You may have heard that there’s been a storm in the trade magazines in recent weeks because certain major security software vendors are throwing what, in my humble opinion, essentially amounts to a tantrum over the PatchGuard security functionality in the 64-bit version of the forthcoming Windows Vista operating system. The whole point of PatchGuard is to close off any unauthorized, undocumented access to the kernel. This protects against threats such as rootkits, but it also turns out to protect against certain techniques that are used by some security vendors to install their protective software. They’ve cloaked their protests as protests about Microsoft abusing its monopoly yet again (claiming to be worried about the unfair advantage that Microsoft’s new OneCare security offering will have in the market), but many people out there (both inside Microsoft and out) have pointed out that the screams of woe and agony seem more likely to come from other motivations.
(I find it personally amusing that the two vendors crying the loudest and making the most noise about this issue are the two whose products I have personally found, over the years, to be the most de-stabilizing and useless security software packages that users can ever install on their system. There are plenty of my peers who would agree with that assessment — and to be fair, plenty who don’t. Nevertheless, this does not stop me from immediately uninstalling these products whenever I encounter them on a system that is having issues. I have yet to find that this step fails to provide better security and stability in the end. In one memorable case, it put an end to one user’s need to perform a fresh reinstall of her copy of Windows on a monthly basis.)
On October 20th, Microsoft’s Jim Allchin wrote an open letter to Microsoft customers, partners, and vendors to clarify Microsoft’s position on the 64-bit PatchGuard brou-ha-ha. Go read it now, because I’m not going to summarize it here. Instead, I want to publicly thank Mr. Allchin for an unambiguous, well-thought, customer-focused response. Their “no exceptions” policy has now been publicly stated to apply to Microsoft first, giving us a clear metric of how we can judge their commitment to security.
Make note of any vendors who continue the FUD from this point on — they’re vendors whose products probably deserve to be given a wide berth. Instead, look for the vendors who spend their energies figuring out how to better protect your system and providing innovative services worth purchasing instead of trying to point fingers at Microsoft.