Microsoft Buys Rootkit Detection Startup

[ronjor]

Quote:

Looking to beef up the anti-malware protection capabilities in its enterprise and consumer security products, Microsoft has inked a deal to acquire Komoku, a U.S. government-funded startup that specializes in finding malicious rootkits. Financial terms of the deal were not released.

Story

[s4u]

what a surprise.
Microsoft bought a company

[The Hammer]

Quote:

Originally Posted by s4u

what a surprise.
Microsoft bought a company

I think they should be applauded.

[dmenace]

Can't help but think the same will happen with Comodo...

[Hermescomputers]

Quote:

Originally Posted by dmenace

Can't help but think the same will happen with Comodo...

Mmmh... I doubt it .. it's not government funded so it may not come in as a fire sale...

[lordpake]

And as far as I have understood, Comodo does have other avenues for income, especially from enterprise products. So it is not a small startup just waiting for a big buyer coming along

[Coolio10]

LOL, how did comodo get into this? Is microsoft that boring.

[controler]

Do any of you remember me saying the best way to find rootkits was to monitor the I/O via hardware independent of the OS?

I was talking about this a few years ago. Nice somebody had the same thoughts.

This article is from April 2006

http://www.washingtonpost.com/wp-dyn...041600681.html

[Meriadoc]

Great idea and using hardware for detection and prevention has also been developed by others.

Comodo are in the business of providing certificates to businesses so they can use the padlock on their site.

Quote:

Comodo empowers businesses and consumers to authenticate each other and protect their digital identities.

[Hermescomputers]

Comodo is doing the best of most companies providing security out there... I hope these guys succeed!

[solcroft]

Quote:

Originally Posted by Hermescomputers

Comodo is doing the best of most companies providing security out there... I hope these guys succeed!

Well, their antivirus is a joke, BOClean is pretty pointless given the capabilities of today's standard antivirus scanners, and it's the Symantec folks who have got the right idea of how to build a good firewall, while Comodo went very radically in the opposite direction. Their only claim to fame might be Memory Guardian.

Guess I just had to get that off my chest.

[EliteKiller]

Microsoft also acquired RKU back in Dec.

http://www.rootkit.com/blog.php?user=EP_X0FF

[EASTER]

Quote:

Originally Posted by EliteKiller

Microsoft also acquired RKU back in Dec.

http://www.rootkit.com/blog.php?user=EP_X0FF

Yeah we know.

But the 6 million dollar question is will they ever use it or they just bought it sources because it was buyable at the time and the most effective detector of this sort in world circulation.

I hope everyone understands if Microsoft ever went Full-Blown (dependable/effective) Security enough that it would likely lay a major blow on all other global security business off-shoots everywhere.

I don't think that is exactly their intention. But we'll see.

[ronjor]

Here's a blog blurb.

Quote:

Today, Microsoft announced the acquisition of Komoku to add to Forefront and Windows Live OneCare's technological capabilities. I would like to take this opportunity to review the year since my "Hello World" blog post and again provide insight on where we will be going.

A year ago, I noted our test results were "not stellar" :-). We were lacking VB100 certification, and independent test results placed us ten to fifteen points behind where we hoped to score. I then promised that we were going to do our best to obtain the VB100 every time after. And while always concentrating on what was important—the malware most likely to affect our users—we brought our test scores on par with the rest of the industry. This year is going well, and we now have test results again to see how we delivered on those promises.

More At Technet

[midway40]

Good news for us OneCare/Forefront users

[Hermescomputers]

Quote:

Originally Posted by solcroft

Well, their antivirus is a joke, BOClean is pretty pointless given the capabilities of today's standard antivirus scanners, and it's the Symantec folks who have got the right idea of how to build a good firewall, while Comodo went very radically in the opposite direction. Their only claim to fame might be Memory Guardian.

Guess I just had to get that off my chest.

Well, no argument on the AV as it is still in Beta, perhaps in the future you will see good things... Who knows.

However, find me one AV that is not a Joke as they all skip on viruses. Also while I think symantec is a great company with great products, still I would not do to much noise in favor of Symantec superior protections as most system I get paid to clean are with some of the worst infections on it, and most have symantec products installed. So please pick a better example if you want to use it to denigrate another...

[solcroft]

Quote:

Originally Posted by Hermescomputers

However, find me one AV that is not a Joke as they all skip on viruses.

According to your definition, it seems that any AV that misses threats is a joke. Your definition is completely flawed in the first place, so you'll have to forgive me if I don't bother to rise up to your challenge.

Quote:

Originally Posted by Hermescomputers

Also while I think symantec is a great company with great products, still I would not do to much noise in favor of Symantec superior protections as most system I get paid to clean are with some of the worst infections on it, and most have symantec products installed.

Hermes, this logic is just as faulty as the one that you use to prove that malware is taking over the world, just because the people that approach you for your services all have their computers infected.

My opinion is based purely on a technical standpoint: Symantec builds better firewalls because their product is intelligent, user-friendly, and generally quite effective for all user classes, all of which I think are desirable qualities for firewalls, and are not present in Comodo's. So again, you'll have to forgive me if I ignore your challenging that opinion based on flawed logic.

[Hermescomputers]

Quote:

Originally Posted by solcroft

According to your definition, it seems that any AV that misses threats is a joke. Your definition is completely flawed in the first place, so you'll have to forgive me if I don't bother to rise up to your challenge.

Hello Solcroft,

You and I are in perpetual disagreement it seems...

Well, I don't think all antivirus are a joke per se, what I am saying is that no antivirus are 100% able. End of story. They all suck for the one who has an infections in spite of having protection...

Quote:

Hermes, this logic is just as faulty as the one that you use to prove that malware is taking over the world, just because the people that approach you for your services all have their computers infected.

I am simply stating perhaps too often swimming against the current on the issue that downplaying the virus problem is wrong and does no good to those trying to have a healthy online experience.

Quote:

My opinion is based purely on a technical standpoint: Symantec builds better firewalls

Mmm... Well if you mean able to block direct attacks to the firewall how can you state those merits? Comodo is inferior? How?
Granted symantec appears more user friendly and it is nice and colorful but I beg to disagree, as I have long switched over to anything but... For technical reasons...

I have never had anyone tell me they had a hacker breach a comodo firewall setup...

Now that being said, my support of comodo as a company is based on merit. They give away a spectacular product, they support it well and simply put very few with legitimate criticism of it are doing so outside of the fact it is a free product against which no one can compete...

Those are good, valid and logical...

[solcroft]

Quote:

Originally Posted by Hermescomputers

Well, I don't think all antivirus are a joke per se, what I am saying is that no antivirus are 100% able.

Yep, and some are less able than others by far. I think that point was quite obvious.

Quote:

Originally Posted by Hermescomputers

I am simply stating perhaps too often swimming against the current on the issue that downplaying the virus problem is wrong and does no good to those trying to have a healthy online experience.

An incorrect statement, based on biases and faulty, self-justifying logic.

Quote:

Originally Posted by Hermescomputers

I have never had anyone tell me they had a hacker breach a comodo firewall setup...

I have never had anyone tell me they had a hacker breach a comodo firewall setup either. Heck, I have never had anyone tell me they had a hacker breach a Windows XP firewall setup, for what it's worth.

And since this seems to be drifting quite off-topic, this will be my last post regarding this matter in this thread, I think.

[SystemJunkie]

Quote:

Do any of you remember me saying the best way to find rootkits was to monitor the I/O via hardware independent of the OS?

I was talking about this a few years ago. Nice somebody had the same thoughts.

Many have similar thoughts,
universe is not really endless.. and most part is kind of recycling process

Quote:

Well, their antivirus is a joke, BOClean is pretty pointless given the capabilities of today's standard antivirus scanners.. Their only claim to fame might be Memory Guardian

Memory Guardian has many leaks imo, it needs more development, the weakest point of Comodo is definitely their AV product.

Quote:

Microsoft also acquired RKU back in Dec.

http://www.rootkit.com/blog.php?user=EP_X0FF
Reply With Quote

Quote:

Yeah we know.

But the 6 million dollar question is will they ever use it or they just bought it sources because it was buyable at the time and the most effective detector of this sort in world circulation.

Good question. Not because most effective, probably integration into future product otherwise the story makes no real sense,imo.

Quote:

However, find me one AV that is not a Joke as they all skip on viruses.

Well, I don't think all antivirus are a joke per se, what I am saying is that no antivirus are 100% able. End of story. They all suck for the one who has an infections in spite of having protection...
Quote:

AVs are a odd thing.. they detect many things that are harmless and remain quite in several critical situations.

[Hermescomputers]

Quote:

Originally Posted by solcroft

And since this seems to be drifting quite off-topic, this will be my last post regarding this matter in this thread, I think.

I certainly hope so!

[Hermescomputers]

Quote:

Originally Posted by SystemJunkie

AVs are a odd thing.. they detect many things that are harmless and remain quite in several critical situations.

You know, we have to respect those developers, given the odds against them it is impressive just to be able to stop what they are able to...

[dave88]

Quote:

Originally Posted by Hermescomputers

You know, we have to respect those developers, given the odds against them it is impressive just to be able to stop what they are able to...

Quote:

Originally Posted by Hermescomputers

find me one AV that is not a Joke

hmmm

[Hermescomputers]

Quote:

Originally Posted by dave88

hmmm

Hello Dave,

Find me something that isn't contradicting in such a dynamic and chaotic space as the Internet and the realities thereof!

I have written praise for the functional success of Antivirus software at large as well as criticisms for it's inherent weaknesses... The reality is that the crappiest of all antivirus finds viruses others miss... The best antivirus miss viruses the crappiest find and so on... Complicated and dynamic as I said...

[EASTER]

I must respectfully dispute and disagree with Symantec, my clients have been majority Norton's AV license holders and they always ask why am i paying annually for protections and still end up with a disabled PC.

Symantec is crap! Pure and simple, and not just for their lack of quality AV engineering but they add insane numbers of entries to any system for control, problem is though that the only control they seem to offer is their mega-presence on systems.

I have yanked so many Norton's AV from customers who are more than frustrated and fed up with the degrading performance Symantec lodges inside their systems they beg me to get that junk off please.

If you have to pay for protections, thats exactly what the consumer expects in return right?

WRONG!