December 14, 2005 5:06 PM PST
Microsoft security zaps laptop tracer
Windows OneCare Live, freely available as a test version since Nov. 29, has been found to disable Absolute Software's Computrace LoJack, an application that functions like a homing device to help recover a laptop after theft.
"The OneCare product detects one of our modules as belonging to another application that it does not like, so it puts in place a defense that it does not need to," Philip Gardner, chief technology officer at Absolute Software in Vancouver, British Columbia, said Tuesday.
Once installed, Windows OneCare's flags multiple vital Computrace LoJack files as "Win32NewMalware.B" and recommends that users quarantine the files, said David Hackett, a Computrace LoJack user and OneCare tester in Edmonds, Wash.
"These files are not identifiable to users as components of Computrace LoJack, but once quarantined, LoJack will be rendered useless," Hackett wrote in an e-mail to CNET News.com. He reported the issue to Absolute Software after discovering his trouble with its product was related to OneCare.
Computrace LoJack works behind the scenes on a PC and is designed to contact Absolute Software. The laptop reports its location using any Internet connection and thus can be recovered with the help of law enforcement when stolen. With OneCare installed, the software can't make that online connection, Gardner said.
Absolute Software is readying a fix for the issue, but has also alerted Microsoft to the problem. "We believe it is their error," Gardner said.
Microsoft is aware of the issue and has, in fact, already fixed it, Samantha McManus, business strategy manager at Microsoft, said in an e-mailed statement Wednesday. "This is a known bug that was identified during the Windows OneCare Live beta process," she said, adding: "A fix was produced on Dec. 2 and all OneCare users should have it."
The problem with Computrace LoJack, known in the industry as a false-positive, is one of the bumps that Microsoft faces as it moves into the security software arena, said Andrew Jaquith, a senior analyst at the Yankee Group.
"Traditional AV (antivirus software) vendors like Symantec and McAfee have been encountering these issues for years and this is something that Microsoft is going to have to figure out," Jaquith said. "It is a bit of a black art trying to get all the security software to work together and that is where all of the big guys spend a lot of their quality and assurance dollars."
Security software is more challenging because it has to burrow deep into the operating system, Jaquith said. But discovering issues such as the clash with Computrace LoJack is exactly what beta tests are for. "I think this is par for the course at this stage in the OneCare lifecycle. I am sure they will iron all these issues out," he said.
Absolute Software's Gardner agrees. "We have to take the position that it is beta software and we consider Microsoft to be responsive to our concerns," he said. "We don't see this as a major error and we can easily deal with the impact to our customers.
OneCare marks Microsoft's long-anticipated entry into the consumer antivirus market, which has been the domain of specialized vendors such as Symantec, McAfee and Trend Micro. Two years ago, Microsoft announced its intent to offer antivirus products when it bought Romanian antivirus software developer GeCad Software.
OneCare is meant for consumers and combines anti-spyware software, which Microsoft is also publicly testing, with antivirus software, firewall software and several tune-up tools for Windows PCs. Microsoft has not announced pricing for OneCare but has said the final package, due for release next year, will be offered as a subscription service.
11 commentsJoin the conversation! Add your comment