McAfee cries foul over Vista security features
McAfee Inc. top executives went on the offensive Monday against Microsoft Corp., saying Vista will be even less secure for customers than previous versions of Windows.
The day after McAfee took out a full-page advertisement in the Financial Times to publicly air its grievances over the security of Vista, McAfee Chairman and Chief Executive Officer (CEO) George Samenuk, Vice President and Chief Scientist George Heron and Chief Security Architect John Viega delivered the same message in person in New York.
"We are disturbed by the fact that with Vista, end customers will be less secure," Samenuk said. "Customers trust us ... To erode that trust would hurt all Internet users, all PC users. I don't think Microsoft wants that, nor does McAfee want that."
Two security elements in Vista fare chief among McAfee's concerns, executives said.
In Vista, Microsoft is locking down the kernel of the OS through a feature called PatchGuard on 64-bit versions. Microsoft's argument is that this will keep miscreants out of the OS and prevent the incidence of attacks, and it is something for which customers have been asking.
"Fooling around with the kernel while it's running is like changing the sparkplugs on your car when the engine is running," said Stephen Toulouse, a senior product manager at Microsoft. "It's never been a good thing for users."
But McAfee said since PatchGuard also prevents third-party security companies from getting inside the OS, they can't activate crucial security measures in their software to protect the OS from intruders.
PatchGuard is not new in Vista, said Bruce McCorkendale, a distinguished engineer with McAfee competitor Symantec Corp., which shares McAfee's consternation over the feature. He said Symantec has been petitioning for Microsoft to change the feature since the company introduced it in its 64-bit version of Windows XP, but the company will not budge.
"If you ask any security vendor that offers advanced protection, you'd get the same answer [about PatchGuard]," McCorkendale said. "It's just inhibiting the way security vendors do their jobs."
However, according to Jupiter Research, only 5 percent of companies with 100 employees or more are running Windows XP in its 64-bit version, and that adoption is not supposed to ramp up significantly anytime soon, said analyst Joe Wilcox.
"If this new [feature] affects 64-bit only and nobody is using 64-bit, what's the problem?" he said.
The other big concern with Vista for McAfee lies in a new security interface called Windows Security Center (WSC). Microsoft will not allow this interface to be turned off, so McAfee and other third-party users can't install their own security-management consoles on Vista machines, executives said.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
