How Much Security Will Microsoft Be Allowed?

By Larry Seltzer  |  Posted 2005-02-15 Print this article Print

Opinion: Times have changed. A few years ago would Microsoft have been allowed to destroy a whole category of software, even for a good reason?

Microsofts announcements today at the RSA conference are good news for Windows users, but one has to wonder if theyll really go through unchallenged. Much of what Bill Gates said is ambiguous, probably reflecting a certain amount of uncertainty about what they actually plan to deliver. But I definitely get the impression that they plan to offer both their AntiSpyware software and updates to it for free to (Genuine) Windows users. They will also sell a managed version of the product for larger networks.

I sure wouldnt want to be an independent anti-spyware company now. If they dont get bought out soon theyll be out of a job before they know it. It really makes you wonder what was going through the heads of the people who gave all that money to Webroot.

McAfee this week updated its McAfee Anti-Spyware Enterprise. Click here to read more.
Obviously theres a good reason for Microsoft to do this. Spyware is a plague on Windows users, and naive users can be easily tricked into installing malicious programs. Some sort of active protection is essential and expecting users to obtain it from third parties guarantees that many will go unprotected.

This is not the only change announced today that will strike some as anticompetitive. Consider Microsoft Update, the new version of Windows Update that will also detect and update other Microsoft products, such as Office. Is Windows Update a Windows feature, and does updating Office with it unfairly leverage Windows to the benefit of Office? Things would have been different five years ago.

Please dont get me wrong; I never thought much of the whole antitrust issue before, so Im sure not going to think much of it now. Ive already said I think bundling anti-spyware is a good thing for users, and Microsoft Update is undeniably a good thing for users. In fact, its several years late. Microsoft has had a separate Office Update system for years, but how many people know about it? Theres no Automatic Updates facility for it and no big fat obvious link on the Start Menu. Office installations should be much safer as a result of this.

If Im right and the result is a very large percentage of Windows users protected by Microsoft AntiSpyware then we have another case of "monoculture" problem. Its not hard to imagine spyware authors beginning to focus on MS AntiSpyware, looking for ways to trick it and to trick users into trusting attacks and ignoring warnings. Such a situation could increase demand for third-party solutions, but theyd have to be really good to get enough people to pay for them.

Before this is all over I expect someone, probably one of the anti-spyware companies, to fight it legally. Maybe theyll even get some ambitious state attorney general to join in. But Microsoft probably senses what I sense, that times have changed and that its much harder to criticize them for making Windows more secure out of the box than it is for adding a browser. Well all be better off, and worse off, as a result.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel