-Liability? Since when has there been such a thing as liability for software?

-Are “defending” the kernel from (some, all) programmers, and allowing 3rd party security software in really mutually exclusive?

-When the bad guys get into the kernel, what would you like to do about it? Should security software be allowed to try and go after it? Should you always just have to wipe and reinstall? Will Microsoft’s own competing security software have a way to do that?

-Assume for sake of arguement that you think 3rd party software vendors should try to go after kernel threats. Should they use the same kinds of techniques as the malware itself to get there, with any stability problems that might create? Or should they have a supported interface that gets updated, fixed, and shouldn’t destabilize the system?

-If 3rd party vendors have to pull tricks to get in the kernel, will Microsoft break them with every patch? Should Microsoft declare yours an unsupported configuration if you have intentionally installed software that hooks the kernel?

No doubt, but I am hard pressed to suggest that MS shouldn’t be able to try to defend their own kernel. Not to muddy the waters or anything, but the whole possibility of liability really forces this need.

The problem is that Microsoft has now declared the kernel verboten. As in, at any moment, they might drop a patch that kills your hook. So, you need an offically supported hooking mechanism.