Full Disclosure mailing list archives

Re: MS Anti Virus?

From: "Gregory A. Gilliss" <ggilliss () netpublishing com>
Date: Thu, 17 Jun 2004 11:03:28 -0700

Dan et al:

You are missing the point here. While it matters little *who* is in the A/V
market, it matters very much when one player is Microsoft, because the M$
business model (according to them and to the US DOJ) is to enter a market,
undercut the market, co-opt the market, drive out the competition, and 
move on to the next market (not unlike a virus, as told by Agent Smith).
So if M$ enters the A/V market and "bundles" their solution with Windows
whatever, they likely will drive Symantec and McAfee out of the market 
over time by co-opting the A/V subscription market.

The security ramifications of a M$ only A/V marketplace relate to Dan Geer's
monoculture argument (already well discussed here) and also a conflict of
interest (since M$ products account for a majority of the A/V infections).
Can we "trust" an A/V solution from M$ that addresses virus infections of
M$ products? And is M$ controls both the virus host and the A/V inoculation,
does that not create a potential area of abuse - no license/upgrade/whatever,
no A/V subscription/update/whatever?

As Reagan told Gorbachev, "Let me tell you why we do not trust you..."

G

On or about 2004.06.17 15:51:19 +0000, DAN MORRILL (dan_20407 () msn com) said:

You make anti virus software sound like a gun lock on a 9MM.

Does it really matter who is in the anti-virus market? If Microsoft goes 
that way, and they have the best knowledge of what they created, what we 
can reasonably expect to see in the words of Bill Gates "Innovation, with 
rich user features, deeply embeded in our software".

So, we can have an AV product that does great things, but maybe only 2% of 
it will be used, and because it is a microsoft product, we can expect 
patches every month, with known and unknown vulnerabilites from day one.


-- 
Gregory A. Gilliss, CISSP                              E-mail: greg () gilliss com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: MS Anti Virus?, (continued)
- - - Re: MS Anti Virus? Mohit Muthanna (Jun 17)
    - Re: MS Anti Virus? Valdis . Kletnieks (Jun 17)
    - Re: MS Anti Virus? Ben Timby (Jun 18)
    - Re: MS Anti Virus? Valdis . Kletnieks (Jun 18)
- MS Anti Virus? http-equiv () excite com (Jun 16)
- MS Anti Virus? Robert Michael Slade (Jun 16)
- Re: MS Anti Virus? DAN MORRILL (Jun 17)
  - Re: MS Anti Virus? Eric Paynter (Jun 17)
    - Re: MS Anti Virus? Alfie (Jun 17)
  - Re: MS Anti Virus? Joshua Levitsky (Jun 17)
  - Re: MS Anti Virus? Gregory A. Gilliss (Jun 17)
    - Re: MS Anti Virus? Ron DuFresne (Jun 17)
    - RE: MS Anti Virus? Poof (Jun 17)
    - RE: MS Anti Virus? joe (Jun 18)
- RE: MS Anti Virus? Dan B. Mann (Jun 17)
  - RE: MS Anti Virus? Ron DuFresne (Jun 17)