Following rival Symantec's lead, McAfee complained that by locking access to the Vista kernel, Microsoft was also blocking security vendors' access to the operating system core.
McAfee joined rival Symantec by taking its beef with Microsoft over Windows Vista public on Monday, saying that the new operating system's approach to security will pose "unnecessary risks to the consumer."
In a full-page ad in the day's Financial Times, and in an interview Monday afternoon, McAfee said that by locking access to the kernel in Vista, Microsoft was also locking out critical access by security vendors to the core of the operating system.
"It's the first domino," said John Viega, vice president and chief security architect for McAfee, of the significance of PatchGuard, a technology to be included only with the 64-bit version of Vista. PatchGuard is meant to stop both malicious code and third-party software from making changes at the kernel level, and has been touted by Microsoft as a defense against such malware technologies as rootkits.
"They've leveraged their access [to the kernel] to give themselves an unfair advantage," said Viega. "That will leave users less secure."
In the 32-bit Windows XP, security vendors like McAfee and Symantec have been able to patch to the kernel in order to implement intrusion prevention technologies that, among other things, sniff out malware by its behavior rather than match a "fingerprint" against an already-issued signature. The 64-bit version of Windows XP also uses PatchGuard, but that OS has made virtually no headway in the market.
"We were able to offer our protection to the consumer by accessing the kernel," said Viega. "But Microsoft's locking vendors out. When the first security vulnerability [hits], what's going to happen?"
"Microsoft seems to envision a world in which one giant company not only controls the systems that drive most computers around the world but also the security that protects those computers from viruses and other online threats," the ad which ran in the Financial Times said. "Only one approach protecting us all: when it fails, it fails for 97% of the world's desktops."
Microsoft has repeatedly said that its own products -- security software included -- must also abide by the PatchGuard restrictions. Viega didn't think Microsoft would be able to resist the temptation. "I don't believe them," he said when asked about Microsoft's promises to steer clear of the kernel. "They're locking out the good guys."
McAfee doesn't like the fact that users of its products may face two competing dashboards -- Vista's and its own -- and says Microsoft must bend. "Usability is absolutely critical to a good security experience," Viego said. "In many cases, [Vista's Security Center] will go from 'you are protected' before installing McAfee to 'we're not sure you're protected' after it's installed."
Most recently, Kroes accused the American developer of running a "coordinated campaign" to discredit her. New reports in the Financial Times today listed encryption and handwriting recognition capabilities as two new Vista features that Kroes' commission is investigating.
"Microsoft is embracing flawed logic," concluded Viega. "It's undermining freedom of choice by inventing a single user interface [for security. It needs to let the customer choose their security provider."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.