Month: October 2006

The Truth About PatchGuard: Why Symantec Keeps Complaining

Why Symantec Keeps Complaining

PatchGuard effectively blocks any changes to the OS kernel, and stops unsigned kernel-level code from executing. Why? The answer is simple. The kernel is the lowest level of code in the OS. Its stability is critical to the stability of your system. Microsoft recognizes this, and now kernel-level code must go through extremely rigorous testing as part of the Security Development Lifecycle. Anything that hasn’t gone through that process does not get executed at the kernel level. So understanding that no one but the Windows Core Team should be putting OS code in the kernel, Microsoft revoked everyone’s free pass into the kernel. It’s that simple.

Patching fundamentally violates the integrity of the Windows kernel by replacing actual kernel code with unknown third-party code. As a result, patching introduces problems in three primary areas: reliability, performance and, most importantly, security.

Symantec’s argument goes as follows:

It seems a bit disingenuous of Microsoft. They are getting into the security market and are disallowing this whole class of security products that they don’t have,” McCorkendale said. “It does not feel like a level playing field at that point.

According to Symantec, PatchGuard is really there so nobody but Microsoft can build Windows security products. Looks like someone has their tin foil hat on too tight. Symantec is trying to build up a case to try Microsoft as being anti-competitive in the court of public opinion. But this line of reasoning is pure crap. None of Microsoft’s other products have access to the kernel, either.

So Why is Symantec Complaining?

As if it wasn’t already obvious. Look, Symantec has every reason to be worried in this space. Windows Live OneCare grabbed 15.4% marketshare in its first month, and 10.1% of that was from Symantec. Why? Because it’s less bloated then Symantec’s product.

Symantec is pissed that, in order to build a product for Windows Vista, they’re going to have to totally rewrite their security suite. And they might even have to put some effort into doing it right. And that’s a problem for a company who has been profiting from Microsoft’s security problem for the last 15 years. Now that Microsoft has gotten their security act together, Symantec can’t be innovative, and has to resort to inventing problems to stay relevant.

I chose to quote virtually all of the information above from this other article because this guy essentially says it exactly what needs to be said in a perfectly concise manner. Symantec has no rational reason to be complaining, they are simply whining because they may have to rework their program (which sucks up memory and can actually slow your system by the way)

[tag]Tech News[/tag]
[tag]Hardware[/tag]
[tag]Internet Related[/tag]
[tag]Security[/tag]
[tag]Software[/tag]
[tag]Thoughts[/tag]
[tag]Life[/tag]

Update: Windows Vista RC2 (Build 5744) Released

The build string is vista_5744.16384.061003-1945_x86fre_client-LRMCFRE_EN_DVD.iso

Screenshots to follow this evening once I get it installed. This is the final build that will be distributed before Vista goes RTM.

image

Vista Build 5744 Gallery

[tag]Chaos[/tag]
[tag]Tech News[/tag]
[tag]Internet Related[/tag]
[tag]Software[/tag]
[tag]Thoughts[/tag]
[tag]Life[/tag]
[tag]Windows Modding[/tag]
[tag]Visual Modding[/tag]