James Governor's Monkchips

Microsoft must stop equivocating on security as an ecosystem

Share via Twitter Share via Facebook Share via Linkedin Share via Reddit

Will Europe Delay Vista?

If Microsoft wants to make a case for ecosystem value it needs to reboot how it works with Anti-virus and security vendors.

We need a complete overhaul.

We can’t have CA deleting critical windows components. We can’t turn off our current firewalls to install Microsoft security tools.

Come on Microsoft – up your game. You could do worse than start with F-secure, which is of course European…

But it just wont wash making an integrated innovation argument here – which only allows for seamlessness in homogeneous Microsoft environments. If the argument is that the only way to be secure is to buy Microsoft end to end, then we’re all in trouble.

Microsoft needs an ecosystem to make Vista secure, and must start acting accordingly.

Its all about the user experience-and right about now, user experience of Anti-virus and other security tools is beyond horrible.

If we’re talking economic costs and value, how many hours are lost by the “family support technicians” that have to fix their extended circle of friends and family’s PCs? Huh? How much is all that time worth? Can Stephen O’Grady bill you for his time? I spent two hours at my folks recently trying to get their machine sorted after they installed some anti-virus software supplied by their bank. its not bloody free when you factor in support, is it?

So sit down with your competition/partners and work it out please, sooner rather than later. Before, not after, Vista gets here.

I, for one, am fed up to the back teeth with the pathetic interoperability of security tools on desktops and laptops. I know I am not alone.

Of course the AV vendors have to take a lot of responsibility here – if they worried more about user experience it would be easier to negotiate with them and get them to do the right thing. Note to AV vendors-no. i. don’t. want. to. purchase. a. CD.

We need a common installer for security componentry. But perhaps one that Microsoft doesn’t own. Time for something open source? An Eclipse of Windows security tooling? What do you think, Ray? Why not be really bold here?

If Symantec is serious about moving up the stack it should be first in line to work with Microsoft to commoditise some of the lower level install and signature functions in the space.

Where is the installshield of security tooling?

Implicitly threatening the EU doesn’t solve any of Microsoft’s problems.

The recent patent non-assertion clause could be your best friend in talking to the EU about local economic opportunities- but instead you appeer to be using questionable numbers from an analyst firm to make a negative case in the press. Lets deal with facts though, not predictions.

To be fair I am expecting a briefing from Microsoft security on some of these issues in the near future, and obviously if things are set to improve i will say so here.

Rant over.

update: just after I posted this, I came across a related argument from Tim Anderson, a man whose writing and thinking I much admire. He takes a more sanguine line though – and appears to endorse single vendor sourcing. We both agree security software is a mess though:

First, the quality of these third-party products is mixed, and while the main contenders probably do a competent job, they invariably overreach themselves, befuddling the user with alarmist reports about mostly harmless features like cookies, or interfering with useful OS features like the Windows Scripting Host. Of all the products that a user installs, the security suites are the most likely to slow down performance and break other software.”

disclaimer: Microsoft is an occasional client.
Eclipse is a client.
My experiences with AV are pretty much uniformly horrible, which mostly inspired this rant.
tags: , , , , , , , , ,

3 comments

  1. Yup, can’t disagree with that – after the June briefing when we were introduced to Micosoft Vista’s security features, I wrote (here: http://www.mwdadvisors.com/blog/2006/06/vista-security-microsofts-created.html)

    “Of course, Microsoft cannot do this on its own. This suggests an opportunity for the company to partner with other strategic vendors (Cisco and SAP, for example) that also have a vested interest in raising the security bar for their customers, and to offer its wares as part of a security ecosystem.”

    You make some additional, highly valid points – that the MS-only approach actually breaks any ecosystem opportunity, which makes even more reason to forge the appropriate partnerships. I do remember at the briefing, your remark, “Jon says he doesn’t buy it – so neither should you” – while it was good for a laugh, it has a serious edge particularly when one considers how difficult it is for Microsoft to couch Vista in business value terms. By closing the door on a security ecosystem, and even jamming it shut Microsoft is missing an opportunity to do exactly that.

    Note to self: I must read up about the latest on NAC/NAP – perhaps partnerships exist, but they’re not reaching the desktop.

  2. I, for one, am fed up to the back teeth with the pathetic interoperability of security tools on desktops and laptops. I know I am not alone.

    This could be my favorite sentence of 2006, maybe 2007 also.

  3. Came across a great business while trying to sort our my sister’s PC last weekend. There is a little guy in her area who drives around in a van going from house to house just disinfecting PCs. And the good bit is that when he visits for the first time, he ends up selling you Norton Security Suite, then he gives preferential rates to come and sort out subsequent infections.

    To paraphrase “Your machine is horribly infected- what you need is anti-virus software and a new firewall – but that won’t, of course, stop you being infected in the future, so lets plan accordingly”

    Meanwhile, I bet he has a great sideline in charging people to remove unwanted nagging alerts from Norton simply because of the poor integration you refer to.

    I agree, it is an appalling state of affairs at the moment and I too have wasted literally days of my life mucking around trying to fix PCs around the extended family, particularly those with Norton on them, which either seems to work sweetly or just take over the machine as if it owns it, repeatedly whinging and refusing to go away when you try to uninstall it.

    Having said this, we have tried them all here over the last 6 months and have ended up with mixture – Norton works on some but not on other (identically configured) machines, same with McAfee. I personally find Kaspersky the least troublesome and intrusive from a usability perspective, but have only used it on my notebook, so it may be as unpredictable as the others – don’t know.

    This is not rigorous analysis here by a security specialist, just a bloke trying to keep a small business network and friends and family up and running, but I ain’t impressed and general systems knowledge and experience tells me it shouldn’t be this bad.

    I throw my support in behind you James.

Leave a Reply to Jon Collins Cancel reply

Your email address will not be published. Required fields are marked *