Make it less secure so we can sell products

Be interesting to see if Symantec tries to make an issue of this in court.

http://www.vnunet.com/vnunet/news/21...ies-foul-vista

In essence they're trying to say that you have to make it less secure to
make it more secure. The argument that independent driver sigining, which
simply enforces accountability and nonrepudiation, somehow stifles
innovation seems weak to me. And "...claimed that it is possible to
circumvent the security features." neglects to mention that this was found
in a beta, which means it might not exist at all in the finished product.

"Alan Simpson" <noreply@nospam.com> wrote in message
news:utEPp3uvGHA.4460@TK2MSFTNGP05.phx.gbl...
> Be interesting to see if Symantec tries to make an issue of this in court.
>
> http://www.vnunet.com/vnunet/news/21...ies-foul-vista
>
> In essence they're trying to say that you have to make it less secure to
> make it more secure. The argument that independent driver sigining, which
> simply enforces accountability and nonrepudiation, somehow stifles
> innovation seems weak to me. And "...claimed that it is possible to
> circumvent the security features." neglects to mention that this was found
> in a beta, which means it might not exist at all in the finished product.
>
>

Perhaps the real issue is Symantec will have to hire proper coders to write
proper software and this will cut into their profit...

--
Mark

My favourite so far: Unknown device has been correctly installed.

LOL. Lawyers like to say that behind every lawsuite there's a reason and an
excuse. The "excuse" here is "it'll be less secure in the long run" (not
likely). The reasons are probably two 1) We'll sell less product and 2)
We'll be accountable for the products we do sell ;-)

>>My favourite so far: Unknown device has been correctly installed.

I like it when I'm burning a DVD and the time remaining estimate switches
from "6 minutes 24 seconds" to "23 days, 19 hours". I saw that one a few
times.




"Mark D. VandenBerg" <mvan103REMOVE@hotmail.com> wrote in message
news:4F75DBBD-E819-4B8F-AEDE-1B3B7A5BBE7E@microsoft.com...
> "Alan Simpson" <noreply@nospam.com> wrote in message
> news:utEPp3uvGHA.4460@TK2MSFTNGP05.phx.gbl...
>> Be interesting to see if Symantec tries to make an issue of this in
>> court.
>>
>> http://www.vnunet.com/vnunet/news/21...ies-foul-vista
>>
>> In essence they're trying to say that you have to make it less secure to
>> make it more secure. The argument that independent driver sigining, which
>> simply enforces accountability and nonrepudiation, somehow stifles
>> innovation seems weak to me. And "...claimed that it is possible to
>> circumvent the security features." neglects to mention that this was
>> found in a beta, which means it might not exist at all in the finished
>> product.
>>
>>
>
> Perhaps the real issue is Symantec will have to hire proper coders to
> write proper software and this will cut into their profit...
>
> --
> Mark
>
> My favourite so far: Unknown device has been correctly installed.

I was talking about this on my radio show a couple weeks ago.

I do think that the "security utility" companies, like symantec, etc will
make a big deal out of how much business they will lose because windows is
being built more secure than before. Why buy their software if it's no
longer needed?

So, there are 2 choices for the people who like to bash windows:

Complain because the OS itself isn't secure enough. *OR* Complain because
their Norton Internet Security wont run on Vista.

You KNOW they will pick whichever comes about, simply because they have to
have SOMETHING to point at MS or they aren't happy.


"Alan Simpson" <noreply@nospam.com> wrote in message
news:utEPp3uvGHA.4460@TK2MSFTNGP05.phx.gbl...
> Be interesting to see if Symantec tries to make an issue of this in court.
>
> http://www.vnunet.com/vnunet/news/21...ies-foul-vista
>
> In essence they're trying to say that you have to make it less secure to
> make it more secure. The argument that independent driver sigining, which
> simply enforces accountability and nonrepudiation, somehow stifles
> innovation seems weak to me. And "...claimed that it is possible to
> circumvent the security features." neglects to mention that this was found
> in a beta, which means it might not exist at all in the finished product.
>
>

Ooops ... you mean Symantecs rootkits will no longer work in Vista? I think
that is rather grand.

--
The personal opinion of
Gary G. Little


"Alan Simpson" <noreply@nospam.com> wrote in message
news:utEPp3uvGHA.4460@TK2MSFTNGP05.phx.gbl...
> Be interesting to see if Symantec tries to make an issue of this in court.
>
> http://www.vnunet.com/vnunet/news/21...ies-foul-vista
>
> In essence they're trying to say that you have to make it less secure to
> make it more secure. The argument that independent driver sigining, which
> simply enforces accountability and nonrepudiation, somehow stifles
> innovation seems weak to me. And "...claimed that it is possible to
> circumvent the security features." neglects to mention that this was found
> in a beta, which means it might not exist at all in the finished product.
>
>

Symantec speaks about innovation limits??? Norton security and NAV are
the most bad-performing products I could see. I'ts a joke.

Alan Simpson escribió:
> Be interesting to see if Symantec tries to make an issue of this in court.
>
> http://www.vnunet.com/vnunet/news/21...ies-foul-vista
>
> In essence they're trying to say that you have to make it less secure to
> make it more secure. The argument that independent driver sigining, which
> simply enforces accountability and nonrepudiation, somehow stifles
> innovation seems weak to me. And "...claimed that it is possible to
> circumvent the security features." neglects to mention that this was found
> in a beta, which means it might not exist at all in the finished product.
>
>

Symantec (despite their generally awful products) have got a point, in that
the majority of system-level tools won't work on Vista, signed or no.

As for driver signing, I fail to see what use this is. The majority of buggy
drivers come from major vendors like Lexmark. These will of course be signed
anyway. Is the bluescreen less annoying when it comes from a signed driver?
Or not?

Getting a WHQL cerificate and signing a driver never insured the qualtiy of
your software. To do that, every driver would have to be tested on every
possible hardware conifguration and software configuration. That is
virtually impossible. What does signing do then if it does not guarantee
that the driver you about to install will work on the system inwhich you are
installing it? Simple. The signature tells the installer that this driver
was built by Whomever, Inc. and heres the certificate to prove it. Signing
provides trust and authenticity, not quality.

--
The personal opinion of
Gary G. Little


"Ian" <Ian@discussions.microsoft.com> wrote in message
news:0C01E6F7-AEFF-4E88-8AFE-781FA4F3BF26@microsoft.com...
> Symantec (despite their generally awful products) have got a point, in
> that
> the majority of system-level tools won't work on Vista, signed or no.
>
> As for driver signing, I fail to see what use this is. The majority of
> buggy
> drivers come from major vendors like Lexmark. These will of course be
> signed
> anyway. Is the bluescreen less annoying when it comes from a signed
> driver?
> Or not?
>
>

Drivers act as part of the operating system. They can do pretty much
anything they want.

Enforcing driver signing makes it near impossible for a large chunk of
malicious software developers to create a malicious driver, since they won't
have the reasources to get their driver signed.

Also, I believe that the driver signing process does some stability
checks... of course, that doesn't make them bug proof.

- JB

Vista Support FAQ
http://www.jimmah.com/vista/

Bug-proof? No. Work properly? No. Ability of tracing a bad driver back
to its source quickly and easily? There's the beauty of it!

--
Mark

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:757F298C-2FA6-42DD-851A-F075BB6EE618@microsoft.com...
> Drivers act as part of the operating system. They can do pretty much
> anything they want.
>
> Enforcing driver signing makes it near impossible for a large chunk of
> malicious software developers to create a malicious driver, since they
> won't have the reasources to get their driver signed.
>
> Also, I believe that the driver signing process does some stability
> checks... of course, that doesn't make them bug proof.
>
> - JB
>
> Vista Support FAQ
> http://www.jimmah.com/vista/