Microsoft will be offering a free anti-malware suite codenamed “Morro”, from the second half of 2009, according to a press release:
This streamlined solution will … provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs.
It’s a good move. Here’s why:
- The current situation is calamitous. Even users with fully paid-up anti-virus solutions installed get infected, as I recently saw for myself. PC security is ineffective.
- The practice of shipping PCs with pre-installed anti-virus that has a trial subscription is counter-productive. There will always be a proportion of users who take the free trial and do not renew, ending up with out-of-date security software. A free solution is better – several are available now – if only because it does not expire.
- Microsoft wants to compete more effectively with Apple. It is addressing an extra cost faced by PC users, as well as (possibly) the poor user experience inherent in pre-installed anti-virus trialware.
- The performance issue is also important. Anti-malware software is a significant performance drag. Microsoft is the vendor best placed to implement anti-malware that minimizes the drag on the system.
- Only specialist companies have the necessary expertise. I don’t believe this; Microsoft’s investment in security is genuine.
- Single-supplier security gives malware a fixed target, easier to bypass. There’s some merit to this argument; but it is weakened by the fact that the current multi-vendor scenario is clearly failing. Further, the Mac is a fixed target that does not appear to be easy to bypass.
All of this is hot air compared to the real challenge, which is securing the operating system. Vista is progress, Windows 7 not much different according to my first impressions.
Why not just use another operating system? There’s a good case for it; ironically the theory that a large factor in Windows insecurity is its dominance can/will only be properly tested when an alternative OS is equally or more popular. If people continue switching to Macs perhaps it will happen some day. Windows is still hampered by its legacy, though my impression is that Vista’s UAC is having its intended effect: fewer applications now write to system areas in Windows, bringing us closer to the day when security can be tightened further.
What about business systems? This is one area that needs clarification. Microsoft says Morro is only for consumers. Why should businesses have to pay for a feature that consumers get for free? On the other hand, some equivalent initiative may be planned for business users.