McAfee alleges Microsoft is compromising Vista security
One of the largest PC security companies in the world has taken out a full page ad in the Financial Times alleging that Microsoft is compromising the security of the forthcoming Vista operating system.
McAfee has leant its weight to the growing chorus of complaint from the security industry alleging that Microsoft is locking them out of key areas of Vista.
McAfee’s Chairman and Chief Executive George Samenuk wrote in the advert, ‘With its upcoming Vista operating system, Microsoft is embracing the flawed logic that computers will be more secure if it stops co-operating with independent security firms’
Microsoft has taken special care with the security of Vista not only to build its reputation for creating secure software but also, according to Symantec, safeguard the digital rights management (DRM). In order to create a protected path between DRM components and the system hardware, it is critical that no code be allowed to come between these elements in case it intercepts and modifies protected content.
As the Symantec weblog points out, ‘If security vendors don’t have access to the platform kernel, it cuts down on our ability to innovate and create compatible solutions.’
Within Vista, Microsoft’s PatchGuard prevents software from making extensions to the kernel. This means that nobody, apart from Microsoft, can make changes to the kernel. While this may seem like an admirable security feature – the protected kernel is a feature of Unix and GNU/Linux, for example – it does mean that security companies such as Symantec and others cannot modify the kernel for their own purposes. The irony is that while legitimate means are blocked, researchers and attackers have already found ways to disable and work around PatchGuard.
The Symantec blog concludes, ‘These new technologies, along with Microsoft’s unwillingness to make compromises in this area, have serious implications for the security industry as a whole’.