backtop


Print

The kernel fight continues with Windows Vista

We all thought that it was over with Microsoft's announcement that it would create specific APIs to allow security firms to access the kernel in the 64-bit version of Vista. It was thought that the concession made by Microsoft would be enough to quiet Symantec and McAfee who have been quite upset over Kernel PatchGuard. It appears that we've only just begun and Symantec is even more riled up by Microsoft's announcement.

Symantec claims that Microsoft's APIs are a "red herring" being used to fool the press and put them in a good light. The APIs for Vista 64-bit aren't enough for Symantec and McAfee and they want even further access. Symantec VP of Consumer Products and Solutions Rowan Trollope states that Microsoft isn't doing anyone any favors by providing APIs with secure access to the kernel.

The more general problem illustrated by the Tamper Protection example is as follows: Currently when a security company needs to provide security against a certain class of threat, we are able to do so even if Microsoft does not offer an API. With PatchGuard Microsoft is stepping in and changing the rules…We of course cannot pursue a path when Microsoft tells us that they will bluescreen our customers’ machines. Hackers on the other hand have no such issues. Once they workaround PatchGuard (which they already have), they don’t really care if the system becomes unstable or bluescreens or anything else. So in fact PatchGuard works in favor of hackers in this case.

Two smaller companies, Sophos and Kaspersky, are fine doing it Microsoft's way.  Sunbelt Software has joined in with Symantec and McAfee in disagreeing with Microsoft's security approach. Joe Wilcox, a senior analyst for JuperResearch, agrees with Symantec and the gang. "The situation is like this: Before, Microsoft security partners could take whatever path they wanted to climb the mountain and reach the summit. Now, they will have to use Microsoft security APIs, which create a path--and the only way they're allowed to go up the mountain. But Microsoft's APIan Way won't take them all the way to the summit. There is going to be a problem if the hackers can scale up to the summit by another route, while the security vendors are stuck below on the path."





"Well, there may be a reason why they call them 'Mac' trucks! Windows machines will not be trucks." -- Microsoft CEO Steve Ballmer







Latest Blog Posts
Apple in the News
Saimin Nidarson - Apr 4, 2017, 9:03 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki