Weekly Edition
Return to the Press page
| |||||||||||||
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer)
The publication LXer
ponders the underlying meaning of Microsoft's purchase of
anti-virus companies.
"Today, Microsoft has completed its acquisition of anti-virus company Sybari Software and announced the end of the company's Unix and Linux versions. Sound familiar? Sybari provides virus signature updates using anti-virus engines from other vendors including Sophos, Computer Associates and Kaspersky Labs."
Thanks to Tom Adelstein.
(Log in to post comments)
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 18:58 UTC (Thu) by huffd (guest, #10382) [Link] They're looking for vulnerabilities, anything they can exploit. Microsoft has had “accidental” leaks from it's servers before. If the information Microsoft now has about Linux were to find itself on the Internet, it could potentially put Linux on a par with windows or with timed releases could pinpoint and predict weaknesses..great PR stuff..
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 20:01 UTC (Thu) by piman (subscriber, #8957) [Link] These companies' scanners detected Windows viruses on Unix, not Unix viruses. It's so Unix mail servers can filter out malicious attachments.
MS is probably banking on the theory that virus scanners are a "killer app" for email, and so without one for Unix, people will have to run Windows mail servers. I don't know if that's true, but it certainly sounds plausible.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 20:20 UTC (Thu) by vonbrand (subscriber, #4458) [Link] Then again, there is ClamAV. It has turned out to be effective enough so that when somebody here needed a virus for some tests, they couldn't find any in the quarantine folders (Norton is in use on PCs here) of the usual suspects.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 9:37 UTC (Fri) by petebull (guest, #7857) [Link] Did you know EICAR?http://www.eicar.com/anti_virus_test_file.htm
chutzpah Posted Jun 23, 2005 19:54 UTC (Thu) by bajw (guest, #11712) [Link] Strikes me as funny for them to be able to create a flawed system that creates a need for anti-virus software, then deny access to that same protective software on safer, free systems for the purpose of making their flawed system seem somehow _more_ secure?!Isn't this a classic case of chutzpah, defined as being on trial for the murder of ones parents, only to ask the court for mercy, saying "I'm an orphan"?
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 20:05 UTC (Thu) by allesfresser (subscriber, #216) [Link] Correct me please if I'm wrong, but it seems to me that this is not about finding vulnerabilities in Linux, but about making it more difficult for Linux to be used as a catch-all network server. Corporate IT types will be able to say, "well, we can't possibly use Linux as the foundation of our network infrastructure--look, it doesn't even have any antivirus scanners available--how can that be a solid platform?"
There may be other intended effects to these acquisitions, but the above scenario seems the most obvious to me.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 20:28 UTC (Thu) by justme (guest, #19967) [Link] Yes, that is exactly what the author is saying. However, it's not just about making the platform *appear* incomplete -- if you are hosting email for Windows clients, AV software is not merely a nice-to-have checklist feature, it is absolutely required (alas).
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 12:35 UTC (Fri) by whitemice (guest, #3748) [Link] Nah, not even that will work (making the platform appear incomplete). All major commercial distributions currently ship with anit-virus software already installed, it is just there. We've been using CLAMAV for a long time, before it was bundled in distributions, and so far I haven't even been tempted to go look at commercial packages. It just bloody works, right out of the box.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 3:58 UTC (Fri) by Mithrandir (subscriber, #3031) [Link] Is it just me, or does this seem like anti-competitive behaviour? Isn't this kind of thing illegal?
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 4:21 UTC (Fri) by flewellyn (subscriber, #5047) [Link] Yes, but good luck getting this DoJ to actually pursue it.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 15:49 UTC (Fri) by jhardin@impsec.org (guest, #15045) [Link] > Yes, but good luck getting this DoJ to actually pursue it.
...and good luck getting them to actually impose an effective punishment should they pursue it.
(Bitter? Me? Nah...)
Umm, isn't there GPL'd virus software? Posted Jun 23, 2005 20:25 UTC (Thu) by justme (guest, #19967) [Link] I'm guessing the author is correct in Microsoft's intentions, but it seems to me that their tactic wouldn't work on GPL'd software. So, is there not "good enough" GPL'd anti-Windows-virus software for Linux, and if not, why not?
And if there is good enough software of this type, but it's been shunned in favor of the proprietary tools MS has now bought, well, we now see how that has BK-fired.
Umm, isn't there GPL'd virus software? Posted Jun 23, 2005 20:51 UTC (Thu) by copsewood (subscriber, #199) [Link] 2 reasons why free software is likely to be behind closed software in the field of detecting Windows viruses are:
1. Researching and developing a combination of signatures and algorithms for detecting perhaps 100,000 Windows viruses, with another 1000 every month is going to be a very expensive and tedious operation. If you have such a collection you are going to need people to pay for you to maintain it and allowing your competitors free access might not help pay for maintenance of your library.
2. Making your virus detection signatures and algorithms public might help enable virus writers to design approaches which escape your algorithms. It can be argued that this kind of security through obscurity doesn't work in most cases, but this one might be an exception, given that the security software in question is designed to detect a large number of threat programs, with many of these containing self-encrypting features to avoid presenting a common detection surface or static signature.
If there were well-enough funded collaborative interest in developing an open solution then presumably these problems could be overcome. I for one would certainly be more willing to submit proven or suspect virus samples for analysis to an open project with the resources to analyse these and develop signatures and detection algorithms than a closed one.
Umm, isn't there GPL'd virus software? Posted Jun 23, 2005 22:16 UTC (Thu) by copsewood (subscriber, #199) [Link] Umm, I've just read up on Clamav and installed it on my mailserver. Ain't Debian great. From complete ignorance about existence of a GPL'd anti-virus to a working system (clamav Daemon, Sendmail milter) in 80 minutes, including testing to check I havn't broken anything in the process.
Had to hack the location of the Clamav Daemon socket in a couple of files before the milter would start. Anyway, this will give me a chance to subject my speculation in the last posting to an objective test.
Umm, isn't there GPL'd virus software? Posted Jun 23, 2005 23:05 UTC (Thu) by mgb (guest, #3226) [Link] We added CLAMAV a couple of weeks ago because it was the only A/V close to keeping up with the Mybot variants. The first Sunday CLAMAV updated nine times, each time blocking many more new variants.
We're now removing our other A/V because it hasn't found anything since we added CLAMAV - it just slows down the server with a redundant check.
Umm, isn't there GPL'd virus software? Posted Jun 24, 2005 15:10 UTC (Fri) by copsewood (subscriber, #199) [Link] My Clamav installation has detected 5 apparently genuine viruses in the 15 hours since it has been running. Everything else about my mail system works as it did before. I'm very impressed.
A/V is not the solution for worms Posted Jun 24, 2005 15:58 UTC (Fri) by jhardin@impsec.org (guest, #15045) [Link] > ... (X) was the only A/V close to keeping up with the Mybot variants.
You state the problem succinctly but don't even see it. The problem with email A/V is that it is signature-based and thus reactive. It will *always* be playing catch-up with the latest virus/worm variants.
My email security policy is proactive: no executable attachments from the Internet. Period. Zipped or bare.
I haven't seen *any* of these multitudinous Windows email worms in my mailbox in the last five years. (Well, maybe one, when they thought up a new trick for artfully buggering the MIME attachment format...)
<plug type="shameless">
A/V is not the solution for worms Posted Jun 24, 2005 16:08 UTC (Fri) by mgb (guest, #3226) [Link] > My email security policy is proactive: no executable attachments from the Internet. Period. Zipped or bare.
We tried such a policy but it was unacceptable to too many customers (we're an ISP). There are many people who need to exchange M$ Word files with macros, some that need ZIP's, even a few that need EXE's.
A/V is not the solution for worms Posted Jun 24, 2005 17:27 UTC (Fri) by jhardin@impsec.org (guest, #15045) [Link] Yeah, such a policy is much more difficult for a service provider vs. a business. I would suggest that it could definitely be used as a selling point if offered as an opt-in service option with customer-controlled whitelisting and selectable levels of paranoia.
A/V is not the solution for worms Posted Jun 30, 2005 12:54 UTC (Thu) by davecb (subscriber, #1574) [Link] The few folks that need exe files are a genuine problem:I suspect you need exception lists that the user can subscribe to.
However, "M$ Word files with macros" aren't something a
I did find a local ISP that claimed Open Office
--dave
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 23, 2005 21:41 UTC (Thu) by glenalec (guest, #26113) [Link] Hmmm..."Linux can't filter out Windows viruses* so we can't use Linux as a mail server." OR "Linux can't filter out Windows viruses so we can't use Windows on the desktop." I know which one I would be saying. Unfortunately, I also know which one most PHBs would be saying. :-( * I know this is not technically completely true.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 14:29 UTC (Fri) by pavel (subscriber, #7318) [Link] Luckily ClamAV is better than any of the commercial virus scanners we tried at my company, and that's GPL'd so Microsoft is not accomplishing much if that were really their true goals.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 17:33 UTC (Fri) by huffd (guest, #10382) [Link] Err yup! Two years ago when a certain notorious email virus was on the loose CLAMAV updated on my system a couple of hours before the first AV security firm reported to the press then on their sites. Kind of funny, late one night I was reviewing logs and there was the signature update. I couldn't find it anywhere on the web so I went to bed and the next morning it was in the headlines. So astounded was I that I tracked down every AV company and news source to see who had the first release. Obviously I couldn't be certain but it looked like the CLAMAV people acted on a malicious virus spotted two days earlier who's effects were unknown and populated the database. Their response was quicker than *ANY* commercial product.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 25, 2005 13:19 UTC (Sat) by riteshsarraf (subscriber, #11138) [Link] They need not do much. They just need to hire the lead developers or theproject to try to kill it. Just like they did with Gentoo.
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 27, 2005 7:11 UTC (Mon) by xoddam (subscriber, #2322) [Link] Gentoo is not dead,Long live the king!
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 30, 2005 19:52 UTC (Thu) by syndicate (guest, #27535) [Link] Gentoo was the king of nothing!
Is Microsoft Buying Anti-Virus Companies to Undermine Linux? (LXer) Posted Jun 24, 2005 19:49 UTC (Fri) by miah (subscriber, #639) [Link] There are still several Commercial Linux Antivirus apps out there.
http://www.centralcommand.com/index.html
So
2. Just take your business elsewhere, and remember, if you want free there's ClamAV which works really well.
If your boss wants to pay for support pick from the above list. Even ClamAV has commercial support now. There are possibly more vendors than that, but thats from 5 minutes of googleing. Most of the list was on the first page for "linux anti virus".
-miah
Insipid absolutism Posted Jun 24, 2005 22:19 UTC (Fri) by AnswerGuy (guest, #1256) [Link]
"Anti-competitive" behavior is not contingent on "absolute monopoly."
For that matter a monopoly doesn't have to be absolute for it to be
Finally Microsoft doesn't have to be using the aquisition of AV software
Just becomes there are *some* other AV software companies doesn't mean that
So, your argument that the aquisition of two or three (out of ten or
While many of us would consider ClamAV a great alternative to the
JimD
Insipid absolutism Posted Jul 1, 2005 11:22 UTC (Fri) by xoddam (subscriber, #2322) [Link] It's not illegal to *have* a monopoly, just to abuse it.
The first provider of anything obviously has a monopoly, until serious competitors arise, which they may never do.
Services where it's obviously wasteful to duplicate have natural monopolies. Water and sewage reticulation are never provided by businesses competing for customers (competitive government tender is the sale of a monopoly right, not competition in supply). Electricity supply is similar, while telecom infrastructure has limited scope for competition.
Abuse of a monopoly can be as simple as failing to provide safe or efficient service, or even decent value for money. Or it can be the use of the monopoly to gain unfair advantage in a new market, which is pretty common with telcos and software monopolists.
|
|||||||||||||