Hi bob3160,
If you are in support of certain schemes, you can also become a victim of certain schemes. If you support a system that there is “no tinkering allowed with”, and you still want the right to “tinker with it”, you cannot have it “two ways”. Furthermore the system of “corporational monopolism” does not equal “free trade and free culture”, MacAfee should have realised that before. What is on 90% of computers is stronger.
By the way I think PatchGuard is only safe for one year for the “high end circumventors”.
polonus
Sophos: Microsoft Doesn’t Need to Open Up PatchGuard
"Two of our largest competitors, McAfee and Symantec - which clearly have anti-virus products that compare to Sophos - have publicly complained that being locked out of the Vista kernel somehow prevents them from being able to innovate," O'Brien noted.“I would say that the opposite is really true: that by not focusing on having Microsoft provide us with the means to access the kernel, and in fact using the APIs that have [already] been provided by Microsoft, we are not experiencing any problems with PatchGuard for our latest HIPS technology, Sophos Anti-Virus, or any of the other aspects of our security offering for either 32-bit or 64-bit versions of Windows Vista.”
As O'Brien explained, his company's "behavioral genotyping" -- while it might sound like the worst techno-babble from straight out of Star Trek -- does not need to hook into the API calls. Instead, it evaluates code before it is executed, and if the code "matches the genotype," then it never gets executed. His comments are consistent with those he made last month to BetaNews, when Symantec first raised objections before the European Commission about Microsoft's planned deployment of PatchGuard.
http://www.betanews.com/article/Sophos_Microsoft_Doesnt_Need_to_Open_Up_PatchGuard/1161379239
In the comments section, klavc makes an interesting point:
The above technology represented by Sophos (Behavioral Genotype) has actually nothing to do wit the standard HIPS technologies that McAfee and Symantec are fighting for. From the description on the Sophos page it is clear that this Sophos technology is actually what is more known today as advance heuristics (heuristics in virtual environment, sandbox, emulation,...). Indeed it might use some "intelligence" from HIPS like systems but in reality this simple can not be compared to standard HIPS. It is more in the league of NOD32 ThreatSense, bitdefender B-HAVE, F-prot 4 !Maximus, Norman Sandbox,...I am not saying that this technology from Sophos is bad or good (from its abilities to protect from unknown malware), I simple would like to say that IMO this comments from Sophos are totally on the wrong place and have nothing to do with this issue. Symantec and McAfee also have their heuristics and signature based detection technologies that work just fine in Vista 64.
FWF,
I actually found the last statement the most interesting:
"It is somewhat counter-intuitive for me to be critical of a competitor," he continued. "However, in this particular instance, I would encourage enterprise-level customers to ask whether or not their security vendor is prepared to offer a security solution that is compatible with Windows Vista 64-bit. And if the answer is no, then I, as a customer, would ask why. And if the reason is because, 'We haven't worked with Microsoft in order to achieve that goal,' then my next question would be, 'Why not?"'The complaints by Symantec and McAfee almost remind me of AOL's complaints about MS during the anti-trust hearings. Complain , complain, maybe it will make people overlook their faults. ???