Security

(Credit: Finjan)

Finjan, which sells Web gateway security software to the corporate market, announced Wednesday a $22 million investment round.

HarbourVest Partners led the round, which also includes Benchmark Capital, Israel Seed Partners, Benhamou Global Ventures, and Cisco Systems.

San Jose, Calif.-based Finjan said it plans to expand its sales and marketing infrastructure with the money.

Green Hills Software announced this week that it is spinning off a new company to bring its military-grade Integrity operating system to the enterprise market.

Integrity, which sits on top of the processor controlling access to hardware and devices, has received the EAL6+ (Evaluation Assurance Level), the highest rating for an operating system.

It's already being used in the B1 bomber, the F35 joint strike fighter, the Airbus 380, Boeing 767, and NASA's next-generation shuttle, and now will be available for use on computers running Windows, Linux, and other desktop operating systems.

The operating system's virtualization features can protect corporate networks by isolating viruses and other malware from other parts of the computer system, said David Chandler, chief executive of Integrity Global Security.

The software can be particularly beneficial for critical infrastructure and call centers, which are often outsourced and staffed by contractors, he said. "We can provide a secure environment and only show the information necessary for someone to do their job," he said.

"What Integrity has is much better than what's currently available on the market," said Neil MacDonald, a vice president of analyst firm Gartner.

"The challenge will be convincing people that they need this; that they have to be doing something different from what they're doing now with commercial software like VMware or Microsoft's Hyper-V technology," he said. "In the commercial world there is the challenge of 'good enough' security and do they really need military-grade or gold-plated security versions of what commercial companies have to offer."

The University of Texas at San Antonio launched a new incubator that will help commercialize security technologies.

Ravi Ganesan, head of the incubator at the Institute for Cyber Security at the University of Texas at San Antonio

(Credit: Institute for Cyber Security)

The Institute for Cyber Security's (ICS) new incubator will provide start-ups access to seed capital, business advise, and office space and infrastructure on the campus. It is getting $5.5 million in funding from the state of Texas.

The first two start-ups being incubated are Denim Labs, which developed technology that protects PHP-based Web sites against certain types of intrusions, and SafeMashups, which enables Web mashup applications to authenticate with each other before exchanging data.

The ICS also has ongoing projects dealing with combating botnets and social network privacy that could eventually turn into start-ups, said Ravi Ganesan, who runs the incubator.

"San Antonio has the second-highest concentration of intelligence and classified work after Washington, D.C., and a large military presence," he said. "The goal is to...make San Antonio a go-to place for entrepreneurs and jobs."

With the economy in decline and venture capital money getting scarcer, the incubator can give security start-ups the help they need to get off the ground, said Ganesan.

"It feels like 2002 all over again," said Ganesan, who previously ran security at Verizon and co-founded TriCipher along with ICS head Ravi Sandhu. "The advantage we bring to the table is we lived through 2002. We know how to lie low and wait for the VCs to bring capital."

Rebecca Bace, a venture consultant for Trident Capital who formerly headed intrusion detection research at the NSA and is chief executive of the Infidel consultancy, agreed. "It's an appropriate time and actually fills a niche in the market for trying to foster new ideas in security," she said.

Updated 1:15 p.m. PST with Symantec comment.

For some security companies, Microsoft's decision to offer a free anti-malware product, code-named Morro, won't result in a dramatic change in how they do business.

Morro will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, according to Microsoft.

Rowan Trollope, senior vice president of Symantec's consumer business, characterized the announcement as a "capitulation by Microsoft, and a reinforcement of the notion that it's simply not in Microsoft's DNA to provide high-quality, frequently updated security protection."

Here's the rest of his statement provided via e-mail: "Consumers have already rejected OneCare even though it entered the market at a lower price, because OneCare offered substandard protection and poor performance as evidenced by scores of third party reviews. The offering only gained modest market share and ultimately was deemed unsuccessful in the marketplace. Making a significantly scaled-back version of that same substandard security technology free won't change that equation. Simply put, innovation and protection matter. So even if it's free, the Microsoft "OneCare-light" offering will certainly fare worse than its predecessor, essentially putting consumers at increased risk without additional protection. Additionally, our research clearly indicates that, after effective protection, what consumers care most about in a security product is performance. OneCare is widely recognized as one of the most egregious offenders in hogging system resources.

On Tuesday, Amy Barzdukas, senior director of product management for the Online Services and Windows Division at Microsoft, had dismissed similar criticism from McAfee. "If the current approach isn't working... (as far as protecting consumers broadly) we need to go with a new approach," she said.

A representative for AVG Technologies, maker of AVG Antivirus, told CNET News on Wednesday, "We view this as a positive step for the AV (antivirus) landscape. AVG has believed in the right to free antivirus software for the past eight years."

The company said it will be "business as usual" and doesn't plan to make any changes to its own product offerings as a result. "Based on what Microsoft is planning to deliver, we don't feel the need to make any changes to our free product at this time," the company said.

Asked if AVG had any advice for Microsoft, the company said "consumers will use a free product if it's robust and it protects them. The product has to be easy to use, fast, unobtrusive, and be able to address the latest Web threats."

Alex Eckelberry, CEO of Sunbelt Software, maker of Vipre Antivirus + Antispyware, said the move to get out of a profitable business appears to a capitulation on Microsoft's part. "This gives them a chance to do something altruistic while getting out of an unattractive business," he said. He noted that Microsoft will still be selling Microsoft Forefront, a collection of business security products.

Eckelberry said there remain two questions: One, how exactly will Microsoft distribute the product (will it consider bundling it with Windows 7)? And two, will the company make the application available through enterprise group policy management?

In the end, AVG said the market still needs to be educated. "Microsoft will have to do more than simply make the product available," the AVG representative said.

(CNET News' Elinor Mills contributed to this.)

Since its introduction in 2006, Microsoft's Windows Live OneCare has altered the antivirus landscape. With Tuesday's announcement that Microsoft will no longer be selling the product in retail outlets but offering a new free version, code-named Morro, starting in the second half of 2009, it's sure to change the field once again.

Since Microsoft bought Romania-based antivirus firm GeCad five years ago, there has been fear among the commercial antivirus vendors that the software giant would simply bundle its malware protection within the next version of Windows. While that didn't happen--and it's unlikely to happen--Microsoft's addition to the market has forced its competitors to make some changes even though Microsoft hasn't become the huge player once feared.

Even before the first beta in 2005, McAfee and Symantec were talking about plans to go head to head with the software giant. McAfee announced plans around Project Falcon, and Symantec launched Project Genesis.

Microsoft OneCare entered the market in May 2006 as a "desktop IT department" and inspired a new breed of "omni security suites" that went beyond the traditional Internet security suite. I wasn't impressed. Although OneCare offers the revamped GeCad antivirus engine, Microsoft Windows Defender antispyware protection, and the Windows Firewall, along with system diagnostic tools, backup capabilities, and a way to monitor home networking, I think that the interface is clunky and that the tools aren't necessarily top of the line. And, I'm on record as calling OneCare SopranoCare since it seems wrong to me to have to pay the company that broke your operating system to fix it.

But at its introduction, Microsoft did shake up the antivirus landscape. OneCare was priced at an absurdly low $49.95, and it protected up to three PCs. At the time, Symantec's Norton Internet Security and McAfee's Internet Security were both priced at over $100 for their three-user packages. Today, three-user packages well under $100 are common.

Symantec responded in 2007 with its Project Genesis-produced Norton 360, a unified product that took Norton Internet Security and added online backup. But Symantec didn't just add to its existing product, it reinvented the product, producing a new one with a fully integrated interface marketed for the average home user. And at around $70, it could be used on up to three PCs.

McAfee also responded with its Project Falcon-produced McAfee Total Protection, also priced around $70 for up to three PCs. It too offers home network monitoring and premium or enhanced versions of the McAfee Internet Suite.

But McAfee and Symantec both had something Microsoft did not: effectiveness.

Almost two years ago, independent antivirus-testing organizations faulted OneCare for missing known malware. Andreas Clementi of AV-Comparatives.org wrote in his February 2007 report (PDF) that OneCare did not meet the minimum requirements for participation. "Due (to) that, its inclusion in future tests of this year (will) have to be re-evaluated."

Microsoft began hiring longtime antivirus experts from competitors, and it appears to have paid off. A few years ago, Vincent Gullotto came over from McAfee to head Microsoft's Security Research and Response team. Microsoft has since added experts from F-Secure, Sophos, and elsewhere to the team. And it shows. In the latest On Demand scanning test from AV-Comparatives.org, Microsoft OneCare 2.5 scored as well as McAfee VirusScan Plus 2008.

All is not perfect, however. In May, Microsoft mistook Skype for a piece of malware. And the Windows Firewall, while Microsoft insists otherwise, is not a truly two-way firewall; there are a great many outbound exceptions within the Microsoft version. A Microsoft representative said "If we turned on outbound filtering by default for consumers, it forces the user to make a trust decision for every application they run which touches the network." Given that other firewalls have outbound filtering, I still don't see why Microsoft can't.

The free version of Morro won't have all the current bells and whistles of OneCare; Microsoft says the diagnostic tools won't be included. Although the final feature set won't be known for a while, just having a free antivirus/antispyware/personal firewall product from Microsoft is bound to shake things up.

With traditional antivirus protection perhaps becoming obsolete, maybe it's time that Symantec and McAfee start offering free versions of their own antivirus products--something that I've said for years.

Microsoft's decision to offer free antivirus software puts rivals such as McAfee and Symantec in a tough position.

To be sure, those two--and other rivals--will be able to tout products that offer a broader range of features than Microsoft plans to deliver with "Morro" next year. At the same time, "nada" is a tough price to compete against.

That raises the question of whether those companies or others may look to antitrust regulators for help. We've put queries into those companies and also posed the antitrust question to Microsoft. I'll let you know what we hear back.

One thing in Microsoft's corner is the fact there are already free antivirus products on the market, such as AVG, though typically security vendors look to upsell consumers from low-cost or free products to higher-end ones.

Microsoft appears to be getting out of the paid security software business, at least on the consumer end. (Microsoft still plans to offer paid security products for businesses).

Also, Microsoft said it plans to deliver Morro as a free download rather than bundling it with the operating system--another move that could dampen some antitrust concerns.

It's unclear whether giving away software that others charge for will ultimately be enough to justify regulatory action. Although one antitrust lawyer predicts rival security firms will complain and that antitrust authorities will listen.

"Sure, there will be antitrust issues. They're just...daring the antitrust authorities to knock it off," said Daniel Wall of the San Francisco firm of Latham & Watkins. "This is an old issue, the notion of them giving away for free products that others sell and it is absolutely guaranteed to get the attention of the antitrust authorities in Europe, Korea, Japan, and other jurisdictions."

"They're incorrigible," Wall said of Microsoft.

Antitrust regulators in the U.S. have tended to focus on harm to consumers as opposed to competitors. Authorities in Europe and Korea have taken a broader view, taking action against Microsoft for actions deemed to hurt competitors, such as bundling its media player into Windows.

Both Europe and Korea have required Microsoft to offer versions of its operating system without certain components. In this case, though, Microsoft is not talking about distributing the antivirus code as part of Windows itself.

Representatives from Microsoft, Symantec, and McAfee were not immediately available to comment.

CNET News' Elinor Mills contributed to this report.

Update 4:45 p.m. PST: Here's what Microsoft had to say.

"We are focused on addressing the security needs of consumers," Amy Barzdukas, a senior director in Microsoft's Online Services and Windows Division, said in a statement. "We will, of course, continue to comply with any government rulings."

Update 6:25 p.m.: And we got comment from security firms McAfee and Sophos.

McAfee spokesman Joris Evers, asked if his company would raise an antitrust complaint over Microsoft's move, said: "It's too early to say anything about that."

Over at Sophos--which focuses on the enterprise market and so doesn't compete with Microsoft's consumer security products--Senior Technology Consultant Graham Cluley predicted antitrust issues would not arise.

"I am no expert on such things, but provided Microsoft does not bundle 'Morro' in with its operating system I would be surprised if there were antitrust issues," he said in an e-mail. "Anything which encourages more people to run antivirus has to be good news for all of us."

Asked if Microsoft would ever consider bundling the security features into Windows, Microsoft's Barzdukas said: "I can't foresee such a time."

Updated at 6:15 p.m. PST with Microsoft and McAfee comment, at 5:30 p.m. with Sophos comment, and at 4:40 p.m. with customer comment.

Windows Live OneCare logo

(Credit: Microsoft)

Microsoft on Tuesday said it is changing its strategy for offering PC antivirus software, with plans to discontinue its subscription-based consumer security suite and instead offer individuals free software to protect their PCs.

Code-named Morro, the new offering will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, the company said in a statement.

With the arrival of Morro, Microsoft plans to stop selling the Windows Live OneCare service, although the two services are not identical. Morro lacks OneCare's non-security features, such as printer sharing and automated PC tuneup. Morro will, however, use fewer resources than the subscription-based offering, making it better suited to low-bandwith systems and less powerful PCs.

Microsoft decided to switch to a free product because there are still so many PCs out there that lack any antivirus software.

"Because they're not concerned about malware, the number of people who don't have antivirus software or don't keep it up to date exceeds 50 percent in developed markets, and it's worse in emerging markets," Amy Barzdukas, senior director of product management for the Online Services and Windows Division at Microsoft, said in an interview. "Live OneCare was tailored for developed markets with broadband...and it's not meeting the needs of a lot of customers."

Asked why the company wouldn't just offer both the free and subscription versions, Barzdukas said: "Having core anti-malware at no charge for consumers, we believe, we will protect more consumers that way." Consumers who want more than the features Morro will offer have "fine alternatives from third parties" to buy, she added.

Despite the fact that McAfee stands to lose paying customers to Microsoft's new free software, McAfee spokesman Joris Evers said the news signaled a defeat for Microsoft.

"Consumers have voted; OneCare, in its two years on the market, has achieved less than 2 percent market share," he said in an interview. "Microsoft is giving up and has defaulted to a dressed-down freeware model that does not meet consumer security needs. This is good news for McAfee."

Barzdukas dismissed the notion that Microsoft was responding to market share or competitive pressures. "If the current approach isn't working... (as far as protecting consumers broadly) we need to go with a new approach," she said.

Asked if Microsoft would ever consider bundling the security features into Windows, Barzdukas said: "I can't foresee such a time."

Representatives from Symantec could not be reached for comment Tuesday.

Graham Cluley, senior technology consultant at Sophos, said the news doesn't impact his security firm because it focuses on the enterprise market.

"I think this announcement may cause some sleepless nights for the chiefs at McAfee and Symantec--they've always done well out of the consumer anti-virus market, and with tougher financial times ahead of them (they) won't be pleased to see the possibility of that evaporating further," he wrote in an e-mail response to questions.

Microsoft had been selling Windows Live OneCare for $49.95 per year, which covered up to three PCs and offered centralized backup and optimization features in addition to security capabilities.

Windows Live OneCare will continue to be sold for Windows XP and Vista via retailers through June 30, 2009, and direct sales will be gradually phased out as Morro becomes available. "Microsoft will ensure that all current customers remain protected through the life of their subscriptions," the statement said.

Morro, which will be available for download over the Internet, will work on Windows XP, Windows Vista, and the upcoming Windows 7.

The news frustrated OneCare customer Cas Purdy who complained on Facebook: "I just paid for OneCare. I'm kind of bitter."

Purdy, who heads up public relations at security firm Websense, said in a follow-up phone interview that he paid for his OneCare subscription a few weeks ago for his home laptop. Websense does not compete with Microsoft on consumer software.

"I'm all for a free tool but given that I just paid for it...we'll see," he added.

Microsoft's Barzdukas said customers should contact customer support if they have a concern. "We will absolutely do the right thing by our customers, and if the customer wants to call our free phone support line we'll make sure they are happy," she said.

A posting on the Windows Live OneCare Team Blog has a detailed FAQ for customers.

Microsoft started selling OneCare in May 2006, three years after signaling its intent to enter the security software market with its purchase of Romania's GeCad.

Although OneCare received only mixed reviews, it significantly shook up the security software market, resulting in generally lower prices.

The software maker has also started selling its Forefront line of security software for businesses and indicated at its Microsoft Online launch on Monday that it plans to expand its lineup of hosted security services.

CNET News' Ina Fried contributed to this report.

The new version of Safari, which was largely a security update and released last week, includes a new configuration option saying: "Warn when visiting a fraudulent website". It is configured to be on by default. So far, Apple is not talking about the enhancement, nor is there any documentation on the Safari site.

CNET tested the updated Safari 3.2 for Windows on various newly reported phish sites listed on DSLreports and PhishTank, and found none produced a warning. It could be that the phish sites being tested were not yet reported to the Google database or that the antiphishing update hadn't made it locally to our Safari browser for blocking.

According to Ryan Naraine at ZDNet, the alert displays standard language. It also includes two links, one to Google's explanation of a phishing site, the other to a Google Report an Error page.

Apple uses standard language when blocking a suspected phishing site.

(Credit: ZDNet)

Apple is the last of the major browser vendors to offer antiphishing protection.

Microsoft uses its own antiphishing and anti-malware tool for Internet Explorer; Mozilla uses a combination of tools, including Google, for Firefox; Opera uses Haute Secure to provide bogus site warnings to end users; and Google uses its own antiphishing technology within its Chrome browser.

(Credit: Barts and The London)

Three hospitals in London were forced to shut down their networks Tuesday after being infected with a computer virus.

"Emergency procedures have been activated to ensure that key clinical systems continue while network access is being established. We have maintained a safe environment for our patients throughout the incident," a statement on the site for Barts and The London NHS Trust hospital system said.

"Manual backup systems are in use and we are in the process of restoring the computer systems with priority being given to the most important areas for maintaining patients services," the statement said.

The hospitals affected are St. Bartholomew's, the Royal London Hospital, and The London Chest Hospital. The BBC quotes a spokesman for Barts and The London as saying the virus was "not malicious" and the infection was "self-contained."

Doctors are using pen and paper as backups as a result of the infection, according to The Register.

The virus is believed to be the Mytob worm, which spreads via e-mail and plants a backdoor Trojan on infected computers that can be used to remotely take control of the machine, according to security firm Sophos.

"There will, no doubt, be concerns that the confidentiality of patients' data may have been put at risk, and the hospitals will surely be keen to reassure the public that security has been maintained," Graham Cluley, senior technology consultant at Sophos, wrote in a post on his blog.

(Credit: Unisys)

Internet security isn't a top concern among most average people, says a report released Tuesday by Unisys. What concerns most people is National Security, followed by financial worries.

"Whether it is the headline news that people listen to every day, or whatever is driving it, it's gone up 26 to 32 percent on this survey," said Tim Kelleher, vice president, enterprise security, Unisys. He said the results were surprising since the presidential election came down to where the candidates stood on the economy not the war.

Unisys focused its survey on four broad areas: national security, financial safety, Internet safety, and personal safety. Results in each category were combined and the composite score rated on a scale from 0 (not concerned) to 300 points (extremely concerned). At 145 points, the United States fell somewhere in the middle. An international version of this survey out in December will compare the U.S. with other nations.

"We're trying to do something that no one else has done," Kelleher said. "We're looking at security in a much broader sense then just cybersecurity, a personal security perspective, trying to do a broad brush of security from the perspective of an average citizen to get a sense of where the public is out there."

(Credit: Unisys)

Among the other findings: Those aged 18 to 24 were less concerned about viruses and spam than those aged 25 to 49. Kelleher didn't want to speculate but said the younger age group seemed more comfortable with the Internet. The under-24 age group also missed the Melissa/ILoveYou/Slammer virus days and, therefore, aren't as concerned about epidemics. On the other hand, there's a spike among the 35- to 49-year-olds who would have been fighting these online epidemics five to ten years ago.

And people living in the South and West tend to be "extremely" or "very" concerned as opposed to people in the Northeast and Midwest.

(Credit: Unisys)

More than 1,000 U.S.-based residents responded to questions from Unisys. The survey was conducted September 5-7 and is part of a larger, international survey due out in December.