Re: [Full-Disclosure] MS Anti Virus?

From: Gregory A. Gilliss (ggilliss_at_netpublishing.com)
Date: 06/17/04

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] MS Anti Virus?"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 17 Jun 2004 11:03:28 -0700
    
    

    Dan et al:

    You are missing the point here. While it matters little *who* is in the A/V
    market, it matters very much when one player is Microsoft, because the M$
    business model (according to them and to the US DOJ) is to enter a market,
    undercut the market, co-opt the market, drive out the competition, and
    move on to the next market (not unlike a virus, as told by Agent Smith).
    So if M$ enters the A/V market and "bundles" their solution with Windows
    whatever, they likely will drive Symantec and McAfee out of the market
    over time by co-opting the A/V subscription market.

    The security ramifications of a M$ only A/V marketplace relate to Dan Geer's
    monoculture argument (already well discussed here) and also a conflict of
    interest (since M$ products account for a majority of the A/V infections).
    Can we "trust" an A/V solution from M$ that addresses virus infections of
    M$ products? And is M$ controls both the virus host and the A/V inoculation,
    does that not create a potential area of abuse - no license/upgrade/whatever,
    no A/V subscription/update/whatever?

    As Reagan told Gorbachev, "Let me tell you why we do not trust you..."

    G

    On or about 2004.06.17 15:51:19 +0000, DAN MORRILL (dan_20407@msn.com) said:

    > You make anti virus software sound like a gun lock on a 9MM.
    >
    > Does it really matter who is in the anti-virus market? If Microsoft goes
    > that way, and they have the best knowledge of what they created, what we
    > can reasonably expect to see in the words of Bill Gates "Innovation, with
    > rich user features, deeply embeded in our software".
    >
    > So, we can have an AV product that does great things, but maybe only 2% of
    > it will be used, and because it is a microsoft product, we can expect
    > patches every month, with known and unknown vulnerabilites from day one.

    -- 
    Gregory A. Gilliss, CISSP                              E-mail: greg@gilliss.com
    Computer Security                             WWW: http://www.gilliss.com/greg/
    PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] MS Anti Virus?"

    Relevant Pages

    • RE: [Full-Disclosure] MS Anti Virus?
      ... I think you believe MS is going into the AV market because it wants to. ... reporting "Hole found in messenger service, ... Subject: MS Anti Virus? ... So if M$ enters the A/V market and "bundles" their solution with Windows ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] MS Anti Virus?
      ... They did this years back in the 90's anyone remember pctools, ... DOS 6.0, but, pctools is no longer in the market...and was the norton ... > market, it matters very much when one player is Microsoft, because the M$ ... > The security ramifications of a M$ only A/V marketplace relate to Dan Geer's ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] Show me the Virrii!
      ... Very few of these products enjoyed any significant market success, ... using "known virus scanning" approaches (and flung most who refused to ... Developers of several early behaviour monitor/blocker ... products quickly discovered that the Halting Problem applied to them ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] MS Anti Virus?
      ... With MS in the virus prevention market, ... > history of unethical anti-competitive behaviour... ... > (takes off tinfoil hat) ...
      (Full-Disclosure)
    • fake God infests Faggots in Red State Alabama
      ... "The strain was found in a live bird market in Camden County. ... virus was low pathogenic and not harmful to humans," said a statement ... Details were not immediately available on precisely when the avian flu ...
      (alt.politics.bush)