More Patent Battles Making Your Computer Less Secure
from the ain't-patents-great? dept
Last year, we pointed to some patent battles among security software companies, noting how the end result would undoubtedly be less secure computers. As these security firms argued over who thought up an idea “first” and who owed who what amounts of money, you can rest assured that those exploiting the security holes couldn’t care any less about who came up with what exploit first. In the constant battle between security firms and malicious hackers, distracting the security firms and having resources devoted to arguing over patents (and paying each other royalties) seems designed to just make it that much easier for malicious hackers to stay that much further ahead, while making it more and more difficult for any security firm to actually provide anything close to comprehensive security. And, it’s only going to get worse. Slashdot points us to an article about Microsoft’s rather broad patent on proactive virus protection, despite the fact that others had proactive virus protection products on the market well before Microsoft filed for the patent. While Microsoft isn’t yet doing anything with the patent, the fact that it got it now means that others have to be extra careful in tiptoeing around proactive virus protection — and that’s only going to make virus makers happy.
Filed Under: computer security, patents, viruses
Companies: microsoft
Comments on “More Patent Battles Making Your Computer Less Secure”
Angry dude...
Wonder when Angry Dude is going to come up to defend the ‘proactive virus defense’ patent?
He must be pretty torn, he hate Microsoft but he loves patents.
Angry dude...
Wonder when Angry Dude is going to come up to defend the ‘proactive virus defense’ patent?
He must be pretty torn, he hate Microsoft but he loves patents.
Re: Angry dude...
Doubled? That’s bizare… hey mod, delete this second one please.
Angry dude...
Doubled? That’s bizare… hey mod, delete this second one please.
Re:
Echo, echo, echo…
I'm not worried.
One day the idiot at the Patent Office who thought that heuristic virus detection wasn’t “proactive” (geez, I hate Gen. Haig just for that word) will be fired and intelligence will again be valued.
But I could be wrong. This is America, after all.
Something seriously wrong
There’s something seriously wrong with either the posting system, or with my browser, because that’s two (possibly three) doubled posts! Please moddy people! Try to track down the problems!
I’m using the most recent firefox, if that makes a difference
The patent isn't all that bad
Part of the patent is the execution point where the protection originates – at the core Kernel Level. In Vista for Security enhancements that part of the Kernel is locked by Microsoft, even for Anti Virus/Security vendors. A change in the Kernel at the core level prevents Vista from loading. by Registering this patent MS have created a right to licence access to the core kernel without compromising it.
Proactive and hueristics are words that are open to debate. Using hueristics does not make an anti-Virus Product Proactive. I believe this is based on a sandboxing technique patented by Finjan: http://www.freepatentsonline.com/7058822.html
One question that must be asked is how it affects other Operating Systems? If a Linux Kernel developer creates a proactive sandboxing system for potentially malicious code using hueristics are they in violation of the patent?
Re: The patent isn't all that bad
The Linux kernel already has that capability in it in, among other places, iptables.
I doubt that it’s the same as Microsoft’s simply because it requires linking in a module to perform the anti-malware function.
Mostly sandboxing takes place elsewhere, though.
At the end of the day there’s always the chroot jail to lock down vulnerable processes like web servers.
ttfn
John
No subject
This is what happens when patents are stupidly given to software.
I guess the “1000 monkeys” example was never brought forth by the patent office.
Such a shame. Anyway, if you’ll excuse me, I’ll have to find additional software to download that’s not exactly what I want because someone owns a patent on the feature I want but put it in an application I’ll never use.
limited to software only
Does this mean that I can no longer “proactively” not click a link to malware ?
“means that others have to be extra careful in tiptoeing around proactive virus protection — and that’s only going to make virus makers happy.”
You could just as easily say that now there is an incentive for other security firms to innovate a different way to detect malmare that is NOT covered by the MS patent – and that new way may actually end up being better then MS’s method to boot!
Anti-malware firms are always trying to be the company that can claim they detect 100% of malware. So, if it turns out that MS’s patent is truly the best known way to accomplish that, then great, consumers will either buy the MS anti-malware product or buy another company’s product that licenses the MS technology.
But, most companies would rather not have to split their profits with another company, so then there will exists an incentive to think up a different way to detect the malware exists so they won’t have to pay microsoft any more royalties – thus the MS patent created an incentive to innovate.
If there was no MS patent, then anti-malware companies would just sit-back and use the MS technology royalty-free because it’s the best known technology to do the job and its also FREE – so what incentive is there to spend new resources on creating a new detection method when the current method is detecting 100% of the malware that comes out? none.
Re: Re:
Yeah, maybe… but the tech doesn’t belong to microsoft. And compitition would drive inovation
Re: Re:
You’re contradicting yourself. Either the MS technique has room for improvement or it does not. It’s ridiculous to claim it’s perfect, but just for the sake of argument we’ll pretend that’s possible. If it’s not perfect, there is an incentive for someone to develop a better product. If it is perfect, nothing anybody could do would be better, so there is no reason to try to develop anything better. The above conditions are true whether there is any patent or not, thus you have not demonstrated any benefit to the patent (other than to MS).
The A/C at May 22nd, 2008 @ 10:32am
You work at Microsoft, I presume. Man up and admit it, then we might listen to your points. Otherwise, we assume you are Ballmer’s sock puppet.
“And compitition would drive inovation”
Competition is all about making money! And if you had the choice of either having to give up some of your money to MS for a license, or create a new way to do the same thing so you won’t have to give up any money to MS, wouldn’t you?
By just the fact that MS has a patent on one method to detect malware, doesn’t that just beg others to find another way so they wont have to pay M$ for it’s method?
Thus, a patent can promote innovation. Simple.
Re: Re:
Compition’s also about quality, you dumb fuck
Re: Re:
Even if it’s 10% cheeper, I’m not buying something that’s 50% worse
Re: Re:
Dude: They’ll look for other ways ANYWAY as part of the quest to be better.
For whatever reason, the usually very intense process for securing and proving the validity and singularity of a patent seem to be simplified when it comes to security software. I mean, this almost sounds like they have patented a concept, rather than a procedure, and that is just very atypical.