June 7, 2006 4:00 AM PDT

Microsoft shakes up security fray

Microsoft's long-awaited entry into the market for all-in-one PC care is shaking up the consumer security field.

A number of companies, including perhaps unexpected ones such as AOL, are readying security and maintenance packages for home computers, following Microsoft's launch last week of Windows Live OneCare.

It's hard to pick an outright winner, but one thing is clear: Health care for your Windows-based PC is getting easier, cheaper and more comprehensive.

"Microsoft's official entry into the consumer security protection market will dampen prices," Gartner analyst Arabella Hallawell said. The Redmond, Wash.-based software giant is poised to take a big chunk of that niche, she said. "Existing vendors must converge their offerings to warrant premium pricing and survive."

The introduction of OneCare is the starting gun for heightened competition for consumers' security dollars, with Microsoft taking on incumbents Symantec and McAfee. There's a lot at stake. Last year, the worldwide market for consumer antivirus software reached $1.95 billion, up 17 percent year-over-year, according to research from Gartner. Symantec dominated the space, taking a 70 percent piece of the pie.

Microsoft isn't just a newcomer to consumer security; it's also taking a different tack. The OneCare software and service package aims to be comprehensive, whereas Symantec and McAfee have traditionally charged for additional features. OneCare includes the security basics--antivirus, anti-spyware and firewall--found in the products sold by its rivals, but adds backup features and tune-up tools for Windows systems. It's being touted by Microsoft as "a pit crew for your PC."

OneCare

"We believe we're creating a new category," Dennis Bonsall, Microsoft's director of product management for OneCare, said in an interview last week. "It is not about security anymore, but it is about holistic PC care."

Symantec and McAfee have both announced that they are preparing integrated packages to go up against OneCare. The planned releases will incorporate components of their current security, PC optimization and backup products, the companies have said. So far, however, they have shown only product plans, not actual software.

This summer, McAfee plans to ship four products based on its integrated security technology, code-named "Falcon." Symantec's Norton 360, previously known by the code name "Genesis," is set for release by the end of March next year, having originally had a September due date.

The lack of a rival product on the market, or even available in a test version, doesn't bode well for the traditional security players. "Microsoft has the first-mover advantage by having a managed consumer security service ready to go first," Hallawell said.

There are some limitations to OneCare in early comparisons of features. For example, Symantec promises to deliver online backup capabilities in Norton 360, which will let people store their critical data on a Symantec server. Right now, Microsoft does not offer that feature in OneCare, where people can only back up to external hard drives, CDs or DVDs.

Got views on Vista?

Additionally, OneCare lacks spam-filtering capabilities and doesn't offer protection against information-stealing Web sites used in phishing scams. Those features will be part of Symantec and McAfee's PC care suites, the companies have said. Microsoft, meanwhile, offers a phishing shield in its toolbars in Windows Live and in the MSN Search Web browser.

"Symantec will likely have a managed service with more bells and whistles," Hallawell suggested.

But the incumbents will have to cut their prices, as they face off with Microsoft and one another, analysts said. Symantec and McAfee have not announced pricing for their new products yet, but Microsoft will undercut them, no matter what, Forrester Research analyst Natalie Lambert said.

"Microsoft is going to win on price," she said. And with consumers being very cost-conscious, that's going to be half the battle, Lambert said.

OneCare costs $49.95 per year for use on up to three PCs that run Windows XP with Service Pack 2. That's less than Symantec and McAfee charge for three-user editions of their existing security suites--$119.99 and $129.99, respectively. However, those are full prices for the packages, which don't have as wide a range of tools as the upcoming products and which are often heavily rebated.

CONTINUED: The ISP factor…
Page 1 | 2

See more CNET content tagged:
Symantec Corp., spam filtering, online backup, Gartner Inc., McAfee Inc.

152 comments

Join the conversation!
Add your comment
WOW!!!
Microsoft is (with vista ultimate) going to sell me a piece of software for LOTS of cash that is full of holes and then charge me to protect those holes from attacks? Sounds no different than a common protection racket that would be locked up for criminal activity.

I guess I will never be as rich or powerful as a company like Microsoft, I simply could never treat customers the way that they do.
Posted by rick7069 (27 comments )
Reply Link Flag
Well if at first you can't succeed ...
PATCH, PATCH again!
Posted by Ted Miller (305 comments )
Link Flag
Umm....
Colonel Sanders, will you baby-sit my chickens?

The manufacturer of flawed software makes a security suite to help protect said software? I have to sit down, my brain is starting to hurt.
Posted by fjellt (18 comments )
Link Flag
WOW!!!
Microsoft is (with vista ultimate) going to sell me a piece of software for LOTS of cash that is full of holes and then charge me to protect those holes from attacks? Sounds no different than a common protection racket that would be locked up for criminal activity.

I guess I will never be as rich or powerful as a company like Microsoft, I simply could never treat customers the way that they do.
Posted by rick7069 (27 comments )
Reply Link Flag
Well if at first you can't succeed ...
PATCH, PATCH again!
Posted by Ted Miller (305 comments )
Link Flag
Umm....
Colonel Sanders, will you baby-sit my chickens?

The manufacturer of flawed software makes a security suite to help protect said software? I have to sit down, my brain is starting to hurt.
Posted by fjellt (18 comments )
Link Flag
Microsoft products cause security problems, not fix them!
I really hope the majority of people "get it" and tell MS where they can out this product, thanking them for the need for it to begin with.

Give this Linux a try if you truly are looking for a more secure system. <a class="jive-link-external" href="http://www.ubuntu.com/" target="_newWindow">http://www.ubuntu.com/</a>
Posted by aabcdefghij987654321 (1721 comments )
Reply Link Flag
Goverment request
Home Land Security demands to look at all thet secure data backed up on Symantec's servers. Ahm you know... just in case there are terriosts there
Posted by Ted Miller (305 comments )
Reply Link Flag
There's One! ...
There's one, there, behind that diod.. Watch it! He's got a byte in his hand, oh if we lose that byte we're all screwed
Posted by jabbotts (492 comments )
Link Flag
Symantec Needs A Good Shaking
Perhaps Symantec will get off of it's rear, and create better products.
Posted by john55440 (1020 comments )
Reply Link Flag
Symantec customer service
... is a joke. They don't just need better products. They need a new attitude towards their non-business customers.
Posted by P. Jackson (17 comments )
Link Flag
Defensive "news"
"The real winners could be consumers, who will likely see
simpler, cheaper and more comprehensive products, analysts
say."

You know, I read this article twice and didn't see any quote that
even resembled this "high impact" summary

I hate to be cynical, but the obvious response from Symantec
and McAfee (and others) will imply that this may be another
anti-trust (bundling) violation. Microsoft's position would be to
argue that entering the market INCREASES competition and
BENEFITS the consumer, and thus this is not an anti-trust issue.

How funny then, Joris, that you would provide Microsoft's
defense in your "summary" -- it's hard to believe you didn't get
some "motivation" from MS to do - especially given your
summary comes out of nowhere considering the very text of
your article.

Hopefully, this isn't the case.
Posted by tobyp--2008 (19 comments )
Reply Link Flag
Build a software market based on a faulty product
Quite a racket. Maybe the gaming industry should pay attention.
Posted by irish_iiii (2 comments )
Reply Link Flag
Build a software market based on a faulty product
Quite a racket. Maybe the gaming industry should pay attention.
Posted by irish_iiii (2 comments )
Reply Link Flag
I wish Microsoft would really shake up the market
I wish Microsoft would shake up the security market by developing
a secure OS. Then we wouldn't have to spend so much time and
money trying to protect our Windows boxes like new born babies.

Imagine a world if Windows was even half as secure as OS X. It
would be Symantec who? McAfee software? Never heard of them.

What's spyware?
Posted by rcrusoe (1305 comments )
Reply Link Flag
Mac is better.. it's just that simple
I used Windows 10 years, bought a 5yr, old G4 Mac from work and
put OS X on it. Less than 1 month later I knew I wasted 10yrs on
the M$ wholywear. Now I'm the proud owner of a "solid and secure"
(Intel) iMac..!!
I'll NEVER go back to Microcrapware..!!!!!!!
Posted by imacpwr (456 comments )
Link Flag
Are you so sure...?
Keep in mind that part of the reason that Macs appear to be so secure is their lack of numbers when it comes to market share. They have finally made a little noise in the market and what was the first thing that happened? Exploits had to be patched in the Safari browser and the OS X operating system itself. Don't get me wrong, I am no microsoft fanboy. I probably won't get OneCare. However, many of the comments here are from Apple fanboys that think that Macs are a cure-all for the ills that befall computers. If the situation were reversed and Apple and held nearly all of the marketshare for this long they would likely be the one criticized for a lack of security because of the greater intensity with which they would have people looking for exploits.
Posted by nesretep (10 comments )
Link Flag
Security by Obscurity
You're calling OS X secure? Ever wonder why your Mac is running OS updates every week?
It's likely that OS X isn't half as secure as you think it is. OS 9 was far more secure- There's no lack of holes to exploit in OS X, but if you're someone looking to steal passwords or infect computers are you going to write an exploit for 90% of the market or less than 10%?

Secure by obscurity isn't really secure. In some cases it's less so because the user's smugness causes temerity. On the other hand Mac doesn't seem to be doing anything in marketshare so maybe your smugness is justified...
Posted by Fireweaver (105 comments )
Link Flag
I wish Microsoft would really shake up the market
I wish Microsoft would shake up the security market by developing
a secure OS. Then we wouldn't have to spend so much time and
money trying to protect our Windows boxes like new born babies.

Imagine a world if Windows was even half as secure as OS X. It
would be Symantec who? McAfee software? Never heard of them.

What's spyware?
Posted by rcrusoe (1305 comments )
Reply Link Flag
Security by Obscurity
You're calling OS X secure? Ever wonder why your Mac is running OS updates every week?
It's likely that OS X isn't half as secure as you think it is. OS 9 was far more secure- There's no lack of holes to exploit in OS X, but if you're someone looking to steal passwords or infect computers are you going to write an exploit for 90% of the market or less than 10%?

Secure by obscurity isn't really secure. In some cases it's less so because the user's smugness causes temerity. On the other hand Mac doesn't seem to be doing anything in marketshare so maybe your smugness is justified...
Posted by Fireweaver (105 comments )
Link Flag
Mac is better.. it's just that simple
I used Windows 10 years, bought a 5yr, old G4 Mac from work and
put OS X on it. Less than 1 month later I knew I wasted 10yrs on
the M$ wholywear. Now I'm the proud owner of a "solid and secure"
(Intel) iMac..!!
I'll NEVER go back to Microcrapware..!!!!!!!
Posted by imacpwr (456 comments )
Link Flag
Are you so sure...?
Keep in mind that part of the reason that Macs appear to be so secure is their lack of numbers when it comes to market share. They have finally made a little noise in the market and what was the first thing that happened? Exploits had to be patched in the Safari browser and the OS X operating system itself. Don't get me wrong, I am no microsoft fanboy. I probably won't get OneCare. However, many of the comments here are from Apple fanboys that think that Macs are a cure-all for the ills that befall computers. If the situation were reversed and Apple and held nearly all of the marketshare for this long they would likely be the one criticized for a lack of security because of the greater intensity with which they would have people looking for exploits.
Posted by nesretep (10 comments )
Link Flag
This is Good News for Consumers and the Internet
I view Microsoft's entry into the PC security sphere as good news where everyone wins. In addition to the fairly obvious increase in competition and resulting reduction in prices, it will also likely press the existing security makers to improve their products. Additionally, as security products become more affordable and more commonplace, more people are likely to use them and keep them up-to-date, reducing the effectiveness of Internet-based attacks. All of this benefits everyone, regardless of your attitude toward Microsoft and its products.
Posted by Techno Guy (77 comments )
Reply Link Flag
I'm not sure about that...
After all, Microsoft is selling for additional
cost a product that aims to implement stop-gap
measures to reduce the impact of flaws in their
product.

There's an obvious conflict of interest there.
If they are competent enough to implement the
measures in an effective manner, then how come
they have not fixed the inherent flaws in their
OS product? Either they are not competent, in
which case the security product would be
expected to be of lesser quality, OR they are
competent, and are intentionally releasing a
flawed product with the intent of selling you
additional products to avoid those flaws.
Neither bodes well for the market or consumer.

I suppose it need not be pointed out too that MS
has a distinct advantage over their competitors
in that their tools can be granted privileged
access to OS resources and features unavailable
to their competitors. Theire products, by
design, can do things the competitors products
never can.
Posted by Zymurgist (397 comments )
Link Flag
IMHO
i think that microsoft's security suite should come standard, free with every copy of windows. now, maybe without the spam filter or whatever, since that's an email problem not an OS problem, but i don't think microsoft should be allowed to make money off making thier PC's more secure like this. MS recommends everyone connected to the internet have extra security precautions built in, which means that they realize there are extra threats. i should be able to boot my PC up and not be recommended to go buy extra products to do what it was made to do. if MS has created a product that allows people to use thier computers how anyone would expect to in a safer way, it should be included in windows.
Posted by RayGentry (20 comments )
Reply Link Flag
Security as an afterthought.
I think you are right. I would add that this
also bolsters the notion that Microsoft
considers the integrity of their systems as an
afterthought. Rather than focus on making a
stable and secure system, they build a capable
system and sell add-ons that claim to make their
systems secure.

Microsoft's competitors, of course, don't do
that. They perceive security to be part of the
core OS product, not a separate product in its
own right.
Posted by Zymurgist (397 comments )
Link Flag
IMNHO, I disagree
Microsoft offers security suite for free - and gets a rain of anti-trust charges, court injunctions etc etc. In a perfect world, they should. In todays legal system, impossible. Their competitors in the security arena will not stand, arms crossed, and watch their entire industry disappear you know.
Posted by ikenna4u (13 comments )
Link Flag
Ditto
It makes no sense to make software, then have stuff wrong with it, then charge extra to fix it.

Windows should have as much security as possible straight out the box. But of course, that's in a perfect world.
Posted by jerrellt (17 comments )
Link Flag
IMHO
i think that microsoft's security suite should come standard, free with every copy of windows. now, maybe without the spam filter or whatever, since that's an email problem not an OS problem, but i don't think microsoft should be allowed to make money off making thier PC's more secure like this. MS recommends everyone connected to the internet have extra security precautions built in, which means that they realize there are extra threats. i should be able to boot my PC up and not be recommended to go buy extra products to do what it was made to do. if MS has created a product that allows people to use thier computers how anyone would expect to in a safer way, it should be included in windows.
Posted by RayGentry (20 comments )
Reply Link Flag
Ditto
It makes no sense to make software, then have stuff wrong with it, then charge extra to fix it.

Windows should have as much security as possible straight out the box. But of course, that's in a perfect world.
Posted by jerrellt (17 comments )
Link Flag
Security as an afterthought.
I think you are right. I would add that this
also bolsters the notion that Microsoft
considers the integrity of their systems as an
afterthought. Rather than focus on making a
stable and secure system, they build a capable
system and sell add-ons that claim to make their
systems secure.

Microsoft's competitors, of course, don't do
that. They perceive security to be part of the
core OS product, not a separate product in its
own right.
Posted by Zymurgist (397 comments )
Link Flag
IMNHO, I disagree
Microsoft offers security suite for free - and gets a rain of anti-trust charges, court injunctions etc etc. In a perfect world, they should. In todays legal system, impossible. Their competitors in the security arena will not stand, arms crossed, and watch their entire industry disappear you know.
Posted by ikenna4u (13 comments )
Link Flag
Marketing Spin
Shrewd marketing move on Microsoft's part: sell vunerable products at a high price, then charge for a service to monitor and repair the damage from the exploits of those vunerablities. The vunerablities won't necessarily be patched, just managed. Never ending revenue streams, Balmer's wild wet dream.

Operating systems don't "cause" security problems, the "cause" is the crackers who exploit the vunerablities. Anyone who claims that their OS is fundamentally secure doesn't understand the dynamic. It's statitiscally impossible to write error free code once you have a code body larger than a couple hunderd thousand lines. It just takes too long in human terms to prove the code is correct. Doesn't matter who writes the code, it will have errors, period.

Just because *nix and Mac OS don't get hit as often doesn't mean they're less vunerable, it just means the crackers haven't spent nearly as much time knocking them around to find where they break. Imagine the side of a barn with a door and a window. The barn represents all OS's. The big red side it the market space that Win OS occupies, the door is the market space that *nix OS occupies and the window the market space that Mac OS occupies. You start throwing rocks are the barn. Over time, you'll see that you hit more of the red space a lot more than hitting the door or the window. It's as simple as that, security attacks are going to hit the biggest target.

Microsoft isn't a security software company, they're an OS and productivity software company. They have talented people in the security area, no doubts about that, but it's not their strength as a company. Symantec and McAfee have been in this game a lot longer, but both companies have been "resting on their laurel" of late, they haven't been that innovative and they've tended to try to become the kitchen sink for security manangement; they try to everything, doing a fair job of everything but not an outstanding job on any particular aspect.

I don't buy into this "remotely managed security care", at least not yet. This opens a whole other attack vector and no one has of yet really mentioned how much impact this will have on bandwdth consumption or machine resource consumption. Given what I've seen already, it's an interesting idea but won't take the place of a well researched, designed and implemented set of ecurity policies and procedures. The cheap price alone is not enough, and will undoubtedly come around to bite you later.
Posted by oldroughneck (10 comments )
Reply Link Flag
Exploiting their shoddy work
I dunno, but is it just me?...Why are they trying to sell something
that offers protection for a faulty product, that just happens to
be their product. Its like selling a house or a car with no
windows or doors then turning around and trying to sell a
security system instead of trying to put in the windows and the
doors before selling it. Even then ca manufacturers go to the
length to offer security systems free of cost (immobilizers etc)
because they recognize you cant be to sure about things. I think
this is a travesty; they should try to fix the product in the first
place to ensure that little if any security is needed. Instead they
are trying to exploit their shoddy workmanship. Consumers
cannot benefit from this, Microsoft will. They should include this
free, to aid helpless droves of microsoft product users who have
had years of crap and problems. So what is to stop them from
offering a faulty product and provide a certain and definite fix
for a premium? A double whammy if you ask me, so they will be
able to make money two ways...Whats next? They aren't gonna
offer security updates? Just tell you to get their 'one care'
product? Or better yet charge for security updates? This is so
underhand and should not happen.
Posted by kurt mclaren (4 comments )
Reply Link Flag
Consumers are SHORT TERM beneficiaries!
I find the headline "OneCare has kicked off a software race--and consumers are the likely winners." misleading and sympathetic to Microsoft.

Has the result of the Browser wars been good for consumers(?!) - the vast majority use IE! And MS has let it languish until it was FORCED, by COMPETITION to update it!!

Wake up!
Posted by technewsjunkie (1265 comments )
Reply Link Flag
In theory, MS would seem to have an inside advantage
Since it's THIER OS! One might think they know where the weak spots are (NOT!). Will MS now be as "forthcoming" in providing Windows code to it's new competitors? Hmmm.

Seems like an unfair advantage to me (except that MS is incompetent in securing it's products)
Posted by technewsjunkie (1265 comments )
Reply Link Flag
In theory, MS would seem to have an inside advantage
Since it's THIER OS! One might think they know where the weak spots are (NOT!). Will MS now be as "forthcoming" in providing Windows code to it's new competitors? Hmmm.

Seems like an unfair advantage to me (except that MS is incompetent in securing it's products)
Posted by technewsjunkie (1265 comments )
Reply Link Flag
Is this enough though?
Here Microsoft has addressed the common issues relating to online security, but what they still haven't focused on is email security. Most viruses that come via browsers have been taken care of through knowledge and antiviruses and most of the time these programs work great in protecting a PC, but the amount of viruses that come via email has readily increased.

There are few programs and opportunities for consumers to protect themselves from email worms, so we need to expand the knowledge and hopefully force hackers to find other ways into our computers.
<a class="jive-link-external" href="http://www.essentialsecurity.com/products.htm" target="_newWindow">http://www.essentialsecurity.com/products.htm</a>


Nkully
Posted by Nkully86 (59 comments )
Reply Link Flag
Is this enough though?
Here Microsoft has addressed the common issues relating to online security, but what they still haven't focused on is email security. Most viruses that come via browsers have been taken care of through knowledge and antiviruses and most of the time these programs work great in protecting a PC, but the amount of viruses that come via email has readily increased.

There are few programs and opportunities for consumers to protect themselves from email worms, so we need to expand the knowledge and hopefully force hackers to find other ways into our computers.
<a class="jive-link-external" href="http://www.essentialsecurity.com/products.htm" target="_newWindow">http://www.essentialsecurity.com/products.htm</a>


Nkully
Posted by Nkully86 (59 comments )
Reply Link Flag
all of them lack outbound email security
And what about the risks of unprotected outbound email? There doesn't seem to be a choice in any of these packages to give a consumer the option to protect their outgong email. Surprising, considering the known issues that come with email snooping and interception, not to mention accidental(?) forwarding of company IP.

<a class="jive-link-external" href="http://www.essentialsecurity.com/" target="_newWindow">http://www.essentialsecurity.com/</a>
<a class="jive-link-external" href="http://www.essentialsecurity.com/Documents/article9.htm" target="_newWindow">http://www.essentialsecurity.com/Documents/article9.htm</a>
Posted by 209979377489953107664053243186 (71 comments )
Reply Link Flag
No outbound security - maybe
If this isn't there then what is my Norton Internet Security program scanning when I send anything from my computer? I launch an e-mail from my mail program and there is a delay from the time the e-mail program says it has sent it and the time it actually gets to the net because my security program icon tells me it is scanning outgoing data.

If it isn't checking what is in the e-mail then what is it doing? By the way, mine is set so any program but my browser tries to open or close a program or window and it alerts me. It also checks any personal data and if it isn't bound for a site it recognizes as approved by me I get an alert and have to OK the data being sent. So, what is doing that? Looks like outbound security to me.
Posted by GEBERWEIN (75 comments )
Link Flag
all of them lack outbound email security
And what about the risks of unprotected outbound email? There doesn't seem to be a choice in any of these packages to give a consumer the option to protect their outgong email. Surprising, considering the known issues that come with email snooping and interception, not to mention accidental(?) forwarding of company IP.

<a class="jive-link-external" href="http://www.essentialsecurity.com/" target="_newWindow">http://www.essentialsecurity.com/</a>
<a class="jive-link-external" href="http://www.essentialsecurity.com/Documents/article9.htm" target="_newWindow">http://www.essentialsecurity.com/Documents/article9.htm</a>
Posted by 209979377489953107664053243186 (71 comments )
Reply Link Flag
No outbound security - maybe
If this isn't there then what is my Norton Internet Security program scanning when I send anything from my computer? I launch an e-mail from my mail program and there is a delay from the time the e-mail program says it has sent it and the time it actually gets to the net because my security program icon tells me it is scanning outgoing data.

If it isn't checking what is in the e-mail then what is it doing? By the way, mine is set so any program but my browser tries to open or close a program or window and it alerts me. It also checks any personal data and if it isn't bound for a site it recognizes as approved by me I get an alert and have to OK the data being sent. So, what is doing that? Looks like outbound security to me.
Posted by GEBERWEIN (75 comments )
Link Flag
It's not just about MS vulnerabilities -- there's value in this suite
The knee-jerk reaction is to say that MS makes insecure products, then charges more to protect them. From a distance, this may seem true, but there's more to the story. Many components of this suite are designed to protect users from themselves and from constantly evolving threats, not just MS vulnerabilities. Consider some common use-case scenarios:

1) A user (unadvisedly) opens an e-mail from an unknown sender and attempts to execute a malicious attachment. MS can't prevent anyone from crafting malicious executables and scripts and e-mailing them to masses of people with some sort of social engineering trick that induces them to execute the program. If this security suite can sense the malicious nature of the attachment and blocks its execution and/or quarantine it, the suite has added value.

2) Most users never bother backing up their data even though backup tools are built into every major OS. Again, MS can't force people to backup their data and they didn't create this problem (poor or non-existant backups been a problem as long as computers have existed). If this suite nags people to backup their critical data and makes it easy to do so, it has added value.

3) A user is surfing the web and stumbles on a site teeming with spyware and other potentially malicious wares (by misspelling a common URL, for example). Even if their PC is fully patched and has no IE vulnerabilities, that user can *choose* to click, download and install a program that proports to do something fun or useful. If the security suite senses that the software is spyware and blocks its installation, it has added value.

We have to remember that software is not a static product nor are the threats that continue to evolve. Certainly MS' past security issues have induced malicious scumbags to write viruses and malware to take advantage of common flaws. These days, though, if you buy a new PC with XP SP2, make sure the firewall is on and turn on Automatic Updates, you have solved 90% of the potential problem.

This suite addresses the remaining 10%, threats for which MS and its products are not responsible and threats that continue to evolve long after the original OS has been released: e-mail viruses/worms/phishing scams, malicious websites, potential data loss, etc.

All OSes require regular updates, maintenances and a degree of vigilance. For MS to help users simplify these tasks for $50/year for up to 3 computers doesn't smack me as greedy -- it seems like a useful and fairly priced service that helps protect users from a wide variety of computing dangers.

-Mister Winky
Posted by Mister Winky (301 comments )
Reply Link Flag
security solved
"These days, though, if you buy a new PC with XP SP2, make sure
the firewall is on and turn on Automatic Updates, you have solved
90% of the potential problem."
Better yet, do not attach your PC to the internet. That will solve
100% of your problems regarding security. Use a Mac to access the
internet and use your Windows PC as a gaming machine. I have
been doing so for more than 2 decades.
Posted by benjiernmd (123 comments )
Link Flag
Nearly right ....
<i>Most users never bother backing up their data even though backup tools are built into every major OS.</i>

Not quite. There is no backup tool built into MacOSX. You either buy a third party app, or stump up £70 for .Mac to get hold of one.

The third party route is cheaper.
Posted by rickspring66 (5 comments )
Link Flag
Missing something though...
...Protecting users from themselves only works as long as the users continue to pay for the protection. PCs come bundled with all sorts of trial software, including security suites, that the users forget about and never update or continue to subscribe to once the trial period has expired. This subscription model is no different. Users will forget about it or just plain neglect it.
Posted by J_Satch (571 comments )
Link Flag
The readers don't want the truth.
Well done! You describe the purpose of the service perfectly. In truth, you shouldn't have had to spell it out. Look at all the threads talking about this service patching flaws in the OS! It is scary how many brainless readers are attracted to CNet.

It is great to know there are a few more intelligent readers out there!
Posted by just_some_guy (231 comments )
Link Flag
Finally, someone who gets it
This is exactly the case.

OneCare is not a product that's meant to mitigate existing vulnerabilities in the OS, it's meant to mitigate security concerns that the OS has no control over.

The simple fact of the matter is that at the end of the day, a person is generally the weakest point of security in a system. Programs like AV don't replace creation of secure software, they suppliment it.
Posted by Meh234 (37 comments )
Link Flag
It's not just about MS vulnerabilities -- there's value in this suite
The knee-jerk reaction is to say that MS makes insecure products, then charges more to protect them. From a distance, this may seem true, but there's more to the story. Many components of this suite are designed to protect users from themselves and from constantly evolving threats, not just MS vulnerabilities. Consider some common use-case scenarios:

1) A user (unadvisedly) opens an e-mail from an unknown sender and attempts to execute a malicious attachment. MS can't prevent anyone from crafting malicious executables and scripts and e-mailing them to masses of people with some sort of social engineering trick that induces them to execute the program. If this security suite can sense the malicious nature of the attachment and blocks its execution and/or quarantine it, the suite has added value.

2) Most users never bother backing up their data even though backup tools are built into every major OS. Again, MS can't force people to backup their data and they didn't create this problem (poor or non-existant backups been a problem as long as computers have existed). If this suite nags people to backup their critical data and makes it easy to do so, it has added value.

3) A user is surfing the web and stumbles on a site teeming with spyware and other potentially malicious wares (by misspelling a common URL, for example). Even if their PC is fully patched and has no IE vulnerabilities, that user can *choose* to click, download and install a program that proports to do something fun or useful. If the security suite senses that the software is spyware and blocks its installation, it has added value.

We have to remember that software is not a static product nor are the threats that continue to evolve. Certainly MS' past security issues have induced malicious scumbags to write viruses and malware to take advantage of common flaws. These days, though, if you buy a new PC with XP SP2, make sure the firewall is on and turn on Automatic Updates, you have solved 90% of the potential problem.

This suite addresses the remaining 10%, threats for which MS and its products are not responsible and threats that continue to evolve long after the original OS has been released: e-mail viruses/worms/phishing scams, malicious websites, potential data loss, etc.

All OSes require regular updates, maintenances and a degree of vigilance. For MS to help users simplify these tasks for $50/year for up to 3 computers doesn't smack me as greedy -- it seems like a useful and fairly priced service that helps protect users from a wide variety of computing dangers.

-Mister Winky
Posted by Mister Winky (301 comments )
Reply Link Flag
Finally, someone who gets it
This is exactly the case.

OneCare is not a product that's meant to mitigate existing vulnerabilities in the OS, it's meant to mitigate security concerns that the OS has no control over.

The simple fact of the matter is that at the end of the day, a person is generally the weakest point of security in a system. Programs like AV don't replace creation of secure software, they suppliment it.
Posted by Meh234 (37 comments )
Link Flag
security solved
"These days, though, if you buy a new PC with XP SP2, make sure
the firewall is on and turn on Automatic Updates, you have solved
90% of the potential problem."
Better yet, do not attach your PC to the internet. That will solve
100% of your problems regarding security. Use a Mac to access the
internet and use your Windows PC as a gaming machine. I have
been doing so for more than 2 decades.
Posted by benjiernmd (123 comments )
Link Flag
Nearly right ....
<i>Most users never bother backing up their data even though backup tools are built into every major OS.</i>

Not quite. There is no backup tool built into MacOSX. You either buy a third party app, or stump up £70 for .Mac to get hold of one.

The third party route is cheaper.
Posted by rickspring66 (5 comments )
Link Flag
Missing something though...
...Protecting users from themselves only works as long as the users continue to pay for the protection. PCs come bundled with all sorts of trial software, including security suites, that the users forget about and never update or continue to subscribe to once the trial period has expired. This subscription model is no different. Users will forget about it or just plain neglect it.
Posted by J_Satch (571 comments )
Link Flag
The readers don't want the truth.
Well done! You describe the purpose of the service perfectly. In truth, you shouldn't have had to spell it out. Look at all the threads talking about this service patching flaws in the OS! It is scary how many brainless readers are attracted to CNet.

It is great to know there are a few more intelligent readers out there!
Posted by just_some_guy (231 comments )
Link Flag
Buy a Mac..!!
Microsoft wants to sell you software to protect the "screen door"
operation system they sold you in the first place. Now if you only
had bought a Mac...
Posted by imacpwr (456 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.