Wednesday, November 1, 2006

The great Windows Vista antivirus war


By David Gewirtz

"You'll never believe what those bastards are doing now."

Those were the first words out of my buddy Steve's mouth. Steve manages a computer network for an exclusive private school, so I figured he might be refering to something computer related. Or something a teacher had done. Or some crime committed by the Democrats or by the Republicans (Steve's non-partisan when it comes to being annoyed). Or, perhaps, it was the Purple People in the Trees. Again. Steve's like that.

"But what's the truth? What's really going on? I had the opportunity to interview both Microsoft and Symantec on this issue."

Honestly, I had no idea who the bastards were, but I'd soon find out. Apparently the target of Steve's wrath was Symantec. Even though I'd once worked there as an executive, it was so long ago that I felt completely comfortable letting Steve go to town badmouthing them.

It seems Symantec was suing Microsoft. Steve's also not a huge fan of our Redmond friends, but this time he was on their side. After a long series of invectives, I finally got to the heart of the matter. Symantec was suing Microsoft because Microsoft refused to open up Vista (Microsoft's upcoming new OS) in a way that would allow Symantec to provide the full level of virus protection the antivirus vendor wanted to provide.

I didn't understand. Wouldn't that make Steve angry at Microsoft, not Symantec? Apparently not. The issue was that Microsoft had closed many of the kernel-hacking loopholes (like the one that let Sony install back-door rootkits in an incredibly idiotic, misguided, and probably criminal attempt to prevent music piracy). Microsoft had closed the loopholes so hard that Symantec couldn't tunnel into the kernel far enough to provide the level of virus protection they wanted to provide.

Steve's premise was that closing security loopholes was good and any company trying to force open security flaws simply so they could sell products that protect from security flaws was bad. Put that way, I had to agree.

From what my buddy was telling me, it seemed Symantec was trying to force Microsoft to create Vista security holes simply so they could sell more copies of their antivirus program.

But what's the truth? What's really going on? There are always two sides to every story and this one seemed no different.

To get to the bottom of the issue and try to derive a better understanding, I decided to speak with both Symantec and Microsoft. I had the opportunity to conduct exclusive interviews with Cris Paden, Manager on the Corporate Communication Team at Symantec and Adrien Robinson, Director of Communications, Microsoft Security Technology Unit.

Let's start with Symantec's side of the story.