Symantec: Microsoft won't give us key Vista tech

Symantec has accused Microsoft of withholding key information about its upcoming Vista operating system in an attempt to gain an advantage in the security market.

The security specialist said this week that Microsoft is refusing to hand over the application programmable interfaces (APIs) for Windows Defender, the spyware product that will be included in Windows Vista. Without the APIs, Symantec contends that it's unable to ensure that its own security products are compatible with the update.

"Microsoft is affirmatively introducing bottlenecks to funnel customers to their products," said John Brigden, Symantec senior vice president for Europe. "It's all about control and dominance. They are deliberately delaying giving us the APIs."

Microsoft responded to Symantec's concerns on Wednesday, and said it had made the APIs for Defender available earlier this week.

"As a result of our ongoing dialogue with partners and our customers, Microsoft decided in August this year to add the ability for any security software company to programmatically disable Windows Defender access through an API," a Microsoft representative said.

"Availability of the Defender APIs was announced to security partners on Friday, Sept. 22, 2006, and we understand Symantec requested and received the go-ahead to develop on that API on Monday, Sept. 25," Microsoft said.

Microsoft added the functionality to disable Windows Defender in Release Candidate 1 of Vista, or RC1, which came out early this month. There may have been some confusion in the industry because the accompanying information for developers, called a software development kit, or SDK, did not provide details on the functionality, the company said.

"Two weeks after releasing RC1, we provided the follow-up documentation, which was released out-of-band; normally we release it with major milestones," said Adrien Robinson, business development manager at Microsoft. "The confusion, I think, that people are having is that the functionality is not in the RC1 SDK, and the reason for that is that we added it just before RC1."

Symantec, though, insists that the APIs still aren't available.

The timing of the release of APIs is crucial for Symantec, as it is due to ship a Vista-compatible Norton antivirus product to PC makers in October.

"No one has received any information about Defender, and we're coming up to an OEM (original equipment manufacturers) shipment date in October. It's three weeks away," Brigden said.

Symantec has partnerships with equipment manufacturers Dell, Fujitsu, Hewlett-Packard, IBM, Sony and Toshiba, among others. The antivirus vendor is worried that Microsoft will hand over the APIs so late that Symantec won't be able to make its antivirus software compatible with Vista in time.

"Microsoft will provide information about two days before the October shipment date, and say, 'We've given you the APIs.' Now, we're good, but we're not good enough (to integrate Norton with Defender) in that time," a Symantec representative said.

Symantec hopes the APIs will be supplied before that. It would not comment on the potential damage to its relationships with PC partners should it not have enough time to integrate Norton into Vista.

The entry of Microsoft into the security market has put incumbents on their guard, given the software giant's $34 billion cash pile and a hefty presence on desktops. On top of this, European Commission regulators and Microsoft are in the middle of a tussle over the potential antitrust impact of security components in Vista.

Security vendor McAfee is also irked that Microsoft has not provided APIs for Defender. Sources close to the company confirmed that Microsoft has not provided the APIs, and that senior McAfee executives "really have a bee in their bonnets" about the situation.

McAfee is concerned that there will be compatibility problems between its security systems and Vista, and that customers will not be able to remove Defender from their systems, CNET News.com sister site ZDNet UK has learned.

Symantec and McAfee are battling Microsoft for the ability to replace the Windows Security Center with their own security consoles. Additionally, the security companies also claim the PatchGuard feature in 64-bit editions of Vista excludes them but lets in hackers.

Tom Espiner reported for ZDNet UK in London. CNET News.com's Joris Evers contributed to this report.

[unknown unknown]

I wish Norton would stop integrating itself

so far into Windows. I've had to give up on Norton Antivirus and System Works because they cause me nothing but trouble.

[grandmasterdibbler]

I agree, but it's still anticompetitive.

I think Norton Antivirus was the worst piece of rubbish that I ever had the misfortune of using on my old PC, didn't even think about picking up a OS X copy.

On to the story. As much as I hate NA it was my choice to get it and I think it's pretty disgusting that MS won't let another company in because it would compete with their product.

It's too early to teel what will happen next, but I'm sure if this is true other AV companies will complain soon.

Just get AVG and get it over with

I had to install the latest Norton Systemwhatever on
<a class="jive-link-external" href="http://www.teckmagazine.com/content/view/631/43/" target="_newWindow">http://www.teckmagazine.com/content/view/631/43/</a>
a company system and this program did nothing but make the system vulnerable to every known threat. What a waste of money but I didn't care cause I didn't pay for it.

[mikedane]

Symantec & McAfee

I am a tech and every problem I run into is because of the way Symantec &#38; McAfee integrate their programs into the OS....good for Microsoft...maybe we won't feel like we are being held hostage by these two companies and they will be a bit more cooperative with THEIR programs especially from a price point

[Ihaveajob]

Right on!

I am a tech too and agree. If your machine crashes don't assume that it is MS it just may be that McAfee AV program you paid an arm and leg for!

[larryflowers]

Norton Dug It's Own Grave

I have used Norton products since DOS Days until about 2 years ago. I finally got tired of the bloated product that took so much system overhead, the extreme difficulty to uninstall and the frequency of repair by the uninstall-reinstall method.
I switched to Trend Micro and have never had to uninstall and reinstall the product, it uses less system overhead than Norton and I now recommend Trend Micro to all my clients.
Further, when Vista Beta 2 came out, Trend Micro was right there with a free download beta product to protect Vista. It has never given me the slightest problem all through the testing period.
Where was Norton?

[Swalters1]

Please don't let them turn off my security!

Okay here's how this is going to play out. The API is now available to the devs, so it's now available to the Vx's too. So here's Vista Virus Number 1. The virus infects the PC and programically turns off all your security center and defender stuff.

Symantec is the WORST antivirus on the market at this point, and personally making it impossible for them to screw with Vista's security settings sounds great to me. The only thing that's better would be making it so it can't install at all!

[mcepat]

I second that

second that

[Penguinisto]

...and this is why I don't use Windows ;)

-what?

(snicker!)

/P

[Ihaveajob]

I disagree...

McAfee is the worst...

Symantec is second

[mcepat]

why would the average user wants to disable defender???

So it can be replaced by crapware from symantec that is overbearing, confusing and break from what Microsoft is doing?

I hope Microsoft does not budge on this one, they really need to stick to there guns, I don't want any average user to have to deal with symantec or any other vendor when the first time they start Vista instead of a clean interface and simple security they are bombarded by messages saying "defender is running" do you want to disable it and run our stuff or warning vista firewall is running click here to disable it and then have 15 icons on the toolbar saying alert alert a change has been made.

sorry but all we need is

Vista Security center with green, yellow and red status

Vista Firewall

and Vista Defender

If they want to plug into the security center this is fine but keep the BS away

[GuillaumeSim]

why would he/she think about it ?

But that'll kill the competition and this is no good .

The reactivity of virus monitoring is due to the need of Symantec, MacAffee and other vendors to provide the best product.

Imagine MS ripps them off thanks to their near-monopoly in OS... Will your PC be surer than before ????

[inachu]

Only time will tell if Microsoft is wrong.

Would be nice to see Defender work without crashing symantec products but past history tell me different.

[cary1]

another example

I was just wondering about another instance similar to this... When I installed Firefox, it imported the bookmarks, history and above all, my passwords from IE.

I don't have any programming knowledge, so correct me if I am wrong...

I assume FF must have knowledge of how to access IE data (given by Microsoft), which is not available to general public, because if it were, people would use that information to write spyware and trojans, to extract the data and send it to a remote destination.

So it is in Microsoft's (and our) best interest that Microsoft doesn't share this information with each and every third party software maker.

This is just like in this case, where, if MS tells other software companies how to shut down Windows defender, the spyware writers might also misuse it.

[rcrusoe]

Re: assume FF must have knowledge . .

Extracting bookmarks, history, etc. is child's play. Always has been, probably always will be. In fact, extracting and decrypting Windows passwords isn't all that hard.

Windows remains at the bottom of the security heap because MS has never been willing to forfeit backwards compatibility in order to secure the system.

Windows was designed originally as a standalone desktop operating system (non-networked). And that is the old mode where it is half way secure.

Perhaps they will wise up and do it right some day.

[techguy83]

why use Norton at all?

Norton is crap. Mcafee is crap. Both try to integrate into the system too much and miss alot.

AVG and AVast work better and dont intergrate nearly as much.

And both AVG and Avast have Vista versions THAT WORK fine, so I think Symantec's claim is kinda moot myself, but since when do majopr companies and gov'ts listen to common sense or look at facts?

[mcepat]

NOD32 has not missed a virus since it created the software

symantec, mcafee and trendmicro and others have missed hundreds of viruses, so who are you going to trust?

<a class="jive-link-external" href="http://www.eset.com/products/compare.php" target="_newWindow">http://www.eset.com/products/compare.php</a>

I tell you one thing, when NOD32 releases the version for Vista it will plug into the Security Center of Vista like Microsoft wants them too and will pretty much leave you alone, unlike the crapware that symantec and other vendors pump out, NOD32 just does its job and only bothers you when absolutly necassary

[Jim Hubbard]

Wrong!

NOD32 has failed 3 times in testing by a single company - Virus Bulletin.

Feb - 1998
Nov - 2000
Apr - 2002

In all 39 successes and 3 failures.

Not a bad record to be sure....but hardly the impenatrable fortress that you maintain.

[mcepat]

I promise to remove any software I see by a AV on any Vista PC I touch

I work on Friends and Families systems as well as consult a few companies and do IT full time.

When Vista is released and I am asked to do anything I will remove this software from Vista and configure it with a better product like NOD32, or AVG.

If someone just bought Vista and asks me who they should buy for a AV it will not be Symantec or Mcafee etc, I will shoot them down as I always have.

I hope that Microsoft does stick to there guns on this, if they don't the Window with the view of a nice simple, clear Vista will be loaded with crap

[roger.d.miller]

Norton sucks

Norton sucks.

[als]

You are being too kind!

Norton is utter garbage/crapware to the extreme. I'm suprised that Symantec even knows what an API is.

[caveral]

Brilliant

"Norton sucks" tells us absolutely nothing. Might I suggest rephrasing you comment to something like "Norton sucks because...." And then YOU fill in the blank for us.

[Heebee Jeebies]

Microsoft has no need to do this...

They can freely give all of the information that Symantec wants to them. Why? Because at the end of the day Symantec's and their Norton products sucks.

If Microsoft is offering a good product at a fair price they have nothing to worry about.

Robert

[Dalkorian]

RE: need

Heebee Jeebies made this remarkable claim:

"If Microsoft is offering a good product at a fair price they have
nothing to worry about."

But that's the rub, isn't it? M$ offers junk that children can hack
in minutes to PC manufacturers so the general population is
either forced to use it or forced to try to remove it and install
and use an alternative (thank GOD for Linux!). Therefore, I'd
argue they have everything in the world to worry about, as it's
neither a "good product" nor a "fair price" (my time to remove
this junkware is worth something, you know).

I agree that Norton sucks and has for years, but I don't think
that should give M$ an "excuse" to try their anti-competitive
tactics on an industry they built themselves by creating an OS
that perpetrates worms, viruses and the like without restraint.

What you're seeing is the beginning. Micro$loth makes more
insecure trashware, then extorts money from you on a monthly
basis to keep you alerted when it's already been violated. Nice
business model, why hasn't anyone else thought of this?

;-)

[hans_kloss]

Trend Micro - no problem

Well, Trend Micro PC-cillin integrates well with RC1 - no problems; how come they were able to do it? They've been actively participated in Beta vs litigating.

[t8]

This is MS problem

They created the antivirus industry with their insecure OSs and an industry built up to fix their shortcomings.
They are also a monopoly and they have a certain responsibilty because of that.

So in my opinion, MS are wrong to use their monopoly to squash the competition.

Had MS built in security in Windows to begin with, then it would be different because an industry wouldn't have been created.
As it stands now, they seem to be repeating their "lets bundle it, to kill the comp[etition" attitude.

Similarly, had MS put in a Web browser before Netscape, then they would have been fine.
But they put it in afterward and killed the competition.

MS should be taken to court again, or the EU should kick their butt so hard that it makes repeat offending a non-profit strategy.

[gggg sssss]

sealing wax

Once upon a tiem there was a sealing wax and buggy whip industry as well. Then came self adhesive envelopes and automobiles. So you pointy is?

[Jim Hubbard]

Time to break up Microsoft!

We almost did it once before. Looks like we should have broken them up the first time.

Microsoft should be broken into 2 companies. The first would be strictly an OS company and the second would be software that integrates into or runs on the OS (like Word, Excel, etc.).

Then, Microsoft would have to reveal all of the APIs to EVERY software vendor or face charges.

The only problem is defining what is and what is not part of the OS.

[bettencourtt]

RE: Break Up

"We"?? As if we all have something to do with it? Phooey.

Point here is, lets go ahead and hash out what is the OS and what is the APP. Just precisely how far are "we" willing to define that? While "we" are splitting OS/App companies, make sure it's fair. Apple, and RedHat, and all the others will also need to spilt thier OS and APP divisions, also, AND, be forced under penalty of law to reveal all API's, Kernel Hooks, etc, so that ANYONE at aANYTIME can write an APP that does sodding well whatever it likes on the OS.

But again, where is the OS line drawn? Do the PC makers ship a computer that gives you naught but a login screen? No file explorer, no network connectivity, not even a Notepad or Solitaire game to while away the hours until your software is all finally installed. After all, "we" would not want to infringe on any of your CHOICES, would we?

[Ordeith]

When has Symantec ever been concerned with compatibility

All of their products cause more problems than they solve. If MS blocks them they are doing us a favor.

I am willing to bet it isn't as bad as Symantec is claiming and they are trying to spin being the victim in advance of future legal action.

[Ordeith]

When has Symantec ever been concerned with compatibility?

All of their products cause more problems than they solve. If MS blocks them they are doing us a favor.

I am willing to bet it isn't as bad as Symantec is claiming and they are trying to spin being the victim in advance of future legal action.

[chadbed]

Secure os?

I am really confused why Microsoft needs to integrate defender in the first place. What was wrong with making it a separate application like they did with xp? I mean can't they ship it with vista but make it possible to get rid of it? What if it causes problems? What if some older application written for xp and support is long gone has issues with anything bundled in vista? I guess there goes yet another reason to either upgrade that legacy app or just stick with xp, or heck even switch to Linux and use wine.

Microsoft is only capable of stealing ideas or playing games when it comes to taking your money. They have a lot of nerve making a os with issues and letting a industry worth billions get started, then create there own business model to compete and charge extra to keep the os secure that was messed up to begin with. What they should do is like defender, but unlike it don't bundle it with vista. Just provide a basic free antivirus, people provide free antivirus. They key is dont bundle. Or heck make the os impervious to viruses and worms. How d you do that? Well they could provide a special system like they do with drivers. I thought this is what DEP was supposed to provide? That sure was a load of crap as viruses are just as numerous today as they were before sp2. Hackers are out pacing Microsoft at every turn, and they don't even have access to the source code. Pretty sad if you ask me. Imagine if xp source code was leaked. big Big trouble.

[FutureGuy]

what is your problem?

Windows is Microsofts OS, if it wants to make it more secure by adding a anti-spyware to it who is anyone to complain (except may be spyware writers and their dependents AKA Symantec). If MS makes it easy to turn off defender its only a matter of time before spyware makes figure out a way to disable it, thats exactly what Symantec is hoping for.

[UnnDunn]

Whiny crybabies

Symantec and McAfee are just annoyed that they can't integrate their crappy products so deeply into the operating system to "add value" to their useless offerings.

Products like AVG and AVast are so much better than Norton it's sickening. They don't "remind" you to update your subscription every day and they work with Windows APIs instead of trying to take them over.

If McAfee and Symantec do bring an antitrust lawsuit, all Microsoft should do is point to AVG and say "this is how a company should do it." I think that will shut Symantec up with the quickness.

[Stan Johnson]

Litigation maybe?

I guess this is what litigation gets you.

If someone is sueing me I wouldn't cooperate with them either. I don't blame MS.

Too bad. I like Norton AV.

[FutureGuy]

Symantec's days are numbered.

If MS delivers on its promise for a secure OS Symantec days are numbered. Symantec knows that hence it wasnt the keys to turn off some of the OSs build in security. I wouldnt be surprised if these keys are leaked to hackers soon so Symantec could continue to hang on to its illegitimate business model.

[wbenton]

An About Face?

Looks like Microsoft has decided to make an about face on allowing others to disable their security...

But &gt;&gt;&gt;in an attempt to gain an advantage in the security market&lt;&lt;&lt;

That is Microsoft's way of doing business!!!

It's their signature... they're way of doing business... always has been... always will be.

And this is IRREGARDLESS of whether the report came from Symantec or not!!!

Walt

[DADDYOFLA]

ms won't give symantec the keys to vista

I SAY IF YOU WANT THE KEY TO VISTA TECH YOU HAVE TO PAY FOR IT...
NUFF SAID
DADDYOFLA/DAVE