Comments on: How Live OneCare changed the antivirus landscape

Although it's not dominant, Microsoft has forced traditional antivirus vendors to make changes. With a free offering due next year, it may do so again.

[elllroy]

it always amazes me: a whole billion dollar industry based on the flaws of one product: windows. amazing. and still not one virus fpr mac os x.

[dredge999]

There are several things wrong with your statement.

1) Malware/Virus authors base their attacks on the target systems that will offer them the most bang for their programming buck. Apple market share is miniscule compared to the Windows O/S market share. Consequently there have been FAR fewer attackers actively trying to exploit MAC OS/X. This should be obvious unless of course you are a MAC fanboy.

2) There ARE virii out there for MAC OS X and Adware/Malware.

3) MAC OS X is not more secure than windows. The fact that less malware/spyware/virus writers are targeting it does not make it more secure.

see: http://blogs.zdnet.com/security/?p=758

There are many sites that track vulnerabilities and almost all of them reveal that MAC OS X has an equal if not greater number of flaws and security holes when compared to Windows.

You might want to do some research before you write a comment that contains the same old FUD that all Apple fanboys blindly reiterate time and time again.

[Michichael]

Where have you been? I've lost count of the viruses for Mac OS X and software. Shoo fanboy, there is no immune OS.

[gbo2k9]

Well, Sophos hasn't lost count, I think they are up to 5.

[Penguinisto]

@dredge999: The "marketshare" argument falls flat when you realise that Anyone who can compromise Macs en-masse would have millions of machines, untouched by A/V, all to themselves.

To date there is one convoluted trojan "out there" for OSX. It requires you to surf to a pr0n site, download a file, enter your root password to install that file...

...meanwhile, London's hospitals are still without networking due to a common Windows virus: http://www.theregister.co.uk/2008/11/19/hospital_computer_virus_shutdown_update/

Also, vuln counts != virus counts. Please educate yourself (or at least try to) on the differences (esp. since your URL destination make no distinction between local/remote, or between core and ancillary apps...)

@ "I've lost count of the viruses for Mac OS X and software."

...you can't count past 5 variations of one trojan?

Damn...

[eiverson]

I'm curious to know if "experts" disagree with Microsoft's recent report asserting that 90% of malware attack vulnerabilities in the applications that run on the operating system. I'm sure Microsoft applications account for a percentage of those too, though. All that said, AV products are not primarily making up for the mistakes in the applications that run on the operating system.

Although taken off-guard, I'm not terribly surprised by this move to render OneCare freeware. Its anti-malware capabilities are mostly if not entirely signature-based. Signature-based only defenses are increasingly ineffective due to polymorphic malware and malware-makers systematically altering and confirming that their wares elude signature-based defenses. More on this here:

http://www.securitynowblog.com/endpoint_security/secunia_report_signature-based_antivirus_misses_most_unknown_malware

http://www.securitynowblog.com/endpoint_security/signature-based-antivirus-and-hips-technologies-poor-endpoint-protection

There are some promising freeware tools that folk ought to evaluate that block malware attacks without signature defenses. However, in some cases the medicine can be worse than the illness. A promising example to try:

http://www.blueridgenetworks.com/solutions/edgeguardsolo/

This tool is imperfect but surpisingly effective for a beta.

[pin_gwin]

Changed the landscape? It looks like nobody mentioned. I do not feel anybody is expecting anything good coming out of MS. And for a real good reason - the real players are offering fully functional free versions of AV already for years - like Grisoft AVG.

[guest86]

Don't buy Anti-virus have one to 3 years to expire. Forget it! I have lifetime Anti-virus that will never expire! Enough! Many people get stress so bad. I just happy own my lifetime product come from Google. Thanks to Google to give my LIFETIME anti-virus. Powerful one with spyware protection and virus protection plus Firewall. MS is so stupid! Waste a lot of money is not right. Grow up MS!

I have Norton 2005. Because product is not good! Lousy! Missing files like malwares, etc. Very annoy pop ups. Worth $59.99 is not important! I sued Norton company because product is not good or enough! Get up and working more powerful than before lousy products! I now stopped buy Anti-virus products at store no more! Shame on whole companies! I not happy anymore! Very Angry!

[Schratboy]

Microsoft and security go together like peanut butter and thumb tacks.

[Hemanth_3_9]

Hi Rob, if Mcafee and Symantec offer a free version of their antivirus software wouldnt that affect their revenues.

[gbo2k9]

"1) Malware/Virus authors base their attacks on the target systems that will offer them the most bang for their programming buck. Apple market share is miniscule compared to the Windows O/S market share. Consequently there have been FAR fewer attackers actively trying to exploit MAC OS/X. This should be obvious unless of course you are a MAC fanboy."

What research do you base this on? By miniscule, you mean over 7%? I guess 2 million macs a quarter is miniscule. The FACT is there are far fewer SUCCESSFUL exploits. If it were the case that market share determined attack vectors, why is it that the first Mac OS X virus reported used iChat to propagate itself? Now, in terms of market share, iChat is not even the leading chat software for Mac users.

2) There ARE virii out there for MAC OS X and Adware/Malware.

Yes, there ARE, and if you have 10 fingers on your hands, you can use those to count them. However, in the Windows world, you would need to have about 10 hands, just to count the new ones that are found each day.

3) MAC OS X is not more secure than windows. The fact that less malware/spyware/virus writers are targeting it does not make it more secure.

Two counter points. 1) Yes it is more secure. 2) Yes it does.

Let's put it like this. If you live in a high crime area (like Windows) or you live in an exclusive, expensive, neighborhood (like Mac OS X) you will be less likely to encounter crime (viruses/malware). Further along that analogy, Mac OS X is like a gated community, and Windows is like a crack house with a broken lock.

"There are many sites that track vulnerabilities and almost all of them reveal that MAC OS X has an equal if not greater number of flaws and security holes when compared to Windows."

That's nice, but here in the real world, where I practice unsafe browsing every day on my Mac, I have yet to encounter a single virus. I've never run any form of antivirus either.

[unbreakable2008]

Wrong! You say this:And the Windows Firewall, while Microsoft insists otherwise, is not a truly two-way firewall;

This is incorrect! Vista has a new firewall!

The new vista firewall has 2 way filtering if you wish ... I explain it all in my blog>>>

http://computerboom.blogspot.com/2008/11/advanced-vista-firewall-settings-2-way.html

[gbo2k9]

Well, since Internet Explorer is integral to the OS, all attacks on IE should be considered attacks on Windows.

If Apple did something as stupid as integrate Safari into the core OS...

I could care less about stats, announcements, patch schedules, etc. I live in the real world, where user experience is what matters.

Why does everyone purport to know the mind and motivations of "virus programmers". Have you ever met one? Have you ever been one?

From experience, I can say that the virus programming world is as diverse as the earth's population itself, and they are not all operating on the same principles or towards the same goals.

[DrtyDogg]

"If Apple did something as stupid as integrate Safari into the core OS..." No they left out the UI and just integrated the rendering engine.

[AwakenZero]

"Why does everyone purport to know the mind and motivations of "virus programmers". Have you ever met one? Have you ever been one?"

"From experience, I can say that the virus programming world is as diverse as the earth's population itself, and they are not all operating on the same principles or towards the same goals."

Uhh why don't you answer your own question first.

"I could care less about stats, announcements, patch schedules, etc. I live in the real world, where user experience is what matters."

Then you can't compare and say Mac OSX is better. User experience is subjective.

[Rupe120]

What else will they be scanning for? I just don't trust them.

[DarenI]

Live OneCare did not change a thing for the AV industry. As a long-time Microsoft user, I gave up my Norton AV and tried Live OneCare on two of my systems and my mother's. It was horrible. It would update to new versions without my consent, I had to manually configure the software after every reboot in order to continue using file and printer sharing on my home network (it refused to save my settings that it is a trusted, private network), and it let a well-documented virus that had been out for 5 years (yes, 5 years) infect my system. I learned my lesson. I ditched Live OneCare and reinstalled Windows and Norton. Just to make sure I was being fair, I copied an infected file off a backup onto the newly reinstalled system. As soon as the file hit my computer, Norton quarantined it. Live OneCare -- now Morro? -- is not even deserving of being called competition. In this case, you are getting what you pay for, which will soon be nothing.

[SpeedyDemon]

It's soooooooo nice having linux.

Also, about all an outbound firewall is really good for is to stop virus infected machines from spewing spam and malicious code all over the internet .... maybe.

Again ..... it's soooooooo nice not worrying about that with linux.

[mbenedict]

If I had a dime for every root-kit infested Linux & BSD boxes I've seen...

...but I'm glad you're not "worried" 'cause you have Linux.

[guest86]

I own Malwarebytes' Anti-Malware and Trojan Remover can blow any Anti-viruses softwares away. 100% powerful than normal anti-viruses can't delete viruses, malwares, etc. Better know that.

Norton - Failed
McAfee - Failed
Live OneCare - Failed
Panda - Failed
AVG - Failed
Nod32 - Failed
Avast - Failed
Kaspersky - Failed
All more are total Failed!

We still recall all lousy anti-viruses products! Not enough. Need merge with Malwarebytes' Anti-Malware and Trojan Remover can knock or kick hidden powerful viruses, worms, etc out! People must be happy.

[JoeAnne10]

I never used an anti - virus program on my computer because I don`t really trust this kind of protection means. I`d rather not use anything than not to be allowed to use my programs because they are a potential risk. For example I could not access my <a rel="follow" href="http://www.phoenixlandscaping.biz">Phoenix landscaping<a/> program.