Windows 8 'doesn't move the needle' on security, says Symantec

Plans to issue several 'Modern' apps in October

Symantec said Windows 8 "doesn't move the needle much" on security as it rolled out new versions of its antivirus software and promised to provide users with several so-called "Modern" apps for the new operating system.

On Wednesday, the security developer released new versions of its consumer titles Norton AntiVirus, Norton Internet Security and Norton 360.

The new programs are optimized for Windows 8's traditional desktop environment -- the side of the new OS that looks much like Windows 7 -- said Gerry Egan, senior director, product management, in an interview. When Windows 8 ships in late October, Symantec will offer a trio of apps specific for the tile-based user interface (UI) once known as "Metro" and now often referred to as "Modern."

Those apps, which have not yet been given final names, will include one that connects to Symantec's cloud-based back-end management system to give users a view into the security health of Windows and the hardware; another that uses the company's "whitelist" technology to sniff out suspicious data and files, including corrupted Modern apps; and a third that uses Internet Explorer 10's (IE10) engine inside a customized browser that Egan said will let customers "surf online securely."

The Modern apps will hit the Windows Store -- Microsoft's regulated app store for Windows 8 and Windows RT software -- on or just after the Oct. 26 debut of the operating system upgrade.

Initially, said Egan, those apps will be available free to everyone, hinting that at some point they could be restricted to customers who had purchased the traditional Norton desktop security software and had an up-to-date subscription to Symantec's services.

"It's a way to explore [the new UI], and introduce customers to our presence there," said Egan of Symantec's move into Modern.

"But we need to see where that [malware] flows, what the problems are for our customers, before we do more [on Modern]," Egan continued. "What we do will depend on the attack surfaces in Windows RT and Windows 8. Microsoft has laid down some very stringent guidelines on what's allowable [on Modern], which also ties our hands. So if there is more to do in the future, we may not be able to because it would infringe those guidelines."

Egan was mostly referring to policies set by Microsoft that "sandbox," or isolate, apps from each other and from the traditional desktop in Windows 8 to provide a more secure environment.

Microsoft is relying on sandboxing, as well as the curated Windows Store -- it reviews each app prior to approval, looking for everything from malware to undisclosed rights -- to secure the tiled side of Windows 8, and all of Windows RT, the touch-first, tablet-oriented spin-off.

Not surprisingly, Egan didn't think much of Microsoft's security moves in Windows 8 as he set up several "myths" about the new OS only to then knock each down.

"We're just not seeing any significant improvements in Windows 8 security ... it doesn't move the needle much," Egan said, ticking off everything from the new Secure Boot feature to a beefed-up Smart Screen anti-malware filter.

"It's partially true that Windows 8 is more secure," said Egan, pointing to the concept of the Windows Store and its approved apps. "But underneath is a traditional Windows-Intel desktop, which is backward compatible with both the good code and the bad."

1 2 Page
FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies