October 2009 - Posts

OK, had to blog this (PC/Win7 vs Mac)
16 October 09 11:47 AM | ronaldg

Well, I just ran across this and couldn’t resist a post on it.   There’s plenty of good press around Windows 7, so this isn’t about highlighting some good press, but this article did take the Win7 goodness to the next level IMHO, and there were a couple of interesting notes that I wanted to highlight that are further evidence of some of the things I’ve blogged about in the past.  First, read this article by Sam Burke from ChannelWeb if you haven’t already…

Apple Will Feel the Pain From Windows 7 Launch

So here’s the first item of note (excerpt from article):

“BusinessWeek says that Apple will likely make the case that PCs are more susceptible to viruses. A flat-out false claim. There are a bunch of Mac myths. And better security than Windows is the biggest one. Security experts say that if Mac users are less susceptible to attack, it's simply due to the fact that there are fewer viruses written for Macs than for Windows.”

WOW, does that sound familiar, couldn’t have said it better myself (“flat-out false claim) – if you’ve followed my blog at all over the past years & months you know that this has been a recurring theme of mine, dispelling the myth of Apple presumed invulnerability, the “security by obscurity” syndrome aided by the fact that their entire platform is very proprietary and thus they have much more control (but less choice) over their apps and peripherals (drivers).  But you already know that.

So here’s the real reason I was compelled to make this post.   As you may have just noticed, there is a link in the excerpt above called Mac myths.   If you didn’t click on it before, I really encourage to do so, or use the (same) link below.

Mac myths

This is without a doubt one of the best overall articles on the myths of the security of the MAC platform that I have run across, I really hope you take the time to read it (it’s not long).  But, if you just want the Cliff Notes version (for those of us old enough to know what Cliff’s Notes and/or Readers’ Digest versions are) here’s some of the highlights (not doing all of them and only using excerpts from the ones I am using):

  • Myth 1: Macs Are Safer Than PCs – …Security experts say that if Mac users are less susceptible to attack, it's simply due to the fact that there are fewer viruses written for Macs than for Windows. (notice “security experts say”)
  • Myth 2: Macs Have Fewer Vulnerabilities Than Windows
    Not true. In fact, studies have shown that Macs actually have MORE vulnerabilities than their Windows counterparts, experts say. (notice again, the “experts say”, this is not just the writer’s opinion, and emphasis was his, not mine)
  • Myth 3: Mac OS X Users Don't Need A Separate Antivirus Solution
    Not so. Not even Apple says that anymore, even if it has downplayed the fact that users also should equip themselves with third-party antivirus software.
  • Myth 6: Apple Is Just Like Microsoft And Has An Army Of Security Henchmen
    Er, no. In fact, the company's historic lack of emphasis on security issues has left Apple vastly underprepared to deal with the barrage of anticipated Mac malware coming down the pike. Experts contend that Apple lacks the necessary manpower to create and test patches on a monthly basis…  (and this is another of the key points I’ve made in other articles – since the advent of our Secure Computing Initiative and the Secure Development Lifecycle early in this decade, MS has made security a top priority and now has a world-class security infrastructure and product updating/protection mechanism to make our products more secure against the malware of today’s environment. On the other hand, Apple hasn’t evolved their security to any great extent and, in fact, has consistently shown that they can’t even get patches out in a timely and efficient manner as witnessed by this excerpt from the #7 myth which I’ve not included here: “Meanwhile, Apple scrambled to repair a six-month-old critical Java vulnerability this spring after -- but only after -- researcher Landon Fuller published a proof of concept exploit exposing the flaw six months after it was first detected.”)
  • and finally -- Myth 9: There Is Only A Handful Of Mac Malware, And It's Pretty Benign
    …Earlier this year, Mac users were pummeled with two variants of a Mac-only iServices Trojan…[which] later developed into a full-fledged global botnet that infected more than 40,000 Macs. And experts say that Mac users can expect to see more drive-by and browser attacks. (enough said)

Again, the above was just a selection of some of the Mac myths, and none of it should come as a surprise to anyone who has followed this blog.  And, as usual, my only real impetus to add it here is give you additional 3rd-party commentary for the things I have already brought to light (and that you already know), so that you will have more objective evidence to use if you should need to have the Mac conversation with a customer or someone you know.

Now back to the original article.  I wanted to highlight one more cogent point that was made in the original article – again, it’s based on another pull quote from BusinessWeek…

“BusinessWeek also claims Apple will make fun of Microsoft for making Windows XP owners go through what is by all accounts a cumbersome process to upgrade from Windows XP to Windows 7. Talk about a canard. That duck just don't fly…Windows 7 is a cause celebre to look at buying a new system. It is not a reason to look at upgrading a well-running Windows XP system. You wouldn't upgrade a well-running Mac system either. Get a life.”

Canard – wow, I’m impressed haven’t heard that word in a while, in fact, as a former pilot, I’m more familiar with the term canard used in the aeronautic sense, but here it means “a false or baseless, usually derogatory story, report, or rumor”, so I’ve saved most of you the trip to dictionary.com.  I love it when writers talk like that and I’m going to have to remember that word, since it describes a LOT of the stuff I saw written about Vista (as you know from my “you make the call series of posts).  but I digress…

Now I’m not 100% in agreement with the don’t bother upgrading from XP premise, BUT for those who have chosen to stay on XP all this time and are effectively skipping a generation of the OS, I would make the case that they should expect that that upgrade process would not be as easy and smooth as moving up from Vista.  The fact that there will be a migration path, with some pretty solid tools, is a plus IMHO.  And, for sure, with the cost of PCs/laptops at current levels, if you’re still running a computer that was originally manufactured in the XP timeframe, this would be a very opportune time to consider a hardware refresh (which should make a partner happy, on several levels).

So, as always, I hope this has been a worthwhile read for you.  Although I won’t be updating the blog as frequently as I did back in my TS2 days, as you see I will continue to post when I run across something I think is worthy of your time and attention.  Thanks for staying with me.

Microsoft just launched Microsoft Security Essentials
02 October 09 09:16 AM | ronaldg

I just published a post that I had started a while back when MSE was just coming out in beta.  Hopefully, you’ve just read that or will go back and give it a look.   As of this last Tuesday (9/29/09), Microsoft has released MSE.  It’s basically an anti-malware offering that provides real-time protection for your home PC, meaning that it guards against viruses, spyware, and other malicious software.  It’s free to all genuine Windows users (Windows XP SP2 or later), there are no subscription fees, and thus no registration (beyond the standard download registration) or other personal information required for billing.

Microsoft Security Essentials is simple to install, easy to use, and always kept up to date (quietly, I might add) so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple. I think many folks are going to like the simplicity. In my former life as a military pilot, we had a phrase for self-guided missiles called “launch and leave”, this is pretty what your experience should be with MSE.  MSE is lightweight compared to many of the other offerings out there (of course I’m speaking from a system impact perspective, certainly not from a protection perspective) – and it runs quietly and efficiently in the background. As I’ve alluded to in past posts, MSE leverages all the security and anti-malware ecosystem that Microsoft brings to the table for our corporate level Forefront product – you should also take a look at the MMPC blog post linked below for more details on that.  

Of course, you can download and get lots of other information from the official site here: http://www.microsoft.com/security_essentials

MMPC blog post: http://blogs.technet.com/mmpc/archive/2009/09/29/introducing-microsoft-security-essentials.aspx

I saw some competitor blogs about MSE, as you might expect they had almost nothing constructive, or accurate, to say.  What i did find interesting, however, was the overwhelming backlash in the comments to those posts.  The folks that did get to do the beta, including me, generally had very good experiences with it, and as I alluded in the post right before this, the results of actual anti-malware tests by independent orgs are showing that MSE is providing excellent protection.  In fact, one of the testing orgs gave it very good marks for handling rootkits.  But that’s pretty much what I’ve been trying to get across for some time now in my blog – Microsoft really does get security, and a bet on Microsoft technology for security going forward is actually a very good bet. 

I know the MSE beta was not widely available, so I’m encouraging you to take a look at it now.  You know, it even works in Windows 7 XP mode – which, btw, I’m using it for.  I’m also loading it up for all my friends and family, which I know I’ll have to support, so in effect I’m definitely making the bet myself (or I wouldn’t ask you to do it).

Regardless of dated perceptions, Microsoft really gets security
02 October 09 08:23 AM | ronaldg

[This was started a while back, article is from June 2009, but now that we’ve just launched Microsoft Security Essentials I thought this might be good to finally post]

Well, in light of my last post on the IE 8 security, and, in light of my “between the lines” thoughts, I thought this might be a good time to “dust off'” this article on our beta release of the future free AV offering (codename Morro) that I had actually intended to blog about earlier.   For those of you who follow this blog, my title statement will come as no surprise at all.   I would highly recommend that article, but I’m actually going to include an excerpt below that pretty much captures the main points, to save some of your valuable time.

Computerworld article: Antivirus testing outfit: Microsoft Security Essentials makes the grade

Article excerpt from Computerworld (emphasis mine to highlight key points) -
Microsoft's free security software passed a preliminary antivirus exam with flying colors, an independent testing company said today.  AV-Test GmbH tested Microsoft Security Essentials (MSE), the free software Microsoft launched yesterday in beta, on Windows XP, Vista and Windows 7, putting it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's two managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers.  "All files were properly detected and treated by the product," said Marx in an e-mail. "That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet."  AV-Test also measured Security Essentials against a set of in-house false positives to see whether the software mistakenly fingers legitimate files, a nightmare for users, who can be left with a crippled computer, and a disaster to the reputation of a security company.  "None of the clean files were flagged as being malicious," noted Marx. "Very good."  AV-Test also examined the program's anti-rootkit skills and its ability to scrub a system of malware it finds with a limited number of samples and "found no reasons to complain," Marx said. "[Security Essentials] is able to remove found malware very well, but further tests against larger sets of samples are required before we can come to a final conclusion."”

On an side note, it was interesting to see some of the initial negative buzz, most of it by security competitors, and ALL of it opinion based and unsupported by any facts or data.   This article gave an example of that in the following excerpt: “AV-Test's results will disappoint some rivals in the security market, who yesterday knocked Microsoft's effort. "It just doesn't give you the protection that you need," argued J.R. Smith, the CEO of AVG Technologies”.  The fact that articles on our technology always seem to include gratuitous negative comments that are seldom more than unsupported opinions, such as this one, is a big part of why we continue to battle the perception issue (of course that’s my opinion).

So back to the reason for this post.  First, I wanted you to be aware of this test, and to highlight the “passed…with flying colors”.  Unlike the opinions, actual test data is tending to validate the Morro product, and remember this is just the beta.  I believe I did some posts in the (distant) past about Microsoft’s world-class Security Response System and accompanying infrastructure, but suffice it to say, that we have a highly sophisticated, global security monitoring and response operation that is really second to none – most folks are not aware of that and never hear about it.  Our Forefront security products have been protecting not only desktops but servers, and not only at Microsoft, but for many large customers around the world for some time now.  I’ve always thought it was pretty compelling, considering that we are a primary hacker target, that we “eat our own dogfood”, which means we are protected from malware threats by our very own technology.  Second, I wanted to call out that, even though it’s listed as an AV product, as you see from above it protects against other threats such as rootkits.  And, in fact, it’s the successor to our Defender product as well, so don’t be concerned that it turns off Defender when it installs.  Third, I wanted to add that other articles seem to indicate that it appears to be good at avoiding false positives.   And, lastly, this article didn’t mention it, in other reports I’ve seen comments about how “quiet” it is and that it has less of an impact on your system than many other AV products.  Bottom line, as I’ve tried to highlight in my blog over time, a bet on Microsoft security should be a good one these days( post-SDL), even though I still see competitors (and sometimes folks online and in print) making statements that continue to try to rely on dated perceptions. 

Some other food for thought.  Microsoft leverages all the security infrastructure I alluded to above for the support of all their security products, so the same technologies and supporting mechanisms that have been, and are, protecting large corporations, including Microsoft itself, are also used in our consumer products like MSE.  So it should be no surprise, to the person who really understands Microsoft’s security commitment and products, that this product appears to be solid right out of the gate.  And, btw, did I mention that MSE is going to be free when it launches (at least for consumers).