Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

McAfee To Pay For PC Repairs After Patch Fiasco

CmdrTaco posted more than 4 years ago | from the in-over-their-heads dept.

Bug 212

Barence writes "McAfee has offered to pay for the PC repairs of consumers affected by last week's faulty antivirus update. The problematic patch falsely identified the SVCHOST.EXE Windows file as a virus, causing PCs running Windows XP SP3 to crash or enter endless reboot cycles. In a blog post addressed to 'Home or Home Office Consumers,' the company offered to reimburse PC repair expenses, though there was a notable caveat. 'If you have already incurred costs to repair your PC as a result of this issue, we're committed to reimbursing reasonable expenses,' the company said. 'Reasonable expenses' has yet to be formally defined."

Sorry! There are no comments related to the filter you selected.

Definately an (1, Funny)

sleekware (1109351) | more than 4 years ago | (#31984114)

epic fail.

Re:Definately an (0, Redundant)

RuBLed (995686) | more than 4 years ago | (#31984176)

epic win.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984736)

have the morons at McAfee got a bootable CD or USB stick which will fix the problem - to either mail out or download and burn from the website?

It's not just QA(?) that sucks with that company it is every darn level.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984786)

epic.

Re:Definately an (1)

Thanshin (1188877) | more than 4 years ago | (#31984206)

And a fricking hard to miss bug!

It questions the entire quality control system.

Re:Definately an (2, Interesting)

Lord Byron II (671689) | more than 4 years ago | (#31984252)

Didn't Google mark all websites as malware-infested about a year ago? All it takes is some engineer to mistype a single keystroke (a "*" in Google's case) and down the whole system comes.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984292)

Probably more like a .+ or [\w\d]*, but sure

Re:Definately an (4, Insightful)

Thanshin (1188877) | more than 4 years ago | (#31984322)

All it takes is some engineer to mistype a single keystroke (a "*" in Google's case) and down the whole system comes.

A single engineer to mistype a single keystroke + A director of quality that proposed/allowed a quality control methodology that didn't include a single check between the engineers coding and the public receiving a new version.

Laying blame on those who don't have a large scale responsibility is, very often*, wrong.

*: Yes, a dev could've set a logic bomb when suspecting he'd be fired. And even then most of the blame was on the one who lost control on the future firing info.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984636)

ditto. too many times middle managers cut on qa costs to increase their bonus and then pass the blame of defects to developers

Re:Definately an (1)

pnewhook (788591) | more than 4 years ago | (#31984982)

A director of quality that proposed/allowed a quality control methodology that didn't include a single check between the engineers coding and the public receiving a new version.

ditto. too many times middle managers cut on qa costs to increase their bonus and then pass the blame of defects to developers

How about software prima donnas that think they are too good to make mistakes and say QA just gets in their way? I would say this is far more likely due to a software guy skirting the checks rather than there be no checks in place for an established company like McAfee

Re:Definately an (1)

Thanshin (1188877) | more than 4 years ago | (#31985082)

How about software prima donnas that think they are too good to make mistakes and say QA just gets in their way? I would say this is far more likely due to a software guy skirting the checks rather than there be no checks in place for an established company like McAfee

Nope. Still wrong.

Who's the prima donna's boss and how did he let him have anything to do with the tests?

Re:Definately an (1)

daremonai (859175) | more than 4 years ago | (#31985016)

At least in Google's case, it didn't try to delete every website out there.

Though the idea of an "Internet reboot" does sound tempting sometimes.

Re:Definately an (3, Insightful)

ByteSlicer (735276) | more than 4 years ago | (#31984268)

It questions the entire quality control system.

What quality control system?

Re:Definately an (3, Insightful)

commodore64_love (1445365) | more than 4 years ago | (#31984324)

And people wonder why I rarely use virus software. The damage caused by the AVS is often worse than the actual virii or spybots. Seeing a "Windows XP can't boot" message is pretty damn annoying. I ended-up having to install KDE Ubuntu Linux instead, and never did recover my lost files (just videos fortunately).

Re:Definately an (5, Insightful)

Anonymous Coward | more than 4 years ago | (#31984384)

Using the made-up "virii" as a plural for viruses makes you look like a retard.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984548)

Using the made-up "virii" as a plural for viruses makes you look like a retard.

What is the plural of viruses anyway? Viruseses?

Re:Definately an (4, Funny)

ComaVN (325750) | more than 4 years ago | (#31984632)

Virusesii, obviously.

Re:Definately an (1)

edittard (805475) | more than 4 years ago | (#31985010)

What is the plural of viruses anyway?

A hyperplural?

Re:Definately an (1)

lennier1 (264730) | more than 4 years ago | (#31984662)

Why do I suddenly have to think of Perl? ;)

Re:Definately an (1)

PIBM (588930) | more than 4 years ago | (#31984454)

Usually it's not the file losses that are the worst, but rather the privacy of the information stored in your computer. People spend much more time fighting off against unwarranted charges on their billing / credit card than fixing the problems caused by either a virus or an anti-virus..

Re:Definately an (4, Insightful)

JoshuaZ (1134087) | more than 4 years ago | (#31984278)

The epic fail was the initial bug. This response however is exactly what McAfee should be doing. Offering fairly spontaneously to reimburse people for their expenses incurred is good customer service and good damage control. It is also the ethical thing to do. When something is both the most ethical and most business-savvy course of action, that's a good thing. And that they are willing to do so when it essentially admits to the fact that they screwed up big time shows that they are willing to admit to their mistakes, something many people are not. When evaluating both corporations and people, look at how they respond to the serious failures and crises. McAfee has a good response.

Re:Definately an (1)

Frosty Piss (770223) | more than 4 years ago | (#31984560)

The epic fail was the initial bug. This response however is exactly what McAfee should be doing.

Maybe so. But being familure with the lawyer thing, I smell a big fat Class Action (where of course the lawyers get paid big fat checks, and the consumers get a coupon).

Re:Definately an (2, Insightful)

tlhIngan (30335) | more than 4 years ago | (#31984830)

Maybe so. But being familure with the lawyer thing, I smell a big fat Class Action (where of course the lawyers get paid big fat checks, and the consumers get a coupon).

True, then again, accepting this payback probably excludes them from any other settlement. So a user has an option - get a refund for getting their computer fixed, or getting a coupon for a free 6 months of McAfee, but having to pay to fix their computer. The really dumb ones get a coupon and a broken computer.

Also, McAfee will probably hide behind the EULA for the class action, since the EULA probably also said they don't have to pay if they screw up your system anyhow.

Re:Definately an (1)

Frosty Piss (770223) | more than 4 years ago | (#31984892)

Also, McAfee will probably hide behind the EULA for the class action, since the EULA probably also said they don't have to pay if they screw up your system anyhow.

Class action lawyers ignore EULAs because they are unenforcable. The EULA is a wish list that has very little actual meaning.

Re:Definately an (2, Interesting)

Bakkster (1529253) | more than 4 years ago | (#31984994)

Ignoring, of course, that this is only reimbursing the private-use of the program. As of now, the corporations who were affected quite severely financially (for following suggested security measures) are still out in the cold.

Re:Definately an (1)

Twinbee (767046) | more than 4 years ago | (#31984446)

I don't like anti-virus software and wouldn't dream of using anything Like Mcafee or Norton, but how is it a fail if they're willing to admit guilt and even PAY for any damages incurred?

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984624)

People still use Windows XP?

Ah yes. (1)

Petersko (564140) | more than 4 years ago | (#31984704)

Nothing to say but... my sig.

Epic Fail (4, Funny)

cyphercell (843398) | more than 4 years ago | (#31984806)

I have sigs turned off.

Well played, sir. (1)

Petersko (564140) | more than 4 years ago | (#31985236)

Epic Fail - "I have sigs turned off."

Well played.

Re:Definately an (0)

Anonymous Coward | more than 4 years ago | (#31984784)

You should see some of the code that I see make it to production. ick.

Slashdot is also engaged in this (0, Redundant)

BadAnalogyGuy (945258) | more than 4 years ago | (#31984116)

Replying here in the comments since we all know people don't read the summary, much less the article. :-)

Slashdot is also involved in reimbursing McAfee users who have fallen victim to this problem.

Please contact pater@slashdot.org or krow@slashdot.org if you have been inconvenienced by this patch update bug.

Your help is greatly appreciated.

Re:Slashdot is also engaged in this (0)

Anonymous Coward | more than 4 years ago | (#31984150)

Who do we contact if we've fallen victim to stupid slashdot comments, bad analogies, or goatse [goatse.fr] ?

Re:Slashdot is also engaged in this (1)

g0bshiTe (596213) | more than 4 years ago | (#31984374)

Anyone on /. with the words Analogy or Goatse in their names I suppose.

Re:Slashdot is also engaged in this (1)

lennier1 (264730) | more than 4 years ago | (#31984800)

When in doubt ask the cowboy.

$50! DENIED! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31984122)

Let the billing and accounts recieveable fuckery begin!
Mc's legal department and accounts are going to be looking for ANY reason to tell claimants to go play "Hide and go fuck yourself with that invoice."

Re:$50! DENIED! (0)

Anonymous Coward | more than 4 years ago | (#31984338)

Let the billing and accounts recieveable fuckery begin!
Mc's legal department and accounts are going to be looking for ANY reason to tell claimants to go play "Hide and go fuck yourself with that invoice."

They just need to hire a few health insurance industry folks as consultants. Their payout would be minimal.

Reasonable cost? (2, Interesting)

areusche (1297613) | more than 4 years ago | (#31984132)

I'm pretty sure that reimburshing my IT department's lost money and time is pretty reasonable considering I spent two days walking to every computer on the campus.

Re:Reasonable cost? (3, Interesting)

LWATCDR (28044) | more than 4 years ago | (#31984378)

maybe you should put a Linux partition on all of the boxes with some remote access software?
Not actually trying to be a smart ass but if you could do that then it might have been possible to fix the issue remotely.
I am not sure since my office has a small network and we didn't have the problem. I would think that it should be possible to replace the missing file and disable the anti virus or maybe replace the definitions file remotely. Most modern Linux distros can mount NTFS partitions.

Of course right now the idea of light clients and Windows terminal services probably doesn't sound so bad!

Re:Reasonable cost? (1)

nurb432 (527695) | more than 4 years ago | (#31985050)

That's why Intel made Vpro.

Re:Reasonable cost? (1)

LWATCDR (28044) | more than 4 years ago | (#31985102)

If you have a box running so you can use the VPro client software.
Actually VPro looks very cool. The question is how do you get it? Seems like it must be built into the system at the motherboard or bios level.

Re:Reasonable cost? (0)

Anonymous Coward | more than 4 years ago | (#31984422)

They will most certainly not pay for in-house repairs and not for lost time or profit either. How long does it take a professional service technician to apply the automated fix to a PC and how much does that cost?

Re:Reasonable cost? (1)

PIBM (588930) | more than 4 years ago | (#31984470)

Did you not so read the summary to miss the 'home or home office' part ?

Re:Reasonable cost? (1, Flamebait)

Richard_at_work (517087) | more than 4 years ago | (#31984792)

Should McAfee really be on the hook for your departments poor IT practices? Every one of those computers should have been remotely re-imaged, and as all campus data was kept on centralised servers then you should have lost no data, your job should have consisted of queuing systems for re-imaging, not much more.

People are railing McAfee here for poor QA, and they rightly should - but you have just demonstrated your own poor QA. Who in their right mind releases a patch to their entire install base at once? Release it to 10 computers and monitor for a couple of days. Then released it to 50 more and continue monitoring. Keep including groups until all computers have been covered without issue. How hard is that?

Re:Reasonable cost? (2, Interesting)

rabbit994 (686936) | more than 4 years ago | (#31985260)

Completely impossible. Many AV vendors are now updating 2 or 3 times a day. Heck, Microsoft free AV gets updated daily and sometimes twice daily. Unless you skipped updates and only deployed every Monday update, you could possibly test but you would need a dedicated team to testing. What happens if some Javascript virus came out on Tuesday? Are you going to leave your users unprotected till next week? AV is unfortunately a system where sometimes you do have to pray and update. We do that at our job since we are media company, we have very liberal web filter and sometimes our users get infected even with auto updating. I'd be scared to see the damage if we didn't update as soon as Symantec update was released. BTW, Symantec sucks as bad as McAfee but suits pushed it on us.

Reimburse? (3, Insightful)

WrongSizeGlass (838941) | more than 4 years ago | (#31984136)

Reimburse them ... or ... maybe what they should do is give the "victims" extended subscriptions instead ... that's probably exactly what they want ;-)

Re:Reimburse? (1)

Pharmboy (216950) | more than 4 years ago | (#31984202)

Exactly what I was thinking, that they would give you "free" extended coverage for the "life of the machine", which of course, is -3 days since they killed them.

If ever there was justification to Pirate McAfee (-1, Troll)

commodore64_love (1445365) | more than 4 years ago | (#31984146)

...this is it. Like a modern-day Robin Hood: Steal from the thieves, and return the money to the poor citizens. McAfee is NOT going to reimburse the full amount of damage they caused? Damn corporation. It reminds me of Toyota who refused to fix engines that prematurely died after only 20-30,000 miles, thereby forcing innocent victims to cough-up $7000 in replacement costs, when by Toyota's own warranty the engines should have been replaced for free.

Why do these corporations act as if they have no morals whatsoever? Oh that's right..... because they have no more soul than a rock or tree. Therefore they should have no human rights

Re:If ever there was justification to Pirate McAfe (4, Informative)

LinuxIsGarbage (1658307) | more than 4 years ago | (#31984232)

Currently they are extending subscriptions by two years. Enough to prevent any successful bid by IT personnel to get higherups to approve a switch. Now whether they will cover the actual cost of lost productivity, not just of IT staff but by the company as a whole.

Re:If ever there was justification to Pirate McAfe (2, Insightful)

The MAZZTer (911996) | more than 4 years ago | (#31984314)

Why would you willingly use McAfee in any way after this? Why not just go with AVG or Avast or MSE?

Re:If ever there was justification to Pirate McAfe (2, Informative)

Inda (580031) | more than 4 years ago | (#31985084)

AVG burned us with proxies. Did you forget?

Why? (1)

khasim (1285) | more than 4 years ago | (#31984658)

If you pirate the software, you get all the downsides and none of the upsides.

You certainly wouldn't be getting any pay-out from McAfee for someone to fix your machine after the "pirated" software crashed it.

Re:Why? (1)

kalirion (728907) | more than 4 years ago | (#31984950)

If you pirate the software, you get all the downsides and none of the upsides.

This is reversed for games, unfortunately.

2 year extension? (2, Insightful)

topham (32406) | more than 4 years ago | (#31984148)

A 2 year extension? What, so they can have 730 more days to do it again?

Re:2 year extension? (2, Insightful)

timeOday (582209) | more than 4 years ago | (#31984192)

I actually think they deserve some credit for this. It will cost them a fortune. Better that they hadn't made the mistake in the first place, but then again, these things happen occasionally and cases of software companies paying for damages caused by their bugs are extremely rare.

Re:2 year extension? (0)

Anonymous Coward | more than 4 years ago | (#31984294)

cases of software companies paying for damages caused by their bugs are extremely rare.

Because none of them could afford that. If McAfee would pay for the hours spent by IT techs, lost productivity due to unavailable IT systems, etc. they'd probably be bankrupt several times over. Due to that I cannot believe there won't be a massive caveat to "reasonable expenses".

Re:2 year extension? (0)

Anonymous Coward | more than 4 years ago | (#31984426)

Let's see. They're covering "reasonable expenses" related to repair only. There's your caveat. Figure one lowly technician can manually fix 10 computers per hour at $20/hr. A large company with 10,000 affected computers would be compensated a measly $20k.

Re:2 year extension? (0)

Anonymous Coward | more than 4 years ago | (#31984556)

..and what about the 1,000 hours the users of those systems were unable to work?

In my experience (at a fairly large company) pretty much everyone was unable to work for most of the day while IT scratched their heads.

I will believe it when I see it. (2, Interesting)

khasim (1285) | more than 4 years ago | (#31984530)

Maybe it will cost them a fortune. Or maybe they'll make everyone trying to file a claim jump through unreasonable hoops and end up paying almost nothing.

Extending a license for 2 years costs them NOTHING if the customer would have left.

And that's just for home users. There's still no word on other users (like school districts).

Re:2 year extension? (1)

The MAZZTer (911996) | more than 4 years ago | (#31984334)

This reminds me of the story where my grandpa chipped a tooth eating some peanut brittle or something. My grandma sent the company that made it a nasty letter and they returned an apology and another box of peanut brittle. My grandpa chipped another tooth on the first bite.

Re:2 year extension? (1)

plague3106 (71849) | more than 4 years ago | (#31984942)

How is it the company's fault that your grandfather has exceedingly weak teeth? If lots of people were chipping their teeth on it, that'd be one thing, but some old guy who's dental hygene may be a factor?

Re:2 year extension? (0)

Anonymous Coward | more than 4 years ago | (#31984932)

Looks like you forgot about February 29, 2012.

Not gonna be enough.. (5, Interesting)

Hebbinator (1001954) | more than 4 years ago | (#31984214)

I don't see how this even begins to approach the amount they are in for.. they are going about it the wrong way. In signing up to pay home/ home office users, they are automatically assuming guilt for themselves (as if anyone wasn't sure that they were guilty in the first place?)

First off, they are starting with home / home office users. This population will incur the highest cost per computer to fix - i.e. instead of paying 1 IT guy 30/hr to fix a bunch of computers in one place, this is one-at-a-time visits to Geek Squad (ugh) or whatever which will run 50+ per computer..

This is just opening the door for future corporate lawsuits - i.e. "Clearly they have said that they were the cause of this issue and are willing to refund some of their users to the tune of X for just ONE computer. My company lost 1000 computers, I want 1000x dollars, plus lost productivity."

Re:Not gonna be enough.. (0)

Anonymous Coward | more than 4 years ago | (#31984340)

Or in the case of a company such as Intel: "My company lost 200,000 computers, I want 200,000 * dollars plus lost productivity". Maybe instead this will cause companies to realize that most anti-virus software cost more in terms of productivity and resources than any virus would in the long term. They should self insure instead of paying for poor coverage.

Re:Not gonna be enough.. (1)

L4t3r4lu5 (1216702) | more than 4 years ago | (#31984494)

I always thought McAfee was included with shitty software bundles because it wasn't used on corporate networks.

Do yourselves a favour and switch to ESET Smart Security.

Re:Not gonna be enough.. (1)

omni123 (1622083) | more than 4 years ago | (#31984626)

I always thought McAfee was included with shitty software bundles because it wasn't used on corporate networks. Do yourselves a favour and switch to ESET Smart Security.

Unfortunately that's not the case--the organisation I work for (40,000+) uses McAfee on all desktop machines and coincidentally runs XPSP3. The flipside is that nobody was bored enough to install an update straight out of release and it usually takes a month or two turn around unless it's urgent or specific. In the corporate world ESET is simply too new a product (comparatively speaking, the old school preference etc).

Re:Not gonna be enough.. (0)

Anonymous Coward | more than 4 years ago | (#31985160)

Problem is, AV software being reactionary in design, it is usually the newest threats that are spreading the most, and are the ones you want to detect, which is why frequent signature updating is required to try and stay on top of it. This is at odds with normal IT practices which is for slow roll out of updates (to allow for testing, etc). Microsoft has "Patch Tuesday" for this reason.

Re:Not gonna be enough.. (0)

Anonymous Coward | more than 4 years ago | (#31984614)

Wrong. Read their EULA. "Hold harmless".

Re:Not gonna be enough.. (1)

Kjella (173770) | more than 4 years ago | (#31984618)

Good luck on that, it's not unusual for consumers to have completely different rights than corporations. Nor is it illegal for corporations to be nicer than they legally can be. Stuff like you describe is the reason why you ALL get shitty service in the US, because if one knowledgeable guy answers a question outside the script he'll call back more and demand that service or cry foul and sue or the next person who gets an average drone will cry foul and sue for discrimination or whatnot absurd reason. It's very hard to provide equally good service but real easy to offer equally shitty service.

I was thinking this would be a boon for me... (5, Interesting)

chaffed (672859) | more than 4 years ago | (#31984352)

I was thinking this would be a boon for me. I do in home and business support in my off hours, good spending money. However, due to my issues with McAfee, none of my regular clients use McAfee AV products.

So, if I had recommended McAfee to my clients, I would be a rich person now. Damn, doing the right things doesn't make as much money!

Re:I was thinking this would be a boon for me... (5, Insightful)

King_TJ (85913) | more than 4 years ago | (#31984620)

Heh.... Doing the right thing almost always *ensures* you'll make less money -- at least in the world of computing.

I do on-site service too, and honestly, that's one reason I charge higher hourly rates than some of my competition. I've seen, first-hand, the way they leave a PC after they're supposedly done "cleaning up a spyware infection". Typically, they run a couple of their favorite programs on it, letting them run through and remove whatever they find, and they declare it "clean" - charging their fee and leaving.

I actually take the time out to test a system after I clean a virus/spyware issue, and if I see any evidence that, say, pop-up windows are still occasionally coming up in Internet Explorer, or error boxes are displaying from files that got deleted but not removed from the registry entries referencing them? I go back in and fix all of that. If I can't get it to where I'm satisfied it's 100% back to normal, I sometimes back up all their documents, bookmarks/favorites, Outlook email store, autocomplete files, photos, music, and whatever else - wipe the drive, and rebuild the whole machine.

Honestly, that stuff takes many HOURS to do right, and I can't really bill a person for all of the time that takes - so I just "cap" things at that point with what I think is a fair price, and "eat" the rest of it.

If I was less honest, I'd do what the other guys do and just do a quick, easy automated "once over" of things, take my money and run. Chances are good they'll call back and pay a second or third time to go back and mess with the remaining junk that was left behind anyway. And if not, at least I wasn't stuck putting in hours of unpaid work to do the job right....

But I dunno.... there's still something satisfying about knowing you did a job the best you could -- even if it usually goes relatively unappreciated.

Corporate customers? (1)

lamfear (597076) | more than 4 years ago | (#31984360)

What about their corporate customers?

Sounds like a similiar problem microsoft (hotfix) (1)

irreverant (1544263) | more than 4 years ago | (#31984372)

Strange - just a week or so ago, I recall reading a similar incident with Microsoft. I wonder if these companies don't share information, perhaps they should and things like this could be minimized. Maybe it happened this time to the same people that had the issue when Microsoft released it's patch.

Re:Sounds like a similiar problem microsoft (hotfi (1)

shutdown -p now (807394) | more than 4 years ago | (#31984466)

You must be remembering about the case where Windows Update would kill the system by updating some files, if some other files were infected by a virus (basically the virus relied on very specific features of certain versions of system libraries).

What do you charge? (1)

HockeyPuck (141947) | more than 4 years ago | (#31984388)

Since this has come out I've decided to charge my family and friends $1000/computer, which they can pay to me upon being reimbursed by McAfee.

Re:What do you charge? (1)

Actually, I do RTFA (1058596) | more than 4 years ago | (#31985146)

Since this has come out I've decided to charge my family and friends $1000/computer, which they can pay to me upon being reimbursed by McAfee.

It's exactly because of this, and the "My P3 got fired, so I replaced it with a 16-core uberputer" that McAfee had to specify "reasonable".

Fix it yourself? (1)

Eggbloke (1698408) | more than 4 years ago | (#31984412)

I know not everyone knows as much about computers as the average slashdot reader but it's pretty simple to boot into safe mode and kill McAfee (although it takes a lot to completely remove it, it's basically malware)

Re:Fix it yourself? (1)

frith01 (1118539) | more than 4 years ago | (#31984686)

You seem to under-estimate the scope of the problem caused by the definition update. The system REMOVED the svchost.exe file from the working system, which basically leaves you in an un-privileged state as an account user, and unable to access the network or any privileged program.

As such, the installer program wont run, so you CANNOT just un-install, even in safe mode.

Having said that, the time it takes to fix a system is an insignificant part of the actual cost to the corporation affected. ( We were down for 6 hours or so, until we found the correct cleanup procedure. )

Offtopic (2, Interesting)

Artem Tashkinov (764309) | more than 4 years ago | (#31984472)

AV industry is just one big fuck up.
Instead of building a true behaviour based, sandbox'y style AV solutions, they peddle their ugly products and never exchange their virus signatures leading to a situation when no AV can detect all existing viruses, and no AV is even remotely future-proof in defeating unknown malware types.
And let this McAffee debacle become the next little step in embracing of open source OS'es by the corporate world.

Re:Offtopic (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31984642)

FWIW, I knew an engineer working for McAfee in the early 90s (IIRC, was at least mid 90s) who had developed a virus detection system closely related to a sandbox / virtualization approach - it would detect malware based on what it did in a sandbox copy of the OS. According to him, it worked great, but after much internal high level debate the project was killed, as there was no business case for a virus scanner that didn't need high frequency updates (and the associated subscription fees.) He believed a set of patents were filed to lock up the concept, but I've never looked for such...

I wonder.... (2, Interesting)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#31984492)

What, if any, level of incompetence would (legally) be "indistinguishable from malice"...

Obviously, by installing an AV product, you indicate a desire for it to perform certain operations on your system, and an acceptance of the fact that it will probably tank your I/O performance and so forth. And, in general, courts have generally accepted the notion that vendors are nominally, at best, liable for buggy software.

In this case, albeit unintentionally, McAfee ended up committing several hundred thousand hack attacks. Disabling thousands of computers, including plenty that would fall under the CFA's definition of "protected computers".

Thought experiment: If some punk kid had accidentally disabled some hundreds of thousands of computers(along the lines of that old accidental self-replicator worm, or something), what parts of the book would they be throwing at him right now? Are McAfee's actions just a desperate attempt to keep some of their burned customers, or do they fear something more serious here?

Re:I wonder.... (1)

Ogive17 (691899) | more than 4 years ago | (#31985018)

Thought experiment: If some punk kid had accidentally disabled some hundreds of thousands of computers(along the lines of that old accidental self-replicator worm, or something), what parts of the book would they be throwing at him right now? Are McAfee's actions just a desperate attempt to keep some of their burned customers, or do they fear something more serious here?

I'm guessing he'd have to pay some form of restitution, just like what McAfee is doing.

In my opinion... (1)

Antony-Kyre (807195) | more than 4 years ago | (#31984518)

reasonable expenses shouldn't exceed the average cost that a data recovery business would charge. And it would be simple enough to see that the drive is okay, that all you need is to fix the missing files in question. If I had to guess, I'd say $99 max comes to mind.

I say the simplest option would be to provide some free service. Maybe a couple year's worth. This way they wouldn't have to write out a check to everyone. I'm not saying this isn't a bad thing that happened, but I'm just thinking of easy solutions for both sides. (Thankfully, I don't use McAfee.)

"Patch Fiasco" (5, Funny)

RevWaldo (1186281) | more than 4 years ago | (#31984532)

"Ladies and gentlemen, coming to to you all the way from Seattle, Washington, the one, the only - Patch Fiasco!"

or perhaps...

(Twelve bad guys lie dead or mortally wounded on the street, surrounded by astonished and bewildered townsfolk. One speaks up.)
- Who are you?
(the man lights a cigarette, drags it in and exhales, then adjust the brim of his hat.)
- My name... is Patch Fiasco. (turns around and starts walking away. music: mournful slide guitar)

ObAutomotiveAnalogy (3, Insightful)

Rogerborg (306625) | more than 4 years ago | (#31984572)

At this point, an offer to pay "reasonable" expenses is about as generous as Ford apologizing for selling a car airbag that deploys as soon as you sit in the seat. Plus, it's covered in broken glass and rusty nails. Also, lemon juice.

It's nice that they're taking responsibility and all, but a bodyguard who beats up his own client isn't really the sort of person that you give second chances to.

Solution to it all! (0, Troll)

Alexvthooft (1798010) | more than 4 years ago | (#31984588)

use Mac

Re:Solution to it all! (1)

Alexvthooft (1798010) | more than 4 years ago | (#31984870)

Not meant as such, quite new to slashdot. Just meant it as a joke!

Reasonable expenses. (2, Insightful)

MindlessAutomata (1282944) | more than 4 years ago | (#31984644)

Come on guys, I hate McAfee as much as you do but "reasonable expenses" makes perfect sense and it's not something you can easily quantify everywhere... but we all know how ridiculous some potential charges are or how some stupid customers are. I can see some stupid, stupid people thinking they need to go out and buy a new 500 dollar computer to fix this problem.

Re:Reasonable expenses. (2, Insightful)

slimjim8094 (941042) | more than 4 years ago | (#31984858)

I can see some stupid, stupid people thinking they need to go out and buy a new 500 dollar computer to fix this problem.

Replace "some stupid, stupid" with "a lot". There's a depressingly tremendous percentage of people who are convinced that the fix for a computer that's gotten slower over 2 years is a new computer. These are people with C2Ds with 2GB ram and 500GB hard drives.

Most people don't get the distinction between hardware and software. Most think that when the OS gets bogged down with craptons of spyware, the computer simply needs replacing; they just wear out over a few years. Dell obviously loves this, but it's tremendously wasteful.

By my estimations of my own compute repair, this is about 20% of users. Probably more - since the problem is that they don't call when the computer slows down, I wouldn't hear about it.

Incidentally, this is why Apple's doing so well. They want their computer to work like a microwave or TV - works indefinitely until it becomes inadequate for your needs, or breaks. Apple is perfectly happy to sell them something that works like that, and that's what us geeks don't understand.

Re:Reasonable expenses. (1)

barzok (26681) | more than 4 years ago | (#31985116)

Incidentally, this is why Apple's doing so well. They want their computer to work like a microwave or TV - works indefinitely until it becomes inadequate for your needs, or breaks. Apple is perfectly happy to sell them something that works like that, and that's what us geeks don't understand.

I am a geek, and that is exactly what I want. I want to buy my computer and have it Just Work until it can't do what I need it to do anymore, then it'll be passed on to someone else with lesser computing demands or put into different service which suits its capabilities.

I know that when I buy a dSLR, my nearly 3 year old MacBook isn't going to cut it for very long, and I'll replace it because, well, what else can you do with a laptop when you've already maxed out the RAM but overall the computer isn't adequate for your needs?

So what am I missing?

Linux Anyone ? (1)

rderoko (1116609) | more than 4 years ago | (#31984694)

Love the affirmation of my decision to use Linux four years ago !

Microsoft issue (0)

Anonymous Coward | more than 4 years ago | (#31984706)

IMO this is Microsoft's issue for not make core files accessible to be attack by any program whether its virus or mcaffe screwing up coding. I mean there is many options of user privlages within windows. Why not just make a "microsoft admin" rights for windows files so this crap stops happening. I don't know programming but think it should be easy enough.

Re:Microsoft issue (1)

LinuxIsGarbage (1658307) | more than 4 years ago | (#31985100)

Problem is AV software hooks in at file system / disk driver level.

Easy to Fix (1)

MrTripps (1306469) | more than 4 years ago | (#31984746)

This problem is easy to fix now. Reboot into safe mode. Run two files (5959xdat.exe and SDAT5958_EM.exe). Reboot back into regular mode. Now if you have to go around to hundreds or thousands of machines to do that (like we did) it gets a little tiresome. I wouldn't be surprised if they get a class action attempt out of this, but the EULA will keep them safe.

The cure is much worse than the disease (1)

aarner (901356) | more than 4 years ago | (#31984758)

Why the penny-pinching misers of corporate America haven't gotten wise to the incredible scam that's been perpetrated on them in the form of Anti-Virus software still amazes me. It would be easy to assume that there are kickbacks from Symantec/McAffee to the big corporate subscribers, or some other conspiracy. But then I'm reminded to not ascribe to malice that which stupidity explains. If my last three employers are representative, then the average Fortune 500 company has about 10 FTE positions tasked with ongoing maintenance and support of their A/V infrastructure. Then factor in the millions in licensing costs. The bandwidth to push out terabytes of signature updates monthly or weekly. The 30% performance hit off the top of every PC in the enterprise that on-access and resident scanning imposes. The lost productivity that wasted performance leads to. The soft costs in terms of user confusion caused by false positives, system crashes, application/utility conflicts with the A/V, etc.

And then realize that the punchline to this sick joke is that the stupid thing doesn't even work!

If I gave any reasonably competent Wintel PC/Software technician that list of symptoms above, and asked for a list of possible causes, near the top of everyone's like would be "malware infection" Contrast the potential problems caused by a malware infection in comparison to the guarantee that the issues above will affect a PC "infected" with one of these massively bloated A/V solutions.

Anti-Virus solutions are based on blacklists. Blacklists don't work. Anti-Virus programs cause the machine to exhibit the exact symptoms they were designed to prevent. It's cutting off your arm because of a hangnail. I'm sure someone more clever than I can come up with a car analogy. The medicine is worse than the disease.

One good thing about A/V software - since I started sharing the above rant with family members, especially the in-laws, the requests for tech support from me have gone way way down. I think that my anti-A/V views have gotten me labeled as some kind of tinfoil-hat-wearing nut who shouldn't be allowed anywhere near their computers.

The lawyers..... (1)

8127972 (73495) | more than 4 years ago | (#31984818)

... Must just be licking their chops. Why?

1. They all but admitted they fracked up. They even used the word "faulty" in their post. What were they thinking?
2. Whatever their definition of "reasonable" is, it's not going to make everybody happy. That's sure to generate a few phone calls to lawyers.

Expect the the class action lawsuits to be filed shortly.

Interesting conflict of interests (1)

adamwright (536224) | more than 4 years ago | (#31984886)

As one of the purveyors of worthless "Viruses/Cybercrime cost the economy TRILLIONS!!!" sky is falling nonsense, here's an interesting conflict of interests for McAfee. From a users perspective, the damage caused here will somewhat similar to the costs of cleaning up after a virus has damaged machines. Will they reimburse customers the many, many millions they claim viruses could cost companies when they sell them McAfee solutions? Or will IT support costs suddenly come down to these sensible "reasonable expenses" when they have to foot the bill?

Great News (1)

nurb432 (527695) | more than 4 years ago | (#31985036)

Get a bunch of fake receipts and retire.

pay McAfee! (0)

Anonymous Coward | more than 4 years ago | (#31985062)

if i had any money, i'd pay MCaffee to make more faulty updates.
the internet is a safer place without XP.
i kid : P

ToS (0)

Anonymous Coward | more than 4 years ago | (#31985148)

We should be happy they're doing anything at all. I'm sure it says somewhere in McAfee's terms of service that they are "Not responsible for damage caused by running this program".

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?