Kaspersky Files Antitrust Complaints Against Microsoft in Europe (Updated)

Posted on June 6, 2017 by Paul Thurrott in Windows 10 with 66 Comments

Kaspersky Files Antitrust Complaints Against Microsoft in Europe

UPDATE: Microsoft has issued a statement about these complaints. I’ve added it at the end of the article. –Paul

Kaspersky Lab announced today that it has filed formal antitrust complaints against Microsoft in Europe, alleging that the software giant engages in anti-competitive business practices.

“We see clearly—and are ready to prove—that Microsoft uses its dominant position in the computer operating system (OS) market to fiercely promote its own—inferior—security software (Windows Defender) at the expense of users’ previously self-chosen security solution,” Kaspersky Lab CEO Eugene Kaspersky explains. “Such promotion is conducted using questionable methods, and we want to bring these methods to the attention of the anti-competition authorities.”

According to Mr. Kaspersky, he has filed formal antitrust complaints with both the European Commission and the German Federal Cartel Office. And these complaints follow a similar complaint made in November to the Russian Federal Antimonopoly Service (FAS). (Kaspersky Lab is based in Russia.)

At the time of the November complaint, I noted that some of Kaspersky’s complaints were legitimate and that the central issue he’s raising is one I feel very strongly about, that Windows 10 does indeed stomp all over user preferences during upgrades, and that Microsoft could easily fix this issue.

“Kaspersky’s broad points are well-made,” I wrote. “Microsoft has indeed designed Windows 10 to be more user-hostile than previous Windows versions, though it would argue it has made these changes for customers. The question is whether these changes, especially forced updating and upgrading, will ultimately benefit the user base or just drive them away as reliability problems mount.”

Here’s what Kaspersky is alleging more specifically. I’m providing this in his own words because it is, after all, an accusation.

Windows Defender is included with Windows 10 and cannot be turned off. “Microsoft’s antivirus is hardwired into all versions of Windows 10 for home users,” he writes. “It’s impossible to turn it off completely, impossible to delete.”

Windows 10 makes third-party AV more annoying. “Upon attempts to perform any actions with an independent security solution, users are asked at every step: ‘Do you want to run this program?’, adding: ‘You should only run programs that come from publishers you trust’. It’s as if users are about to commit a wrongful action that violates the default settings from Microsoft.”

Windows 10 makes it impossible for third-party AV to notify users when a subscription runs out. “For three days after the expiry of a license for our security solution and the turning off of protection, we are forbidden—through our own notification system—from informing the user that it might be a good idea to extend the license so that protection could get back up and running,” Mr. Kaspersky writes. “Instead … we’re obliged to use Microsoft’s own notification system—now called Action Center—to which many users pay little attention.”

Windows 10 actually removes third-party AV during an upgrade. “You’re updating your OS, and … Windows decides that your existing security solution is, after all, incompatible with Windows 10, deletes its drivers (leaving a bunch of useless files (the solution won’t work without the drivers), and in its place switches on its own solution,” he explains. “Windows does this without the explicit consent of users, and also with barely any warning: the notification displays on the screen literally for just a few seconds. Moreover, while this notification states in bold ‘We turned on Windows Defender’, the fact that your existing security solution was removed is in small, non-bold print.”

After removing the third-party AV, Windows 10 tricks the user into thinking it’s still installed and working. “After the independent protection is deleted, it stays in the list of installed programs!” he continues. “So users … think their chosen security solution is working (why wouldn’t they? It’s there in the list of installed programs; even the icon on the desktop’s still there) when in fact it’s been deleted. The Disappearing Act was designed so that users don’t return to their independent AV, and stay in blissful ignorance as to what’s actually happened.”

Microsoft doesn’t provide third-party AV vendors with enough time to certify their products against new versions of Windows 10. “Independent developers need two months after receiving the RTM to carry out all their fine-tuning before the release of the Windows update to the public,” he claims. “Earlier, Microsoft would give us the RTM version in good time, but of late this has been reduced to a couple of weeks before releasing to the public.” Further, this behavior is bad for everyone, including Microsoft’s own customers. “While studying new versions of the OS, our experts often find vulnerabilities and mistakes in them and inform Microsoft. And normally there’s time left for Microsoft’s own developers to deal with the discovered bugs before the release of the OS to the public. But if everyone’s in such a hurry, there’s no time for such a luxury.”

Mr. Kaspersky believes that these behaviors are too numerous and indefensible to be anything other than a well-planned strategy aimed at harming his business, and at fooling customers into believing that Windows Defender is superior to third-party AV. He has many examples of the Microsoft Support chain providing incorrect information about AV, and even quotes from a Microsoft video in which the presenter explicitly says, “I want you to think about kicking out the independent antivirus because we’ve got a great solution right now and it’s going to be even better in the months to come.”

He also provides evidence from independent testing labs showing that his own AV solution is vastly superior to that provided by Microsoft. That’s easy enough to look up, and he’s correct.

The question, alas, is whether this behavior constitutes an antitrust violation.

On the one hand, you might argue that Microsoft no longer controls the personal computing market, and without a monopoly it can do whatever it wants with its own products. On the other, the EU is a lot more stringent about keeping the market competitive, and Microsoft has already suffered tremendously there. And recently, too: The “privacy theater” baloney that Microsoft added to the Windows 10 Creators Update happened specifically because of EU (and otherwise European) complaints.

Ultimately, what Mr. Kaspersky wants is reasonable.

“We want Microsoft to stop misleading and misinforming … users,” he concludes. “We want to see all security solutions being able to work on the Windows platform on a level playing field. And we want to see users being able to decide for themselves what they want and consider important to them. We want fair and healthy competition, which has always given excellent results everywhere – no matter in which industry or market.”

UPDATE: Microsoft’s response

“Microsoft’s primary objective is to keep customers protected and we are confident that the security features of Windows 10 comply with competition laws. We’re always interested in feedback from other companies and we engage deeply with antimalware vendors and have taken a number of steps to address their feedback. We reached out directly to Kaspersky a number of months ago offering to meet directly at an executive level to better understand their concerns, but that meeting has not yet taken place.” – Microsoft spokesperson

Tagged with

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (71)

71 responses to “Kaspersky Files Antitrust Complaints Against Microsoft in Europe (Updated)”

  1. siko

    Years ago, my friend agreed to upgrade to windows 8, but insisted he wanted his Kaspersky internet security suite installed after completion.

    The upgrade went smooth, he was impressed, almost happy. Until we installed the Kaspersky suite; it rendered the machine useless in minutes, nothing functioned anymore. Somehow (persisting) I managed to de-activate the suite and de-install it... all was fine again...


    I never looked back at Kaspersky... if software is capable of outsmarting the OS, I avoid it. At all costs. Good luck Mr. Kaspersky.

    • AMDman2017

      In reply to siko:
      Still Using 3rd Party av here myself currently, guess habit that I keep reinstalling it after each clean install, I Feel these days with Windows Defender, and WIndows 10 Default security settings, in addition to Malwarebytes Free, that I'd be safe from any threats that may come across, as well as save some PC resources by using Defender if I should choose to switch out on all systems eventually.

      Have 2 Windows 10 Pro Desktops
      1 Windows 7 Desktop
      and various phones and such

      Of course Microsot doesn't prevent folks from using 3rd party av if they should choose, sure might be warnings that Defender is off, or it may remove it during a feature update, but usually as long as folks Av is current, Microsoft Windows 10 does leave your 3rd party antivirus installed.

      Sure it may not score well in the tests by independent testers, but I imagine they turned off some of the default Windows 10 Security features prior to testing there antivirus applications, which puts Defender at a disadvantage as Defender relies on Smartscreen, and various other factors in the Windows 10 OS to function properly, in addition to Windows update to get it's definitions, Cloud Protection feature, Automatic Sample Submission etc





  2. ncn

    If Kaspersky wants his software to be the AV solution ... he should pay the PC vendors more to include his software over the competition. Practically zero systems come with just Defender; after that, most users never change what's in there.


    As far as Win 10 upgrades removing his software because it's "Incompatible", perhaps he should consider getting into the Insider's program. There's more than enough time to run the upgrade process to see if you're going to be bounced.


    If I seem a little harsh, it's because I think most of these guys are selling resource-robbing snake oil.

  3. lordbaal1

    Microsoft is not stopping anyone from downloading and installing a third party Anti virus.

  4. Edward Thomas

    Koperski could just get out of the AV business and into the OS business. If they think that they can make a better OS more secure and all that why don't they tried competing? Microsoft has no ownness to support their software. If they don't wanna follow Microsoft standard APIs. Microsoft is setting standards to make sure that their underlying operating system stays secure. Koperski is just upset because they can no longer have any value add to it's suckers... Customers.

  5. Bill Russell

    He may have some valid points with competing software in general, but Windows should by default have the best OS level baked in antivirus and malware, whatever they want to call it and flag 3rd party antivirus as malware, removing it. 3rd party antivirus always just adds more problems than its worth. Forcing changes to my browser search page/provider, other bloatware, toolbars, etc. All sorts of kernel level shoddy hooks into it. I'm glad we have security vendors that keep an eye on vulns. but they need to find a different business model than selling windows antivirus. Windows 10 can flag itself as nagware/adware while its at it too!

  6. Igor Engelen

    I don't know how realistic it is but having an OS built in such a way that no AV is needed seems like the best option for the users. That's what Microsoft should aim for.

  7. jimchamplin

    I see the argument "OMG WE CAN'T BE READY WHEN THE NEW VERSION COMES OUT WE HAVE TO TEST ON IT FIRST."

    Okay, people, you multi-million dollar companies, I'm going to give you this super awesome tip.

    THE WINDOWS INSIDER PROGRAM. Just get Insider builds and we'll welcome you to the 21st Damn Century.

    Putzes. I have no sympathy for these morons. They should adapt or die.

  8. bassoprofundo

    Isn't there an argument to be made now that installing 3rd-party software that hooks in at the level of privilege required by an antivirus software actually makes the OS less secure? It seems like this is the case whether or not the scanning engines & removal capabilities are superior.


    Plus, antivirus vendors can hardly claim the moral high ground here. For years, we've been shoveled bloated piles of mess that do more to slow a system than they do to help. Some have gotten their acts together, but the market has largely moved on as have the bad guys. Traditional antivirus products are far less useful in the day and age of sophisticated malware and ransomware attacks that do as much to exploit human gullibility as they do technical flaws. I suspect that some of these vendors are merely mourning the loss of a long-time cash cow rather than moving on and developing more innovative products.


    Finally, what financial incentive would there be for Microsoft to oust security software vendors? They aren't making any money off their in-house solution, and they have to provide something now in the box to protect people from their own ignorance in an always-connected age. They have nothing to gain from having fewer companies develop software that runs on their platform, but they have everything to lose by not having a competent and secure solution out of the box.

    • hrlngrv

      In reply to bassoprofundo:

      . . . antivirus vendors can hardly claim the moral high ground here . . .

      Kaspersky deserves to suffer for McAfee's sins?

      . . . they have to provide something . . .

      By default, sure. However, when users have REPLACED that default, should Windows 10 REMOVE the replacement the next time Windows 10 updates? Without user interaction?

      • Ezzy Black

        In reply to hrlngrv:

        I think disable because they are incompatible is more the operative here. Defender will take over if 3rd party AV fails. Is that a bad thing?


        Sure, is has a certain smell of "DOS ain't done 'til Lotus won't run to it" but I'm certainly not in favor of MS being required to stop updates until the competition catches up.

  9. hrlngrv

    US may require dominant market position. Other countries require only clear anticompetitive intent. Removing 3rd party AV utilities without asking for user approval sure seems like prima facea anticompetitive intent to me.

    Well, MSFT always has been good for lawyers.

  10. ArizonaBob

    Why doesn't Norton/Symantec have the same set of problems? Their programs continue to work through every upgrade. What is Kaspersky doing different. Is it possible that they are modifying Microsoft modules instead of using the APIs set up for AV venders?

  11. Minok

    While some of his points are valid, others are just him defending his business model.

    Microsoft should stop stomping on user preferences - if have an AV solution in place, use that and when it expires then auto-switch over to Windows Defender. How hard is that?


    I understand Microsofts' desire to have a meaningful AV solution running on Windows going forward - it reduces support calls and brand damage. The question is, what can they control?

    For the free Windows 10 version, I think Microsoft can defend a position of : We dictate what its got to do out of the box.

    For the paid version installs, Microsoft should stay with the user preferences, and allow a customer specific AV solution be installed.


    In the end its much better that ALL installations of Windows 10 have some form of functional AV - and one does not have to pay a license fee for that - VS - some have a functional (paid or not) AV while some have no AV and cause grief for us all.

    • Eric Dunbar

      In reply to Minok:

      "For the free Windows 10 version, I think Microsoft can defend a position of : We dictate what its got to do out of the box."

      Free vs. paid is fundamentally flawed thinking for Microsoft. Windows should be Windows. Microsoft chose to differentiate Home from Pro from Enterprise, but, it should not matter how you got your respective version of the OS.

      What I do find objectionable is that anything but the Enterprise version comes packed with privacy-destroying, ad-pumping violations of your personal space.

      Your operating system should not be the one subjecting you to a never ending barrage of advertising or, by default, completely violate every aspect of your privacy while making it tough to turn off or discern how much you're leaking.

      Apple makes its privacy violations in macOS clear. It keeps the advertising to a minimum. At the very least the "Pro" version of Windows should come free from Windows Store crapware icons in the start menu.

      Anyway, I digress. Kaspersky is lamenting the loss of his business model. It's inevitable. Microsoft has been stung soooooo many times by lax security choices that they've finally learned from past mistakes. Chances are Kaspersky is guilty of using many of those lax security choices to make his software work and that's what's causing him problems, not any concerted effort by Microsoft to thwart his business model.

      Besides, Microsoft doesn't actually earn any money off the built-in security so what would they have to gain from asking for an anti-trust investigation from the EU when they don't need it? It's not even like Kaspersky denies them huge amounts of data.

      Plus, this makes Kaspersky look like the underdog, so, for PR purposes this might boost his sales.

  12. plettza

    Their (the antivirus providers) AV notifications are more frequent, more useless and just as easily ignored by users. I can't comment on Kaspersky but I've recently installed BitDefender as well as Norton on various computers. They both want to tell me about reports, files that I've downloaded are safe and all sorts of other things to assure me they're doing something useful.


    And all this for questionable extra security.


    Windows Defender really never bothered me.


    We don't need 40 notification services running when a unified, built-in solution exists.


    Also, why shouldn't Microsoft be allowed to secure it's operating system? Last I looked, Windows I'd boy the dominate OS so Kaspersky should go and complain to someone who cares.


    I'm glad I didn't buy a Kaspersky product with all this whingeing they're carrying on with.


  13. Eric Dunbar

    "On the one hand, you might argue that Microsoft no longer controls the personal computing market"

    Microsoft still owns 90% of the desktop market so I think it's fair to think of it as a monopoly. It may not have much of a presence in the mobile market, but, that's not the issue.

    Microsoft provides an OS for the desktop and is in a monopoly situation there. That means Microsoft is privileged, but, it also has some special responsibilities that other companies don't. Ensuring that they don't harm competitors is one of them.

    In the mobile sphere there is a healthy competition going on. Apple may earn the lion's share of the money, but, it is not in a monopoly position (it may be in a dominant position, but, that's different from being a monopoly).

    Now, whether Kaspersky is suffering from anti-trust behaviour or from frequent updateitis, that's a different story. It feels like Kaspersky built his software for a different operating system. Microsoft is doing its level best to leave its Win32 legacy behind to ensure that it's easier to avoid viruses and malware, the very things Kaspersky fends off. Kaspersky rose to prominence in a world dominated by Windows XP and 7. XP has now been officially dead for three years. Windows 7 is being phased out, even in corporate settings. Windows 10 is a completely different beast with many of its systems re-written from the ground up with security in mind.

    • skane2600

      In reply to Eric Dunbar:

      The idea that MS has a monopoly has always been dependent on an artificially narrow definition of the OS marketplace. Furthermore, anti competitive moves against MS were always about helping poorly performing competitors and was never about consumers. The "remedies" were also entirely about enriching those competitors. Netscape's only value to AOL was the potential to sue MS. Ironically AOL grossly overestimated their government provided payday.

  14. Ezzy Black

    A few points here, outside the legalities.


    Defender was developed (aquired an expanded if you will) mainly because so many users wouldn't/didn't/couldn't install third party AV software. In that regard it is an absolute success and malware trials are suspect at best. The fact that you can jam more obscure and infinitely rare definitions at 3rd party AV programs and have them recognize it is useless in practice.


    Russian Antivirus is damn near as scary, (not quite, but close) to me in a security context as Google Browser is to me in a privacy context and Water Cooling is to me in an electronics context. They are all absolutely absurd computing notions if you have a lick of sense. None of these requires any tests or verifications, they just are what they are. You don't trust security to Russians, you don't trust privacy to the worlds largest privacy threat, and you don't pour water on electrical components. This ain't hard folks.


    Don't even get me started about the incredible bloat of 3rd party AV.

  15. jaltman

    Kernel drivers (or modules or extensions as they are called on various platforms) are often removed or disabled when a new kernel is installed. This is not a Windows only phenomenon and it is critical to the stability and reliability of the system. The application stores that are now prevalent on iOS, macOS, Android, and Windows are possible because of the introduction and enforcement of an application lifecycle that guarantees to the end user that installation and removal of an application will leave no footprint behind. It is this guarantee that improves the reliability of the underlying system and converts a general purpose computer into the technical equivalent of a toaster. If an app misbehaves, uninstall it and your system is as stable and reliable as if the app was never installed in the first place.


    It is critical to note that kernel drivers live in a world in which a completely different set of rules apply. A kernel driver unlike a userland process is not isolated from other processes. If it corrupts memory, fails to release a mutex, or otherwise misbehaves, that failure impacts the reliability and performance of the entire operating system and every application that is executing. There is no equivalent of an application lifecycle for a kernel driver. There is no packaging model that permits a driver to be installed and uninstalled with zero footprint. Nor is there any method of knowing if an installed driver understands semantic changes of the operating system that were introduced in new kernel versions.


    When Microsoft announced that drivers for Windows 10 and Server would need to be signed by Microsoft and certified for a particular release (Server only), there wasn't much coverage in the press. Some members of the security community complained that digital signatures are security theater and that requiring that drivers be signed by Microsoft would prevent hobbyists, open source developers, researchers, and small businesses from being able to distribute kernel drivers. Is there a security benefit to the use of Microsoft signatures? Sure, it prevents developers from having their infrastructures compromised and they signing keys stolen and used to sign root kit drivers. However, the primary benefit to the world isn't security, its reliability. By requiring that drivers be signed by Microsoft ensures that Microsoft can enforce the Windows compatibility testing requirements. By adding version certification to the signatures it ensures that vendors must demonstrate that drivers have been tested with a particular release.


    Microsoft is enforcing the requirement that they sign drivers but they have yet to enforce the certification requirements because certification and testing for compatibility is very hard. Its hard enough when the driver is part of the OS source tree. Its nearly impossible when the driver is out of tree and not integrated into the continuous integration test suites and static analysis tooling.


    Kernel drivers cannot be installed from the Windows App Store. That also means that they cannot be installed on Windows 10 S which has yet to ship. This lawsuit is just the first step. I believe its an attempt to force Microsoft to permit kernel drivers to be installed via the Store because without that option the future of anti-malware companies is a quick death.


    Microsoft can easily and rightly argue that the reliability and user experience improvements from Windows 10 S better meet the obligations that Microsoft has to consumers without any technical background. Any user can upgrade from 10 S to Pro in order to install third party products such as anti-virus or third party file systems. Yet, even then, a kernel upgrade must disable any drivers that are not known to be safe. Since there is no binding between the kernel drivers and installed userland applications, it is not possible for the OS to remove the application. In fact, I would argue that it is the installed application's responsibility to recognize that the driver has been disabled and perform the necessary steps to acquire a compatible driver and install it.


    As far as the complaint regarding lack of time for testing. Microsoft hosts interop events that all file system and filter driver vendors are welcome to attend. At these NDA events vendors are provided an advance look at future kernel changes which appear in the Windows Insider builds months in advance of the general release. I doubt Kaspersky has a valid claim on that count.


    The underlying issue for vendors that rely on kernel drivers is that they need to move on to other business models. No one would ever expect a cell phone carrier to permit arbitrary third party kernel drivers to be installed on phones. Nor should anyone else that arbitrary third party kernel drivers can be installed into cloud environments such as AWS, Azure, GCE, etc. That their user on consumer grade general purpose computers is being restricted is simply a sign that the industry is growing up and taking its quality control and reliability obligations seriously.


  16. arknu

    When will this idiot shut up? Windows having built-in antivirus is the best thing to happen to computer security in a long time. But, sadly, I won't be surprised if the EU rules that Microsoft cannot include antivirus in Windows... Completely ignorant of the fact that this would help malware spread even more.

    He can just join the insider program, then he'll have plenty of testing time. And if Kaspersky stuck to good programming practices and not using undocumented hacks, it might not be necessary for Windows to remove it during the upgrade. Microsoft obviously does this because Kaspersky causes issues. He might have a point that this process should be more visible (why not remove Kaspersky completely).

    Now, why anyone would want to use Kaspersky is another question...

    • SherlockHolmes

      In reply to arknu:

      Everybody who relies only on Windows Defender shouldnt be allowed to be online. Every Antivirus test from independent firms shows how bad Windows Defender still is.

      Sadly there are still many out there who still use only Windows Defender.

  17. SherlockHolmes

    Microsoft is arrogant as always. And thats sad.

  18. red.radar

    Kaspersky can scream anti-trust all they want. But if Microsoft can prove that Kaspersky had no intention of solving the problem by failing to meet with microsoft to find a resolution, then the case is bunk.


    To be honest, even if Kasperksy has a point. In this case I still prefer to use Windows Defender. Its free, and doesn't nag me. the customer experience is better with windows defender. Most anti-virus vendors are nothing but scare ware and Just a crappy up-sell opportunity for the slimeballs at best-buy. Anti-Virus has become nothing but snake oil in the last few years. Its an industry that needs to die along with adobe flash. I have no love loss for them. Don't like their products, and even if they are correct I still can't wait for them to go out of business.

  19. Bats

    Someone needs to tell Kaspersky that the year 2017 and not 2007. Windows 10 had to evolve past Windows 7 to give users the safest experience they can. Microsoft can not bend their will to accomodate of appease 3rd party software vendors, no matter how better their solution is. Microsoft does not have a duty to 3rd Party Vendors. After all, their products are merely "Extensions." Microsoft has a duty to all Windows Users to ensure their online safety.

    Turning off an AV product to install code into the OS is nothing new. ESET Security informs me when Microsoft has updates to install and encourages me to do so. I do not recall a time when OS updates were installed on my Windows 10 computer and the AV solution was turned off or removed from my system. As a matter of fact, ESET was always on. The question is, what is ESET doing, that Kaspersky is not?

    Based on my experience, I think problem is not Microsoft. The problem is Kaspersky. Plus a competent technologist knows that Kaspersky and BitDefender are two of the most hostile and aggressive AV solutions in the market. Remember what ex-Mozilla developer,Robert O'Callahan said about them? 

    I liken these AV products, like Kaspersky, to real life Antibiotics medicine. When people get sick, alot of people go straight for the Anti-biotics because they know it destroys the bad microorganism in the body. What some people don't know or understand is that Anti-biotics also kills all the good microorganisms in the body, as well. That's what these 3rd party AV products are like. They want to control the system, in order to protect from the bad stuff, but in effect they are also destroy the good stuff. Remember what Robert O'Callahan, the ex-Mozilla engineer said about those guys?

    I don't understand why Microsoft can't just make their baked in AV solution the best? When it comes to this, they have the homefield advantage. Why can't they just take advantage of that?


  20. nbplopes

    I think this kind of thinking has evolved for the good. The idea everything in an OS should be replaceable but the Kernel is absolutely silly. Furthermore, except for Linux no other OS worked that way, including Windows for one, for two the criteria of what should be replaceable or not is very fluid.

    Yes, as Windows become more secure, as it should always have been the case, companies like Kaspersky have grown out of Microsoft ineptitude and lack of interest to make it safe without things on top as its costs $$, their business will be threatened.

    I just don't understand how can someone be spoken adept of "open systems" and than disdain tools like Linux that works precisely that way. I usually conclude that the problem of people with this line of thought is not so much if the system is "open" or not, if its made of optional components or not (choice), but if the system works the way they think it should work. Which in turn again, the thought its quite fluid and rooted in the things people are used to, not in what it should do.

    Whats next? Make Cortana replaceable? What about the Windows Store? Shouldn't it be replaceable?

    From the point of view of what a OS should assure its users, I find that any of the examples above would make more sense to be replaceable than components the target security. I find security one of the core tenants of a modern OS. What will than protect us from tools like Kapersky, just in case they go rogue? I think the OS vendor should have total control over any of these aspects.

    • MikeGalos

      In reply to nbplopes:

      During the Microsoft anti-trust trial it got even worse than that. One of the key government witnesses insisted that EVERY component must be replaceable including kernel level components. He suggested that consumers should be free to mix and match things like process schedulers and virtual memory managers.

      • nbplopes

        In reply to MikeGalos:


        I think we cannot compare the power position that MS had back than in the consumer space and the power it has now. I'm not saying I'm in favor or against the court decision back than.

        What I'm saying is that exceptional power comes with exceptional rules. This is quite common in democracy. For instance a US President has exceptional power but with that comes exceptional rules that he needs to follow.

        As for the witness, well arguing in those terms, I would say that it is nothing but a silly act of witnessing.

    • skane2600

      In reply to nbplopes:

      In order to evaluate the historical security record of Windows one must consider the environment it was originally designed in: no networking, no Internet, and a processor that had no supervisory capability (in fact the Linux architecture as we know it would have been impossible to implement on a PC in the 80s). The dangers in that era where fewer and the capabilities for security more restricted.

      • nbplopes

        In reply to skane2600:


        Given what you have just said, I get the impression you know very little about anything outside Windows to make such an evaluation. Why don't you make a deep dive in the history of Linux. You might be surprised that it started before the Internet boom, more or less at the same time as Windows NT that as you know morphed into Windows XP, Windows 7, 8 and than 10 (with multiple SKUs at each stage). You might also be surprised that its the most used OS in the world spanning the most diverse types of devices from ones Tivo to Super Computers and private networks of hundreds of thousands of computers providing services to billions of users. Its just that Linux is not a consumer facing "brand". Further more, its component approach made more difficult to use by consumers. Cheers.

        PS: I would not advise direct Linux to the end user. I think there are better options for that purposed, of course offering a lesser level of customization. Customization alone does not empower the end user, can actually be quite distracting.

    • Jeff Jones

      In reply to nbplopes:

      I think Cortana needs to be replaceable. I would much prefer Google Assistant there.


      The store would work fine running in parallel to other stores, no need to literally replace it. I do think that extra stores should be an option. Steam is sort of like that already, it just doesn't use standard Windows apps, but there should be a way to run additional stores that have UWP apps on Windows 10 S without having to upgrade to Pro. I bet Adobe would be all over that idea.

  21. Daekar

    If they're going to sue Microsoft they need to sue Apple and Google as well.

    They're going to be crying buckets as Windows 10S rolls out. If it gains traction, they're screwed in the consumer market.

  22. Tony Barrett

    Very, very valid points, and Microsoft's actions don't surprise me in the slightest. Everything about 10 is promoting and highlighting Microsoft's services at the determent of other vendors products. Only if you pay MS to promote your application will they let it through unchallenged. The average user doesn't understand what's going on underneath the hood, and often just take the recommended settings (which is exactly what MS want). Defender is consistently the worst A/V solution, it's really just Security Essentials by another name, an A/V product that was always at the bottom in independant tests. Win10S is even worse, and doesn't even allow competing browsers to be installed, or give an option to switch away from Bing. Microsoft's lawyers are going to have to be on top form, because I can see them spending a long time in the court rooms.

    • Waethorn

      In reply to Tony Barrett:

      I think you mean "detriment".


      Whether Defender is "bad" or not, it's good for the user. It doesn't get in the way, doesn't try to hijack Windows, doesn't include features that Windows already has, doesn't block Windows Updates, and doesn't require payment. I've seen EVERY antivirus you could think of, TIMES FIVE, and none of them hold up to Malwarebytes against the security issues PEOPLE ACTUALLY GET.

  23. Waethorn

    ‘You should only run programs that come from publishers you trust’


    Simple solution: don't trust 3rd-party security suites. This one is simple: users get conned into trusting fake AV software EVERY. SINGLE. DAY.


    

  24. Waethorn

    "After removing the third-party AV, Windows 10 tricks the user into thinking it’s still installed and working."


    How about security software blocking Windows Updates and making users think it's working. This has been an ongoing complaint of mine FOR YEARS. I see systems EVERY DAY with third-party antivirus where Windows Updates shows no updates. I uninstall the AV suite, and suddenly Windows Update says there's 8 months worth of updates. I had one computer once where almost 2 WHOLE YEARS of updates were blocked by the third-party AV.

  25. Waethorn

    "Windows 10 actually removes third-party AV during an upgrade"


    GOOD!!

  26. Waethorn

    "Microsoft doesn’t provide third-party AV vendors with enough time to certify their products against new versions of Windows 10."


    Time to get on the "Software-as-a-Service" train....


    No, but seriously, Microsoft doesn't test Windows 10 builds long enough.

    • MikeGalos

      In reply to Waethorn:

      Actually, Kaspersky wants Microsoft to do LESS testing. They want updates to Windows to be held for two months without any fixes or other changes so they can write their update on unchanging code rather than iterating during the beta.

  27. Waethorn

    "He also provides evidence from independent testing labs showing that his own AV solution is vastly superior to that provided by Microsoft"


    It's not. Kaspersky still lets common hijacker toolbars and fake PC cleanup utilities (let's be honest - they're all fake) install without any warning that they're rogue software. It's nowhere close to Malwarebytes.


    

  28. emanon2121

    I say f' him. 3rd party Av software has been a bane of windows users for years. They have lost all credibility. I hope this falls on deaf EU ears.

  29. Waethorn

    "Windows 10 makes third-party AV more annoying."


    You know what's annoying? When your own uninstaller DOESN'T WORK!! That's not Windows 10's fault either.


    AV software companies know this. This is why every single semi-credible vendor produces a separate manual uninstaller utility. They WANT their AV to still run on your computer in some way.


    You know what else is annoying? Kaspersky getting fake digital certificates. The kind that let Stuxnet propagate, or that decrypt what are supposed to be protected updates to their own software.

  30. Waethorn

    Remember this about antivirus vendors:


    They went all the way to the EU to get Microsoft to defang Windows Kernel Patch Protection in Windows Vista 64-bit so that they could install their software. The same protection that prevents rootkits from borking the system at a kernel level.


    Windows Live OneCare didn't need a workaround, and worked just fine with the protection in place.

  31. polloloco51

    I think 3rd party anti-virus is irrelevant, given that Windows has become much more secure over the years! With Windows XP or Windows 7, you needed something like Avast or other. After using Windows 8 and Windows 10, with Windows Defender, I have never had any problems with malware or anything else. Windows Defender doesn't interfere with performance, or nag you to pay $50 for continued protection.


    Microsoft could easily make the argument, Windows Defender it provides, is free and provides a safer out of box experience. Users wont have to skim through all the anti-virus programs online, that could be viruses.

  32. mjw149

    I understand if you're Russia or China, you want a third party AV suite. Sure. But on a consumer level there's no real reason why Microsoft should leave this to anyone else. Ultimately MS is responsible for securing their own platform. For example, if Kaspersky locks down the firewall, malware and bad apps but MS wants to use their data collection, what can Kaspersky do? Third party AV is always a false security and a false economy. They need some plug-in for certain political situations, perhaps, but third parties should not have this kind of OS access and responsibility. It never made sense.

  33. StephenCWLL

    Hard to disagree with Kaspersky. He's largely right. Hopefully this will get Microsoft to change some of their behaviour.

  34. chrisrut

    Can't believe I'm pushing a conspiracy theory but here it is: all security companies are insecure.

    My one-time boss ran the Air Force's "penetration squads" back in the 70s, then wrote the "Orange Book" based on what was learned. We were a sort-of spinoff from the NCSC to actually write secure code. The heads of computer security for various nations stopped by our little company - I met some amazing folks. But the number one thing I learned was this: every nation on earth is fully cognizant of the importance of computer security, and have their brightest and best working on it.

    We hear the criticisms of the NSA. What you don't hear is this: time was, the best hackers in the world were our hackers. So, it came as no surprise to me that the NSA had back door tools... That's their job, folks. But guess what? There are guys just like them working for every nation in the world. Working overtime. For decades. On penetration techniques of the utmost subtlety and craft. Of course they are - I don't think I'm being alarmist - I'm kind of laughing while I write this - c'mon people, what do YOU think they're doing?

    Anyway, for this thought experiment, assume for a moment that you run one of those agencies, Where would you want to put people to work a double agenda? Right. In every security company - the ones protecting people's security. The one's whose products are allowed to touch the system at the lowest levels.

    And you TRUST these people?

    Paranoia? Maybe, but based on the guys I knew back in the day, I take this as a given. And for that reason, I want no company other than Microsoft at that level in my systems. Why? Because the DOD selected Windows 10 - and would not have done so without consulting with the modern-day equivalent of the people I worked with. And because China picked W10 - given a version that let's them provide the encryption code. These are the ultimate insiders. They really do have access to resources unavailable to the public. Second-guess them at your peril.

    To summarize: the spooks are already there. That's their job. But I trust out spooks more than their spooks.

    YMMV.

  35. MikeGalos

    It's a mix of pathetic and hilarious that Kaspersky is so incompetent that they want Microsoft to hold the release version with no changes for two months so they can spend that time writing the update for their application and still have it ship the same time as the OS.

    Perhaps they can arrange for the people doing zero day exploits to publish their hacks and not actually implement them for two months as well to make sure Kaspersky has time to do the updates for those as well.

  36. Waethorn

    Here's a good tip for avid Windows software downloaders:


    If your shiny new utility application that you just downloaded includes the Chromium browser with it, it's probably malware, and here's why:


    Chromium isn't available as a binary application. It's only available legitimately as source code, meaning someone could have (and probably did) program some kind of functionality (like spyware and keyloggers) into it before compiling it. Chromium also doesn't update like Chrome does. If it does, it's not coming from Google, so God only knows where the updates are coming from, and what they're doing. Also, any program I've seen that includes it usually has other rogue software with it.


    So if you just installed an application on your PC and you now have a blue Chromium logo like the one below, you probably have other malware on your computer.



    Note: this doesn't necessarily apply to Linux, since many legitimate repositories compile and maintain their own copies of Chromium. When in doubt, if you want the real deal that's always going to be updated properly, get it from Google instead.

  37. DaveHelps

    I'm on the fence a bit on this one. Some of the complaints seem valid to me, whilst others remind me of the music industry trying to stop Napster: clinging to a business model that has had its day.


    Regarding Windows Defender is included with Windows 10 and cannot be turned off.

    I think that including Defender is 100% the right thing to do. Sure, some of us are IT pros. But most people buying a PC will/should consider malware defence to be as much a part of an operating system as a text editor, app store, command shell or web browser (except in the EU, of course).


    Regarding Windows 10 makes third-party AV more annoying.

    It sounds like those actions are trying to run with elevated privileges. Sometimes this might be necessary (e.g. a scan & clean action), but is it always needed? In any case, this is configurable in User Account Control settings.


    Regarding Windows 10 makes it impossible for third-party AV to notify users when a subscription runs out.

    I would agree with Microsoft that these applications should integrate with Action Center rather than implementing their own notification system. But if they have built their own pop-ups, I don't see the harm in notifying the user through both mechanisms.


    Regarding Windows 10 actually removes third-party AV during an upgrade.

    This seems to me like a valid complaint. There must be a better way to do this. Maybe inform the user that they can't upgrade unless they manually opt to disable their self-selected AV solution and enable Windows Defender.


    Regarding After removing the third-party AV, Windows 10 tricks the user into thinking it’s still installed and working.

    Again, this seems to me like a valid complaint. Couldn't Windows notify the user that it had to disable their AV solution during upgrade, and maybe enforce a visit to Security Center to confirm the new configuration.


    Regarding Microsoft doesn’t provide third-party AV vendors with enough time to certify their products against new versions of Windows 10.

    Sorry, but the world has moved on. Bad guys move fast. Good guys have to move fast. Figure it out.


    Regarding "He also provides evidence from independent testing labs showing that his own AV solution is vastly superior to that provided by Microsoft. That’s easy enough to look up, and he’s correct."

    I expect that all the vendors, including Microsoft, can point to test results to show that their product is superior. Personally  I use and recommend Windows Defender.



    All that said and nits thoroughly picked, whilst there are some valid complaints here I think there needs to be a quid pro quo. AV vendors should ensure that when their software license expires, users either continue to receiver AV signature updates, or are fairly informed that instead of paying money to renew, they can do nothing and revert to using Windows Defender at no cost.


    Perhaps a good compromise would be to have different functionality for true user-selected security solutions vs. pre-installed software that was on the PC when the user bought it.


    If someone has consciously decided to install AVG, McAfee or whatever, then whilst Windows should "fail safe" it should also noisily draw the user's attention to any changes made to the configuration of that product and help them to restore it.


    But if the user just bought a PC that came with Dave's Awesome Antivirus 3000 (TM) Trial Edition, and then a week later the trial runs out and it goes dormant then I think an Action Center notification saying that Windows Defender has been enabled is perfectly acceptable.


    If I end up having to get a "Anti-Malware Choice Screen" every time I clean install Windows then I will be very sad...

  38. John Craig

    Personally I like the fact that Windows Defender is doing it's thing in the background and I don't need a third party Anti-Virus provider anymore. During my Windows XP, Vista and 7 days I tried pretty much all the mainstream AV packages...McAfee, AVG, Kaspersky...they just bog the OS down and cause more harm than good. I applaud Microsoft for taking the initiative and building a reliable AV programme into W10 that actually compliments the OS. Screw Kaspersky.

    • Waethorn

      In reply to John Craig:

      Windows Live OneCare wasn't bad on system resources either. Late in Windows Vista's lifespan, when they were working on Windows 7 and changed all the Security Centre API's, they released Security Essentials to replace OneCare. In Windows Vista, what was "Windows Defender" was just an anti-spyware application that used their Giant Anti-spyware-acquired technologies. OneCare and Security Essentials would shut it off because it had a copy of the same anti-spyware engine, along with anti-virus. I never did understand why they couldn't just plug-in anti-virus detection into the already-present Defender. In Windows 8, it was a full security package.

  39. gamersglory

    Why would i trust Kaspersky Lab owned and run by a former KGB agent

Leave a Reply