Gartner: Vista antitrust tweaks to take years

Antitrust related changes to security in Windows Vista 64-bit will take years to complete and will cause compatibility trouble in the interim, according to Gartner.

Users of security technologies such as host intrusion-prevention systems, or HIPS, should postpone buying 64-bit versions of Vista, Gartner analyst Neil MacDonald wrote in a research note published on Wednesday. MacDonald also noted that many integrated security products today include HIPS functionality.

"Recognize that many of these products will not deliver full functionality using 64-bit Vista," MacDonald wrote. "Do not plan for initial use of 64-bit Vista if you are using incompatible products for which no suitable alternative exists." People should ask their security vendor for Vista compatibility guarantees, he suggested.

In response to antitrust concerns from the European Commission, Microsoft last week said third-party security software will be able to interact with the kernel of 64-bit versions of Vista. Security companies had requested that capability, but Microsoft had denied it until it capitulated under pressure from regulators.

Security companies now have unfettered access to the core of 32-bit versions of Windows. But they complained that a kernel shield called PatchGuard in 64-bit versions of Vista, which is intended to stop hackers, blocks security products, too. 64-bit Windows is expected to eventually supplant 32-bit versions.

While Microsoft has promised to give its security rivals controlled access to the Vista kernel, the programming interfaces to do so still need to be developed.

"Our goal is to provide an initial set of documented, supported kernel interfaces in the Windows Vista SP1 (Service Pack 1) timeframe, recognizing that this will require collaboration from our industry partners," Ben Fathi, the outgoing corporate vice president of Microsoft?s Security Technology Unit said in a statement late Thursday.

Gartner expects SP1 to be released in early 2008 and predicts that more programming interfaces related to the kernel will be delivered with SP2 or later. All these changes could have a negative effect on Vista, MacDonald wrote.

"Any kernel changes may have a 'ripple effect' up the software stack and will require retesting of all of Windows Vista applications," he wrote.

The timing is much to the dismay of some security companies, including McAfee. "Microsoft has not lived up, either in detail or in spirit, to the hollow assurances offered by their top management last week," Christopher Thomas, a partner at McAfee's Brussels-based law firm Lovells, said in a statement Thursday. Vista is scheduled for release to manufacturers in November and for sale to the public in January.

Access to the Vista kernel is one of two concessions Microsoft made. The Redmond, Wash., software giant has already provided security companies with a way to disable alerts sent out by the Windows Security Center, if their third-party protective software is installed.

[trueview]

Microsoft Antitrust Transcripts

Interesting stuff. I think it's unconscionable (if this report is true), that Microsoft plans to release a product which violates laws? Is Microsoft immune? Anyway, if you would like a partial transcription of Bill Gates answering questions under oath, in a very direct, intimate and revealing examination please contact me. If you are an attorney, tech geek, or just curious I am sure this will interest you. Just email me if you want this and I will send it to you for free. It's about 68 pages. I also have the video version (17 hours on 11 individual DVD's). Copies of it were floating around and I was a lucky insider to get a copy. I am willing to reasonably sell my set - please ask. Have a nice weekend -- enjoy!

[rapier1]

Okay so let me get this right

Its horrible that MS won't allow other companies to directly interface with the kernel. Its also horrible that Microsoft is such a security nightmare. However, one of the *best* ways to improve the security of Microsoft is to stop letting people directly access the kernel and subvert syscalls. So if Microsoft addresses the security problems then they run into anti-trust issuses but if they comply with the antitrust issues then the security problems remain.

However, I will say that this same security problem is a 'feature' in Linux and OS X (LD_PRELOAD). Its just kind of screwed up because it seems no matter what MS does everyone will hate it because MS did it - regardless of it actual merits.

[Microsoft_Facts]

MS is the only corp that can freely break the law

How can you reason that Microsoft is releasing a non-critical product that knowingly breaks the law? Can GM sell a car without seatbelts because they don't fit a particular design? Can a pharmaceutical company push out a new non-critical drug, say a new cold medicine, without adhering to testing and approval laws? Why can Microsoft, a convicted felon of a corporation, release a product that once again defies antitrust laws?

[jjesusfreak01]

Is it possible...

Just maybe...that Microsoft for once is trying to do the right thing, with implements like Patch Guard. It protects the user, though it is essentially being thrown out the user in the spirit of fair play. If you had the choice between having your computer run virus free but with only MS programs protecting it, or being more open to malware simply because MS cant protect it like they want to.

[rijelkentaurus]

They created the problem

With respect, I think that Microsoft has a sticky wicket that they helped to create. They made an insecure operating system, and then an industry rose up around them to help protect it. These are large companies, with stock holders, large workforces and a big stake in their products. Now MS wants to make their OS more secure, and in doing so it has to cut these other companies off at the knees. MS will be selling a competing product...which means that they will have an advantage over their rivals because only they will have the necessary access to the kernel. Given MS's monopoly, this is clearly an antitrust violation; they cannot be allowed to destroy an entire segment of the IT industry. It would indeed make sense to go the lone road and close off the OS, but they cannot do that now. They are being victimized by their own success. The reason that Linux and Apple can do this is because they are not monopolies. The rules are different for monopolies, they MUST be different for monopolies. MS knew all this going in. If they are running into issues now it is because they either failed to plan properly, or they expected that they could get away with underhanded tactics like they did for many years. I hope that those days are over.

[Dale E Marcum]

What a wacky thought

Has any bright people at Microsoft thought about drastic price reduction or even free to consumers with a small charge to business? You cannot have "piracy" for something not worth pirating! The increase in sales seems to me would be tremendous. Maybe I am living in lala land with this idea however! But then again......

[jrbrewin]

uhm..

microsoft are trying to do what other companies do, already. Provide a secure operating system out of the box, without the need for third party applications to secure it.

there's a couple of points that people are forgetting here.
a) microsoft is not giving away AV products to try and shift the likes of symantec and mcafee out of the market. MS's product isn't not free, nor is it bundled in with the OS
b) just because the likes of symantec and mcafee have had it their way in the past, it doesn't mean they can continue. The reason they are being locked (to a degree) is because microsoft is fixing bugs/issues/or fundamental ways in which windows is operating - not to leverage a competitive advantage, but to levarage a competitive advantage over windows XP.

lastly, sophos, creators of an enterprise antivirus solution that is widely used appear to have no problem getting their products working on vista x64 - http://www.betanews.com/article/Sophos_Microsoft_Doesnt_Need_to_Open_Up_PatchGuard/1161379239 - so what's symantec / mcafee's real problem here?

they should innovate, like they used to do.