Kaspersky rulez ;-)
Have tried many versions of Symantec AV... slow, slow... detection isn't the best... crap!
Have tried some versions of Mcafee AV too... some gave me BSO when detected a virus (maybe because of bad API hook?!?!?!), some didn't detect the virus at all... then... one day I saw Kaspersky... really fast... many updates/day... best virus detection engine ever... I don't know how v6.0 works with Vista, but I think I won't be disapointed... ;)

My 2 cents: if Microsoft has a better security model in their OS, why do they have to document the holes so somebody else can sell a product?

I have been using MS OneCare since the beta and love it. Runs great. I have had no issues with virus attacks and spyware. NONE! Symantec has gone down hill. Just the word Symantec said in a room, people think Slow, No forward thinking, Bloat ware! They need write a FAST non-bloat ware application before I would ever think of switching back!
I'm sticking with Microsoft! Kudos to the OneCare Team for something better than Symantec's pile of bloat.

PatchGuard has already been hacked by the beta using community so its not all its 'cracked' up to be. which means the day vista goes public the virus and malware authors will have code ready to load, bypass and hide from patchguard. kudos to sophos for not just whinging about it and getting something real done. IMHO mcafee and symantec still have a point about being locked out.

I too like having the bank balance my check book.

I'm glad to know that McAfee and Symantec are not the only choices. They have been able to sell their bloatware for years without innovating. This time Microsoft is right.

Looks like Sophos is trying to be the better man/company from all of this.

They see an opportunity to gain some market share from the AV giants, so they're trying to take it.

Sounds like a PR stunt/move to me.

In any case though... if they can outwit Symantec, McAfee, and etc. in having better code, then they deserve the limelight.

If Microsoft will open the kernel I never buy a McAfee,Symantec,Sunbelt software

"But as Heron argued, for vendors to be able to continue to provide this functionality, they would need to have the ability to "hook the APIs" - meaning, to detect whether certain function calls to the operating system are being made, as potentially malicious code is being executed. By Microsoft disabling this kind of hooking, Heron wrote, vendors can no longer continue to provide security the way they have before."

He's right. This is one of the true functions of a HIPS app. PC firewalls need kernel driver access as well for packet filtering and verifying the rights of calling applications.

But the way O'Brien explains it:

"By HIPS, O'Brien is referring to Sophos' current Host Intrusion Prevention System, a version of which is being planned for the initial release of Vista. The system uses heuristics to examine the behavior of software that may not have been identified as viruses by way of signature, to determine whether it is likely to negatively impact the system."

Is this not one of the functions of an antivirus application? This is not the job of a HIPS.

I'm not suggesting Sophos' technology is inferior to the current methods used that are tied into the kernel, but it will be interesting to see if their methods are going to be at least as effective or better.

I would guess that the 'genotypes' Sophos looks for are particular installation routines and targets for installation in the code - which in some ways is a better method. This way the HIPS can catch malicious code before execution, rather than responding to execution with a block (like a kernel-response would).

It's not heuristics though - which is what you're thinking of in regards to the functions of AV software. It is a HIPS that in a way is using it's own heuristics. By analysing code before allowing execution they may have a more reliable system - or they may not.

As you say, it will be interesting to see. Personally, I don't think it makes a lick of difference for McAfee and Symantec - their products are still easily compromised at present by modern malware - even with their swanky API hooks. If it's not doing them any good now, why will it help in the future? At least Microsoft has realised that much. :P

The bottom line is that Symantec and Mcafee have become lazy. I sincerely hope that MS sticks to their guns and makes them rethink and rework their code to benefit TRUE security. Leave the kernel to the OS maker. I've been using Avast for a long, long time now and I don't regret it one bit. With Symantec/Norton in many cases if anything happened to mess it up somehow, my XP wasn't far behind after that; Mcafee is even worse. I suggest that people take a look at alternative AV products until these companies bring true innovation to the forefront. They're so busy delving into the multitude of different utilities that apparently the core product (one people most care about) are suffering. And I don't care about what kind of tech they use....how is it that they're the only 2 companies complaining? Or is it just a matter of time? We'll see I guess.

yeah it is pretty rediculous. Mcafee and symantec are more worried about anti spam and worthless identity theft then antivirus and firewall now it seems. Norton utilities used to be a very helpful set of programs. Now its so bloated and slows down your computer its just sad. I mean you buy their anti virus then they bombard you with advertising for everything else. I mean why did I give you 50 dollars? For anti virus or a firewall not all this other crap.

Let's not forget product activation, keycodes and all that other crap now. Symantec has really gone down the drain. There revenue now is based on uneducated public, like microsoft that is a name they know and see in the store so they get it. Same thing with mcafee, they were the main antivirus companies when windows became big and viruses became bigger. But until the last few years no one really cared about anti virus. now its a must have or you risk losing your data.

So I used avast as well. It's simple, free and its a very nice to use program everything should give it a shot.

klavc

While I don't disagree with you that its a different way to handle a similar thing ( Detection of hostile code, is what users want ). Sophos by making this statement does show it is possible to detect this code in another way. Which means Symantec and McAfee can develop other ways to detect hostile code that more advanced and still not need kernal access.

They admit that they were forced to access the kernal, and they know they were not suppose to do it ( lets face it, I even know that trying to access the kernal isn't a good idea ). So they devloped their dection methods on this bad idea, and now when Microsoft says "enough is enough" they are going to cry about it?

Let me put it this way, If Microsoft had locked access to the kernal in XP, would Sophos be the "Symantec and Mcafee" of the industry. We might find out, which companies decided they will adapt and not wait for the code highways to the kernal code dection will be those companies that will be alot bigger when the next windows comes along.

With the fundamental problems Windows exhibits and the poor quality products & non-existent support that both Symantec and McAfee have come to represent, its hard to get worked up regarding any of them.

I suspect most folks would prefer to find quality alternatives for all of the products/vendors listed above.

Kinda amazing how a product with so many "fundamental problems" can completely dominate a market isn't it?

"With the fundamental problems Windows exhibits and the poor quality products & non-existent support that both Symantec and McAfee have come to represent, its hard to get worked up regarding any of them.

I suspect most folks would prefer to find quality alternatives for all of the products/vendors listed above. "

Dude, what is wrong with you? That's an unhealthy obsession you have there. Products that are put on windows, and it STILL has to point back to the fact that MS Windows sucks eh?
In most if not all article responses that you make, the gist is 'MS/Windows sucks, use something else'....now while I completely respectED your thoughts and feelings initially, must you honestly LITTER almost EVERY news article with this theme? We all get it! We REALLY do; You hate windows, you hate MS, MS sucks, Apple is better, Anything else than MS and MS products are better, blah blah blah. News Article: The Sky is blue, your response: It is blue, but it's even more blue using a Mac!/Ipod/anything else but MS. Holy hell man.
Can we move on and have something constructive/useful from you for a change? And I don't mean useful like "MS products suck, use something else". Honestly, I've sat by and ignored most of your drivel but enough is truly enough.

Wrong again dimwit.

Yes, MS OSes exhibit a fundamental fatal security flaw referenced to activeX - a marvelous way to allow various products to inter-operate, but utterly and completely lacking in a way to authenticate that the 'friendly apps' really are who they say they are!

OSX offers allot of potential if the software you need is available on the platform. And I will continue to disagree with the Windows fanboys who dominate the site that still have no clue that the Mac is JUST an elegantly designed PC that can run an additional OS and do not understand the bridge the OS provides between the traditional high end UNIX environment (AIX, HP-UX, xBSD) and the Windows environment.

Linux has usefulness IF you are willing to figure out just what is going on under the covers that departs from all of the previous mainstream platforms, be it Windows or mainstream UNIX. AND if you are willing to deal with the abysmal lack of applications and the inability to interact in a reasonable manner with Windows. therefore Linux is predominately relegated to small/mid-market servers. But the support and licensing costs for mainstream releases such as RedHat exceed even Windows in the Enterprise.

I dont care which one you want or choose to use.

But for anyone to buy Windows and then to complain about security is ridiculous. And to say that MS has been negligent in building an OS that is secure begs the obvious. And this article simply reinforces that.

My only position is that currently the Mac enhances your choice and allows you the option to pick whichever combination of the 3 you like on a common platform - including the option to run all 3 if you like. Nothing fundamentally prevents PC makers form adding this basic ability to PCs. Hopefully OSX will be made available in the not too distant future to allow folks to have the same choice on a generic whitebox. But as that doesn't effectively exist (as you currently can't run OSX under the Windows or Linux VMWare client, that is a moot point.

Wouldn't it be nice if you offered even a modicum of an understanding of the marketplace before you totally misrepresent others' positions?

And if you have read anything that I have written, you would know that I hold the entire iPod/MP3/etc genre as the ultimate in low-fi. And I find it ludicrous to run around spending hundreds of dollars to basically have a next generation cassette walkman.

You say that you've ignored what I have written and that you understand it. All you have proven with you inane post here is that you have successfully done neither.

Get your facts straight and get off your @ss and get to class. Maybe with luck you will be one of the excpetions and you will be able to find Chicago on a map. Have fun at the HS pep rally.

Quite a testimony to the erudite buying public...just as they chose VHS over Beta - so much for technical quality being a valid criteria for the buying public.

LOL your amazing. You tell him he's wrong and then proceed to romp into another one of your rants that his entire post was about!

I gotta hand it to you numb nuts, your like a dog on a bone.

I can't wait to read your obligatory "go back to school, your stupid" rant, you know its coming, you know you want to...you post one just about every other sentance...come on now, let it out.

Of course all you add is a partisan fanboy rant below. Oops!

And of course I talked of the same subjects, but his interpetations were completely incorrect. I am not anti-Windows at all. But I am not afraid to acknowledge significant problems with it. Sorry if that offends some of you fanboys.

Hit too close to home fanboy? I can see why you are so upset. ;-)

Don't worry, after you reach puberty its all downhill.

LOL right on queue. I knew you couldn't resist. Are you even listening to yourself? You do realize that your childish name calling and ranting shows you to be much more immature then ANY OTHER poster I've seen on Betanews in a LONG time don't you? Actually you probably don't, arrogant as you are you probably can't see anything but your own superiority complex.

Frankly anything worthwhile you have to say is completely lost in your inane name calling and shouting rants...ahh well, at least your fun to play with.

He has a point. Marketing, not quality products, win the day.

How many of you b**** about how much the iPod sucks when compared to your Zen/iRiver/Sony mp3 player? Yet iPod dominates the market through clever marketing.

Funnily enough, MS did the same, all those years ago. For now, we're stuck with it. :)

Nothing fundamentally prevents PC makers form adding this basic ability to PCs.
Except, if I am not mistaken, the licensing of OS X. Oh, wait, the manufacturers could build machines capable; but users would technically be violating their license agreements. So it is MS's fault how?

...you currently can't run OSX under the Windows or Linux VMWare client...
Actually, you can. It is a hack, and (again) violates the lciense agreement on OSX; but it can and is done.

You do realize the "erudite public" do not only factor "technical quality" in their purchasing decisions, don't you? Or did you think everyone should've bought Crays in the 80's?

I am not anti-Windows at all. But I am not afraid to acknowledge significant problems with it.
You have seen people post claiming otherwise? Seriously, show me one post that claims any MS OS is flawless. I see you beat people over the heads with the fact that Windows is insecure...when they don't disagree with that fact.

Don't worry, after you reach puberty its all downhill.
If I didn't see some of your rare, worthwhile posts, I would ask how you know this.

shut up already.

do you even know what a partisian is?

his daddy writes those for him.

So your response to his accusation of being an anti-MS troll is to call him naems and troll MS some more?

Genius, pure genius.

Your related to bRat at all?

shows you to be much more immature then ANY OTHER poster I've seen on Betanews in a LONG time don't you

I swear, with "Bro Rat" gone, this guy's come in to fill the void quite nicely, don'thca think?

Nah, the rat took up less space. Well, I guess so. Filled in the void and then some.

That thought actually has crossed my mind. (But more like wondering if some guys kid is using his account.)

Thats a good point, aside from the obligatory references to himself in the 3rd person, this guy sounds just like him.

Still...I'd almost prefer to have Rat back...almost.

I am not anti-Windows at all.

Congratulations. That is absolutely *THE* most ridiculous comment I have ever read on Betanews.

--- remove duplicated post ---

Generally I like Sophos but the above has just put some minus points to it.

Someone that at least a little bit understands the whole problem and the technologies involved in it will quickly see that this is just a pure marketing move from Sophos to attack the non tech users (If not that then they simple have no idea what they are talking about). Why so?

The above technology represented by Sophos (Behavioral Genotype) has actually nothing to do wit the standard HIPS technologies that McAfee and Symantec are fighting for. From the description on the Sophos page it is clear that this Sophos technology is actually what is more known today as advance heuristics (heuristics in virtual environment, sandbox, emulation,...). Indeed it might use some "intelligence" from HIPS like systems but in reality this simple can not be compared to standard HIPS. It is more in the league of NOD32 ThreatSense, bitdefender B-HAVE, F-prot 4 !Maximus, Norman Sandbox,...

I am not saying that this technology from Sophos is bad or good (from its abilities to protect from unknown malware), I simple would like to say that IMO this comments from Sophos are totally on the wrong place and have nothing to do with this issue. Symantec and McAfee also have their heuristics and signature based detection technologies that work just fine in Vista 64.

It's Apples fault.

...

/me quietly waits for a rabid foxfyre to come in foaming at the mouth over that.

Troll? :P

Is it a troll if the troller admits to trolling and baiting the troll....ugh nevermind my head hurts now.

Sophos Respect +1000

McAfee and Symantec have come to create crap products anyway. When they start listening to our complaints, Microsoft maybe can start listening to theirs (as in most likely never). Good for Sophos - a company figuring out a way to work with the constant changing times.

Wonder if Sophos is kissing Microsoft's a** to it's satisfaction?

McAfee and Symantec always criticized M$ because Windows was insecure. And now that M$ is trying to make Windows more secure they have a problem with it. So really they want us, the users, to be vulnerable. Man, that's just evil. LOL

btw that was a nice move by Sophos.

Now that I really think about it, they are evil. LOL

Man GS5, I love your insights!!! LOL

Of course they want us to be vulnerable, then how else could they sell those shiny boxes of bloated nonsense in NoobMart.

Quite an interesting article and I will wait to hold judgement. The proof of the pudding will be in the eating.

Fine by me. I must admit that when I put myself in McAfee's shoes--yeah, it almost sounds like Microsoft and Sophos have some secret agreement or something, but it is conceivable that Sophos just wants to distinguish itself from competition in a new and brilliant way, so that if MS wins any and all lawsuits filed against them by McAfee and Symantec, Sophos would suddenly look like the better choice.

Also, evidence below (the clapping, the comments about Sophos being recommended) suggests that this stance has ALREADY given Sophos at least one new potential customer, as he said below that he will now suggest Sophos as an anti-virus (implying that these statements from Sophos are partially the reason). So perhaps Sophos is acting outside of any 'pressure' from Microsoft at all, it is conceivable.

Either way, this will look good for Sophos in the end, assuming McAfee does not win the case against Microsoft that is...

*clap, clap, clap*

You should go to the docter and get a shot of Penicillin ASAP.

Umm...did I miss something? (perhaps you meant to reply to another post?)

ROTFLMAO :-)
Now that is funny!!!
Hey GS5, you made my day:-)

"*clap, clap, clap*"

I believe that qualifies as ill....at least from a technical standpoint.

Think about it...

Clap..

Penicillin...

Had your coffee yet?

I had to look it up (Wikipedia saves the day again).

I had never heard that slang before.

Of course they don't have to make the bypass. AVG and avast! are working without ANY bypass for the whole Vista time...

Sophos is officially on my recommended products list as of today! :) Smart company doing smart things-- I like it!

woah, but...

some people hate smart companies that do smart things. :D

that can go to either side, regardless of who you're for or against :)

I am for MS and this seemingly respectable Sophos :)

Smart is the only way to go.
Bill Gates didn't become the riches man on the planet by making bad business deals.

You can be against the computer security companies but i'll just be against the viruses...