Submitted by Outgoing Microsoft co-president Jim Allchin posted a blog entry Friday apologizing for the confusion surrounding comments he made to reporters Wednesday about being so confident in Windows Vista’s security that his seven-year-old son’s PC had no antivirus software installed. Allchin acknowledged Friday that he wasn’t as clear as he intended to be, saying he never meant to imply that Windows Vista does not need antivirus software, despite citing the example of his son’s PC. “It’s important for me that our customers are using the appropriate security solutions for the right situations, whether that’s security functionality integrated in the operating systems, or add-on products,” he said.
Regardless, I wouldn’t be caught dead with an Antivirus.
They always seem to slow down my system and in the end do more harm than good.
In my mind, common sense is my antivirus.
If common sense is your antivirus, and you have no antivirus, does this mean you have no common sense?
It’s not 2001 anymore, common sense isn’t enough on Windows.
Edited 2006-11-11 17:48
I haven’t used an antivirus since 1999 and till now I don’t have any problems, FireFox is simple your best friend for someone using Windows.
Nor have I had a virus for years, but I attribute that to having an antivirus in place (and common sense) to tell me that is so. Not all viruses make themselves known, and some hide in the most incredible places you’d never find them (like a super-hidden file in the recyclers that only a DOS prompt is able to see).
If you were a city planner, you wouldn’t bother with safety barriers because it’s common sense to not drive off of cliffs. That’s not to say that – as with viruses – people drive off of cliffs on purpose.
I haven’t had a virus in years. Since windows 2k days… And that was because my brother used a cd someone gave him that was infected and it spread across our network at home.
We are behind a NAT router and I have the machines ‘locked down’ more or less. My little sister has an antivirus on her pc because she downloads willy nilly and i cant stop that. I run trendmicros housecall on my pc periodically (like 3 times a year), has yet to find any problems. No one in my family ever uses IE, outlook/express etc..
common sense can easily keep you from getting infected with anything.
Edited 2006-11-11 18:14
common sense can easily keep you from getting infected with anything.
I don’t think so. What if you download a legit program from the Internet, but the author inadvertently uploaded the setup file infected with a virus? You’re pretty much screwed. Granted, these sort of things don’t happen very often, but you never know.
So, I would say that running AV resident might be overkill for some people, but at the very least, you want an AV on your system so that you can use it to scan all incoming files. You can easily get a free one, such as AVG, so not like you have to pay for one.
And BTW: An email attachment will infect your system just as easily if it was launched from Thunderbird or some other mail app instead of Outlook Express.
I use avg on my sisters tower
I use gmail and pine off a shell account of mine for email. I never use other mail apps like thunderbird etc…
Kroc, don’t bother trying to convince anyone here that AV is necessary. Most people run an XP box behind a router and live happily, and therefore believe that AV is wasted CPU cycles. People who REALLY run Windows – farms of servers behinds firewalls that have to allow SQL*Net connections, incoming HTTP to their DMZ, VPN connections, etc, understand that AV is not an option, because you simply CANNOT know when the next zero day Windows exploit will hit.
Putting it simply: running without AV is reckless. Sure, you may not have had a problem before, but YOU DO NOT CONTROL Windows, and even with a router, you don’t know what the next malicious attack will bring. One day, something may come along and teach them, but until then, Kroc, don’t waste your breath.
By the way, I suspect that many people who /say/ they don’t run as admin on windows are lying. Running as a user on Windows sucks.
Here’s my personal rant on the subject: http://www.firsttube.com/read/Is-Antivirus-Software-Really-Necessar…
Edited 2006-11-12 03:30
I’m sorry but using Windows Defender and keeping up with the Updates, Windows Vista, UAC, and Common Sense will beat any crappy AV Symantec can spew out.
Even when I did use XP, I never had a virus. Maybe an occasional popup but never a virus. I don’t surf porn sites or download random stuff from the Internet.
Common Sense is my antivirus, I don’t download random crap from the internet and I know what I am running.
It might not be enough for you, but it’s kept me secure all this time.
Until you can provide some factual information and/or statistics on how I can possibly get infected, you’re wrong.
Can you provide any statistics on if you’ve been infected? Are you going to trawl an online virus database and check every one against your system to verify that it’s not there?
An anti virus app provides me with factual information that my system is not infected with known viruses – if you’ve never verified your system, how are you to know better than an anti virus app, which can verify against hundreds of thousands of viruses?
You can’t verify that your system is virus free, just because nothing ‘suspicious’ is happening – there are 140’000 viruses that you don’t know how they hide or function.
If the accident where to ever happen, Vista has the system locked down completely by UAC (Sometime to an annoying extreme).
Also viruses leave a mess behind or spawn a process which Vista would show on my task manager and by reading my system logs I’d eventually find out.
The only problem is getting the virus out once it is in your computer. Thankfully, Vista includes an array of diagnostic tools and restoration utilities if anything does go horribly wrong.
The average user will probably need an AV (One that uses the Microsoft APIs, not one that exploits flaws in the kernel and in the end slow down your system) but I for the most part was speaking for myself.
It’s not 2001 anymore, common sense isn’t enough on Windows.
Common sense alone isn’t, but combined with not using an Admin account constantly, it is possible to have a clean Windows system without running anti-virus software. Anecdotally, I use that method when I ran an Access Center a few years back, with about a dozen PCs running Win2k Pro. They were scanned every month or two with the TrendMicro online AV scanner, as well as AdAware and they invariably came out clean, except for the occasional tracking cookie.
The downside is that running as a non-admin requires jumping through more hoops than many users will tolerate. E.g., the only effective way I’ve found to run a filemanager as Admin is to use “run as” on iexplore.exe. And installing software that wasn’t designed for NT can be a real bear – often the installer just spits out a “Access denied” error halfway through the install. So then you have to find the setup file (and make sure to right-click, Open the CD in My Computer, because double-clicking will just autolaunch the installer again) and use Run-As on it. And then more often than not, you have to manually add the Start menu/desktop shortcuts for non-admin users, and change the permissions on the app’s Program Files folder so that non-admins can actually use it.
I was hoping Vista would fix that silliness, but it sounds like LUA just makes things more annoying.
Hey buddy. I don’t use AV and have no problems, so I agree with the original poster.
Non-seasoned users should use it though. As long as it’s not Symantec or McAfee
What about worms? There is not much you can do if there is a flaw in Windows that YOU cannot control. If that is exploited by a worm, then you will be a victim. I would only run without AV if you made sure that you had a good security system in place that prevented inbound connections. To suggest that you can run Vista w/o AV without any other mechanisms to aid in security seems foolish given MS’s track record.
Router / hardware firewall would stop it.
But how would the antivirus be able to stop the worm before you are affected??? Do you think the antivirus is good enough to figure that out? Or just wait till they update their signatures. It seems like it would only be good after the fact
A router/hardware firewall *won’t* stop malware from running on your computer or infecting it! It’s completely stupid to claim that to people! First of all: if you surf to a website which infects your machine via some ad or such through a hole in your IE/FireFox/whatever, that program can make an outgoing connection and leave the port open for incoming connections…ZoneAlarm (for a good example) would help you spot suspicious apps running on your computer which try to make outgoing connections, but a separate firewall doesn’t. And antivirus is used to prevent and/or remove such malware if you happen to get such from your IM apps/web browser/mail…
WereCatf, I know that. However you can’t speak for everyone.
I run behind a NAT router, and I am well aware that it won’t prevent malware through attack vectors such as a web browser. However I _know_ that I’m seasoned at this. I’ve been doing it since the dawn of time and I can categorically guarantee you that I would know if I got hit by malware or a virus.
I have been, once, and I spotted it instantly. I know the behaviour of my machine like the back of my hand and was able to remove it using the tools available to me in Windows. Namely ‘regedit’ and ‘explorer’.
I haven’t reinstalled my Windows box for a long time, but I can go through every process and identify exactly what it does. I could do this for you if you want?
I do run AV, but only ‘on-demand’. I scan things I’m really unsure about.
Edited 2006-11-12 21:17
lol that was a good decision of him,
otherwise no IT specialist could believe him.
Neither do I use antivirus on Windows XP Pro there is no need if you understand how Windows works. The only thing I do use is a firewall. Most of the time it is common sense that stops you being infected. Remember to do the windows updates. Check your process list and services if anything seems strange then find out what it is. Check out the sysinterals site and get rootkit realver and autoruns.
Is this the advice people have to give!? What about Joe public, what about companies, what about people who don’t have /time/ to be verifying their processes for potential problems.
I know how to unpick viruses from the disk and registry by hand, but grief, I don’t want to be a complete anal-retentive control geek who has to check the service list and processes, I’d use Linux if I wanted to do that. I switched to a Mac so that I spent /less time/ trying to maintain my system and more time actually /using it/.
Well yes if you are a normal user then you do need antivirus. But most of the comptuer virus problems out there today are just commen sense. Don’t open email attachments, be wary giving permission to a program that asks for it, stay on clean websites.
Apart from poisened images, iPods/CDs accidently with viruses on them, day-zero attacks. If you’ve no antivirus, how would you know if you had a silent, process-hidden keylogger that installed secretly via a USB thumb drive, e-mail attachment or poisen image? You can’t verify that with certainty.
Windows Vista has protected processes – viruses of the future are not going to be able to be /detected/ with common sense.
You might be able to prevent a virus with common sense, but you can’t always detect and remove them with it, when that accident does happen one day.
My view anyway is that the biggest threat to a normal user is adware than anything else, I trust using SpySweeper way more than Norton anyday each edition of Norton just seems to get worse and offers no real improvements. Antivirus works for old threats doesn’t prevent the ones that just are discovered or are undetected.
For me anyway I reallly don’t think the antivirus software right now is doing a good enough job to on detecting the threats. Most of the antivirus systems by default today detect viruses by signatures some do have the ability to detect patterns but still is poor.
The antivirus software of today probably can not or can poorly detect rootkit level viruses that are hidden from the windows api.
If you have real comptuer experience you can remove adware, and other malware installed on an infected comptuer if you take the time to figure it out. The goal of the malware is to make money off you not to break the comptuer.
<stay on clean websites
Yeah, since you always know that a website is clean even before ever going on it, right ?
Most users are “normal” users, and many of them are sub-“normal” users. _Anybody_ giving the advice not to use antivirus (and/or firewall app) under Windows is just as guilty as the guy that wrote that virus and/or trojan, just as those suggesting that by using them you suddenly get magically immune. Comments like I-never-needed-I’m-still-clean and just-use-common-sense are pretty much useless for most users, and for anybody else for that matter.
Stay on clean websites?
But…. The Internet is for porn. ( http://video.google.com/videoplay?docid=5430343841227974645 )
Why would you limit yourself from using one of the fundamental functions of the Internet just to be able to say “I don’t use Antivirus.”
Seriously though, The whole point of computers is automation. Why would I rather look at my process list and do all this other shit just to avoid using an AV program. Let the PC do it for you.
While I agree with this point in principle, I don’t think it has to be that way. If you have an AV app they recommend that, as well as its realtime protection features, you also do a thorough scan now and again.
Most scanners I’ve used on my machine (XP, 2.6GHz Celeron, scanning a 30GB ATA harddisk) take up to an hour (some even more!) for a full scan. And as you’re advised to leave the PC alone while the scan runs (and often the scan process is so resource-hungry it’s not an option anyway), that’s a big ol’ chunk out of your computing experience.
Personally, I took a couple of hours one day to learn a bit about NT permissions on the web, applied what I learned to my XP box and chose not to bother with any antivirus ‘solutions’ thereafter.
What I actually did isn’t really rocket-science either. First I made a Limited User account for everyday use, then I revoked the permission to “traverse folder / execute files” for that user from its user-directory. There we go: the Limited user cannot execute any foreign code. That only leaves being cautious about what removable media you shove in it, and there’s no real need to run antivirus unless you know you’ve been subject to a vulnerability that can get past the above safeguards.
The advise which damn windows never cared was to create a sandbox so a normal user would be able to do everything except installing kernel mode drivers.
The average users should be able to install new programs however the OS should make sure that the install would only work for them and other users can’t see the new program. If an admin installs a program then everyone can see the new program.
This way when i have to install a risky application, i can do that without worrying about possible worry of my application hijacking.
Then they should make a normal user account by default just for sandboxing so even an average user knows that if they want to run some crap, they do that in that particular account. Even if an application installs a keyboard hook in that account, it can only trace keystrokes for that user.
This is complex but that is true sandboxing. And it can solve many problems for windows users.
What about Joe public, what about companies, what about people who don’t have /time/ to be verifying their processes for potential problems.
While the Joe Public question is valid, any company of significant size should have IT staff to secure their network in the first place and lock down onsite employee PCs.
Unfortunately, locking down the PCs at employees’ desks tends to cause a lot of ill-will towards IT unless the ship is tightly run by management. “Those damn IT power-trippers won’t let me play this cool game my friend forwarded me!”
And we all know how well the pointy haired bosses run things.
I agree,
The company that I work for have useful options locked off…
Changing themes
Turning off the PC speaker.
Moving the desktop bar
Changing the background (I cannot focus on the screen if the background logo is too bright as a have headaches)
Useful Direct debit management websites are blocked. (voca.co.uk and BACS.co.uk)
Recently a strange set a permissions are set on all printers that make printing and scanning a challenging task. (No documents for you !)
No permission write to some networked drives, at the same time no options to save spools to any other place apart from the locked drives (No audit trail for you !)
This makes some tasks very inefficient and is due to “Those damn IT power-trippers” <-;
We can only hope that communication improves.
Unfortunately, locking down the PCs at employees’ desks tends to cause a lot of ill-will towards IT unless the ship is tightly run by management. “Those damn IT power-trippers won’t let me play this cool game my friend forwarded me!”
Of course – like anything else, the end result will depend on a lot on whether or not there are competent people setting and implementing IT policy.
“What about Joe public”
Those people are most definitely _not_ reading OSNews.
Edited 2006-11-12 01:47
Right!? So you all day walking around in your pc fil;es and processes lists looking for suspicious files and processes. Nice.
Kinda a looks you:
1) get not much time for actually working
2 ignorrant
3) lying
4) stupid
In any case if you worked in my company i would:
1) kick you out
2) make sure you had a anivirus like Nod32 runnig
3) kick you out
Damn, I’m really getting sick and tired of this endless arguments between people who use antivirus and people who don’t. I haven’t seen such a discussion ever reaching a conclusion and yet people start contradicting each other with every chance they get.
Let’s sum it up: with common sense you rarely (if ever) get a virus, but if you are unlucky or don’t pay enough attention you might get a virus, so you should keep AVG or some other free and lite antivirus nearby for emergencies.
In my personal experience – I didn’t use an antivirus for a couple of years and didn’t have problems, but then I decided to install NAV (Norton AntiVirus), after all, and ironically, I got my first virus after a very looong time (no, I’m not talking about NAV).
It was more like a trojan, actually … I’ve downloaded some archive from a crappy site, my “internal” antivirus switched on when I saw the contents, but I said what the heck, NAV is protecting me – so I clicked on the file. Needless to say that it wasn’t what I expected and that sorry excuse for an antivirus didn’t catch it. My bad.
So, having a crappy antivirus can be as bad, because it induces a false sense of security, especially if you swich off (or don’t have) the common sense. Now I’m scanning with AVG and Adaware from time to time, use Firefox and pay more attention, but I don’t run a resident antivirus. In over a year from “the incident” I didn’t have problems.
He probably HAD to back off his assertion because of the troubles Microsoft could suffer if people started to use Windows Vista without AV and happened to get sensitive data affected. Probably someone of the legal office told him to do that. I almost could hear the noise of friction of the lawyers hands around the globe.
About AV or not AV, if you are an IT literate you can avoid it, but don’t expect regular users to be as careful as you, they aren’t.
This debate is so useless when you consider the following:
– I am a good driver
– I will not drive on an uneven road surface
– I will not use my cell phone or listen to the radio while driving
ERGO
I don’t need insurance …
Yeah right
…were taken out of context.
…were taken out of context to bash MS specifically.
…were taken out of context to bash Windows Vista.
It’s sad to see that he needs to clarify his comments in this way.
It’s sad to see that anything an MS employee says is analyzed to hell with the purpose of finding anything at all to bas MS for.
I’m asking for the OSNews community to grow up.
I’m also asking for any OSNews commenter that comes from /. to go back where he/she/it came from and leave this place alone. We don’t need your constant bashing of things that you don’t have a clue about.
Edited 2006-11-11 21:25
A lot of the people that don’t use Antivirus are professionals, they use common sense, they know what every process is on their machine.
They notice if there hard drive is working more than it should, and notice if there’s bandwidth being used when there shouldn’t be.
Antivirus is a good thing to have, but there are people out there that don’t use it and are fine.
There’s still standalone scanners you can download and check with every now and then.
Nice to see OSNews reverberating the same misinformation:
ArsTechnica has a nice article about what AllChin did say:
http://arstechnica.com/news.ars/post/20061111-8199.html
…open mouth and insert both feet.
Regardless of your OS affiliation, you have to admit that was a pretty irresponsible statement. Hopefully the media will run this retraction as much as they ran his original snafu.
John Q Public doesn’t patch his PC nearly as much as he should. The 30 day trial of Symantec ran out a year and a half ago. The firewall only exists in his house if he has broadband with the free router, and even then it would only be active if it was on by default. If he’s on dialup all bets are off. To make matters worse the “Spank the Monkey and win $1M” banner ads look attractive to him.
I could go on and on, but that’s the state of 98% of PC users home security configs, regardless of the OS they’re using.
John Q Public doesn’t patch his PC nearly as much as he should.
This is because most of them think “Oh, I am a professional, I know all the pictures and I can click on them!” So a (false) feeling of security arises, which may finally result in opinions like “I cannot be infected, I know what I’m doing”, “I didn’t get a message box that says I’m infected, so I am not” or “Even if I’m infected, I don’t care” – and that’s dangerous. Such users can quickly become a danger for theirselves (their work and data on the computer) and for others.
I could go on and on, but that’s the state of 98% of PC users home security configs, regardless of the OS they’re using.
Yes, I agree. Therefore the distributors or developers of an OS should take care about the fact you mentioned above. I think Apple is doing good work in this case with their MacOS X, and I hope MICROS~1 made some relevant improvements in their “Windows XP” and “Vista” products.
As soon “Windows” users get infected and abused – and don’t realize (!) this, their machines are used for spamming, data espionage and saboutage. That makes them affective for prosecution. Here in Germany, this “I don’t know” or “I don’t care” can be punished by law, if the abused machine is involved in criminal actions as named above. I don’t know if this is the case in the US and other countries.
So, Joe Q Public, realize this: If you don’t use proper AV software, you cannot say something about your infection status. “I don’t know” is not equivalent to “I’m not infected” – refer to basic principles of logic.
Binary logic: { infected, not infected }
Trinary logic: { infected, not infected, don’t know }
The means of diagnostics in “Windows” are poor. Because most (home) users have to deal with system administration theirselves, they seem to refuse to do so. I can’t figure out the reason. Because people like car analogies, here’s one: If I’m not familiar with car mechanics, I have to let a professional check the car in certain distances of time; he can find problems I won’t notice myself. But I simply have to know a few things about my car (how to drive, where to put the fuel in etc.) in order to use it. (Here in Germany we have a thing called TÜV. After some years, every car owner has to get his car there. It is checked by professionals who are approved by state authorities. If the car is okay, they get a “stamp” on it. Without the “stamp”, the car may not be run in the public traffic and has to be repaired or thrown away.) So has John Q Public, or he sould consider stop using a computer.
Edited 2006-11-12 02:52
After reading that I probably should have been a little more PC about John Q, and mentioned Jane Q as well. My sister was the source of the banner ad reference.
So in Germany, if you don’t even know your system is a zombie you can still be prosecuted? Wow, does that suck. I now understand why you said either John Q (or Jane) know what they’re doing with a computer, or don’t own one.
That said, I know I should change the oil in my car every 3k miles…but I usually wait til 6k to do it. Good thing oil changes don’t affect anyone in Germany.
“After reading that I probably should have been a little more PC about John Q, and mentioned Jane Q as well. My sister was the source of the banner ad reference.”
I don’t think the banners are the major reason why one should use AV software and a firewall (hardware or software) together with “Windows”. The main reason is: Viruses etc. work in the background. They don’t give you a queaking pop-up saying “Hi Jane, your PC is infected!”.
“So in Germany, if you don’t even know your system is a zombie you can still be prosecuted?”
If your zombie PC is involved in a criminal action, yes, it’s possible.
“Wow, does that suck.”
No, it doesn’t – from the point of the victims of data espionage and saboutage it’s important that not only the attackers, but also their helpers get caught. Or would you like to live in a world, knowing your neighbour steals your confidental personal data and sells it to big advertising companies?
To come back to the car analogie from above (people like this), you’re personally are responsible for your car to work properly. You simply cannot say “I don’t know enough about cars” – then you’ve got to avoid driving it.
“I now understand why you said either John Q (or Jane) know what they’re doing with a computer, or don’t own one.”
Maybe, I’m unfair to Joe and Jane, so I have to excuse first. But how can one insist on owning (or better: using) a PC when one does not know enough about it? A minimum, a simple minimum of knowlegde should be there. Car analogy: driving license.
“That said, I know I should change the oil in my car every 3k miles…but I usually wait til 6k to do it. “
If you know enough about your car (which is individual in some regards), you can do it on your own responsibility. But if an accident happens because you did something wrong, you can be sued for it.
“Good thing oil changes don’t affect anyone in Germany.”
If they’re done in the US, surely not. 🙂
What I want to say: Every PC user is responsible for what he’s doing. Therefore, he should know a bit about what he’s doing. Otherwise, he won’t be able to come to a decision because of a lack of knowledge. And there are many things (practical virus behaviour, intrusion actions, remote control etc.) the user is not able to get knowledge of by himself. That’s a fact.
Final car analogy:
Office: Ma’am, you’ve caused an accident. Didn’t you see the red light there?
Jane: Red light? Where?
Officer: There, right above the street.
Jane: Hmm… ah yes, now I see it. Didn’t notice it before…
Officer: The light means you have to stop.
Jane: I didn’t know that.
Officer: Didn’t you mind braking? There was traffic directly infront of you!
Jane: No.
Officer: But that’s dangerous!
Jane: Not for me, I have an airbag.
Officer: And the victim of your shortsight?
Jane: I don’t care.
Officer: Ma’am, you have to inform yourself about security in public traffic!
Jane: No, I don’t want to. My car has to tell me. I bought it yesterday. It’s very nice, it has many colours! It should deal with security issues for itself and let me just enjoy driving.
Edited 2006-11-12 03:26
I don’t bother to read all the 40+ comments here, but I’d say an antivirus is good to have somewhere around, and for average users it should be running all the time. Me, I really have no need for an antivirus since I don’t use Windows for anything else than gaming. Win2k suffices for that. Though, this year I had one infection: I was installing win2k on an older machine of mine and I had forgotten to remove the network cable before installing ZoneAlarm…After installing ZoneAlarm it asked if I wanna give suspicious looking programs the permission to access internet. I booted to Linux, ran antivirus and removed the virus.
Oh, just a hint for people: I’d advise to get a bootable CD with some sort of live environment and an antivirus there. That way you always have a usable OS which you can use to remove viruses from your computer. Linux for example is a great choice for these things.
Malware is a reality…its been a reality for an long time. Todays always connected computers; *funded* malware authors; Sophistication of new methods have made it a more serious threat.
The original article was a *vista* is soo secure, which served two purposes. It said non Microsoft malware spotting/removal tools are rubbish and you shouldn’t use them; Vista is simply a better OS than XP.
Firewall and Virus Tools are Computer intensive tasks, which hasn’t been very popular. Malware has got increasingly sneaky making it even harder to detect, and these tools have got increasing bad at detecting them. Making these things highly unpopular. throw in the fact that you often come pre-installed and you have to *pay* for them to keep working, and they are often painful when you want to do legitimate computing tasks, everyone would rather live without them.
What I have found funny is the superiority shown on this thread over an average computer user, with the Average Joe and *common sense* computing. Its important to say that common sense is actually rather hard to implement.
Malware removal/detection tools are just part and parcel of the modern computing experience. I find it difficult to believe that any user would *choose* not to have several that they use regularly.
The harsh reality is that with Vista is whether you use Microsofts Malware tools or you use some from a third party. I suspect very strongly that Microsofts tools will work more smoothly with Vista than any third party tool, regardless of quality, and I suspect most will prefer to live with that, than the situation we have now.