Microsoft is a unique company in many ways.
If any other company put out a product with severe flaws that could be exploited by criminals, it would be punished by the market. Microsoft however is in a unique position where flaws in its products generate new businesses, even entire new industries. Rather than go out of business or get replaced by other products, Microsoft's weaknesses just generate even more revenue.
Such is the case with Security in Windows and this article is a sign of things to come with Vista. As Microsoft attempts to improve its own products, it now faces push-back from those companies that sprung up to fill holes in Window's leaky boat. A better Windows is better for consumers but it means less money for them.
Will Microsoft choose to fix its products or to honor its collaborators? A lot of ironic and awkward situations will arise as Microsoft tries to change the status quo.
Software Firms Bicker Over How To Stop Hackers
October 12, 2006
Amid a public outcry and recent regulations, technology companies are rushing to build products that are less vulnerable to hackers. But behind the scenes, the push has sparked a growing clash over how to best protect consumers and businesses from widening security risks.
The conflict spilled out into the open last week when software maker McAfee Inc. took out a full-page ad in the Financial Times griping that new security features in Microsoft Corp.'s coming Windows Vista operating system will limit its ability to protect computers from security threats. The complaints followed similar ones from software company Symantec Corp. against Microsoft, made last month with the European Union.
Specifically, these companies are miffed at Microsoft's plans to close off access to the inner workings of the Windows Vista software, a change Microsoft says will help protect personal computers but which the security companies say will cripple certain products they make.
Microsoft has "denied access to us," says George Samenuk, who retired yesterday as McAfee's chief executive. "That's changed from the longstanding collaboration we've had."At its heart, the spat underlines a shift remaking the $12 billion security-software industry. For years, the tech industry, particularly Microsoft, left security in the hands of specialists, relying on Symantec, McAfee, Trend Micro Inc. and Check Point Software Technologies Ltd. to fortify computers and networks with add-on security software. Now under pressure to improve security, the broader computer industry is building those same protections directly into its products.
"The larger vendors previously didn't look at security as something that was part of their job. Now they do," says Walter Pritchard, an analyst at Cowen & Co. Symantec and others are now "feeling pressure as this has started to play out," he says.
...
Microsoft's most contentious move has been a decision, first aired in 2003, to block access to the Vista kernel through a technology called PatchGuard. The company first used the technology in 2004, but only in high-end versions of Windows. This summer, as Microsoft readied Vista, the security companies protested that PatchGuard would cripple their ability to use advanced virus-fighting techniques that work though unfettered access to the inner workings of Windows.
"Microsoft can lock the bad guys out and let the good guys in, but they choose not to do that," says John Viega, McAfee's chief security architect.
But Microsoft's Mr. Fathi says the Vista kernel can't tell the difference between beneficial and potentially damaging software. Giving trusted vendors special access could open a door for, say, a virus masquerading as a Symantec program, he adds. He also notes that PatchGuard will only be used on the 64-bit version of Vista, which is the product's high-end version. The vast majority of Vista PCs sold for the next year or so will be 32-bit systems and allow the security firms to have kernel access.
