blogs.msdn.com/brianjo

Brian Johnson's Startup Developer Blog

Microsoft Acquires Anti-Spyware Leader GIANT Company

Microsoft Acquires Anti-Spyware Leader GIANT Company

  • Comments 3
Spyware is one of the bigger concerns I get questions about through the MSDN Security Developer Center. Get the details here:
Microsoft Acquires Anti-Spyware Leader GIANT Company
REDMOND, Wash. -- Dec. 16, 2004 -- Microsoft Corp. today announced that it has acquired GIANT Company Software Inc., a provider of top-rated anti-spyware and Internet security products. Microsoft will use intellectual property and technology assets from the acquisition to provide Microsoft® Windows® customers with new tools to help protect them from the threat of spyware and other deceptive software. In addition, key personnel from GIANT Company will be joining Microsoft's security efforts.
Comments
  • Which Microsoft product was it that included spyware, reporting back to Microsoft about other vendors' products that were found on customers' PCs? Was it Windows 3 or was it an MS-DOS version?

    How about the tricks Microsoft played with http redirections to grab the kind of information that people tried to disable by disabling cookies? And this even included victims who tried to see if the Knowledge Base mentioned fixes for various bugs.

    On the question of whether Microsoft really finally "gets it" with regard to security, there's lots of evidence for both yes and no answers, and it's a tough question. But there doesn't seem to be any such ambiguity on spyware. If Microsoft wants people to think that Microsoft finally "gets it" on spyware, you've got a lot more work cut out for you.
  • MS has had a solution for spyware for many years, since the original conception of NT. I have developed a configuration running in an internet café for more than 12 months without a single incident of virus os spyware invading my machines. This proved that IE withing a secured OS is not a vulnerable browser.

    This was a large departure of my first year running the cafe, where I just could not contain the virus and spyware onslought despite my vaste xperience with security, and then it hit me, the solution was simple.

    I think, without presumption, that I have created the world´s most secured monfiguration of windows xp (and Windows 2000), and it wasn´t hard to do, because it can easily be applied to the consumer and corporate market, which proves Ms has been shiping the OS with the wrong configuration. I can´t blame the company, since in the early days there was a big push for functionality, not on security.

    I think that you must know by now, that the efficacy of antivirus or anti-spyware software is a fallacy, even with programs such as spynet.

    You simply can´t produce protective code fast enough to resolve the outbrakes, AFTER they have taken place.

    The acquisition of Giant will be resolve some problems, but the concept has the same inherent limitations of antivirus software, with their post-mortem contention architecture.

    Brian, I´de be willing to demonstrate my systems to any security consultants, including yourself, down here in Brazil, where I now live, but I just don´t know how to get the attention of anyone with significant interest to come and review what I have done.

    If you know of anyone, who could arrange for a review, please write me here: lapuntica@yahoo.com.

    I just don´t publish what I have done openly now because essentially I realized that this resolves an industry-wide issue, and it´s not something I just want to write up, I first would like to see some close scrutiny, then explain it.

    In a humble way, I´d say that if MS is willing to embed pre-emptive security in Longhorne, someone better schedule a visit to review my systems.

    Regards,

    DB
  • -Don't go online as an Administrator (unless absolutely necessary i.e. to install security updates)
    -Don't use Outlook Express (Sorry but just don't, it's full of security holes)
    -If you use Internet Explorer, use PrivBar (http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/195350.aspx) so that you don't accidentally run with elevated rights
    -Think of using Mozilla Firefox (It's much less vulnerable to spyware and viruses)
    -Get, update, and use a good firewall, virus scanner, and spyware scanner

    But by far the most important of these is not to go online as an Administrator. It's just a bad idea.
Page 1 of 1 (3 items)