That’s It. I’ve Had Enough!

Hi Folks!

Meet David, the magnificent masterpiece sculpted by Michelangelo at the start of the 16th century. A photo of his face with that curious furrowed brow featured on our very first anti-cyber-vermin security product at the beginning of the 1990s. Some thought the pic was of me! I still don’t see why; I mean, have you EVER seen my face clean-shaven… and as white as a sheet? )

 5868830789_df6e1b84a2_o

The choice of David for the retail box was far from random: we found we were kindred spirits – both very much underdogs. KL was a small young company from nowhere throwing down the gauntlet to global cyber-malice in an established international security market; David was the small young guy throwing down the gauntlet to the giant Goliath.

Throughout the years the boxes have changed, but one thing that hasn’t is our… Davidness.

Fate threw plenty of obstacles in our path that could have easily seen us off, but we persevered, hurdled those obstacles – often alone – and became stronger.

To everyone’s amazement we gave users the best protection in the world and became one of the leaders in the global market. We took it on ourselves to fight patent trolls practically alone, and are still successfully fighting them. (Most others prefer to feed them instead.) And despite the rise in parasites and BS-products, we continue to increase investment in true cybersecurity technologies (including true machine learning) for the protection of users from the cyberthreat avant-garde.

Thus, with just a ‘sling and stones’ we slowly but surely keep on killing Goliath ‘saving the world’: regardless of the geopolitical situation, and from any sort of cyberattacks – regardless of their origin or purpose.

And now, fate has brought us a new challenge. And not only us: this is also a challenge for all computer users and the entire ecosystem of independent developers for Windows.

David vs. Goliath, ver. 2016

Those of us who’ve been in this industry decades know that Microsoft was once a security leader, as it made a concerted effort not to ship products with known vulnerabilities and started proactively working with the security researcher community early on.

Microsoft elegantly seizes niche markets by squeezing out independent developers and offering users its own products, which are in no way better

I respected them for these efforts and its initiative; however, some of their recent efforts have left me both very disappointed and dismayed.

Several years ago Microsoft decided to overhaul the Windows platform. Ostensibly this was in the name of better ease of usage, security, performance and so on. Behind the scenes what Microsoft was up to was elegantly seizing niche markets: squeezing independent developers out of them, taking their place, and offering users their own products, which in many cases were in no way better.

The founder of Epic Games, Tim Sweeney, accurately described this process:

“If you throw a frog in boiling water, he’ll just hop out. But if you put him in warm water and you slowly ramp up the temperature, he will not notice and he’ll be boiled. But a lot of frogs in the industry have already been boiled.”

But it’s not just computer games that are being boiled, other developers are too. There’s a new wave of browser wars and fights in other markets; however, this time it’s a large-scale war among competitors with the use of high-caliber monopolistic weapons to destroy the competition. And alas, who’s sure to suffer from this shake-up will be Windows users, who may have to go without better quality products and freedom of choice.

SourceSource

Users of Windows 10 have been complaining that the system is changing settings, uninstalling user-installed apps, and replacing them with standard Microsoft ones.

sourceSource

A similar thing’s been happening with security products.

When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all ‘incompatible’ security software and in its place installs… you guessed it – its own Defender antivirus. But what did it expect when independent developers were given all of one week before the release of the new version of the OS to make their software compatible? Even if software did manage to be compatible according to the initial check before the upgrade, weird things tended to happen and Defender would still take over.

image001

It gets worse…

Even if users have compatible protection from an independent developer already installed, Defender appears with an alarming window. It fairly shouts that Defender is switched off, because you’ve some other AV installed. There’s a big juicy Defender ‘Turn on’ button too. Of course, many users will be inclined to press this button: ‘well, it’s from Microsoft – the people who make the OS; must be good; no harm in turning it on for sure’.

In fact, pressing the big juicy button will also deactivate your existing AV. But a user only gets to find this out from a tiny text in a pop-up window (and you need to know how to get that window to pop-up):

defender_warning_eng

No, wait; there’s more.

Microsoft has even limited the possibility of independent developers to warn users about their licenses expiring in the first three days after expiration. Actually, a warning is there, but it’s buried in a Windows Security Center notification, which hardly ever gets read.

So what’s the big deal about three days? It’s a big deal because this is the crucial period during which a significant number of users seek extensions of their security software licenses. And if a user forgets to renew a license, then Microsoft deactivates the existing AV, and turns on Defender.

Hold on; it doesn’t stop there!

Microsoft has introduced a limit on the number of antiviruses you can have on a PC: one (or two – if one of them is Defender; see below). At first glance this looks like sense: all for a more comfortable user experience. But the devil’s in the details…

Let’s say you’ve an independent AV. You intentionally – or not (e.g., with bundled software) – install a trial version of a different AV, but forget to delete it or purchase a license for it. When the trial period is up, Windows quietly turns off both AVs, and – you guessed it – turns on Defender! So, it’s out with two non-Microsoft products, and in with one Microsoft product, in no way whatsoever for a more comfortable – or safer – user experience.

No, really; there is more!…

All animals are equal, but some animals are more equal than others‘.

I quote Orwell as… get a load o’ dis:

Microsoft violates its own rule regarding only being able to have one AV on a system. The rule doesn’t apply to Defender: despite the presence of an independent AV, Windows will occasionally turn on its AV scanner. It demonstrates the results of its blustery activity, again egging the user on to ditch the other AV and stick with Defender.

Defender is far from the best protection you can get. In fact – just the opposite

The following question could arise at this point: ‘Well, if its protection is better and the user has a better experience with their software, seems fair enough: move over other AV’.

Thing is, Defender is far from the best protection you can get. In fact – just the opposite.

According to independent test labs, Defender gives by far not the best experience, but a below average one in the market. Not to mention the fact that it noticeably lags behind on the functionality front: it doesn’t have: parental control, built-in VPN, webcam protection, password manager, backups, exploit protection, protection for online banking and online shopping,  proactive protection against future threats and dozens scores hundreds of other features which are all useful in providing maximum protection and a better user experience.

The trend is clear: Microsoft is gradually squeezing independent developers out of the Windows ecosystem if it has its own application for this or that purpose.

In doing so, Microsoft is acting against the interests of users since a lot of its products are of inferior quality. Browsers, gaming hubs, image viewing, processing of multimedia files and PDF documents, cybersecurity and many others are already suffering from this and, as a consequence, so are users. And it looks like this is only the beginning. What’ll be next in the firing line? Virtual machines? Cloud services?

If you still have doubts – check this out, from 58.30:

In case you missed it:

“I want you to think about kicking out the third party antivirus because we’ve got a great solution right now and it’s going to be even better in the months to come.”

… as they say – from the horse’s mouth.

Rewind…

So, like, how many times has Microsoft tried to come up with its own antivirus? At the last count, four: MSAV, OneCare, Security Essentials, ForeFront. They’ve used up sooo much time and money on such projects – but not one of them got off the ground. But sooner or later Microsoft’s investors will ask: ‘where’s all the money gone?’ So Microsoft, in its desperation, decides it needs to get to the top of AV-Everest – AVerest – by any means necessary, including with alarming pop-up windows. In doing so, users get protection markedly below the industry standard. Great job, Microsoft.

SourceSource

SourceSource

But anyway, that’s all just background really – hors d’oeuvres.

Here’s the main course:

We think that Microsoft has been using its dominating position in the market of operating systems to create competitive advantages for its own product. The company is foisting its Defender on the user, which isn’t beneficial from the point of view of protection of a computer against cyberattacks. The company is also creating obstacles for companies to access the market, and infringes upon the interests of independent developers of security products.

Therefore:

We’ve taken the decision to address official bodies in various countries (including the EU and Russia) with a request to oblige Microsoft to cease its violation of anti-competition legislation and to remove the consequences of that violation.

Specifically:

To oblige Microsoft (i) to provide new versions and updates of Windows to independent developers in good time so they can maintain compatibility of their software to Windows; (ii) explicitly inform the user of the presence of incompatible software before upgrading Windows and recommend the user to install a compatible version of the software after the upgrade; (iii) always explicitly ask the user for his/her approval to enable Windows Defender.

The harmful consequences of greed.

Who would be most pleased of all to see a monopolization of the cybersecurity market?

Of course, the cybercriminals!

Cybercriminals would be most pleased of all to see Microsoft Defender’s domination on the cybersecurity market

No need to deal with dozens of different developers’ security solutions – cyber-criminals would concentrate on getting around the defenses of just Defender! What’s more, with every new extra share of the market Microsoft would find it more and more difficult to deal with cybercriminals. Diversity of an open ecosystem is an essential condition of its security. Competition gives rise to new ideas; technologies get polished, infrastructure gets developed, and all-round security gets raised. And all that with minimal costs for Microsoft itself.

A dominating antivirus is a security threat in and of itself.

Shooting yourself in the foot.

Actually, Microsoft’s actions aren’t only making things worse for users and killing off the whole ecosystem of independent developers; they’re also undermining users’ trust in Microsoft: creating an illusion of security while destroying the main competitive advantage of its platform – openness and democracy.

The company’s intentions are easy to work out: (i) to try and get everyone to head over to the Windows Store; (ii) to levy an additional tax on independent developers; (iii) to strictly control who can do what; (iv) to suppress the competition with standardization and regulation; and (v) to further gradually take over the whole ecosystem – all to provide stable growth of profits. Put another way – to have a totalitarian/police-state platform in which there’s no place for independent developers or freedom of choice for users.

As a result, more and more users will finally have enough of Windows and jump ship – to other platforms like Mac, Linux, Chrome OS and others.

Closing words.

The world is changing fast all the time, and every day that change gets faster – and a lot more unpredictable. Will we be able to aim that change in the right direction – so that the world really does get better?

Conventional wisdom says ‘you can’t fight a war singlehandedly’. However, parts of my life’s work prove otherwise, and while it’s not the popular choice, sometimes you have take action to stand up for what’s right. Moreover, I think that that conventional wisdom is actually just a justification for inaction. Inaction that could lead to a catastrophe.

Independent software developers for Windows need to unite and all fight together

Despite Microsoft slowly killing off the independent security industry, so far, we’re the only ones who have bitten the bullet and decided to say something about this publicly. There are dozens of other very unhappy companies in the industry but, alas, they’ve only expressed their dissatisfaction in informal groups, where a lot of correct things have been said, but nothing of significance actually done.

However, it’s not just in our industry – cybersecurity – where something needs to be done to stop the law being broken in the interests of users. Something needs to be done by all independent software developers for the Windows Platform: we need to form a united front and all fight together.

Users have the right to choose the best; freedom of choice enables the development of competition; and competition leads to technical progress. We intend to fight for such freedom, even if we have to do so alone.

I do hope we and Microsoft can return to fighting cybercriminals together – instead of fighting with each other

See, we’re still David at heart.

With all that I’ve said here, I want you to know I still have hope. I hope we can find a resolution to this issue. I hope that we can work together with Microsoft not only for the benefit of the independent development community, but also – and more importantly – for those who trust us to protect them in the evolving threat landscape. Our companies need to be fighting cybercriminals together instead of fighting each other, and I have hope that this is still possible.

Microsoft kills off independent software vendors by foisting its products on users that are in no way betterTweet
READ COMMENTS 30
Comments 30 Leave a note

Jerry Mead

A deliberate policy from Microsoft, or simply stupidity that – I believe – mostly derives from the lack of commercial sophistication that has been long-evident amongst many of their decision-makers?

In either case, what you are doing (as described here) is necessary and should make a difference. Thank you.

10
Reply to conversation

John in Montreal

Hello Mr Kaspersky. Thank You for “telling it like it is”. It is unfortunate, that for the masses that use computers as work tools or entertainment platforms; that they have absolutely no clue as to what this “new Microsoft” is all about and will blindly put their faith and trust in them.

I too, am sick of corporations taking over everything and shoving their plans down our throats. Such is the world we live in today. Luckily there are those of us that can defend ourselves against this onslaught, and there are power players such as yourself that can make a difference and are not afraid to fight for what is right.

All I can do is support your efforts and educate end users. So I’ll keep doing that and I’ll keep using your great security products.

15
Reply to conversation

Muthu Kumar

While I would agree with you that Microsoft might be pushing competitors out of the ecosystem, I’d argue against you when you say its experience is sub par. Yes, Defender doesn’t have “parental control, built-in VPN, webcam protection, password manager, backups, exploit protection, protection for online banking and online shopping” because all that is not anti virus. It’s part of protection, I understand and that’s what makes Kaspersky so good, but I do not think Defender is not for that purpose. It works for someone like me who just needs an anti virus program. For around 3-4 years now I’ve been using Defender on multiple devices and didn’t have any problem using it.
I don’t want to start a war here, I merely wanted to present another side to the argument. :)

26
Reply to conversation

Steve

Sounds like someone is a little upset Microsoft is finally taking security seriously and wants to provide an end-to-end solution. That is what most people want. Nobody ever wanted to buy your security software, in the past they had to because Microsoft neglected security. Integrated security software is for the greater good of everyone and the health of the Internet. If you can make security software that is better than what Msft offers then I’m sure your checkbook has nothing to worry about. But the days of buying a PC, and then having to buy a bunch of other crap to protect it are finally over.

22
Reply to conversation

Will

Wow, what a phenomenal festival of misses! There’s nothing wrong with MS “taking security seriously.” In fact, it’s a great thing that MS wants to up its game, stimulate competition. That kind of thing helps create better products, and in turn users benefit. But it’s hardly called a competition when MS owns the field and controls the scoreboards.

6
Reply to conversation

Bob

What Microsoft is doing is not even close to taking security seriously. It’s exactly the opposite: disabling a powerful anti-malware solution to install a piece of crap that can’t detect anything more sophisticated than the malware of the 2008s is unsafe and unfair.

This is a behavior that is rapidly spreading across businesses and industries. Just like Apple can disable your third-party charging cable because it is harmful to their royalties, so can Microsoft arbitrarily disable – or at least – put roadblocks for software developers and coerce its Windows 10 customers into using their own offerings or delivery channels. And anti-malware is just the beginning. Soon, when Windows 10 is deployed to a significant chunk of the interwebz, MS could enforce anything on you. If you’re developer, you vanish. If you’re a user, you have to put up with their shit or go play somewhere else. You’ll have to get the word processing tools they make, you’ll have to get them the private information they ask for (surfing habits, what you’re typing in and so on) and you’ll have to also thank them for their gratefullness. That is not the kind of future to look forward to.

5
Reply to conversation

Diane C

Because I have Windows 10 Pro, I am able to turn Windows Defender off. I have used Kaspersky for several years now and have no plans to ever change. If I check Windows Defender using the Control Panel it is red and completely off.

On another note, I just had to buy a new computer because Windows 10 killed my old one. I forgot that the new one (Dell XPS 8910) had McAfee on it. Dumb! Fortunately Kasperksy removed it for me and it was smooth as silk. Thank you for all you do.

4
Reply to conversation

Joe

Thanks for the article. I agree with a large part of it but I do not agree with some of the things that you mentioned. One of the differences we have is that I believe Microsoft does give developers sufficient time to test their product for compatibility issues before it is released. It’s called the Windows Insider Program. A second difference that we have, lies in the fact that you say Windows Defender does not work as well as it ought or that it is not as efficient. This simply is not true. With the brand new Anniversary Update, Windows Defender now sports a cloud defense system which has its definitions updated daily. Personally I would rather use Defender because it is integrated in everything I use on Windows 10. Also it takes up less space than most other AV programs do. Other than that, I highly enjoyed your article and wish you all the best.
Joe
CEO Techman Innovations

15
Reply to conversation

Jonathan B.

Many vendors participate in the Windows Insider Program and receive some preliminary builds. Every version contains changes which force developers to revise their solutions according to the upgrades, again and again. Compound multi-layered security solutions require testing for every change made in the OS to ensure user safety is not compromised. The RTM build, which developers only receive several days before it goes public, also contains changes, which require them to start the whole process again from the scratch. Unlike independent vendors, Microsoft has the opportunity to check Windows Defender on the final version of the OS before sharing it with other vendors.

4
Reply to conversation

John

What would Microsoft gain by this?
Microsoft does not “sell” Windows Defender.

14
Reply to conversation

Adrien

By locking out 3rd party AV programs, it will be that much harder to expose the spyware nature of the OS itself that has been widely complained about. Defender will more than likely ‘ignore’ any security threats posed by the OS communicating hundreds of times each day with M$ servers. And that’s just the issue now. There’s no limit to the spying ability once Defender is the only guard at the gates. Of course, most of that spying will be for monetary reasons dealing with usage and profiling. But it won’t be long after till governments decide to get really thirsty and demand a pint.

1
Reply to conversation

Ryan Spooner

Sorry, but I don’t think you have a point at all. Firstly, Microsoft has the right to introduce whatever security measures it sees fit to defend it’s own operating system from attack. The fact that historically this has been left to third parties is irrelevant.

Also, as others have said. the comment about not having time to make their solution compatible is nonsense. Windows 10 is in open beta for months before each release. You could quite easily have a beta product of your own that mirrored this timeline, then when each build goes from beta to final, your product is ready immediately having been tested all along the process.

Regarding “Make Windows Defender an explicit opt-in. …/… Especially since he claims that Defender is vastly inferior to third-party solutions.”…. Absolutely not. Windows defender may be inferior to other third party solutions, but it’s vastly superior to having nothing at all. As I mentioned above, Microsoft has the right to defend their own operating system from attack, that fact that it’s a relatively poor defense is also irrelevant.

Lastly in regards to the comment that Defender is the only product allowed to run alongside other AV products. There’s a simple reason for that. It’s the only product DESIGNED TO. It’s designed to be lightweight, and to supplement a third party solution if the user chooses to run one. If you try to run Norton and McAfee, say, alongside each other on the same machine, you’d end up with a smoking mess (not literally, obviously).

18
Reply to conversation

Diane C

I’ve been around for a while since 1964. I’ve seen a lot but Microsoft seems to have forgotten who made them such a huge success – and I’ve told them so. Over the course of time, I’ve used just about every antivirus program out there. Now I use Kasperksy and do not plan ever to make a change. Not too long ago, a serious flaw was discovered in Kaspersky and some other antivirus programs. Most took their time to deal with it. Kaspersky fixed it within 48 hours. Windows 10 killed my previous computer a couple of weeks ago – messing with the drivers again. The new one came with another antivirus on it but I forgot (exhausted from the computer problems) and started to install Kaspersky which could have cause a major mess. Instead, Kaspersky picked up on it immediately and removed it for me. Thank you for being there for your customers. Some of us really do appreciate it.

4
Reply to conversation

Val

Could Kaspersky maybe build their own mainstream OS? Linux-based, I guess?
I know it sounds a bit wild, but I’m genuinely curious about such possibility.

4
Reply to conversation

sergey

I think everything is possible. Let’s wait for some time.

0
Reply to conversation

Jason

Anyone can create their own Linux distro. However since it won’t be a mainstream OS with any great level of market penetration it would be an entirely pointless exercise.

If you want to use Linux then just use any existing distro, and then perhaps you won’t even feel the need to purchase and install the Kaspersky version for that OS.

0
Reply to conversation

PRMan

Yep, they just came out with it this week.

0
Reply to conversation

Denis

Hi Muthu,

thanks for the comment. Fair enough to present Defender as a basic security measure. However, the point with Microsoft is that it squeezes out the competition including products that are as basic in features as Defender. Security companies normally provide a range of products (free and paid) with a varying range of feature to address various customer needs.

0
Reply to conversation

Denis

Hi Steve,

I believe you missed many points clearly addresses in the post. MS has been taking security seriously for many years. What they’re doing now is replacing competitive products by misusing their dominant position on the market. What is even more disappointing they’re replacing competitive products with a software, which is no way better in terms of functionality and power of protection

1
Reply to conversation

Denis

Hi Joe,

The builds they distribute to the members of Windows Insider Program differ from EEAP builds. Compatibility to either of the builds doesn’t guarantee compatibility to RTM version. An ISV can only rely on RTM and RTMs are provided a week before the release.

As to the tight integration of Defender to Windows 10 I’d argue that this is a better choice than a third-party product. Defender is a very basic software that doesn’t use many advanced technologies against sophisticated cyber attacks.

0
Reply to conversation

Denis

Hi John,

Doesn’t this looks like a perfect strategy to make people first try then sell? Remember the other AV products from MS that were available for purchase as a fully commercial product? I have no doubt MS sooner or later to release a paid version of Defender.

1
Reply to conversation

Denis

Hi Ryan,

> Microsoft has the right to introduce whatever security measures it sees fit to defend it’s own operating system from attack

No objections. And the security industry always welcome MS to make the platform more secure. The point is they’re using their dominant position to replace competitive products with own software. Is it different from what they did with Internet Explorer and Windows Media Player in the past? No, it isn’t.

> Windows defender may be inferior to other third party solutions, but it’s vastly superior to having nothing at all.

Again, the point is not against Defender protecting a n unprotected system but squeezing out the competition. Instead asking a user if he/she wants to continue his/her subscription to third-party product MS pushes their Defender, which is not afair play.

> It’s designed to be lightweight, and to supplement a third party solution if the user chooses to run one. If you try to run Norton and McAfee, say, alongside each other on the same machine, you’d end up with a smoking mess (not literally, obviously).

I respectfully diagree. Product lines from ISVs include a very wide choice of products both heavy-weight full-featured packages to free light-weight agents able to run in concert (or a second-opinion scanner) with other security products

1
Reply to conversation

Jason

Part (most?) of a 3rd party AV company’s strategy involves fear-mongering so people believe their product *has* to be installed, and of course paid solutions are projected as being vastly superior to free ones.

Now I’m not accusing KL of doing this, but when you try and project your complaint as being only about Defender/Windows being too pushy and act unconcerned about the OS improving its security, clearly you’re not telling the whole truth. Don’t tell me you’d be happy if Windows’ out of the box security measures were ever improved to the extent that sales of 3rd party paid solutions dropped, just as long as the OS didn’t advertise Defender and push 3rd party solutions out of the way sometimes.

0
Reply to conversation

Denis

Surely, you’d prefer to have a never-ending bank account, private island and an essence for staying forever young. Oh, I should have said ‘an average person’s dream’ :)
Anyway, whatever this particular discussion goes it doesn’t concern the topic of Microsoft misusing their dominant position

1

Alexey

Hi, Joe. Really, Windows Insider or EEAP is not important, because even the last early build may differ significantly from RTM and the public GA version of OS Windows. Probably, for a software like Calculator or Paint it’s OK for it to be tested on early builds and then delivered to users. But that’s not the case for a complex AV solution. Let’s say in RTM some kernel-level functions were changed, and a vendor delivers an AV without it having been tested on RTM. Just guess what users will experience then.

3
Reply to conversation

Jon Bailey

Let’s not forget how easy it is to bypass MSE or Defender by simply adding registry keys to exclude processes, folders and even worse, file extensions (exe, dll)

4
Reply to conversation

Paul B.

Reminds me of what MS did to DRDOS many years ago. Some strategic warnings to the user about incompatibility, and an OS far superior to MSDOS was killed off in the marketplace.

I’ve been on Linux for a year now, and don’t miss Windows at all. It works beautifully, and there are no games.

1
Reply to conversation

Keith B

An excellent appraisal by Mr Kaspersky. What I can confirm after 25 years working in IT is that Defender, like all the other “free” AV programs offers sub-standard protection. As Mr K. points out, and he is exactly right, what we are seeing now unfold before our very eyes from Microsoft is an onslaught on the ability of the user to decide what he installs on his PC and which information the user is prepared to submit to MS. This is only the start. We are frankly amazed that little is being said about this by other well known names in the software industry.

2
Reply to conversation

Christian Mairoll

Thank you for taking action on this, Eugene! It’s long overdue.

0
Reply to conversation

Francis A

I use Kaspersky AV and it’s quite powerful, Defender not so much. But Microsoft, like any other ecosystem or software developer out there, has a right to integrate horizontally or vertically into whatever spaces it believes will benefit its business, not others. It will only be a matter of time before Microsoft integrates some AV (not sure which one) permanently into its ecosystem – my choice would be Kaspersky, but that’s for Microsoft to decide.

0
Reply to conversation
Leave a note