RealTime IT News

Protecting The Unprotected Masses

Microsoft is hoping to create a new category of PC health services with a service to protect Windows users who are still not running properly updated antivirus solutions.

Windows OneCare Live is a subscription-based service that provides automated performance tuning, maintenance, anti-spyware and antivirus protection.

First announced in May, Windows OneCare is currently undergoing beta testing, with a broader public beta to be available later this year. Dennis Bonsall, a group product manager at Microsoft, said OneCare has already exceeded its goal of 15,000 initial testers.

Last week, early non-public beta users received what Bonsall called a "major refresh," which includes features such as backing up to external hard drives, Microsoft updates and some fixes. The refresh will also scan IM files received via MSN Messenger or any other IM client. But Bonsall told internetnews.com that it's not only an IM client issue.

"Our antivirus that's in OneCare scans every file that can get onto your PC, whether via an IM file transfer, e-mail attachment copied from a CD or Web browser," he said. "No matter how that file is trying to get written, the anti-virus is going to scan it in real time."

OneCare also includes a firewall that replaces the default Windows XP Firewall. Bonsall said the Windows XP Firewall is inbound only. The OneCare Firewall, which is based on the same technology as the Windows XP Firewall, is a two-way firewall that protects against incoming and outgoing threats.

Bonsall noted that one of the differences between the OneCare firewall and other firewalls is that it lets users set "block" and "allow" permissions once rather than having to choose every time.

OneCare's firewall also benefits from something Bonsall called "telemetry," which Microsoft defines as two-way communication between users and Microsoft.

Once five or 10 users block an application that OneCare doesn't have a signature for, Microsoft developers will write a policy that could "allow by default" or "block by default." This is so users can avoid either an "allow" or "block" dialogue box.

"When we talk to customers about their frustrations, they say the 'allow/block' is one of the most frustrating things they ever see," Bonsall said. "They don't know whether to allow or block; customers want and trust Microsoft to tell them."

Beyond the firewall, telemetry also functions in how OneCare handles backups. Bonsall said most users are frustrated because they don't know how to run backups easily.

OneCare allows for automatic backups by file-usage type, e.g. picture files or music. When it comes time to back up, it searches the entire hard drive for the files by file extensions. Once it finds the files, OneCare backs them up.

Telemetry in backups comes into play when the categories morph and grow over time and new formats emerge. At that point, Microsoft will add the new file formats to the types of file so everything gets backed up.

OneCare's Competition

So what about the other vendors out there that are known for producing software specifically geared toward fighting attacks? Solutions from vendors such as Symantec and McAfee help users protect against viruses and keep their systems running at peak performance.

Bonsall noted that, based on Microsoft's consumer feedback, users have found it too hard to use existing products.

"The direction for OneCare and why we want to get in there now with it is because customers have been asking for something that is comprehensive," he said. "They are asking for something that is easy to use and automated, and they are asking for something that will evolve with them, so six months down the road they don't have to go and get something new."

A Symantec spokesperson said that once a product or service offering hits the market, customers will be able to decide the best product to suit their needs.

"We are prepared to compete on a combination of technology and the back-end infrastructure required to support it; the strength of our relationships with our channel partners; and, most importantly, the strength of the relationships we have with tens of millions of consumers around the world," the spokesperson said.

A McAfee spokesperson was similarly defiant about the potential impact of OneCare.

"McAfee can't comment on OneCare because we haven't seen it," the McAfee spokesperson said.

From Bonsall's point of view, OneCare actually represents something that isn't in the market today.

"I think that the PC health services solution as a category doesn't really exist today as a category that is easy to use, comprehensive and evolves," he said.

Bonsall cited Microsoft research data that indicates only 30 percent of customers are running current antivirus tool with current signatures. He said about the same percent is true for a two-way firewall.

"We look at that and say that 70 percent of people don't have an effective solution," Bonsall commented.

"I think there is an awful lot of room for the whole entire ecosystem to play there, because right now a lot of the attention has been on the 30 percent, and we're saying lets pay attention to the 70 percent and not the 30."