Symantec cries foul over Vista's bolted down kernel

By

Security features prevent competition and limit innovation, vendor alleges.

Symantec cries foul over Vista's bolted down kernel
Security features in the Windows Vista kernel obstruct innovations by anti virus and other security applications, security vendor Symantec charged.

"If security vendors don’t have access to the platform kernel, it cuts down on our ability to innovate and create compatible solutions," Oliver Friedrichs, director of emerging technologies in Symantec Security Response wrote on the company's website.

The kernel is the part in a computer's operating system that manages the system's resources and communicates between hardware and software components.

Altering the kernel allows malware authors to access any part of a system. A rootkit for instance requires access to the kernel to hide files from the system and security software. Microsoft therefore in Windows Vista has instated regular checks on the kernel's integrity and requires that all device drivers are signed by an independent certificate authority.

In the third of a series of three whitepapers (PDF download) on Vista's security, Symantec probed the security kernel security features and claimed that it is possible to circumvent the security features.

Security applications however rely on kernel extensions to do their work, Friedrichs pointed out.

And while they have are blocked, malware authors have already successfully demonstrated ways to circumvent Vista's kernel security features.

"These new technologies, along with Microsoft’s unwillingness to make compromises in this area have serious implications for the security industry as a whole," said Friedrichs.

"If Microsoft wants to make Vista more secure, it should provide equal access to the platform that its own developers have to ensure that security vendors can continue to innovate on the platform, and to ensure that consumers and original equipment manufacturers can continue to choose the best security solutions for the platform. This has always been the case with prior operating systems."

He alleged that Microsoft is forcing end users to only use solutions offered or allowed by the software vendor, thereby stifling competition and innovation in the security industry.

"In the end, a less secure Internet will result and both consumers and enterprises will find themselves more vulnerable to cyber attack," Friedrichs concluded.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
criesdownfoulkerneloversoftwaresymantecvistas

Sponsored Whitepapers

Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt

Events

Most Read Articles

ADHA readies market test of Accenture's $788m My Health Record deal

ADHA readies market test of Accenture's $788m My Health Record deal
Western Sydney University establishes dedicated data function

Western Sydney University establishes dedicated data function
DeepSeek faces ban from Apple, Google app stores in Germany

DeepSeek faces ban from Apple, Google app stores in Germany
SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?