Symantec cries foul over Vista's bolted down kernel

By on
Symantec cries foul over Vista's bolted down kernel

Security features prevent competition and limit innovation, vendor alleges.

Security features in the Windows Vista kernel obstruct innovations by anti virus and other security applications, security vendor Symantec charged.

"If security vendors don’t have access to the platform kernel, it cuts down on our ability to innovate and create compatible solutions," Oliver Friedrichs, director of emerging technologies in Symantec Security Response wrote on the company's website.

The kernel is the part in a computer's operating system that manages the system's resources and communicates between hardware and software components.

Altering the kernel allows malware authors to access any part of a system. A rootkit for instance requires access to the kernel to hide files from the system and security software. Microsoft therefore in Windows Vista has instated regular checks on the kernel's integrity and requires that all device drivers are signed by an independent certificate authority.

In the third of a series of three whitepapers (PDF download) on Vista's security, Symantec probed the security kernel security features and claimed that it is possible to circumvent the security features.

Security applications however rely on kernel extensions to do their work, Friedrichs pointed out.

And while they have are blocked, malware authors have already successfully demonstrated ways to circumvent Vista's kernel security features.

"These new technologies, along with Microsoft’s unwillingness to make compromises in this area have serious implications for the security industry as a whole," said Friedrichs.

"If Microsoft wants to make Vista more secure, it should provide equal access to the platform that its own developers have to ensure that security vendors can continue to innovate on the platform, and to ensure that consumers and original equipment manufacturers can continue to choose the best security solutions for the platform. This has always been the case with prior operating systems."

He alleged that Microsoft is forcing end users to only use solutions offered or allowed by the software vendor, thereby stifling competition and innovation in the security industry.

"In the end, a less secure Internet will result and both consumers and enterprises will find themselves more vulnerable to cyber attack," Friedrichs concluded.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
bolted cries down foul kernel over software symantec vistas

Sponsored Whitepapers

Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM
Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM
Future of work: Support your distributed HR workforce with digital document processes
Future of work: Support your distributed HR workforce with digital document processes
Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights

Events

Most Read Articles

Westpac loses its group head of data and advanced analytics

Westpac loses its group head of data and advanced analytics
Telstra-led consortium to build out NSW's digital twin

Telstra-led consortium to build out NSW's digital twin
Westpac replaces branch phone systems with iPhones, Teams Calling

Westpac replaces branch phone systems with iPhones, Teams Calling
Adobe scores $32m myGov software deal

Adobe scores $32m myGov software deal

Log In

Email:
Password:
  |  Forgot your password?