Microsoft buys and then discontinues Linux/Unix antivirus products

Last Updated on July 14, 2017 by Dave Farquhar

First GeCAD, now Sybari.

Microsoft has been buying smaller anti-virus firms and discontinuing their Linux and Unix product lines.

Trust, schmust. When your god is Big Business, that means Big Business can do no wrong, so when you’re the U.S. government, you let companies like Microsoft do whatever they want. The problem is that Unix antivirus products are extremely useful, especially in Microsoft shops. Unix viruses are rare, and the heterogenous nature of Unix–never knowing much about the underlying hardware, binary incompatibilities between various dialects even when running on the same hardware, and never knowing for certain which libraries are installed–creates a hostile environment for viruses anyway.

So what good is a Unix server that detects viruses that can’t survive in Unix anyway? It makes a great buffer between the hostile world and the soft and chewy Windows boxes inside corporate firewalls, that’s what.

I love to put Unix boxes in between the world and mail servers that may be running Windows. Just set it up to relay mail to your Exchange or Domino server, but have it scan the mail first. Better yet, have it running on weird hardware. A slightly elderly Macintosh or Alpha or Sun box works great. Since the Intel x86 instruction set is the most common, most buffer overflows use it. While non-x86 processors aren’t immune to buffer overflows, an overflow using x86 instructions will appear to be gibberish and it won’t run. It’s like telling me a lie in Japanese. You won’t fool me with the lie, because I don’t speak Japanese, so I won’t understand a word you’re saying.

Fortunately, there are still antivirus products for Unix and Linux out there. And once Microsoft establishes its antivirus product, it will be more difficult–I hope–for it to simply continue buying antivirus firms and discontinue their products, since now they would be buying off competitors, rather than just attempting to acquire technology that they don’t have the ability to develop internally.

And even if they do buy and discontinue everything, there’s always ClamAV.

If you found this post informative or helpful, please share it!