Robert McLaws: Windows Edition

Blogging about Windows since before Vista became a bad word

Microsoft WILL NOT Budge On PatchGuard

Joe Wilcox can't stop talking about PatchGuard. Look, I was right in front of Jim when he was talking about PatchGuard, and the look he gave me said everything. Jim is 110% focused on security, and he's not going to budge on this one. Not now, not after he leaves, not ever.

HELLO!!!! Lest we forget, PatchGuard has been around for a long time, and Microsoft didn't pull this one out of their ass. Microsoft has been very open with partners on this one for the last 5 years. McAfee and Symantec are complaining because they still haven't come up with a decent way to secure Vista beyond what Microsoft has already done... so they need to spread FUD so their products stay relevant.

I've seen McAfee's code. I've seen Symantec's code. And I've seen Kapersky's code. Their products open up more vulnerabilities than they fix, and their products will never touch mine or my families machines. Period.

But, companies like Kapersky get it. You haven't seen them bitching about it. They know their security software sucks, and they're too busy working to fix it to complain. I predict that they will see the biggest turnaround in their products by the end of the decade, and Symantec will merge with McAfee to try to stay afloat.

Look, the bottom line is this. Microsoft is a huge company that has to do new things to continue to make money. That means, at some point or another, Microsoft will invade any software company's territory. It's the beauty and the curse of being a Microsoft partner: you'll fill in their gaps until they fill them themselves, through development or acquisition. Yesterday's Desktop Pack is a PERFECT example of this.

There are a billion problems to be solved by technology, ESPECIALLY around security. As a software company, you're not constantly evaluating which ones you'll try to solve next when the environment changes, then you're stupid and your company deserves to die. That's how innovation works.



  • davidacoder said:

    I truely dislike the products from McAfee and in particular Symantec. At the same time it just silly to paint this as "this is how a free market economicy should work". Go read an economics 101 text book and look at the chapter on monopolies. Microsoft might comply in a legal sense right now, but the situation in the operating system market is very, very, very far away from a competitive market. The single fact that Microsoft can set prices at will should be enough to make that clear. So, yes, do complain about these lousy competitors of MS, but do not ignore that Microsoft's position is very troubling for anyone who prefers functioning free markets.

    October 18, 2006 3:09 PM
  • Where does this frustration come from Robert?

    "That means, at some point or another, Microsoft will invade any software company's territory ... you'll fill in their gaps unti they fill them themselves, through development or acquisition"

    In my country we call this a monopoly!

    October 18, 2006 4:51 PM
  • Um, look. If you're filling in a gap in Microsoft's technology, Microsoft should not have to be required to keep that gap open just because some company rushed in to fill it. As some point, their software will be improved, and the gap will be closed. It is up to companies to evolve and adapt, to find new gaps to fill and new products to market. That's not a monopoly... that's other companies responding to Microsoft improving it's products.

    It's like when September 11th happened, and the government determined that airport security was weak. They plugged the gap in a federal system with a federal solution. Now those security firms are securing something else. Microsoft's decision was no different. It's not like there aren't a million other things about computers to secure. The kernel is Microsoft's code, and Microsoft won't let ANYONE in anymore. That's not going to change.

    October 18, 2006 5:28 PM
  • List244 said:

    Robert, I know what you are saying. I agree, completely. If we want to see a monopoly, we should look at Macs. Sure, they are not considered one, since they have so little users, but if they were popular, press would be all over them... They are by far worse than Microsoft..

    With that said, I think it is WRONG that Microsoft is being forced to LOWER their security so that another company can secure it. If you can stop the issues at the kernel, that is MUCH safer than having other software try to protect it. With them lowering security, you are inviting intruders; even if you have the third-party software, you are less-safe than if they just stopped it themselves.

    October 18, 2006 7:09 PM
  • bluvg said:

    The problem with Joe Wilcox's argument is the implication that if Microsoft can't secure the kernel, someone else can.  That's nonsense.  Perhaps you could make an argument for a homogeneous vs. heterogeneous architecture, but that's not really what we're talking about here.  In fact, I get the feeling that most people have very little clue what they're talking about when it comes to kernel-level access, other than some vague notion.

    Who's to say that giving McAfee or Symantec kernel-level access wouldn't make things worse?  And that, I propose, is exactly what is at stake.  They may make security products, but their record for flaws isn't much better than Microsoft's, and their kernel-level hooks in the past were not uniquely designed to protect the kernel itself.  There's a whole lot of hand-waving going on in their explanations, and they're specious arguments at best.  The very point of modern OS architectures is to abstract the hardware and control kernel access.  

    Furthermore, nothing is really changing here.  The 64-bit OSes remain the same as always--with PatchGuard in place.  The 32-bit OSes remain the same--no PatchGuard.  A tempest in a teapot, a mountain out of a molehill.

    October 18, 2006 11:49 PM
  • List244 said:

    "In another change, Microsoft had planned to lock down its Vista kernel in 64-bit systems, but will now allow other security developers to have access to the kernel via an API extension, Smith said. Additionally, Microsoft will make it possible for security companies to disable certain parts of the Windows Security Center when a third-party security console is installed, the company said." --

    This is one thing which really bothers me. I don't see why my kernel-mode in 64 bit should be opened for security companies. If they open the API for them, they open the API for EVERYONE. Even if they could block it so that ONLY the security software somehow had access, something could easily then hi-jack the security software. I do not agree with these fights to keep security companies alive, especially when it is at a cost to my system's security.

    October 19, 2006 1:35 AM
  • davidacoder said:

    "It's like when September 11th happened, and the government determined that airport security was weak."

    Give me a break. It is totally not like that. Microsoft is not the government. Governments by definition don't compete and very different rules apply. Microsoft is NOT the government, and therefore they don't have the monopoly on being in charge for law and order (and security). They have to compete.

    I am not saying that I would like the gov to step in and stop MS. There are enough smart heads in econ that argue that while a monopoly is bad, it is even worse if the state intefers and tries to abolish it. All I am saying is that the current situation with a number of markets in which Microsoft is operating is not even close to what one would hope for in terms of competetive markets. Just ONE point, which you pointed out so well previously: Microsoft is setting prices for Windows at will. Suppliers can't do that in a working, competetive market. This is a clear sign that one player has something close to monopoly power. And that is not good. And if that player is then using that power to dominate other markets, that is not good either. It is simply not even close to the efficient market solution.

    I don't know what to do about it, but I think it is fair enough to point that out and not just ignore this problem

    October 19, 2006 4:18 AM
  • List244 said:

    I don't think this is very fair. Microsoft has created an OS, why should securing it have anything to do with a monopoly? They are monopolizing their own creation, I see no problem with that. If someone wants to compete, why don't they go create an OS? I think if they want their OS to have a feature, they should be allowed. This is not a monopoly, this is control over their own creation.

    October 19, 2006 9:01 AM
  • davidacoder said:

    Read econ 101. I am not saying that they have a monopoly in the legal sense that the state has the right to intervene. I am saying that they are such a dominant player in the market for operating systems that right now there is hardly any competition (and don't tell me about Apple, they are tiny) and Microsoft is a price setter for operating systems. That might not be illegale, but from an economic point of view it is a terrible situation, because Microsoft is most probably collecting a monopoly rent on Windows. And the situation does not improve (from an economic point of view) if Microsoft is using its power in the os space to kill of other markes.

    October 19, 2006 10:51 AM
  • some1 said:

    NOD32 and SpySweeper

    October 20, 2006 7:16 AM
  • Joris Evers from C|Net covers a Gartner report that says that HIPS solutions will not work on Vista x64

    October 20, 2006 6:15 PM
  • March 20, 2007 5:26 AM