Windows 8 is coming…but, will Windows 7 be the new XP?

Published May 31, 2012

Are you excited for the release of Windows 8? Today, Microsoft is making the final public pre-release build of Windows 8 available for download before the product is released to manufacturing. If you want to take the upcoming OS on a test drive, you can get your copy at preview.windows.com.

If you’re a fellow computer geek or technology enthusiast, then you’re probably excited–if you’re like most users (particularly businesses), you most likely couldn’t care less. This brings me to my main point: Will the masses adopt Windows 8?

Many home users and businesses (or at least the lucky ones) skipped over the lackluster Windows Vista and decided to stick with XP. Some held out on upgrading with hope that something better would come down the pike—that “something better” just happens to be Windows 7. Business adoption of Windows 7 has been excellent when compared to Windows Vista. Microsoft is now claiming that up to 40% of all business desktops now run it. That sounds like good news, except for the fact that 60% of all business desktops are NOT currently running Windows 7—they’re still running Windows XP.

While Microsoft has continued to extend its support lifecycles to accommodate the slow-moving business market, its customers have responded by not upgrading to newer versions of the OS. My guess is that Windows 7 will simply be the next XP. It will be the main Windows version deployed throughout the Windows 8 lifecycle and, maybe…just maybe…even Windows 9’s.

Google to warn those infected with the DNSChanger malware

Published May 24, 2012

Google will soon start issuing a warning to PC users infected with a type of malware known as “DNSChanger” that could completely cut them off from the Internet this summer. According to a post on Google’s official security blog, any PC user carrying the DNSChanger malware will see a warning when visiting a Google page that their computer is infected. It will also provide a link with details on how to remove the malware. As the security blog Krebs on Security mentions, this is the same malware that threatens to shut off infected PC users from the Internet after July 9. According to Krebs, DNSChanger disables antivirus software running on host computers and is often bundled with other, more potent infections. If it turns out that your machine is infected, it is strongly recommended that you have it professionally diagnosed and cleaned, if needed, to avoid further damage.

Basic anti-virus vs multi-functional anti-virus

Published May 23, 2012

Are your computers adequately protected? If your answer is along the lines of “I have installed AV (free or paid), and now I don’t have to worry about security anymore”—then I’m afraid you are wrong. There are no 100% effective anti-virus solutions that excuse the need for consumers and businesses alike to take responsibility for their own protection. The most effective way of countering the range of modern viral threats is to make use of several layers of protection. Nearly all well-known vendors have, somewhere in their product range, integrated stand-alone AV technology into some kind of multi-functional** security suite. Most users will need a multi-layered solution so that they are not dependent on a single technology to counter the diverse range of threats.

**Technically, a multi-functional, modern day AV scanner is not just a single technology. In most cases, it will include a range of detection methods and technologies from integrated spam protection to: exact identification (the nearest thing to the popular perception of a static ‘signature’), dynamic analysis (heuristics, active behavior analysis through emulation or sandboxing), whitelisting and various cloud-based approaches, and vulnerability scanning.

Free vs. Paid

Various columnists from consumer magazines and testing organizations like Consumer Reports, PC Mag, and Maximum PC, for examples, have from time to time reported no need to pay for AV when there are free options available. While some free AVs are worth less than they cost, it is true that generally speaking, free and paid versions of AV from the same vendor use the same core engine. For example, Microsoft Security Essentials uses the same engine as its corporate paid counterpart, Microsoft Forefront Endpoint Protection. Another example is AVG Free vs. AVG Internet Security—and there are many others.

Keep in mind: the free versions do not have the same range of functionality and features as the paid suites. Many companies offer free versions of their AV software as sort of an extended evaluation tool, intended to give you a taste of how well the basic AV software will work on your system. Most companies offer free versions hoping that you will at some point pay for the commercial version (they will usually bombard you with ads reminding you to do this on a regular basis).

Why Pay for AV Software?

First of all, extra support for your computer system is not available with free software. In addition, sometimes the software is not legal or available within an appropriate context (in a work environment, for example). Most AV vendors offer limited time, fully functional free trials that will allow the use of a full product for a month or a few months and may include full support. Typically when a company makes a scanner available for free, it does not intend to supply free support.

Running a decent, free program is still recommended, vs. the alternative of having no protection at all, which at least helps to contribute to the global safety of the internet. Offering free software promotes sales on other items and encourages good karma within the consumer community. However, the vendors that use the free program model typically lose sales and, when the free software performs poorly, they tend to take hits on their reputation overall. So, maybe free anti-virus software is not so good for the community at-large: there’s an unseen cost that affects both sides.

What Happens If Consumers and Businesses Stop Buying and Prefer Only Free Protection?

For many companies, the savings on providing support to individuals would actually offset at least some of the drop in sales, and they would remain focused on selling to the enterprise, like the security firm Sophos does (and, of course, continuing to diversify into other security sectors). What if more enterprises bought into the idea that they can spend less on AV or use free versions? What would happen if major AV labs ceased to be economically viable? At the very least, it would probably be safe to say that most people would become acutely aware of the debt that it owes the AV industry in terms of the background analysis that drives most of the much needed security operations such as botnet takedowns.