Meet David, the magnificent masterpiece sculpted by Michelangelo at the start of the 16th century. A photo of his face with that curious furrowed brow featured on our very first anti-cyber-vermin security product at the beginning of the 1990s. Some thought the pic was of me! I still don’t see why; I mean, have you EVER seen my face clean-shaven… and as white as a sheet? )
The choice of David for the retail box was far from random: we found we were kindred spirits – both very much underdogs. KL was a small young company from nowhere throwing down the gauntlet to global cyber-malice in an established international security market; David was the small young guy throwing down the gauntlet to the giant Goliath.
Throughout the years the boxes have changed, but one thing that hasn’t is our… Davidness.
Fate threw plenty of obstacles in our path that could have easily seen us off, but we persevered, hurdled those obstacles – often alone – and became stronger.
To everyone’s amazement we gave users the best protection in the world and became one of the leaders in the global market. We took it on ourselves to fight patent trolls practically alone, and are still successfully fighting them. (Most others prefer to feed them instead.) And despite the rise in parasites and BS-products, we continue to increase investment in true cybersecurity technologies (including true machine learning) for the protection of users from the cyberthreat avant-garde.
Thus, with just a ‘sling and stones’ we slowly but surely keep on killing Goliath ‘saving the world’: regardless of the geopolitical situation, and from any sort of cyberattacks – regardless of their origin or purpose.
And now, fate has brought us a new challenge. And not only us: this is also a challenge for all computer users and the entire ecosystem of independent developers for Windows.
David vs. Goliath, ver. 2016
Those of us who’ve been in this industry decades know that Microsoft was once a security leader, as it made a concerted effort not to ship products with known vulnerabilities and started proactively working with the security researcher community early on.
I respected them for these efforts and its initiative; however, some of their recent efforts have left me both very disappointed and dismayed.
Several years ago Microsoft decided to overhaul the Windows platform. Ostensibly this was in the name of better ease of usage, security, performance and so on. Behind the scenes what Microsoft was up to was elegantly seizing niche markets: squeezing independent developers out of them, taking their place, and offering users their own products, which in many cases were in no way better.
“If you throw a frog in boiling water, he’ll just hop out. But if you put him in warm water and you slowly ramp up the temperature, he will not notice and he’ll be boiled. But a lot of frogs in the industry have already been boiled.”
But it’s not just computer games that are being boiled, other developers are too. There’s a new wave of browser wars and fights in other markets; however, this time it’s a large-scale war among competitors with the use of high-caliber monopolistic weapons to destroy the competition. And alas, who’s sure to suffer from this shake-up will be Windows users, who may have to go without better quality products and freedom of choice.
A similar thing’s been happening with security products.
When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all ‘incompatible’ security software and in its place installs… you guessed it – its own Defender antivirus. But what did it expect when independent developers were given all of one week before the release of the new version of the OS to make their software compatible? Even if software did manage to be compatible according to the initial check before the upgrade, weird things tended to happen and Defender would still take over.
It gets worse…
Even if users have compatible protection from an independent developer already installed, Defender appears with an alarming window. It fairly shouts that Defender is switched off, because you’ve some other AV installed. There’s a big juicy Defender ‘Turn on’ button too. Of course, many users will be inclined to press this button: ‘well, it’s from Microsoft – the people who make the OS; must be good; no harm in turning it on for sure’.
In fact, pressing the big juicy button will also deactivate your existing AV. But a user only gets to find this out from a tiny text in a pop-up window (and you need to know how to get that window to pop-up):
No, wait; there’s more.
Microsoft has even limited the possibility of independent developers to warn users about their licenses expiring in the first three days after expiration. Actually, a warning is there, but it’s buried in a Windows Security Center notification, which hardly ever gets read.
So what’s the big deal about three days? It’s a big deal because this is the crucial period during which a significant number of users seek extensions of their security software licenses. And if a user forgets to renew a license, then Microsoft deactivates the existing AV, and turns on Defender.
Hold on; it doesn’t stop there!
Microsoft has introduced a limit on the number of antiviruses you can have on a PC: one (or two – if one of them is Defender; see below). At first glance this looks like sense: all for a more comfortable user experience. But the devil’s in the details…
Let’s say you’ve an independent AV. You intentionally – or not (e.g., with bundled software) – install a trial version of a different AV, but forget to delete it or purchase a license for it. When the trial period is up, Windows quietly turns off both AVs, and – you guessed it – turns on Defender! So, it’s out with two non-Microsoft products, and in with one Microsoft product, in no way whatsoever for a more comfortable – or safer – user experience.
No, really; there is more!…
I quote Orwell as… get a load o’ dis:
Microsoft violates its own rule regarding only being able to have one AV on a system. The rule doesn’t apply to Defender: despite the presence of an independent AV, Windows will occasionally turn on its AV scanner. It demonstrates the results of its blustery activity, again egging the user on to ditch the other AV and stick with Defender.
The following question could arise at this point: ‘Well, if its protection is better and the user has a better experience with their software, seems fair enough: move over other AV’.
Thing is, Defender is far from the best protection you can get. In fact – just the opposite.
According to independent test labs, Defender gives by far not the best experience, but a below average one in the market. Not to mention the fact that it noticeably lags behind on the functionality front: it doesn’t have: parental control, built-in VPN, webcam protection, password manager, backups, exploit protection, protection for online banking and online shopping, proactive protection against future threats and dozens scores hundreds of other features which are all useful in providing maximum protection and a better user experience.
The trend is clear: Microsoft is gradually squeezing independent developers out of the Windows ecosystem if it has its own application for this or that purpose.
In doing so, Microsoft is acting against the interests of users since a lot of its products are of inferior quality. Browsers, gaming hubs, image viewing, processing of multimedia files and PDF documents, cybersecurity and many others are already suffering from this and, as a consequence, so are users. And it looks like this is only the beginning. What’ll be next in the firing line? Virtual machines? Cloud services?
If you still have doubts – check this out, from 58.30:
In case you missed it:
“I want you to think about kicking out the third party antivirus because we’ve got a great solution right now and it’s going to be even better in the months to come.”
… as they say – from the horse’s mouth.
So, like, how many times has Microsoft tried to come up with its own antivirus? At the last count, four: MSAV, OneCare, Security Essentials, ForeFront. They’ve used up sooo much time and money on such projects – but not one of them got off the ground. But sooner or later Microsoft’s investors will ask: ‘where’s all the money gone?’ So Microsoft, in its desperation, decides it needs to get to the top of AV-Everest – AVerest – by any means necessary, including with alarming pop-up windows. In doing so, users get protection markedly below the industry standard. Great job, Microsoft.
But anyway, that’s all just background really – hors d’oeuvres.
Here’s the main course:
We think that Microsoft has been using its dominating position in the market of operating systems to create competitive advantages for its own product. The company is foisting its Defender on the user, which isn’t beneficial from the point of view of protection of a computer against cyberattacks. The company is also creating obstacles for companies to access the market, and infringes upon the interests of independent developers of security products.
We’ve taken the decision to address official bodies in various countries (including the EU and Russia) with a request to oblige Microsoft to cease its violation of anti-competition legislation and to remove the consequences of that violation.
To oblige Microsoft (i) to provide new versions and updates of Windows to independent developers in good time so they can maintain compatibility of their software to Windows; (ii) explicitly inform the user of the presence of incompatible software before upgrading Windows and recommend the user to install a compatible version of the software after the upgrade; (iii) always explicitly ask the user for his/her approval to enable Windows Defender.
The harmful consequences of greed.
Who would be most pleased of all to see a monopolization of the cybersecurity market?
Of course, the cybercriminals!
No need to deal with dozens of different developers’ security solutions – cyber-criminals would concentrate on getting around the defenses of just Defender! What’s more, with every new extra share of the market Microsoft would find it more and more difficult to deal with cybercriminals. Diversity of an open ecosystem is an essential condition of its security. Competition gives rise to new ideas; technologies get polished, infrastructure gets developed, and all-round security gets raised. And all that with minimal costs for Microsoft itself.
A dominating antivirus is a security threat in and of itself.
Shooting yourself in the foot.
Actually, Microsoft’s actions aren’t only making things worse for users and killing off the whole ecosystem of independent developers; they’re also undermining users’ trust in Microsoft: creating an illusion of security while destroying the main competitive advantage of its platform – openness and democracy.
The company’s intentions are easy to work out: (i) to try and get everyone to head over to the Windows Store; (ii) to levy an additional tax on independent developers; (iii) to strictly control who can do what; (iv) to suppress the competition with standardization and regulation; and (v) to further gradually take over the whole ecosystem – all to provide stable growth of profits. Put another way – to have a totalitarian/police-state platform in which there’s no place for independent developers or freedom of choice for users.
As a result, more and more users will finally have enough of Windows and jump ship – to other platforms like Mac, Linux, Chrome OS and others.
The world is changing fast all the time, and every day that change gets faster – and a lot more unpredictable. Will we be able to aim that change in the right direction – so that the world really does get better?
Conventional wisdom says ‘you can’t fight a war singlehandedly’. However, parts of my life’s work prove otherwise, and while it’s not the popular choice, sometimes you have take action to stand up for what’s right. Moreover, I think that that conventional wisdom is actually just a justification for inaction. Inaction that could lead to a catastrophe.
Despite Microsoft slowly killing off the independent security industry, so far, we’re the only ones who have bitten the bullet and decided to say something about this publicly. There are dozens of other very unhappy companies in the industry but, alas, they’ve only expressed their dissatisfaction in informal groups, where a lot of correct things have been said, but nothing of significance actually done.
However, it’s not just in our industry – cybersecurity – where something needs to be done to stop the law being broken in the interests of users. Something needs to be done by all independent software developers for the Windows Platform: we need to form a united front and all fight together.
Users have the right to choose the best; freedom of choice enables the development of competition; and competition leads to technical progress. We intend to fight for such freedom, even if we have to do so alone.
See, we’re still David at heart.
With all that I’ve said here, I want you to know I still have hope. I hope we can find a resolution to this issue. I hope that we can work together with Microsoft not only for the benefit of the independent development community, but also – and more importantly – for those who trust us to protect them in the evolving threat landscape. Our companies need to be fighting cybercriminals together instead of fighting each other, and I have hope that this is still possible.
Microsoft kills off independent software vendors by foisting its products on users that are in no way betterTweet