AntiVirus Ironically Damaged is this week’s alternative meaning for the AVID acronym. I am thinking here of the howls of protest from Symantec and McAfee because of security features that Microsoft has put into Vista. McAfee put a full page ad into the UK Financial Times to record it’s displeasure. Symantec has complained to the EU (the only government body in the world that dares to fine Microsoft for antitrust behaviour).

So there we have it. The most remarkable of ironies. AntiVirus companies, who fail to offer effective protection against viruses, howling and screaming because Microsoft, the company that IT security forgot, wants to make it harder for viruses. Basically, if I understand it correctly, Microsoft intends to whitelist (i.e. apply software authentication to) the Vista kernel so only valid kernel components run.

If you are a first time reader of the AVID thread, you may not know that there is technology (software authentication technology) from 4 companies; Savant Protection, SecureWave, Bit9, and AppSense, which stops all viruses and completely cures the malware problem. So why isn’t Microsoft implementing the full security solution and applying software authentication to the whole of Windows? After all, it could.

There are only three possible explanations, so take your pick:

1. Microsoft’s security team are unutterably stupid and also don’t read the AVID postings here. So it hasn’t occurred to them to apply software authentication to the whole environment.
2. Microsoft really does want Vista to be as secure as Apple’s OS X, but they are afraid of antitrust action being initiated by Savant Protection, SecureWave, Bit9 and AppSense. (They can’t possibly be afraid of such action from AV vendors because AV technology provably doesn’t stop viruses effectively.)
3. Microsoft realises that if it completely implements software authentication it will prevent all virus infection (of Vista and other versions of Windows going forward). And that would mean it had only a slim chance of getting a share of the $4 billion revenues that the AV vendors make from failing to adequately protect PC users.