Microsoft wants to think for you…again.

Posted by on February 8, 2006

Well well well, M$ has come out with a subscription based program that will roll all of your security related applications(firewall, AV, and Spyware) into one handy package. They call it OneCare. You can read all about it here, start at the bottom and read up.

They seem to be implying that this won’t interfere with the other security related apps you are running and will be the onestop shop for all things malware. Right. Holes have already been found and probably addressed…the program is still in Beta until July. These problems, however, show at best, a stunning ignorance of the threats out there and at worst a sloppy implementation.

Problem 1: Anything utilizing JVM gets a free pass through the firewall.

Problem 2: Any signed application gets a free pass through the firewall.

“Oh but signed applications are safe aren’t they?” Uh…no. Many bits of Malware are signed today to keep windows from alerting on them. It’s become standard practice and most everyone in the security world knows it…except the folks at Microsoft apparently. Oh, wait, I mentioned “security world” and “Microsoft” in the same sentence…silly me.

M$ wants $49.95/yr for the use of this “service”.

As I said on their blog, why would I move away from Zonealarm(free), AVG(free), and Spybot(free)? Why do I need OneCare to tell me about threats when I already have SANS Internet Storm Center? Why would I encourage my not-so-tech-savvy family and friends to participate in this post-modern version of the Bait and Switch? They’re going to call me anyway…

Ed “The Legend” Skoudis, SANS instructor and Malware expert, welcomes M$’s foray into the security world:

I agree with Ed in that it’s all about trade offs…I’m just not sure the trade offs made by M$ are worth the gamble. My recent rant has been “Don’t Think For Me!” and it holds true here. Let ME decide what my trade offs are. I really believe that in todays network world users have to be educated. The days of dropping $2500 on a machine and jumping on the “super info-highway data freeway thingamajig” with your killer 300bps acoustic coupler are over. Today’s world simply requires users to know and understand alittle about how their machines operate on the network. They don’t need an indepth knowledge of TCP/IP. They don’t need to be CCNE’s. They **DO** need to understand that programs will try and reach them across the internet and not all of those programs are nice. They **DO** need to understand that not ALL of the programs on their machine need to have access to the Internet. If folks can’t grasp those two ideas then perhaps they need to reconsider getting online.

Last modified on February 8, 2006

Categories: InfoSec
1 Comment »

« | Home | »

One Response to “Microsoft wants to think for you…again.”

  1. Joel Esler Says:

    Amen brotha!! Micro$haft trying to one up everyone again!

%d bloggers like this: