Microsoft’s upcoming marketing nightmare

Posted by Ed in Analysis on Dec 1, 2006

The other day, I was listening to NPR (i think it was “Marketplace”) in the car and for some reason they were talking about Vista. I can’t remember the exact context, but one of the gentleman being interviewed raised an interesting point – he said (paraphrasing here, since my memory is not so good), “Microsoft has so much riding on Vista that if they can’t control the spyware/malware problem, it won’t be very good for them.” Of course he was right, and it’s something that quite a few of us have been commenting on in the security space for quite some time; however, what really struck me about this particular discussion was the fact that it was on NPR – meaning, in my opinion, that the interest in this has been raised significantly (it seems to me that something has to be particularly entrenched in our collective discourse if it gets coverage on the radio – even if it is NPR.) So in my opinion, this means that all sorts of individuals who would otherwise be less than interested are now watching Vista to see how it plays out from a security perspective.

Now, in my opinion, Microsoft has painted themselves into a corner; they’ve written a number of checks that I don’t think any product could possibly cash. Here’s what I mean: They’ve made the claim that it’s the most secure MSFT product to date. Couple this with a perception on the part of many that they are seeking to “own” security going forward (I don’t think they are, by the way – but there is that perception.) Now throw in the recent press that the SDL has received and the vocal message that they’ve put forth about the security features built into the product (this is from BusinessWeek, for Pete’s sake). All those things combined and you have some very high expectations on the part of consumers. At the end of the day, Microsoft will have to eat some major crow if it turns out that the security is not perceived to be significantly better than previous operating systems. And for the crux of the matter, notice that I didn’t say “is significantly better” in that last sentence but instead “perceived to be significantly better”… in actuality, it doesn’t really matter all that much whether the security actually is better or not – it just has to be seen as being better by the community at large.

And that won’t happen. Period.

Why not? First, Microsoft has to fight the marketing of other firms with a vested interest in painting the OS as insecure. Don’t believe me? Does “I’m a Mac” ring any bells? If Mac doesn’t spin the security issue, how about the AV software vendors? How many millions of dollars in “Microsoft is insecure” marketing dollars do you think will get spent to herald in the age of Vista? I’m thinking quite a few. Second, there are a ton of researchers chomping at the bit to test their mettle against Vista. It is going to be “target #1″ for the foreseeable future for bug-finders, vulnerability researchers, tool makers, spyware manufacturers, etc. Batten down the hatches, because a squall is a-brewin’. Not to mention that they’re fighting the natural order – it is the nature of software products to have bugs. And Vista will – I guarantee it. And last but not least, Microsoft is up against a bias in the marketplace the extent of which they have no conception. In other words, they have a matter of weeks – maybe a few months – to change everyone’s mind about their software. I think it’s pretty unlikely, don’t you?

So what happens if Vista is not perceived as secure? I’m not sure, but I’m thinking nothing good (for Microsoft) can come of it when it doesn’t happen.

http://www.holdinfinity.com LonerVamp

Microsoft cannot make a secure OS.

Let me follow that up quickly by saying that is not a comment on the skills of visions of their programmers. Microsoft cannot make a secure OS.

Why would they? There are billions of dollars investe and waiting for companies to clean up after Microsoft and Windows. If the OS were more secure, where would Symantec go? Or McAfee? There is far too much of an industry around the insecurity of Windows, that if they packaged security into it, they would be sued again for monopolistic tactics. It just won’t happen.

And adoption of Vista is a guarantee. Sorry, but progress is progress. Even if Vista is worse, this is where Microsoft is going. If people want to stick with XP, fine. But that support will eventually end. Those programs that “only run on XP” will be replaced and upgraded, leaving more bad tastes in the mouths of managers paying for the ever-changing state of technology. Windows 2000 was and is still MS’ best operating system, but you just can’t get away with using it in more than a limited fashion (home users, perhaps). The world moves on.

And it really doesn’t matter if the security for Vista is good or not. Microsoft has other problems, particular the Genuine Advantage and licensing issues. One understated reason Windows became so big is they were easy to pirate. They proliferated the marketspace so widely, and if you didn’t have a licensed copy, you were still ok. Everyone and their dog hopped on, legitimately or not. When Microsoft takes that ability away, people need to buy more copies for their extra computers and older computers. Sadly, I don’t think many people will sit well with shelling out $200 for an OS on their non-primary system that is 3 years old or something. This will hurt MS, but Linux isn’t anywhere close to taking over that space for the average user. It is just too difficult to operate still, and too much of a divergence from Windows.

In the end, it doesn’t really matter yet for MS. They’ve bombed in the past with ME, they can bomb again with Vista and be just fine. But I don’t think they will bomb, nor do I think anyone will really care about this topic in a year regardless of the outcome. It’s progress and sometimes progress is going to happen whether good or bad, kinda like digital passports.
http://www.emergentchaos.com Adam

Interesting thoughts.

I don’t think that people will look at spyware as the sole indicator of security. I think that people will also notice things like the security center, making it easier for them to check settings, the number of patches (along with their quality and the lower need to reboot), and perhaps other things, like a decline in broad-spectrum attacks.

(Speaking for myself.)
spyware?

Spyware will disappear. The shift to licensed only, software that will ever increasingly be located off system insures that spying on your habits for marketing purposes will be as common as tv ads and it will happen in the background. Pay attention to MS’s total drm integration. The profit to risk ratio for dropping spyware on your system vs simply buying the data from a Microsoft or A Google etc. will swing heavily in favor of buying. If your still worrying about how vista will do in the market then your behind on your strategic thinking.