The 'Morro' of the story

Microsoft shocked the security industry on Tuesday by announcing that it will stop selling its consumer-focused Microsoft OneCare security software. Instead, Microsoft said that it will offer a new free alternative dubbed "Morro" in mid-2009. What does this sudden change in direction mean?

1. Microsoft is cutting its losses
After two years of hawking OneCare, the company barely made a blip in consumer security market share and was probably bleeding red ink. It is cheaper to give away Morro than to package, distribute, and promote OneCare.

Windows Live OneCare logo

(Credit: Microsoft)

2. There's a reason to remain in the market
So why not kill endpoint security altogether? Good question. As long as Microsoft continues to offer Forefront (i.e., its commercial endpoint security product), Morro is a relatively easy thing to support. Alternatively, I can't see Microsoft walking away from any PC software. The PR implications of doing so are too dire.

3. Morro won't kill other alternatives
Free is pretty compelling, but it is nothing new. Users could opt for a strong free alternative today called Clam AV, but Symantec, McAfee, Trend Micro, and Kaspersky still do pretty well with consumers. Users either don't know about Clam or believe that "free" software must have a catch. On another note, about 40 percent to 50 percent of consumers still buy security software at their local Best Buy, Frye Electronics, or Staples. With no revenue stream, I can't see Microsoft boxing up Morro and paying for shelf space, so Morro won't even be available to a large percentage of the potential market.

4. Microsoft won't bundle Morro in consumer Windows
Ten years ago, I have no doubt that Microsoft would have made security part of the operating system. Heck, Microsoft gave away its antispyware software as recently as 2006. Pursuing this course of action doesn't make sense in this case, however. Aside from the obvious antitrust issues, there is another strategic reality here. Netscape and Internet computing threatened the Microsoft franchise. Symantec Endpoint Protection does not.

Whether industry pundits admit it or not, Microsoft has made great strides in security over the past five years, both in terms of products, processes, and industry leadership. These advances are extremely visible in the enterprise market, but even Microsoft couldn't extend this momentum into the brutal and fickle consumer space. There are too many other fast-growing, highly profitable market segments for Microsoft to pursue, so it simply makes no sense to keep fighting in a crowded market with dwindling margins.

Microsoft consumer security may become free, but expect to hear a lot less about Morro once Microsoft pulls OneCare from retailers' shelves.

[candide08]

You missed the obvious - the conflict of interest and lack of trust.

We all know that Windows is far from secure and NEEDS a security product just to function.
So M$ would sell a product to fix what it cannot fix in Window$?

[viguru]

Well average Win32 user is not going to use Clam AV because of these 2 things I noticed right off the bat..

1) first thing on their website says: "Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX" and I doubt most windows users even know what UNIX is and the few that do, will think "huh. not or me"

2) even on the win32 download page, it states: "Please note that ClamAV is NOT a desktop AV system, it is aimed to the server market."

That being said, I'm a OneCare user and subscriber and I love my OneCare, I have a OneCare Circle that I manage here at home, I have 7 compuers (3 laptops and 4 desktops) setup to use it and it lets me know when any one of those are out of date or having problems. Something no other AV software does that I've found. So I truely hope the new Morro will have this feature, its absolutely awesome and necessary to keep a secure home network.

[Sysadmin_MS]

Umm... Mr. Oltsik, you wrote "Users could opt for a strong free alternative today called Clam AV...." I would hope someone as esteemed as a "senior analyst" would know that ClamAV is a product for Unix. Your article is about AV products for Windows. Apples and oranges, my friend. Two seconds of research would have certainly led you to the first line on ClamAV's website: "Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX" (ref. www.clamav.net). Better luck next time....

[AppleSuxLeo]

I Googled "Bloated POS" and up popped NORTON !

[Astara]

It actually would make more sense for an OS manufacturer to *include* malware/security protection as *part* of the OS. If the OS was designed properly in the first place, it could be argued, there wouldn't be such a need for 'addons'.

But networked-Windows was designed before the Internet exposed every system to the outside world. It was designed for _relatively_ non-hostile intra-office sharing. That core design has never changed -- and all the security 'hacks' and 'kludges' that have been added on since then are just bandaids over the design philosophy of the OS.

Most unfortunately, though, is the fact that security has never been given serious attention in design -- because like the 'good manager' or 'employee' that makes sure problems don't happen -- they just sit in the background and 'work' and don't get in the way. It's hard for people to get excited about things that just "work" -- when our whole society values and rewards "heroes" who save people who really, often, just didn't plan ahead. In some ways, it's very anti-Darwinian. Incompetence and short-sightedness are rewarded, while vigilance or prudence are more often seen as impediments to getting things done. Certainly there can be 'too much' prudence, but I've yet to see that be a major problem in the computer industry.

But look at Wall Street...studies have shown that risk-takers end up getting ahead -- they get the bonuses and rewards. On Wall Street, the WSJ was saying that brokers who made very lucrative trades and managed very lucrative deals got bonus of as much as 10% of the deal . But when their bad judgment inflates a market and causes a meltdown -- are they going to get "bonuses" of 10% of the losses? Nope -- instead they turn to the government for a bailout. How many firms "saved for a rain day"? Zilch. It's only about the *current quarter's* profitability. The same holds for software companies -- where their revenues are judged by quarterly reports -- not by ability to weather a storm. Perversely -- any company that has assets saved for a storm is seen as a target for a "corporate raider" to buy and sell off for the profits.

Something is very messed up with our system -- and bad, insecure software is only another manifestation of the built-in short-sightedness of our economic system.

[Backspace23]

Better free versions exist than Clam, such as Avast, which offers real time protection and higher detection rate. http://www.avast.com/

ClamAV Is available for Windows in the form of ClamWin: http://www.clamwin.com/ , a portable version is available.

And better pay versions exist than the bloated Norton and Mcaffee, such as NOD32.

However as long as the product works, and it gives people a product who wouldn't use one otherwise, I think this is a good thing.

As far as saying Microsoft should "fix" their OS... there's nothing they can do. Most Viruses / spyware are initiated by the user opening a malware program with their permission. If they have admin privledges, the malware has free reign. So in Vista Microsoft made the default user run limited access, and ask for escalation when necessary (UAC), then people complain about it, even though it's the exact same thing as Linux's sudo.

Cake, eat. Pick one.