The following text is copyright 2005 by Network World, permission is hearby given for reproduction, as long as attribution is given and this notice is included.


An inherent conflict of interest


By Scott Bradner


Microsoft is getting into the anti business.  The anti-spyware, anti-virus and, in general, the anti-bad stuff business.  The anti business is a pretty good one to the tune of multiple-billion of dollars per year.  The fact that almost all of the value of the business stems from the fact that Microsoft has not been able to get security right the first time makes Microsoft's entry into the business more than a bit conflicted.


According to published reports Microsoft's OneCare offering be more than just an anti-spyware, anti-virus package.  It will be a subscription service, targeted at home rather than enterprise users, that will provide an auto update function as well as protecting against viruses and spyware.  Microsoft is trying it out on its own employees in the near future but has not yet announced when the service will be generally available nor have they announced how much it will cost.


When I first heard about the new service my reaction was 'hey, wait a minute, Microsoft caused this problem why should their customers have to pay extra to fix it?'  But on second thought, since it may actually be technically or practically impossible to fix the problem at its source (so to speak) by not having so many bugs, charging to fix it may be the right thing from a number of points of view.


o From Microsoft's point of view, it would be out of character to leave so much money on the table.


o From the point of view of the current players in the anti-virus and anti-spyware game having Microsoft as a competitor is far better than Microsoft deciding to bundle the software into the base operating system like it has so many times before with other types of applications.


o From an anti-trust point of view, it is not clear that Microsoft had much choice other than to charge a reasonable amount if they wanted to play in this field at all.  They have been put on notice in a number of legal jurisdictions to stop bundling new functions into Windows that other companies are already selling.


But Microsoft does have some significant advantages, even if they are ostensibly just another competitor in the field. 


They will get very early word of any new exploits, likely before any of its competitors except in the case where a competitor discovers the vulnerability. They can add one of their marvy nagging pop up balloons reminding users that they should subscribe to OneCare (again and again and again ...).  They do not have to do more than appear to break even on OneCare to have a creditable anti-trust defense story and thus may be able to undercut their competitors who actually have to try to make a profit.  It's easier for Microsoft to figure out how to integrate into Windows and, in particular, future versions of Windows.


And then there is the advantage of being able to delay fixing underlying bugs to encourage sales of OneCare -- but Microsoft would never do that.


disclaimer: Delaying graduations would not be all that good a sales tool for Harvard anyway, as far as I know,  the university has not expressed an opinion on this topic thus the above opinion must be mine.