Submitted by Security tools that work with Windows Vista have failed tests to see if they can detect viruses circulating online. Microsoft’s Windows Live OneCare security tool was one of four products that failed independent tests carried out by the Virus Bulletin. The security testing group found that Live OneCare missed far more active viruses than any other program tested.
Are they going to sell a fix for the fix for the inherent problem with Windows?
I bet no one saw this coming
But honestly, I hoped that things would have turned out better than they have so far. I use Linux as OS of choice, but it gets downright depressing to here how MS just can’t seem to put out an OS that doesn’t suck. And I will be the first to admit that i think Vista looks nice and is a big improvement in a lot of ways, but when you have critical things like this popping up all of the time, it doesn’t matter how nice the OS looks or acts. Vista is like a hot girl with a highly contagious disease that she doesn’t tell you about until after you’ve gone to bed.
How is it critical that an add-on virus scanner doesn’t work well?
“How is it critical that an add-on virus scanner doesn’t work well?”
Its critical that Vista has Malware being written for it faster than Anti-malware can be written…that actually works. I consider that to be very critical.
And how exactly did you come to that conclusion?
A virus is still a virus whether it’s on XP or Vista. UAC and running as standard user does limit what these viruses can do, but that can’t stop people from writing viruses.
*Nix is no less vulnerable than Windows is.
Also, Live OneCare (the worst according to this groups test) caught 99.1% of everything thrown at it.
Edited 2007-02-06 17:31
*Nix is no less vulnerable than Windows is.
Mwahahahahaahahahahahahah. Yeah we saw that.
On Unix, during the last 20 years we got almost … 30 virus (thanks linux…) while windows gets more than 140 000 virus during the same time.
http://en.wikipedia.org/wiki/Computer_virus
All a virus does is exploit the rights given to the user. If a user is running as a standard account, then the malware is limited to what that standard account can do (including deleteing files in their own user directory, and change a few settings here and there).
This is no different on Unix. The number of viruses is completely irrelevant.
Also, Live OneCare (the worst according to this groups test) caught 99.1% of everything thrown at it.
Wow! That’s pretty big!
Now double, tripple and quadruple the test sample size and you’ll see how the result is approaching 100% with the same old boring 37 not detected malware programs 😉
And what exactly is your point?
So 9 out of 1000 gets through. That’s horrible. It’s at least 9 times higher than the highest tolerable failure rate (1/1000). Come again when the break-through rate is 1/10.000 viruses.
Also, this article says nothing about what the malware is able to do, if anything at all, or what exactly got through the virus scanners (other than just saying that 37 viruses got through).
You are drawing a conclusion from something that has no basis for said conclusion… I doubt you even read the article.
According to the article, “Live OneCare caught 99.91% of the known active viruses it was tested against. This left it vulnerable to 37 separate malicious programs.” And that was the *worst* result. A 99.91% success rate isn’t exactly horrible.
The article also has quotes from the MS and the other vendors saying that they’ll look at the results and make improvements. I don’t know anything about malware protection, but it seems to boil down to comparing files on the computer against signatures, and that you try to detect as much malware as you can while limiting the false positives. This may be just a case of tweaking the threshold of the respective algorithms, such that all malware would be detected, but maybe you’d get more false positives.
I’d be interested in seeing the results on XP. I’d think that if these malware detectors use the same malware detection algorithms on XP as they do on Vista, then you’d get the same results. Which would mean that this is not a Vista issue at all, and that this article is just another Vista hit-piece. But that’s just speculation until I actually see some XP results.
I don’t know anything about malware protection
…and yet you felt compelled to jump to Vista’s defense on this very subject…
37 malicious programs sounds too many for me.
While 99.91% sounds not too bad, take into consideration the thousands of active windows viruses and it turns out to be not good.
But what is this malware actually able to do? What malware is it? Is it one basic virus with a bunch of different variations?
This article has very little substance.
I don’t disagree with you that the article doesn’t really say a lot. What I do disagree with is the fact that if Vista were as secure as MS has been claiming that such ‘Add-ons’ wouldn’t be necessary. Do you know how many Viruses I’ve had on my Mac’s in the last 14 years? 0. My Linux boxes in the last 7 years? 0
Do you know how many viruses I have found on my Windows computer in 14 years? 0.
These things aren’t necessary especially if you have good computing practices.
Once again, what exactly are these viruses able to do? Just because they can get on the system (a matter of opening the file that contains it) doesn’t mean they can do much of anything, if anything at all.
Oh come on! Almost nobody writes a virus that doesn’t do anything. Besides, what you saying is that its OK as long as the virus doesn’t cause harm to your computer. Thats like saying thats its OK that burglars can break into my house, as long as they don’t take anything.
He didn’t say that a virus was written to do “nothing”, he is questioning if they were able to do anything.
And no it isn’t like saying it is ok that a burglar can break into your house; it is like saying, if you have a friend over who brings his friend with him that happens to be a burglar but doesn’t take anything, that is ok. Not that I agree with that idea but it fits better…
It’s not actually burglars breaking into your house really though is it? If catching a virus was anything like burglary, then that would mean that viruses would actually infect your machine when it was turned off and your were out of your den for a few hours.
No, a virus-type burglary would look like this.
Someone who you don’t expect, knocks on your door. They say they’re a friend, and you see no reason to doubt him, even though you have never met him. He then tells you that if you let him in, give him a room for a few nights in the same room where you keep the safe, and a nice strong cup of tea, he will show you the really s**t hot porn stash he has in his rucksack. That seems like a really fair deal to you, so you let him in …
That is how viruses get in; by folk just running anything that knocks on their door.
Now by my rather bad maths estimating, a 0.09% miss rate and 37 viruses not found, means that they must have managed to detect round 40,000 viruses(?), which isn’t bad going in my book … but it isn’t good enough. So let’s look at the actual testing.
But we can’t yet, because we have no details of when it was run, what versions of the packages were used in the test and anything about the testing methodology used.
But if we give them the benefit of the doubt, we still have 37 viruses that weren’t picked up. Is this a problem? Well, to do anything harmful to the system, the user still has to run the virus, and along the way, they will be warned by the UAC that this program is trying to gain restricted access to their system. At this point, common sense should tell them, that there is no good reason why ‘goodporn.exe’ needs admin rights to your machine; but then common sense should have told them not to let that dodgy looking bloke with the bag full of skin mags, anywhere near the safe either …
I’m a little surprised at this *long* post.It *implies* that people only get virus’ if they look at porn!? Considering the ease at which Virus’ spread on Windows this is a outrageous lie.
The idea that the 37 is pretty good is a nonsense. The ones that are not detected are by there very nature the ones that spread; they are the common ones.
Whats interesting about the article is that its Microsoft’s own product that comes of worst, and thats what will become the predominate one.
Thats without the interesting question of whether Microsoft will draw the line between fixing the cause of the problem within the OS…or fixing the effect of the problem.
You can’t fix the cause when the cause is the fact that admins have full rights to the system.
Someone has to be able to have full rights to the system, and if they do, they can delete, corrupt, change, etc… anything on the system.
Windows does prevent this somewhat with windows file protection, and other such security measures, but if you give something admin rights, it is YOUR fault, not Windows’.
A few years back while I was running Linux, I happened to be on my admin account doing something, started up XChat (probably to get some help with an issue I was having or something), and XChat firmly put up a warning, basically calling me an idiot for going onto the internet as root, and asked me if I wanted to continue.
As you can see, the same problem still exists in Linux.
An app (malware or not) can do only what the users rights allow it to do, and if you say that it is ok to give this app admin rights (even typing in your admin password for it), then the consequences of that action is YOUR fault.
//A few years back while I was running Linux, I happened to be on my admin account doing something, started up XChat (probably to get some help with an issue I was having or something), and XChat firmly put up a warning, basically calling me an idiot for going onto the internet as root, and asked me if I wanted to continue.
As you can see, the same problem still exists in Linux. //
WTF??
That is an interesting take on it, for sure. How exactly is it a problem if Linux gives you a warning?
Especially in the light of most users of Windows effectively “running as root” all of the time, because Windows more-or-less forces them to, and Windows not giving any warning about it?
Finally, I suppose you would contend that Linux 100% fails this test in the sense that it doesn’t detect any viruses for Windows (or even run them for that matter) … whereas anyone sane would say that Linux detects 100% of the active viruses for Linux and it does so without even running a virus scanner.
In case you didn’t know, by default the first user is not a full admin and you are prompted for credentials in order to do admin type things.
Seriously, do you even have a clue?
A virus does nothing more than corrupt system files, delete files, etc… Linux is not immune to these things (it would be impossible to be, unless you were running as a guest).
@CPUGuy Do not reply to my posts.
If a security hole “grants” root access. Microsoft has two solutions. It can fix the hole, or it can remove the virus.
Hence cause and effect. They have to do both!
Honestly, I like your analogy better than mine
But the problem still remains that there are 37 chunks of code out there that can find their way into you system and potentially do damage.
I agree that getting a virus on your computer doesn’t mean anything. I could DL that virus to my Mac and say “oh no, a virus got into my system”. The difference is that it wont do anything once its there. If Vista is designed well, then those 37 different viruses should be as benign as a text file, and I hope they are.
Regardless of what system people like to use, malware does in fact hurt all of us.
if Vista is designed well, then those 37 different viruses should be as benign as a text file, and I hope they are.
How exactly Vista should be designed so those viruses would be as benign as a text file?
Edited 2007-02-06 20:31
I’m saying that they should be as benign as a text file. Unfortunately, it don’t matter how smart the OS is, if the user is stupid. If you are the type of person who goes on to Limewire, downloads a file that says its Nero and its only 300k…and you run it…you then deserve the nastiest virus you can get
You claimed that:
if Vista is designed well, then those 37 different viruses should be as benign as a text file, and I hope they are.
So how is Vista should be designed well to achieve that? What exact design flaws prevent it from doing so?
Of course 37 is “too many”. 1 is “too many”.
But I was responding to the tone of the guy who wrote that this article is evidence that “Microsoft just can’t seem to write an OS that doesn’t suck”, and went on to compare Vista to a “hot girl” with a “contagious disease”. I assume he wrote that before reading the article and seeing the actual statistics therein. If you read his post without reading the article, you’d get the idea that malware was getting through right and left. I thought it would be nice to bring the actual stats into this discussion before more posts like that were made.
99.91% isn’t evidence that Vista “sucks”. And you know what? A 100% detection rate does not indicate that Vista is great. This test is about security programs, not Vista. (That didn’t stop people from modding the post in question to a 5.)
I want to see evidence that this is a “Vista” issue. Would you get the same results on XP? Would you get the same results on Linux or OSX, if you put the malware files on the harddrive of a computer running those OSes and then used the same malware-detection algorithms to try to detect the files?
A few years ago there was a piece of Mac OSX malware that was a trojan masquerading as a pirated copy of Mac Word 2004.
(You can read about it here http://www.macnewsworld.com/story/33790.html and in many other links that are turned up via Google (or your favorite search engine.)) You could get it by downloading it from the warez sites it was on, receiving it in email, etc (i.e. it’s not a self-propgating virus). Supposedly, it looks like a Mac Word 2004 installer, but when you launch it, it erases the files in your home folder. Now, ideally, if you ran this “installer”, then the security software you were running would detect it and block it from doing damage (not that Mac users run security software; I admit that I don’t on my Mac (which may be foolish), while I’d be loathe to run my XP machine without security software). Now, if the security software was unable to detect this trojan, is that evidence that Mac OSX “sucks” or that the simply that the security software was not able to detect it?
Unfortunately, this thread continued down the road of assuming that this test was about Vista rather than these security programs, thus deraling the thread into yet another “my OS is better than yours” pissing contest.
“I want to see evidence that this is a “Vista” issue. Would you get the same results on XP? Would you get the same results on Linux or OSX, if you put the malware files on the harddrive of a computer running those OSes and then used the same malware-detection algorithms to try to detect the files?
(Cut out MAC drivel)
Unfortunately, this thread continued down the road of assuming that this test was about Vista rather than these security programs, thus deraling the thread into yet another “my OS is better than yours” pissing contest.”
@MollyC OneCare is a new product *launched* with Vista…and its not as good as its competitors. This does not bode well.
I’d love to see the results of these Virus’ working on OS X and Linux. I for many years have been disappointed by the lack of cross-platform virus’. The FSF has put creating more Virus’ for GNU a top priority.
Richard Stallman was heard to comment “I will not compromise. I am deleting and corrupting my own files. We intend to liberate this area of computing as soon as possible”
Its not a “pissing contest”(euhhhh). Microsoft got battered; 140,000 vs 37, and thats without the spyware built into the OS, or any of the other malware that plagues Microsoft like DRM.
Edited 2007-02-07 12:16
well, with virus scanning and malware detection, there is no such thing as 99.91% being “not exactly horrible”.
Problem here is that even a single non-detected piece of code can and probably will cause havoc.
So, 99.91% may seem a high value but in real life, you would end up dead because you’ve just encountered one of the 37 most deadliest viruses….
It boils down to one thing — they don’t even grasp their own products that well to prevent damages and that’s pretty scary.
So, 99.91% may seem a high value but in real life, you would end up dead because you’ve just encountered one of the 37 most deadliest viruses….
So what. An airliner could crash into your house at any time and, yet, for some reason its vulnerability doesn’t render your house unusable or unsatisfactory. Point is … there’s no such thing as absolute safety or security. Holding out for such ridiculously high standards is an exercise for morons.
Actually a 99.1% success rate is a major fiasko. This means 0.9% are getting through which is truely horrible.
What matters is not what gets caught, but what slips through.
The successrate should be in the range >99.9%. Anything lower is embarrasing and a prove of poor development(resources) or poor use of that/those.
“Actually a 99.1% success rate is a major fiasko. This means 0.9% are getting through which is truely horrible.
What matters is not what gets caught, but what slips through.
The successrate should be in the range >99.9%. Anything lower is embarrasing and a prove of poor development(resources) or poor use of that/those.”
————
Just to correct you, the success rate was 99.91% (not the 99.1% that’s getting thrown around here), which is in the range that you, yourself, consider acceptable. And again, that was the *worst* rate, and again, has nothing to do with the OS in question.
99,91 is just slightly better than the lowest acceptable success rate (1/1000)- There is still much room for improvement.
However, it has everything to do with the OS in question, since the amount of viruses for Windows is several thousand times larger than any other platform. We can not afford as much as a single failure.
Wow, you couldn’t just admit that you were mistaken when you ranted about the 99.1% figure, and then thank me for correcting you so as to save you from ranting further based on false stats? Are internet egos so fragile that people need to defend each and everything that they say even when shown that they were speaking based on incorrect info?
The fact is, Live One Care is within the range *you* put forward for acceptibility. End of story (as far as your rant is concerned). *You* put that range forward, nobody else. (Though, I suspect that if you knew that the real success rate was 99.91%, you’d have ranted about how horrible that was, and that the minimum acceptible success rate would be 99.991%, no?)
As for there being room for improvement, nobody denies that. Microsoft says they will take steps to improve, and McAfee claims (or implies, at least) that their latest update would catch 100%. Given that the vendors are going for 100% detection rates, what exactly was the point of your rant to begin with? That improvements should be made? Duh!
“As for there being room for improvement, nobody denies that. Microsoft says they will take steps to improve”
I actually say its a disgrace, Microsoft have taken steps to deliberately put other competing companies at a disadvantage using their Monopoly status…and Microsoft is not as good as the competition.
From a Linux advocate’s (not mine!) POV, this is great news. Joe user might not see this story, but if they do, they’re just going to equate Vista with letting in viruses.
Whatever the reality, the more times people see Virus and Windows Vista in the same article (Especially one from the beeb), public confidence in Vista is going to fall.
as bill said, “you shouldn’t try to hack windows”
now we know why: it’s boring easy! xD
okay just the funny side of it…
but 6 years of development didn’t make windows secure. I think Vista is not more secure than XP. XP is “proofen” and pachted a lot of times.
Well, according to the Virus Bulletin’s website, http://www.virusbtn.com/ , it appears that they use the current “in the wild” virus list from http://www.wildlist.org/ for the basis of this test. Unfortunately 4 of the 15 products tested, failed to detect 100% of the “bad guys” on the wild list. I don’t care what OS you’re running this is not a very acceptable result. Close doesn’t count, this isn’t horseshoes. I hope all the products that failed get fixed *soon*. In the meantime, I’d suggest using a product that works 100% of the time and currently that doesn’t include Microsoft OneCare.
I personally think that the only kind of thing currently called “malware” that should count against an OS’s security are worms or other files that take advantage of coding or design flaws in the OS to get on the machine. For example, if I can get a program through the simple act of visiting a webpage without confirming it on my machine, then that’s bad.
On the other hand, so much of what these people seem to call viruses are more likely instances of the “dancing pigs” problem, wherein a user is tricked into installing bad code through some incentive (like seeing Britney Spears’ naked body). I don’t think an OS can put up with this, and I suspect that this sort of virus makes up the 37 that got through. If the user actively tries to install a program, what is the OS really to do in order to stop them?
MS still doesnt get it. And I guess the pro MS crowd here doesn’t either. It doesn’t matter how stupid the user is or how many virus there are in the world. What matters is how MS designs its OS. When your main and only user account is the administrator you are gonna get screwed. That is still the case in Vista. Even with the pop-up warnings, its a problem. Pop-ups will just be ignored. Then there are things like the mail program having write access to system files. (although I think this may have been fixed) MS uses stupid design decisions and this is why Windows will always be less secure than OS X and Linux. 99.91 percent isnt too bad, unless that .09 % is the code red virus and then your f**ked.
When your main and only user account is the administrator you are gonna get screwed. That is still the case in Vista.
When your main and only account is root you are gonna get screwed. That is still the case in Linux. Whats your point? In Vista administrator account is disabled by default and all users – including administrators – run in a limited user account.
Even with the pop-up warnings, its a problem. Pop-ups will just be ignored.
Really? Try to ignore popup like that:
http://windowsvistablog.com/photos/blog_photo_gallery/images/481734…
MS uses stupid design decisions and this is why Windows will always be less secure than OS X and Linux
What exact “stupid design decisions” MS uses in Vista, and how they make Windows “less secure”?
//What exact “stupid design decisions” MS uses in Vista//
Design decision = binary backward compatibility with executables for XP/2000/NT/98/95.
That design decision also means binary backward compatibility with literally hundreds of thousands of active malware & viruses out there.
That is just asking for trouble.
You honestly advocate that Microsoft make Vista so that it doesn’t run any XP/2000/NT/9x apps?
Good grief.
“You honestly advocate that Microsoft make Vista so that it doesn’t run any XP/2000/NT/9x apps?
Good grief.”
I am. Lets see whats a new technology, having functionality built into chips, all the cool OS’s are doing in now begins with V
@MollyC for you
“”Although many improvements have been made, Vista cannot fend off today’s malware without help from security products,”
From the horses mouth.