score: 0

By GoodThings2Life

posted Oct 20, 2006 - 1:43 PM

You're absolutely right, but therein lies the problem... Windows Live OneCare is a great product. Why? Because Microsoft knows that if they're going to enter a market, they'd better do things right-- especially for something they've previously been terrible at, like security.

OneCare represents a true threat to these businesses and so does PatchGuard on x64 Vista. The bottom line is that rather than adapt to changing security environments, these companies like McAfee and Symantec would prefer we keep things in line with the status quo so that they don't have to do any new work and don't become irrelevant. It's amazing how they claim their products are such great mechanisms for security and yet they are always so slow to respond to new security situations.

If it's a truly a superior product, prove it, McAfee... adapt and prove it!

Score: 0

By smarttech

edited Oct 22, 2006 - 5:40 AM

What is wrong with any company, big or small, protecting its own interests? It is unfair and unethical to try to steal from Microsoft (just because they are big) under the cover of legal antitrust excuses. They became a monopoly because they were doing something better than others on the first place. Not happy with them – do not use their products. Most of those who blame them have no guts and use their products anyway. Where is people’s decency? Where are their principals? Would any of you on your small personal level help your competitors? No! It is against human nature! So why Microsoft should? Survival of the fittest is healthy; stealing even from the very big ones is not.

Score: 0

Dec 5 - 1:45 AM ET Shazam: eight million songs of the eternal Now

Dec 4 - 7:30 PM ET Comcast to offer bandwidth consumption monitor

Dec 4 - 5:37 PM ET Counterfeiters sing the 'Blue' as Microsoft lawyers up

Dec 4 - 4:40 PM ET Opera 10 alpha shows off new Presto rendering engine

Dec 4 - 2:29 PM ET Apple: Psystar clone-maker is working with unnamed collaborators

Dec 4 - 2:21 PM ET Windows Live rollout sketchy, team apologizes

Dec 4 - 2:20 PM ET Stinging from a revenue shortfall, Adobe to shed workers

Dec 4 - 11:47 AM ET The storm hits AT&T, with a five-digit headcount reduction

Dec 4 - 11:42 AM ET TV sports adopts Web coverage, plays with iPhones

Dec 4 - 11:24 AM ET Microsoft seeks 'community' help to make IE8 Standards Mode work out