It started with this reorganization announcement, as reported at Microsoft Watch, by Peter Galli in "Microsoft Gets a New Security Group ",
"Microsoft is bringing its security, Trustworthy Computing and Engineering Excellence teams together in one group, known as the Trustworthy Computing Team."
That
was yesterday. Today it was reported that Ben Fathi, who had replaced
Mike Nash, will be heading up development of the core components of the
Windows operating system. The security unit that he had been runnig
will be absorbed into the new Trustworthy Computing Team, reported
above. Scot Charney will head up the Trustworthy Computing Team. (See "Microsoft Security Czar Fathi to Focus on Windows OS" for the complete story.)Follow that reorganization with this announcement about Windows Vista at c|net, "Microsoft changes Vista over antitrust concerns":
"Microsoft
had planned to lock down its Vista kernel in 64-bit systems, but will
now allow other security developers to have access to the kernel via an
API extension, Smith said. Additionally, Microsoft will make it possible
for security companies to disable certain parts of the Windows Security
Center when a third-party security console is installed, the company
said.
The lock-down was one of the major security features we have been hearing about for some time. Particularly, after reading "McAfee and Symantec get vocal about Vista - but do they *really* have our best interests at heart"
co-authored by Microsoft MVPs Sandi and Walter Clayton, I am concerned
about what certainly appears on the surface as caving in. As Sandi
wrote:
"The
bad guys are getting past McAfee and Symantec and others, and if the
“Big Two” were *truly* concerned with user security, they would not be
fighting this change, which is going to make such a big difference in
the malware fight by stopping the bad guys *before* they can do some of
their most damaging and difficult to remove tricks. They’d
be working on changing their code to work with what is going to be a
quantum leap forward in security improvement for users.
Prevention is better than cure. Signature
based scanning, heuristics and adding detection for new malware *after*
it has already been released and has started infecting machines around
the world, isn’t working. I
need help to stop the bad guys from getting their tendrils so deep into
the OS that it is getting more and more difficult to remove.
It is getting to the stage where reformatting is sometimes the only
option for systems infected with the worst malware, even with McAfee,
Symantec or other security vendor's products installed, and that is
simply not good enough."
Consider this quote in Sandi and Walter's article by Jesper Johansson:
"In
a sense, [McAfee and Symantec] have built their business on protecting
users of Windows from Microsoft, and Microsoft healing the patient cuts
into their business doing the same. As Microsoft's Security Chief Ben
Fathi said, the security vendors want Microsoft to "keep the patient
sick," and by extension, keep customers at risk, so that the security
vendors can keep charging for the healing."
But Ben Fathi is no longer Microsoft's Security Chief. Seems like the security vendors will continue charging for the healing.
" 
