Symantec and McAfee just won't quit

From this article
http://www.betanews.com/article/Sym...cure/1161117633

Quote:

Symantec and McAfee, which are much larger than both Sophos and Kaspersky
combined, dispute that viewpoint. They utilize kernel patching to stop
viruses from shutting down security software with a feature called Tamper
Protection, as well as for Behavior Blocking and host-based intrusion
prevention systems (HIPS).

Unquote:



So, these two loser companies want Microsoft to remove the kernel lock from
Vista just so they can insert their "own" kernel lock called Tamper
Protection. That is exactly what Patch Guard does, prevent tampering with
the kernel.

I ask you, who would you want to protect the kernel of the operating system,
the manufacturer of the operating system or a bunch of sniveling,
incompetent weasels?


--

Regards,

Richard Urban
Microsoft MVP Windows Shell/User
(For email, remove the obvious from my address)

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...

> So, these two loser companies want Microsoft to remove the kernel lock
> from Vista just so they can insert their "own" kernel lock called Tamper
> Protection. That is exactly what Patch Guard does, prevent tampering with
> the kernel.
>
> I ask you, who would you want to protect the kernel of the operating
> system, the manufacturer of the operating system or a bunch of sniveling,
> incompetent weasels?

Symantec and McAfee's attitude on this whole matter has got them on my
do-not-let-people-install-list. Well they were already on it, but now I'm
going to be a lot more vocal about it.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*

Has there been any details released as to what access these security
providers will be allowed to have over the kernel? Will they actually be
allowed to hook kernel API's and replace core OS functionality, or will
Microsoft make available to them a kernel-mode API that allows them to do
something similar, in a safer way?

Hopefully however this rolls down, the kernel will remain unpatchable :/

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
> From this article
> http://www.betanews.com/article/Sym...cure/1161117633
>
> Quote:
>
> Symantec and McAfee, which are much larger than both Sophos and Kaspersky
> combined, dispute that viewpoint. They utilize kernel patching to stop
> viruses from shutting down security software with a feature called Tamper
> Protection, as well as for Behavior Blocking and host-based intrusion
> prevention systems (HIPS).
>
> Unquote:
>
>
>
> So, these two loser companies want Microsoft to remove the kernel lock
> from Vista just so they can insert their "own" kernel lock called Tamper
> Protection. That is exactly what Patch Guard does, prevent tampering with
> the kernel.
>
> I ask you, who would you want to protect the kernel of the operating
> system, the manufacturer of the operating system or a bunch of sniveling,
> incompetent weasels?
>
>
> --
>
> Regards,
>
> Richard Urban
> Microsoft MVP Windows Shell/User
> (For email, remove the obvious from my address)
>
> Quote from George Ankner:
> If you knew as much as you think you know,
> You would realize that you don't know what you thought you knew!
>
>

Plenty of other choices: the aforementioned Kaspersky, and NOD32 come to
mind.

To make it even worse, the companies that make decent products (Trend
amongst others), didn't say a peep.

One look on the Windows XP forums here shows plenty of people complaining
about both McAfee and Symantec's products.

Lets face it, these AV people had a cash cow, and now it's going away.

That's what happens when you put all your biggest eggs in the same basket.


Bill F.


"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
> From this article
> http://www.betanews.com/article/Sym...cure/1161117633
>
> Quote:
>
> Symantec and McAfee, which are much larger than both Sophos and Kaspersky
> combined, dispute that viewpoint. They utilize kernel patching to stop
> viruses from shutting down security software with a feature called Tamper
> Protection, as well as for Behavior Blocking and host-based intrusion
> prevention systems (HIPS).
>
> Unquote:
>
>
>
> So, these two loser companies want Microsoft to remove the kernel lock
> from Vista just so they can insert their "own" kernel lock called Tamper
> Protection. That is exactly what Patch Guard does, prevent tampering with
> the kernel.
>
> I ask you, who would you want to protect the kernel of the operating
> system, the manufacturer of the operating system or a bunch of sniveling,
> incompetent weasels?
>
>
> --
>
> Regards,
>
> Richard Urban
> Microsoft MVP Windows Shell/User
> (For email, remove the obvious from my address)
>
> Quote from George Ankner:
> If you knew as much as you think you know,
> You would realize that you don't know what you thought you knew!
>
>

I've heard they only released a kernel api that passes data from the kernel
so their lame programs will work. OTOH, it's only what I've heard. The only
Symantec prog I respect is the corp AV... how they can make a reasonably
lean well behaved product for companies and yet produced the bloated system
breaking product known as Norton AnvtiVirus is beyond me. On a side note,
norton tamper protection was only available in the Corp version far as I
knew.

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
> From this article
> http://www.betanews.com/article/Sym...cure/1161117633
>
> Quote:
>
> Symantec and McAfee, which are much larger than both Sophos and Kaspersky
> combined, dispute that viewpoint. They utilize kernel patching to stop
> viruses from shutting down security software with a feature called Tamper
> Protection, as well as for Behavior Blocking and host-based intrusion
> prevention systems (HIPS).
>
> Unquote:
>
>
>
> So, these two loser companies want Microsoft to remove the kernel lock
> from Vista just so they can insert their "own" kernel lock called Tamper
> Protection. That is exactly what Patch Guard does, prevent tampering with
> the kernel.
>
> I ask you, who would you want to protect the kernel of the operating
> system, the manufacturer of the operating system or a bunch of sniveling,
> incompetent weasels?
>
>

What Microsoft has done - has pledged to do - is not enough. Symantec and
McAfee want total control of "YOUR" system kernel.

--

Regards,

Richard Urban
Microsoft MVP Windows Shell/User
(For email, remove the obvious from my address)

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

"Peter M" <pmcneil1@cogeco.ca> wrote in message
news:uoAwvbl8GHA.3960@TK2MSFTNGP05.phx.gbl...
> I've heard they only released a kernel api that passes data from the
> kernel so their lame programs will work. OTOH, it's only what I've heard.
> The only Symantec prog I respect is the corp AV... how they can make a
> reasonably lean well behaved product for companies and yet produced the
> bloated system breaking product known as Norton AnvtiVirus is beyond me.
> On a side note, norton tamper protection was only available in the Corp
> version far as I knew.
>
> "Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
> news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
>> From this article
>> http://www.betanews.com/article/Sym...cure/1161117633
>>
>> Quote:
>>
>> Symantec and McAfee, which are much larger than both Sophos and Kaspersky
>> combined, dispute that viewpoint. They utilize kernel patching to stop
>> viruses from shutting down security software with a feature called Tamper
>> Protection, as well as for Behavior Blocking and host-based intrusion
>> prevention systems (HIPS).
>>
>> Unquote:
>>
>>
>>
>> So, these two loser companies want Microsoft to remove the kernel lock
>> from Vista just so they can insert their "own" kernel lock called Tamper
>> Protection. That is exactly what Patch Guard does, prevent tampering with
>> the kernel.
>>
>> I ask you, who would you want to protect the kernel of the operating
>> system, the manufacturer of the operating system or a bunch of sniveling,
>> incompetent weasels?
>>
>>
>

They will never get anywhere near my kernel ;-)


--
Jane, not plain 64 bit enabled
Batteries not included. Braincell on vacation :-)

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:uMtoPpl8GHA.3916@TK2MSFTNGP04.phx.gbl...
> What Microsoft has done - has pledged to do - is not enough. Symantec and
> McAfee want total control of "YOUR" system kernel.
>
> --
>
> Regards,
>
> Richard Urban
> Microsoft MVP Windows Shell/User
> (For email, remove the obvious from my address)
>
> Quote from George Ankner:
> If you knew as much as you think you know,
> You would realize that you don't know what you thought you knew!
>
> "Peter M" <pmcneil1@cogeco.ca> wrote in message
> news:uoAwvbl8GHA.3960@TK2MSFTNGP05.phx.gbl...
>> I've heard they only released a kernel api that passes data from the
>> kernel so their lame programs will work. OTOH, it's only what I've heard.
>> The only Symantec prog I respect is the corp AV... how they can make a
>> reasonably lean well behaved product for companies and yet produced the
>> bloated system breaking product known as Norton AnvtiVirus is beyond me.
>> On a side note, norton tamper protection was only available in the Corp
>> version far as I knew.
>>
>> "Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
>> news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
>>> From this article
>>> http://www.betanews.com/article/Sym...cure/1161117633
>>>
>>> Quote:
>>>
>>> Symantec and McAfee, which are much larger than both Sophos and
>>> Kaspersky combined, dispute that viewpoint. They utilize kernel patching
>>> to stop viruses from shutting down security software with a feature
>>> called Tamper Protection, as well as for Behavior Blocking and
>>> host-based intrusion prevention systems (HIPS).
>>>
>>> Unquote:
>>>
>>>
>>>
>>> So, these two loser companies want Microsoft to remove the kernel lock
>>> from Vista just so they can insert their "own" kernel lock called Tamper
>>> Protection. That is exactly what Patch Guard does, prevent tampering
>>> with the kernel.
>>>
>>> I ask you, who would you want to protect the kernel of the operating
>>> system, the manufacturer of the operating system or a bunch of
>>> sniveling, incompetent weasels?
>>>
>>>
>>
>
>

Rather have MS handle that chore. Not saying they'd do it better than anyone
else, because, well... ya know... but still... why have a 3rd party taking
over such a low level function? Nah... no thanks.

Lang

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
> From this article
> http://www.betanews.com/article/Sym...cure/1161117633
>
> Quote:
>
> Symantec and McAfee, which are much larger than both Sophos and Kaspersky
> combined, dispute that viewpoint. They utilize kernel patching to stop
> viruses from shutting down security software with a feature called Tamper
> Protection, as well as for Behavior Blocking and host-based intrusion
> prevention systems (HIPS).
>
> Unquote:
>
>
>
> So, these two loser companies want Microsoft to remove the kernel lock
> from Vista just so they can insert their "own" kernel lock called Tamper
> Protection. That is exactly what Patch Guard does, prevent tampering with
> the kernel.
>
> I ask you, who would you want to protect the kernel of the operating
> system, the manufacturer of the operating system or a bunch of sniveling,
> incompetent weasels?
>
>
> --
>
> Regards,
>
> Richard Urban
> Microsoft MVP Windows Shell/User
> (For email, remove the obvious from my address)
>
> Quote from George Ankner:
> If you knew as much as you think you know,
> You would realize that you don't know what you thought you knew!
>
>

Is my understanding that this impacts only 64-bit versions.

Why does Microsoft not apply Patchguard to 32-bit versions ?
If then Vista OS can be better protected.

Brian


"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
news:uMtoPpl8GHA.3916@TK2MSFTNGP04.phx.gbl...
> What Microsoft has done - has pledged to do - is not enough. Symantec and
> McAfee want total control of "YOUR" system kernel.
>
> --
>
> Regards,
>
> Richard Urban
> Microsoft MVP Windows Shell/User
> (For email, remove the obvious from my address)
>
> Quote from George Ankner:
> If you knew as much as you think you know,
> You would realize that you don't know what you thought you knew!
>
> "Peter M" <pmcneil1@cogeco.ca> wrote in message
> news:uoAwvbl8GHA.3960@TK2MSFTNGP05.phx.gbl...
>> I've heard they only released a kernel api that passes data from the
>> kernel so their lame programs will work. OTOH, it's only what I've heard.
>> The only Symantec prog I respect is the corp AV... how they can make a
>> reasonably lean well behaved product for companies and yet produced the
>> bloated system breaking product known as Norton AnvtiVirus is beyond me.
>> On a side note, norton tamper protection was only available in the Corp
>> version far as I knew.
>>
>> "Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote in message
>> news:Oqd2E9j8GHA.2092@TK2MSFTNGP03.phx.gbl...
>>> From this article
>>> http://www.betanews.com/article/Sym...cure/1161117633
>>>
>>> Quote:
>>>
>>> Symantec and McAfee, which are much larger than both Sophos and
>>> Kaspersky combined, dispute that viewpoint. They utilize kernel patching
>>> to stop viruses from shutting down security software with a feature
>>> called Tamper Protection, as well as for Behavior Blocking and
>>> host-based intrusion prevention systems (HIPS).
>>>
>>> Unquote:
>>>
>>>
>>>
>>> So, these two loser companies want Microsoft to remove the kernel lock
>>> from Vista just so they can insert their "own" kernel lock called Tamper
>>> Protection. That is exactly what Patch Guard does, prevent tampering
>>> with the kernel.
>>>
>>> I ask you, who would you want to protect the kernel of the operating
>>> system, the manufacturer of the operating system or a bunch of
>>> sniveling, incompetent weasels?
>>>
>>>
>>
>
>