Hunter Strategies LLC logo

Microsoft News Tracker

What's more interesting than observing Microsoft?

October 20, 2006

Vista Security API dispute turns nasty

Posted by David Hunter at 9:49 AM ET.

It was easy enough for Microsoft to promise the EU that they would provide Vista security APIs to competing security software vendors, but delivering on that promise has turned into a real melee.

Microsoft did deliver some Security Center documentation on Monday, but was stung by complaints from McAfee and Symantec that it was inadequate and had scheduled a conference call yesterday to clarify matters. Unfortunately, the call did not go smoothly:

This meeting was under NDA, so what was actually discussed I can’t say. 

However, the not-secret part of it was that someone at Microsoft accidentally sent out the LiveMeeting presentation invites as “presenter”, which if you’ve ever used LiveMeeting, is an invitation to chaos.  Realizing their error, the meeting was rescheduled for 30 minutes later, and that didn’t all come together, because the meeting had been originally setup to end at 12:30, so we were promptly all kicked off.  Finally at 12:45 EDT the meeting went as planned.  Those who missed this meeting will have the ability to view another later today.

While I have my disagreements with Microsoft on the PatchGuard issue, I must defend them in this instance. It was a case of a few honest mistakes made by well-intentioned people, probably working under a tremendous amount of stress. No big deal people.

OK, but then Microsoft clarified the purpose of the meeting which they felt was “Microsoft’s intention to invite nearly 150 security products vendors to join it in the development of an open security services API for Windows,” and emphasized the fact that:

Such an API would not open up PatchGuard, the kernel protection system the company currently plans for Windows Vista, the spokesperson pointed out emphatically several times during our discussion, nor does Microsoft have any plans to ever open up PatchGuard.

“Microsoft continues to believe the kernel must be protected from unauthorized access,” BetaNews was told. To that end, the company proposes “a process for developing methods for software that works alongside PatchGuard.”

Such a process, if initiated, could take several months, by Microsoft estimates, with the goal being to produce the results of this initiative in time for the release of Vista Service Pack 1. Though the spokesperson used the phrase “the SP1 timeframe” to refer to the release of these services, Microsoft declined to attach a time to that timeframe.

This was all too much for McAfee which blasted Microsoft:

“Despite pledges, press conferences and speeches by Microsoft, the community of independent security companies that consumers rely on for computer protection has seen little indication that Microsoft intends to live up to the promises it made last week,” McAfee attorney Christopher Thomas said in a statement.

“We have been greatly disappointed by the lack of action by the company so far and Microsoft has not lived up, either in detail or in spirit, to the hollow assurances offered by its top management last week.”

and, of course, Microsoft returned the compliment:

It’s unfortunate that McAfee’s lawyers are making these kinds of inaccurate and inflammatory statements,” said Ben Fathi, corporate vice president of Microsoft’s security technology unit.

He said Microsoft was being even-handed in developing the needed software, which would happen “in the months ahead”.

It doesn’t take an international antitrust lawyer to see the problem here, just someone with a recollection of recent events:

In the past, the Commission has expressed concerns about delays by Microsoft in providing information to other companies because during that time, those firms have lost market share and eventually been sidetracked.

Then there’s the whopping supplemental fine that the European Commission slapped on Microsoft for the sluggish delay in delivering interoperability information the last time around. Why does Microsoft persist in playing the same old tune? Do they think the regulatory reaction is going to be any better this time? If they really like waving a red flag at Neelie Kroes, they shouldn’t be surprised when she shows up snorting and pawing the ground.

Update: In fairness to Microsoft, they do contend that they have provided extensive Security Center API info on and since Monday.

Filed under Antitrust, Coopetition, General Business, Governmental Relations, Legal, McAfee, Microsoft, OS - Client, Symantec, Windows Vista

Related posts:


2 Responses to “Vista Security API dispute turns nasty”

  1. toast Says:

    Microsoft has always been hammered for its lack of security and we, the consumers, have had to rely on third parties. Unfortunately many of those third parties made software that caused us as much grief as they attempted to solve.

    Now, when Microsoft implements security measures in the places where they count most, these third parties would Microsoft compromise the whole system.

    I don’t hear any moaning from the other 147 security vendors – just from the two worst vendors in the security industry.

  2. Microsoft releases first PatchGuard API draft -- Microsoft News Tracker Says:

    [...] One of the Windows Vista concessions that Microsoft promised the European Union antitrust regulators in October was that they would provide kernel level APIs for third party security software vendors to work with the PatchGuard kernel protection code in 64-bit versions of the operating system. The timeline for creating and delivering those APIs kicked up quite a ruckus, but today Microsoft released a draft and reiterated the promised availability by the time Vista Service Pack 1 ships: Microsoft Corp. today released draft application programming interfaces designed to allow third-party security products to get around a contentious kernel protection technology in the Vista operating system called PatchGuard. [...]

News Search:

Recent Posts:

Daily Digest Email:

Enter your Email

Powered by FeedBlitz


Full category list


Archive List

RSS Feed:

HunterStrat Links:


  • Powered by WordPress.