Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Symantec Sued For Running Fake "Scareware" Scans

samzenpus posted more than 2 years ago | from the selling-fear dept.

Security 391

Sparrowvsrevolution writes "James Gross, a resident of Washington State, filed what he intends to be a class action lawsuit against Symantec in a Northern District California court Tuesday, claiming that Symantec defrauds consumers by running fake scans on their machines, with results designed to bully users into upgrading to a paid version of the company's software. 'The scareware does not conduct any actual diagnostic testing on the computer,' the complaint reads. 'Instead, Symantec intentionally designed its scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user's PC, regardless of the real condition of the consumer's computer.' Symantec denies those claims, but it has a history of using fear mongering tactics to bump up its sales. A notice it showed in 2010 to users whose subscriptions were ending in 2010 warned that 'cyber-criminals are about to clean out your bank account...Protect yourself now, or beg for mercy.'"

cancel ×

391 comments

Sorry! There are no comments related to the filter you selected.

Who still pays for antivirus? (5, Insightful)

DCTech (2545590) | more than 2 years ago | (#38672608)

There are perfectly good free antivirus programs now, if you want to run one. Most of them are actually better than the non-free antivirus programs. Microsoft Security Essentials [wikipedia.org] is a free antivirus that is many times better than Symantec's and others. On top of that it is lightweight and fast, compared to the bloated crap that Norton is. It works on slower machines too, detects more viruses and doesn't break stuff.

On 8 June 2011, PC Advisor listed Microsoft Security Essentials 2.0 in its article Five of the Best Free Security Suites, which included Avast! 6 Free Edition, Comodo Antivirus 5.4, AVG Antivirus 2011 and BitDefender Total Security 2012 Beta.

So choose from those. Personally I don't run any antivirus as I don't download random executables from the internet nor surf to random porn sites or download from torrent sites. Windows is also secure now a days, and I haven't had a single malware in like 10 years.

Re:Who still pays for antivirus? (-1, Flamebait)

Dondoet (2199592) | more than 2 years ago | (#38672618)

Oh look, another pro-MS post from our good friend DCTech. Nothing to see here, move along now...

Re:Who still pays for antivirus? (5, Informative)

PenquinCoder (1431871) | more than 2 years ago | (#38672656)

I'm not exactly pro-MS but DTech is correct. MSE is actually one of the better anti-virus programs for windows these days. You can't fault MS for snapping up a company/product that worked well and then including it for free in their (buggy and insecure) OS. It's at least one thing they did right.

Re:Who still pays for antivirus? (1)

Troke (1612099) | more than 2 years ago | (#38673262)

I quite agree, MSE gets deployed at most of my client sites due to A) Budget Friendly B) Updates with Windows Update C) Simple interface

Re:Who still pays for antivirus? (5, Insightful)

kvvbassboy (2010962) | more than 2 years ago | (#38672662)

But MSE is the best free antivirus software.

Re:Who still pays for antivirus? (2, Informative)

jank1887 (815982) | more than 2 years ago | (#38673030)

true. I had Symantec corp. edition at home via the office's home use license. bogged down my older pc, older laptop, and netbook. switched all to MSE, and now rarely see Process Explorer showing the AV chewing up 25-50% of the cpu for extended periods of time.

I fear, however, that part of this is the usual Windows integration problem. Office suites that can't access the same undocumented API's as MS Office, running slower as a result, etc. So, once again MS offers a free version of something to undermine another software category (stacker, diskdoubler, defrag, etc.), and whether or not its a better product, it runs better with the software. At least right now this is an optional download, so it's harder to throw the monopoly abuse thing at them on this one.

Re:Who still pays for antivirus? (1)

Dog-Cow (21281) | more than 2 years ago | (#38673316)

Office was, is, and likely will always remain optional. That has nothing to do with it.

Of course, you're just spreading FUD by insinuating that MS is "cheating" with MSE. Symantic's AV has always sucked. McAfee for that matter, at least their Windows versions.

Re:Who still pays for antivirus? (1)

Charliemopps (1157495) | more than 2 years ago | (#38673280)

Yes, I'm ashamed to say MSE works really well. I'd argue its because Microsoft has access to their own source-code and knows where they screwed up... but whatever... it's the best AV I've used, and I've used them all.

Re:Who still pays for antivirus? (5, Informative)

gman003 (1693318) | more than 2 years ago | (#38672672)

Dude, no, seriously. MSE actually works, and well. From personal experience, I can say that it's faster and more effective than AVG; I've heard from others that they switched to it from Avast, Comodo and Kaspersky.

Everything else Microsoft makes is pretty crap - Windows, Office, IIS, MSN - but apparently even Microsoft crap is better than every other antivirus' crap.

Re:Who still pays for antivirus? (4, Insightful)

L4t3r4lu5 (1216702) | more than 2 years ago | (#38672860)

I've found that Microsoft Security Essentials is no better than ESET NOD32 for anti-virus protection.

Then again, against anything but zero-day exploits, a properly configured OS and good browsing practices would make a potato a good AV solution.

Re:Who still pays for antivirus? (4, Informative)

Lehk228 (705449) | more than 2 years ago | (#38672978)

NOD32 is a pretty damned good bar to be "no better than"

for my own home use i use MSE now, back when i was in college and had to connect to the campus network i did run NOD32 and it's damned good, but i can't justify spending money on antivirus when i haven't gotten a virus in years since i am somehow resistant to the urge to download and run OMGPONIESALSONAKEDLADIES.AVI.EXE

Re:Who still pays for antivirus? (3, Informative)

L4t3r4lu5 (1216702) | more than 2 years ago | (#38673344)

That is exactly what I meant. It's no better than NOD32, and NOD32 is, as far as I'm concerned, the best.

I was almost sad when I stopped sending them my £40 per year for Smart Security.

Re:Who still pays for antivirus? (3, Interesting)

ArsenneLupin (766289) | more than 2 years ago | (#38673212)

... would make a potato a good AV solution.

Yes, my pet potato is my best friend and protector. I call him Balthazar...

Re:Who still pays for antivirus? (2)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#38672728)

In this case, his advice is probably correct for those running Windows at home, fluff about his decade-long record of having no viruses he has noticed aside. Security Essentials is 'free' as in 'bundled with your Windows license'; but if you've got a Windows license already, that makes it cheaper than anything that costs additional money and the products that do make a very, very, very, tepid case for why you should purchase them.

In corporate use, it isn't as clear; because ForeFront sure as hell isn't free, or necessarily superior to competing products(no matter how cynical you attempt to be, it is shocking how much more awful AV software is when aimed at intimidating some poor end user who got 90 days 'free' with their best buy box, rather than it is aimed at IT and therefore mostly keeps its mouth shut on the client side, so even some of the vendors that you wouldn't touch with somebody else's 10-foot pole at home can at least produce unobtrusive software for corporate.)

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673244)

Windows Defender is bundled.
MSE has to be downloaded and installed, but it is one of the items suggested when Windows 7 comes up fresh and says "OMG you're not running antivirus!"

Windows defender gets turned off, MSE is never loaded. Comodo Internet Security, Superantispyware and Malwarebytes get loaded instead.
With that triumvirate nary a single infection, even when users try to use sites they know they shouldn't.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673352)

IIn corporate use, it isn't as clear; because ForeFront sure as hell isn't free, or necessarily superior to competing products(no matter how cynical you attempt to be, it is shocking how much more awful AV software is when aimed at intimidating some poor end user who got 90 days 'free' with their best buy box, rather than it is aimed at IT and therefore mostly keeps its mouth shut on the client side, so even some of the vendors that you wouldn't touch with somebody else's 10-foot pole at home can at least produce unobtrusive software for corporate.)

As somebody whose employer is switching from McAfee to Forefront, after McAfee's fun little antivirus definition that killed XP SP3 installs... Forefront is definitely, DEFINITELY superior to McAfee's offerings. Better detection, less resources used, better reporting of detections, the management software is better than McAfee's EPolicy Orchistrator... I can't compare it to any other offerings (I was not involved in the evaluation or purchasing decisions), but it's absolutely the case that FEP is better than McAfee Virusscan Enterprise...

Re:Who still pays for antivirus? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#38672628)

"Personally I don't run any antivirus... ...and I haven't had a single malware in like 10 years"

How can you know that for sure?

Re:Who still pays for antivirus? (0)

Aladrin (926209) | more than 2 years ago | (#38672632)

Maybe he's smart enough to know how to check for them manually? When I worked at a PC shop, I had to do that constantly as there were always new threats that weren't caught by the anti-malware programs yet.

Re:Who still pays for antivirus? (5, Funny)

Anonymous Coward | more than 2 years ago | (#38672910)

Since you have worked at a PC shop, and are therefore are presumably a leading information security expert and well versed in the intricacies of system security auditing, please explain this process of manually checking for viruses. Given the general nature of how serious compromises actually work, this revolutionary method will be game changing. I am eagerly awaiting my subscription to your newsletter.

In all seriousness, I hope you didn't bill hours for your security expertise, although sadly I suspect you did.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38672918)

+5

Re:Who still pays for antivirus? (3, Insightful)

ElectricTurtle (1171201) | more than 2 years ago | (#38672996)

Autoruns, Rootkit Revealer. Granted, those are technically not for commercial use (giggle), but seriously, for SOHO stuff you really don't need anything else. This isn't exactly some DoD classified network here.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673140)

So what you're saying is you're totally okay with completely ineffective methods of attempting to detect malware, and you think that's an okay attitude to use when dealing with a Small Office / Home Office? I guess you don't have much regard for the security of your own data, let alone that of anybody you're exchanging information with. You wouldn't happen to have any customer databases or other financial information sitting around on your hard drive(s), would you? Sure hope not.

Re:Who still pays for antivirus? (1, Insightful)

ElectricTurtle (1171201) | more than 2 years ago | (#38673210)

Where 'completely ineffective' means 'able to solve all problems experienced by customers' yeah, I'm ok with that. You don't need a CISSP to be an effective bench tech at a local PC shop. The customers can't afford it and don't need it. Get off your ridiculous high horse.

Re:Who still pays for antivirus? (-1, Troll)

Dog-Cow (21281) | more than 2 years ago | (#38673350)

So basically, you never caught anything worth worrying over, and you're OK with that. This attitude is what gives Geek Squad a (deservedly) bad name.

Re:Who still pays for antivirus? (3, Insightful)

somersault (912633) | more than 2 years ago | (#38673020)

The vast majority of malware isn't that clever or "serious" in the sense that it's written to specifically target you or a company you work for - so you could check running tasks and a few places in the registry for any dubious executables. You could check if the machine has any unexplained network activity. You might not be able to completely remove the malware just by looking in those places, but you have a good chance of detecting symptoms.

I don't think your sarcasm was particularly warranted in this situation.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673022)

For real, it's what I do for a living.. I use automatic tools first, good luck finding every little piece of malware and his friends without 'em. I do the whole manual thing as a last resort.

I don't use antivirus on my comp but I also get infected with something every now and then... No biggy, I grab the virus' by the head, drag it into the street, rape it, and finish with a curb stomp. Lot's of blood.

Re:Who still pays for antivirus? (1)

justforgetme (1814588) | more than 2 years ago | (#38673078)

I might be wrong here but I think looking for bad files isn't actually rocket science.
Dismantling them, analyzing and countermeasuring them usually is the trickier part.

If I would have to go that route I probably would run checksum comparisons to accepted values for each file in the system.
All files that turn up in that list and are not logs/media/cache are candidates.
Then check all locations that contain files with autoexecution scripts and screen them for behavior I don't like.

After that you probably will have a lot to go on so good luck finding out what is wrong with all those files.
On the other hand you can just quarantine them (aka move into another directory), put valid files into the slots and see what stops working.

Just a thought..

Re:Who still pays for antivirus? (1)

Bengie (1121981) | more than 2 years ago | (#38673100)

Since Windows is actually secure now-a-days and malware can't just install itself without the user running it, I use the Linux approach. If you know what you're running, you don't need a virus scanner.

Since ALL of my applications fall under the Microsoft, Open Source, Steam, Blizzard, and Chrome category, and nearly all of my visited websites are a small group of known websites that I have been using for the past decade, I'm not too concerned about malware getting installed.

Re:Who still pays for antivirus? (2)

elsurexiste (1758620) | more than 2 years ago | (#38673164)

Not hard at all in most cases. Check the list of running processes for strange names. Run msconfig and check for weird programs starting up. Boot with a pen drive linux distribution, let's say Backtrack. Delete the offending files and clean those scripts. Rinse and repeat.

Re:Who still pays for antivirus? (1)

DCTech (2545590) | more than 2 years ago | (#38672664)

"Personally I don't run any antivirus... ...and I haven't had a single malware in like 10 years"

How can you know that for sure?

I don't have any problems, and I do check my network traffic from time to time with Wireshark just because legit programs send awful amount of all kinds of data to internet too.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38672894)

You can hide network traffic from the likes of Wireshark if you have kernel privileges.

Re:Who still pays for antivirus? (1)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#38672980)

This doesn't help if you need a gigabit link to your switch, or only have one PC,(or, most likely, if you just don't look good in a tinfoil hat); but constructing a passive tap for 10/100 ethernet is trivial [luc.edu] and allows you to sample the ether between your system and the hostile world of the internet from a second host.

If you need gigabit, or want to be all classy about it, you'll need a switch with port mirroring; but this is the easy and cheap way to slip an almost-certainly-OK-because-it-was-just-booted-from-LiveCD system onto the wire to have a look at what a possibly compromised host is doing...

Re:Who still pays for antivirus? (1)

datavirtue (1104259) | more than 2 years ago | (#38673154)

On another machine? Have you used Wireshark?

Re:Who still pays for antivirus? (1)

v1 (525388) | more than 2 years ago | (#38672908)

"Personally I don't run any antivirus... ...and I haven't had a single malware in like 10 years"

How can you know that for sure?

It probably has something to do with the fruit-shaped logo on his computer. ;) (I can say the same thing, for the same reason)

Tho getting more OT, I'm surprised that Symantec would stoop to doing fake scans in the most blatant expression of scareware. They already have a very long list of suckers, they don't need to break the law to be well into the black. They had to know doing something like this was going to be a net-loss?

Re:Who still pays for antivirus? (1)

Midnight Thunder (17205) | more than 2 years ago | (#38672930)

Or maybe he is using an OS with a penguin as a mascot?

Re:Who still pays for antivirus? (1)

s4ndm4n (1361751) | more than 2 years ago | (#38672988)

You may be surprised, but I'm not. I've seen the instrusive ways that Symantec has tried to get me to buy their sh-- ahem -- products on more than one ocassion, including what I suspected were "fake scans". But then again, I've always thought that Symantec was a pretty shady company.

Re:Who still pays for antivirus? (-1)

Anonymous Coward | more than 2 years ago | (#38672670)

There are perfectly good free antivirus programs now, if you want to run one. Most of them are actually better than the non-free antivirus programs. Microsoft Security Essentials [wikipedia.org] is a free antivirus that is many times better than Symantec's and others. On top of that it is lightweight and fast, compared to the bloated crap that Norton is. It works on slower machines too, detects more viruses and doesn't break stuff.

On 8 June 2011, PC Advisor listed Microsoft Security Essentials 2.0 in its article Five of the Best Free Security Suites, which included Avast! 6 Free Edition, Comodo Antivirus 5.4, AVG Antivirus 2011 and BitDefender Total Security 2012 Beta.

So choose from those. Personally I don't run any antivirus as I don't download random executables from the internet nor surf to random porn sites or download from torrent sites. Windows is also secure now a days, and I haven't had a single malware in like 10 years.

So you don't go to any legit site that served up malware over the years? CNN? Faggot

Re:Who still pays for antivirus? (2)

ledow (319597) | more than 2 years ago | (#38672840)

Or his browser and security settings don't let him run random malware served from a bog-standard compromised website.

I run Opera, I've yet to see it run a program from the net without my permission. Hell, I have to press play just to make Java/Flash things load because I switched on the option to do so.

Just because *you* are an arse that lets their computer auto-execute anything in a browser (and is subject to lots of known attack vectors over things like Javascript, etc.) doesn't mean the rest of us are.

A browser renders HTML and Javascript. Inside that scope, it's pretty hard to compromise a machine without using some seriously crappy code (i.e. a dodgy browser). Any decent security-conscious user would not be executing plugins of any kind by default or using an insecure browser and would, by that token, be incredibly unlikely to get any sort of infection even if they do browse sites that momentarily have infectious malware added to them (or, more likely, their ad networks, which should also be blocked from running Flash/Java if you have any brains).

Catching a virus is 99% user error and only about 1% software problems. Granted that 1% still exists but if you control the 99% (i.e. DON'T RUN THINGS FROM THE INTERNET) you can be pretty sure of a decently secure experience.

Signed,

A person who's been on the Internet for 15 years without AV and whose only infection came from a CD copy of a SiN game demo from a published magazine (and which was spotted instantly from unusual computer activity even if there was no "obvious" sign of infection) when I was a careless teenager.

Hell, where I work, people send me their infected USB keys for virus checking and data retrieval. If you use your brain, have a good OS, have good settings, turn off autorun and only interact with the files by command line (i.e. "attrib -r -s -h *", "del suspicious_file_x", etc.) then it's virtually impossible to get infected by that avenue, and many others.

And running an AV *scan* occasionally to verify cleanliness is very different to having something intercept every disk read/write, process execution, HTTP packet, etc. in order to keep you safe.

Hell, my "antivirus" is virustotal.com. If I see something dodgy, I know if it's malware and cleanse it myself as necessary, but if I'm just suspicious of something that seems innocent I upload it there and let them tell me if they know about it. I still don't blindly trust anything they verify as clean, but hell, you can't do much more to protect yourself than that (and, no, constant read-intercepts of everything on the disk is still a stupid idea that adds zero additional security).

Re:Who still pays for antivirus? (2, Insightful)

Anonymous Coward | more than 2 years ago | (#38673084)

Just because *you* are an arse that lets their computer auto-execute anything in a browser

While this guy phrased it somewhat abrasively, his point is valid. Damn close to 100% of infections are the result of requesting that some untrustworthy code run on your machine. Letting any random sites you surf to run even purportedly 'sandboxed' code on your machine is simply idiotic - the last few decades have proven that - and anyone who hasn't learned that by 2012 deserves what they get. It's like living in the slums with and letting crack gangs into your house just because they ask. You might be surprised the first time they trash the place, but after the 20th time, after the 200th time, after reading about it over and over in the mass media, why would you keep inviting them in? Fine, be surprised they trashed your place the first time, but after decades and popular cultural awareness and headlines on CNN and the BBC, you have to be pretty damn stupid if you are still asking them into your house, when you have complete control over whether they can come in or not.

People seem bewildered by this simple concept: don't run random shit from the internet, whether or not it's in a browser sandbox, and 99.999% chance you won't get jacked. If you go running every javascript any site in the whole world asks you to, well... don't act surprised by the results when something manages to escape the sandbox. PEBKAC.

It's 2012. Personal computing started taking off in the 1970's. That's 35 or 40 years now, and computers are a critical and pervasive part of modern society. There's no more excuse for not knowing how to use one.

Re:Who still pays for antivirus? (3, Insightful)

Lonewolf666 (259450) | more than 2 years ago | (#38673290)

I agree, if you know what you are doing, it helps a lot. In over 10 years on the Internet, mostly without AV software, I had one infection and that was from a remote execution exploit (MSBLAST on Windows 2000).
Even that one could have been avoided, I simply forgot to install the post-SP4 hotfixes after reinstalling the PC due to a non-virus related issue.

My safety measures at the moment consist of

- a DSL router with "lightweight" firewall and NAT - while not a 100% solution, it is better than nothing.

- not using products that have been frequently hacked in the past (except Windows). That means no Internet Explorer and no Outlook.

- generally checking downloads for their file type before opening them. If it is a .com or .exe I did not specifically download, it gets deleted.
      RANT: Especially in this context, fuck Microsoft for making the hiding of file extensions the default in Explorer. I know to switch that off, but for inexperienced users it makes it even easier to fall for "AnnaKournikovaNaked.jpg.exe". /RANT

Re:Who still pays for antivirus? (3, Insightful)

Riceballsan (816702) | more than 2 years ago | (#38672858)

Noscript, adblock etc... there are dozens of ways to dodge things and reduce the chance of infection to .0000001% (there is always the hypothetical possibility of some rogue worm that breaks past a firewall/router, or heck someone breaking into your house and manually running a virus on your system with physical access). If this guy was endorsing or recommending the average joe to use no AV you would have valid reason to insult him, he isn't. Plenty of very tech savy people can safely use a computer with no AV with little to no risk, while many tech unsavy people will fill a computer with virus no matter what protection they use.

Re:Who still pays for antivirus? (2)

Kjella (173770) | more than 2 years ago | (#38673200)

Plenty of very tech savy people can safely use a computer with no AV with little to no risk,

Possibly, but how could you tell? I'd say even the tech savvy should run anti-virus for verification, not for prevention. Of course there's the "trash my computer" or "hold it hostage" viruses that you'd know pretty fast after the fact, but there's also the "use as spambot", "steal my identity", "use as DDoS bot", "steal game accounts and CC info", "empty online bank account", "turn into illegal dumpsite", "use as platform for hacking" and probably some more varieties that won't announce themselves.

I know many people use it thoughtlessly, if the virus scanner doesn't find a virus they'll run anything. I only run things from places I think is safe, so if I ever had the AV stop me that'd be a surprise but if you don't use it at all I think you're arrogant. I'd maybe make a small exception if you're running only open source software from your distro's repositories, but any time you're running binaries, particularly binaries downloaded from the Internet then please give me my AV. Even if the software is perfectly legitimate there's no knowing if someone has compromised their download servers.

Re:Who still pays for antivirus? (5, Interesting)

RogueyWon (735973) | more than 2 years ago | (#38672786)

I'm by no means anti-MS (Windows 7 is the only OS on both of my home PCs these days), but I'd take issue with the blanket statement that "Windows is also secure now a days".

I went through endless fun thanks to the parents just before Christmas. They fell for one of those fake-DHL-shipping-notice spam e-mails (as they were actually expecting a Christmas-related DHL delivery) and, with a single click, landed their (3 month old, Norton-"protected", UAC-enabled) PC with one of the most vicious and persistent pieces of malware I've ever seen. One of those fake-AV-software ransomware jobbies. It disabled Norton, blocked Windows from accessing DVD and USB drives, did a dns redirect so that browsers could only access the ransomware page and all kinds of crap. I've sorted these before by doing a system restore from a backup point in safe-mode, but even though the restore allegedly worked in this case, the malware persisted through it quite happily. Ended up doing a full format and reinstall of Windows.

Now, there are a lot of failures in this story; my parents for clicking the link, Norton for being completely (and predictably) useless and so on. But I still have problems with describing an OS where a single click can land you in that kind of mess as "secure".

Personally, I use AVG, on the grounds that it provides some basic protection and makes my system chug less than most of its rivals. But it's by no means infallible, throws up a depressing number of false positives and the only way to avoid infection does appear to be abject paranoia (which is now my default policy).

Re:Who still pays for antivirus? (2, Insightful)

DCTech (2545590) | more than 2 years ago | (#38672854)

I'm by no means anti-MS (Windows 7 is the only OS on both of my home PCs these days), but I'd take issue with the blanket statement that "Windows is also secure now a days".

I went through endless fun thanks to the parents just before Christmas. They fell for one of those fake-DHL-shipping-notice spam e-mails (as they were actually expecting a Christmas-related DHL delivery) and, with a single click, landed their (3 month old, Norton-"protected", UAC-enabled) PC with one of the most vicious and persistent pieces of malware I've ever seen.

So in reality, it isn't Windows problem, it's user problem. Unless you run walled garden like iOS on your PC, there will always be malware that will try to trick user, regardless of OS. It works in Windows, it works in OSX and it works in Linux.

Re:Who still pays for antivirus? (1)

cduffy (652) | more than 2 years ago | (#38672966)

So in reality, it isn't Windows problem, it's user problem. Unless you run walled garden like iOS on your PC, there will always be malware that will try to trick user, regardless of OS. It works in Windows, it works in OSX and it works in Linux.

Infecting the whole system (not just that one account) with a single click (no UAC, no gksudo/sudo, etc)? Not so much.

Privilege escalation bugs are certainly easier to come by than remote exploits, for any OS, but that's not to say that everyone has known ones running wild at all times by any means.

Re:Who still pays for antivirus? (4, Insightful)

RogueyWon (735973) | more than 2 years ago | (#38672982)

No, I think there's a problem with an OS that allows for that degree of fundamental OS modification on the basis of a single click with no user confirmation prompts and no recovery path.

Re:Who still pays for antivirus? (1)

jimicus (737525) | more than 2 years ago | (#38673268)

No, I think there's a problem with an OS that allows for that degree of fundamental OS modification on the basis of a single click with no user confirmation prompts and no recovery path.

I'd like to know how you'd propose getting around that in general terms with any modern OS.

gksudo and the prompt on OS X - once you've persuaded the person to enter their password, you're away. You've got root access, you can do literally anything you like. Up to and including patching the kernel so that you are more-or-less impossible to remove.

Re:Who still pays for antivirus? (2)

Kjella (173770) | more than 2 years ago | (#38673046)

Either it was more than a single click, or your story is missing a remote code execution exploit in the browser/plugins they were using. You're in trouble on any OS if you have hostile code running, even if it's just under a normal user account.

Re:Who still pays for antivirus? (2)

datavirtue (1104259) | more than 2 years ago | (#38673208)

On XP machines the use of root kits that utilize VSS are common. Don't bother trying to remove or use system restore since they are controlling the PC from that vector. Full wipe is the most efficient method of mitigation. On Windows 7 there are not as many root kits that work since Microsoft has implemented a randomized memory placement of juicy services (the old root kits can't take hold because their target memory location is invalid).

Re:Who still pays for antivirus? (5, Interesting)

CastrTroy (595695) | more than 2 years ago | (#38673224)

Well, I guess it all depends on whether or not we want to be running general purpose computers or not. You don't see many people complaining about viruses on the XBox or other game consoles. You don't see people getting viruses on the iPhone/iPad. But then, you can't run whichever program you want on these platforms. You can only run MS (or Apple, or whoever) approved software, unless you take some huge steps to go around the protections. The computer can either be designed to run whatever program the user tells it to run, or it can be made secure so that it only runs signed software. You can't have it both ways. Sadly, I think for this reason, that the majority of the population will go to appliance type computers in the next decade, where the downside is that they can only run signed software from specific markets, but with the upside that they will never get a virus. Those of us who know what we are doing can run general purpose computers, possibly without even having virus scanners, because we are smart enough to not even run the virus in the first place. I have MS Security Essentials, and if it wasn't so lean, I wouldn't run it, because it hasn't detected a single thing in the 2 years I've been using it. Because I know not to download and run crap off the internet.

Re:Who still pays for antivirus? (1)

Anonymous Coward | more than 2 years ago | (#38673230)

Huh? By "link", I'm assuming you mean to a web page. A web page can't do any of that unless you voluntarily run code it gives you (whether javascript or activex or flash or whatever it is), which history has shown to be a spectacularly bad idea.

It's like this: Toyota sells you a car with a gas pedal, steering wheel, and brakes. You are perfectly able to drive that car in an unsafe way, which can mean terrible results. That doesn't mean there's a problem with the car, it means there's a problem with the driver. Toyota is trying to sell you a general purpose vehicle, which means it can be used to safely travel down the highway, or unsafely smash into another car. It isn't up to Toyota to make you drive safely, it's up to the driver! Just because somebody shouts at the driver, "hey, you should drive 90 MPH on that icy road with the tight curves!" doesn't make it a good idea.

I'm pretty much 100% certain that I could click on the link you mention on my Win7 box with no ill effects. But then, I don't run random untrusted code from unknown web sites, whether they are exes or browser scripts. So if I can safely use Windows on the internet, and that guy gunning the engine on an icy road with lots of curves can't, do we blame the car, or the driver?

Did you set them up as Admin? (0)

Anonymous Coward | more than 2 years ago | (#38673304)

Sorry to hear of your parent's troubles, buy I have to ask - Did you set up their user account as "administrator" or "user"? If you set it up as admin, I'd suggest YOU made the error that caused the problem.

Unix/Linux/OS X users normally run with limited permissions to prevent system changes, and require a password to make such changes. This serves as a warning and usually works pretty good. Windows can and should be set for limited user rights, with a separate user account for admin. Yeah, some stupid apps that exist that require admin rights, but you simply set the shortcut properties to "run as admin" or use alternant credentials.

I file bug reports when an app requires admin permissions. Good companies fix it, bad ones blow it off.

Re:Who still pays for antivirus? (-1)

Anonymous Coward | more than 2 years ago | (#38672794)

Where's the -1 Shill mod when you need it?

Re:Who still pays for antivirus? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#38672804)

You don't have to "willingly" download applications/.exe's to get malware, trojans, etc. There's a lot more out there then you think....

Re:Who still pays for antivirus? (5, Insightful)

Joce640k (829181) | more than 2 years ago | (#38672810)

I haven't had a single malware in like 10 years.

How do you know? It's not like they pop up a window to let you know if the installation was successful.

Re:Who still pays for antivirus? (1)

ifrag (984323) | more than 2 years ago | (#38673108)

How do you know? It's not like they pop up a window to let you know if the installation was successful.

No, some of them do. The popup that warns you it's time to purchase the full version of their virus scanner with cleaning capability, because--surprise--you are infected now.

Seriously though, this is how I identified one of my old XP boxes was infected. Also around the time I switched from Avast to MSE.

Well, here's my metric (2)

Moraelin (679338) | more than 2 years ago | (#38673292)

Well, dunno about him, but before I gave in and tried an antivirus again around Christmas, I can say that everything loaded much faster, there was no suspicious modem activity, there were no popups telling me to pay X dollars or else, and haven't had any funny charges on my credit card either.

Honestly, if I had any malware, it was far better behaved than any antivirus I've ever seen. From a simple pragmatic point of view, I should have stuck with that.

Re:Who still pays for antivirus? (-1)

Anonymous Coward | more than 2 years ago | (#38672818)

You get what you pay for and its so much more true with AntiVirus.

Re:Who still pays for antivirus? (1)

mSparks43 (757109) | more than 2 years ago | (#38672864)

10 years you say.

Hmmm.

No wonder all those botnets are so persistent.

windows secure you say.....
Metasploit community begs to differ.

Just a reminder about yesterday's marketing thread (0)

Anonymous Coward | more than 2 years ago | (#38672888)

The average home user is IGNORANT. Business types embrace marketers who "sell the sizzle" when in the computer world, it's highly regrettable. MSE may or may not be the best free AV. What makes it marketable, including from the IT point of view, is that it keeps it's mouth shut and doesn't ask those IGNORANT users questions that they can't ever hope to make an informed choice on. In that respect, it's a winner. Perhaps it will strip out something that a user deliberately installed but for the most part, I find it agreeable although I still favor Avast as long as I can turn off the web page rating snap-in which isn't even compatible with iGoogle.

Re:Who still pays for antivirus? (1)

CSMoran (1577071) | more than 2 years ago | (#38672926)

Microsoft Security Essentials [wikipedia.org] is a free antivirus that is many times better than Symantec's and others.

I agree that MSE is pretty good, although an option to disable it would be nice (that's right -- one just can't turn it off).

Windows is also secure now a days

WHAT???

, and I haven't had a single malware in like 10 years.

That you know of.

Re:Who still pays for antivirus? (-1, Troll)

JosKarith (757063) | more than 2 years ago | (#38672946)

I have as a test put an unprotected Windows box on the 'net to see what happened. Usually it's about 1/2 hr before it's port scanned and an hour before it's been rooted. That's it - that's your window of security.

Re:Who still pays for antivirus? (1)

Tim C (15259) | more than 2 years ago | (#38673034)

He didn't say he doesn't have a firewall, he said he doesn't run AV software.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673122)

I would like to see some data on that experiment. Specifically looking for Windows version (including SPs), specific OS mods (did you disable anything?), how you are connecting, Router and modem model, port forwarding, etc. Also, post log files and screens documenting the "rooting" and the data you had to confirm that breach.

Re:Who still pays for antivirus? (1)

DCTech (2545590) | more than 2 years ago | (#38673228)

I have as a test put an unprotected Windows box on the 'net to see what happened. Usually it's about 1/2 hr before it's port scanned and an hour before it's been rooted. That's it - that's your window of security.

Windows 98 box?

Re:Who still pays for antivirus? (1)

CastrTroy (595695) | more than 2 years ago | (#38673322)

Which version of Windows? I know previous versions of Windows have had this problem, I think all the way up to the initial releases of XP. But I'm pretty sure that it's been fixed in Windows Vista and 7.

Re:Who still pays for antivirus? (1)

datavirtue (1104259) | more than 2 years ago | (#38673112)

I do not recommend AVG. It will not leave you alone about system scans and I have found no way to disable the "warning." Also, Microsoft Security Essentials is nice--despite my loathing of Microsoft. I personally do not run any antivirus myself, which I find to be the cleanest solution. For regular users though I would recommend MSE--it stays out of the way. It is not legal for use in a business or on Enterprise versions of Windows 7.

Re:Who still pays for antivirus? (2, Informative)

Anonymous Coward | more than 2 years ago | (#38673296)

Actually -

Microsoft Security Essentials is available for small businesses with up to 10 PCs. If your business has more than 10 PCs, you can protect them with Microsoft Forefront Endpoint Protection.

Since you mention "Enterprise versions of Windows 7" you likely are in an environment that is some order of magnitude larger but many small businesses run it.

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673128)

There are perfectly good free antivirus programs now,

On 8 June 2011, PC Advisor listed Microsoft Security Essentials 2.0 in its article Five of the Best Free Security Suites, which included Avast! 6 Free Edition, Comodo Antivirus 5.4, AVG Antivirus 2011 and BitDefender Total Security 2012 Beta.

There are no "perfectly good" antivirus programs - free or otherwise.

PC Advisor must be shite because I just tried Microsoft Security Essentials - it spent 20mins downloading updates at 150 Kb/s - with no indication at all of the download size, then when it started scanning it took 200MB memory and 50% CPU.

Captcha: defraud

Re:Who still pays for antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38673260)

> nor surf to random porn sites

Ah. ;)!

Re:Who still pays for antivirus? (2)

dkleinsc (563838) | more than 2 years ago | (#38673286)

There's also the GPL-licensed ClamAV [clamav.net] , which has a Windows version called Immunet which isn't half-bad.

Re:Who still pays for antivirus? (1)

DigiShaman (671371) | more than 2 years ago | (#38673318)

None of the free AV suites provide central management from a server-side console. Secondly, even MSE states in the EULA that it's not to be used in a business environment. It's for personal use only. Microsoft Forefront Endpoint Protection 2010 however a version of MSE that's centrally managed and in fact uses the same engine and definitions.

BTW, I recommend Trend Micro WFB for small and medium businesses. The new version of Vipre is good from a management point of view, but still on the fence of how effective it actually is. Trend Micro on the other hand is exceptionally good and stopping most of the bad-nasties out there. At least when you compare the effectiveness to other products out there.

Regardless of what corporate AV suite you intend to go with (Symantec or not), be sure you have at least 4GB of RAM installed for all Windows 7 workstations and 2GB for XP. Oh, and stay the hell away from McAfee. That shit is the absolute devil that will fuck up your machines in of itself. Nothing's worse than an AV that makes IE take 20 full seconds to load, throws constant BSODs, and will prevent Windows Update from completing due to the constant registry blocking. McAfee is shit. I refuse to take any full time IT job at a company that uses it.

Antivirus? (5, Interesting)

SuricouRaven (1897204) | more than 2 years ago | (#38672654)

We used to use Symantic antivirus at my workplace. Then we had a virus outbreak. Not a cutting-edge virus, just an old USB-stick-infector that symantic was powerless against. Didn't even detect it half the time, and when it did failed to do anything. So we use Sophos now.

Re:Antivirus? (4, Interesting)

ledow (319597) | more than 2 years ago | (#38672722)

Unfortunately, I can tell you the same story about any AV product out there, from personal experience.

Go to virustotal.com and upload any "known" virus you encounter and see how many big-name AV vendors don't recognise it at all.

Then make yourself a utility that crashes your system or takes over your startup entries, or does exactly what any virus will do and see how it fares against the same tests. I'd be very surprised if *any* of them picked it up, even with "heuristics" turned on.

Re:Antivirus? (1)

Joce640k (829181) | more than 2 years ago | (#38672890)

I often respond to obviously-a-virus emails inside Virtual PC just to see what happens. The antivirus usually doesn't start protecting me until a week or more after the email arrives.

A week is an awfully long window for infection in the internet age. It makes antivirus programs next-to-useless IMHO.

The single best thing a Windows user can do to protect themself is not run as administrator.

{Cue all the "Or not run windows!" replies...}

Re:Antivirus? (1)

Spad (470073) | more than 2 years ago | (#38672898)

This is true, however, Symantec's corporate AV/Endpoint is still pretty terrible and has been for a while, even if you ignore the ludicrously unreliable uninstall mechanism.

Personally I tend to shill for Sophos in these situations, but that's mostly because I've had very good experiences with their products; I'm sure there are lots of other AV solutions that are just as good for the Windows workplace depending on your needs.

Re:Antivirus? (3, Interesting)

jimicus (737525) | more than 2 years ago | (#38673300)

Then make yourself a utility that crashes your system or takes over your startup entries, or does exactly what any virus will do and see how it fares against the same tests. I'd be very surprised if *any* of them picked it up, even with "heuristics" turned on.

Contrariwise, I'm a big fan of scripting away work for efficiency gains - and I've noticed some heuristic scanners have a tendency to block a lot of functionality in many scripts. You're buggered either way.

Re:Antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38672782)

Fascinating tale old chap!

Re:Antivirus? (0)

Anonymous Coward | more than 2 years ago | (#38672904)

So we use Sophos now.

And the reason you don't get viruses now is that your computer is too slow to actually be used.

Re:Antivirus? (1)

L4t3r4lu5 (1216702) | more than 2 years ago | (#38672958)

Dump it and get ESET's enterprise protection. 1/3 the memory footprint, and significantly faster scanning time. If I had the option, I'd drop Sophos like a ginger stepchi... uhhh... A bad case of the cla.... errr... A hot potato. Unfortunately, due to bulk licensing, they come out around 50% cheaper than competitors, and bean counters are tight-fisted nowadays.

Not totally fake in a way (5, Funny)

hcs_$reboot (1536101) | more than 2 years ago | (#38672682)

A number of users reported that after installing Symantec anti-viruses their system was slower, could detect false-positives, or worse, hang.
So in a way, the "scareware" is not totally wrong, as it warns about a degraded system - which may well be the case after the full product is installed.

Re:Not totally fake in a way (1)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#38672798)

Symantec has a well-deserved reputation for being atrocious; but pretty much any AV mechanism that does on-access scanning(which is most of them by default, though it can generally be turned off somewhere, if you feel particularly lucky) is going to tank your apparent disk access speeds, since the AV process has to chew on the data before handing them over to the program requesting them. Unless you have an SSD or a fairly punchy RAID setup, lousy disk access speeds are one of the best ways to make a system feel miserably slow, especially now that abundant RAM and fast CPUs are so cheap...

It's not AV at the heart of this complaint. (5, Informative)

jimicus (737525) | more than 2 years ago | (#38672714)

This isn't Symantec AV we all know and love(!) at the heart of these complaints. It's one of those "sooper-registry-optimizer!!11" programs that Symantec apparently offer.

Now, these strike me as somewhat odd. I've been dealing with Windows in one form or another since before the registry even existed - and I've never yet seen one of these tools do the slightest bit of good. Sure, if there's a specific problem (eg. malware) then a specific tool to deal with it may well help - but every single generic registry optimiser I've ever seen seems to be optimised to suck £20-30 from the customer's bank account rather than actually help them in any way.

Re:It's not AV at the heart of this complaint. (2)

Spad (470073) | more than 2 years ago | (#38672934)

Registry "bloat" is a bit like encumberence in RPGs; there's very little difference between a new "clean" registry and one that's full of leftover crap from old apps and the like (as opposed to actual issues that may be present, but no automated system can reliably resolve those) right up you hit the limit and slow to a crawl. These days you'd have to be going some to reach that point, so it's just not worth the risk of knackering your system for some negligible performance gain.

Re:It's not AV at the heart of this complaint. (1)

Lehk228 (705449) | more than 2 years ago | (#38673014)

there are scans that are worth running, but i am pretty sure there are free tools that do what need to be done, scans that look for dead references, which cause the system to attempt and fail to load files or libraries that no longer exist on the filesystem can speed up installs, however installers / uninstallers have gotten a lot better about that kind of crap so there are not nearly as many dangling references left in the registry by common software

Re:It's not AV at the heart of this complaint. (0)

Anonymous Coward | more than 2 years ago | (#38673254)

A couple of hundred at most left over entries out of hundreds or thousands. Removing those 200-300 max will speed things up for sure.

Antivirus? (0)

cshake (736412) | more than 2 years ago | (#38672792)

I know I'm in the minority of computer users (though not on slashdot) in that I understand how to keep my computer clean by not running completely unknown programs and all that stuff, and as such haven't had a single virus hit in at least 5 years - the last one was on windows 95 and it got past Norton, but I noticed it in the task manager and manually cleaned the system. But, to be safe, I do have antivirus - ClamWin. It only runs when I tell it to, it's free, and doesn't sit in memory popping up ZOMG YOU'RE GONNA DIE! messages all the time like a Symantec product. Sure, I don't have the absolutely latest cutting edge virus defs or heuristics, but I just have it run overnight once a week or force a check on downloaded things, and if I was really suspicious about something going on I'd try to manually clean it or just reformat the system partition. And if I'm really suspicious of a program and it doesn't show up for ClamWin, I'll copy it to my linux box and run it in wine. I guess what I'm trying to say is that a properly configured firewall and brain replaces 99% of the need for antivirus.

As I said though, I wouldn't expect the majority of computer users to have any sort of security awareness, and there is something to be said for a company-wide uniform system, so I guess that's why Symantec and McAfee still have business. I hope this suit sticks though - for someone who keeps backups and is able to reimage their system when needed, the time their programs waste over the course of your computer's lifetime is much more than the downtime that a virus causes (once again, for a computer-savvy user). Coupled with their fear-mongering ads, I view them as more underhanded than Bonzai Buddy.

User's choice dyslexia from hell. (2)

sgt scrub (869860) | more than 2 years ago | (#38672822)

I think it is ironic that Microsoft fights like hell to make sure the customer is using their browser but leaves the security of the system "up to the user". As far as being scary: Is it any more frightning than the OS itself telling you, "Your unprotected! Get AV now!"? Why the hell would they want to frighten customers about the security of the system instead of just adding it to the OS?!? Insanity!

Re:User's choice dyslexia from hell. (0)

Anonymous Coward | more than 2 years ago | (#38672916)

I think it is ironic that Microsoft fights like hell to make sure the customer is using their browser but leaves the security of the system "up to the user". As far as being scary: Is it any more frightning than the OS itself telling you, "Your unprotected! Get AV now!"? Why the hell would they want to frighten customers about the security of the system instead of just adding it to the OS?!? Insanity!

This is the same company that got nailed by the DOJ for integrating a web browser. They're just being safe than sorry (plus that eventually lawsuit down the road)

This supports my long term claim that... (1)

Anonymous Coward | more than 2 years ago | (#38672838)

...AV companies are in cahoots with the majority of virus writers.

The strongest evidence prior to this incident has been the high profile nature of virus attacks. If I were a virus writer my goal would be to remain as undetectable as possible. I would not want the presence of my program to be noticed as it did its work. The fact that the majority of viruses make their presence quite noticeable implies to me that my recognition of their presence is the goal. It is the problem, reaction, solution paradigm applied to making AV software more ubiquitous and profitable. That these same majority of viruses are written to be nigh impossible to manually remove further supports this hypothesis.

Re:This supports my long term claim that... (1)

Anonymous Coward | more than 2 years ago | (#38673242)

You are wrong.

Yes, I know I'm posting AC so you've got no reason to believe me. And yes, I can see you do have some supporting evidence. But I can assure you, as an industry insider, you are wrong. You are wrong in the same way someone saying that the pharmaceutical companies are creating diseases is wrong. Quite simply, it's bad business sense. There are plenty of people making the viruses already, why would an AV company waste resource creating more?

Best AV is... (-1, Flamebait)

Theophany (2519296) | more than 2 years ago | (#38672856)

...a Windows install disc. Nuke that sucker. But now I run OS X so I never get viruses. Did you know OS X is actually immune to viruses? *waits to get comment-raped*

ut it has a history of using fear mongering tactic (0)

Anonymous Coward | more than 2 years ago | (#38672920)

PROVE IT!

I've been running Symantec for a very long time and while there "Norton 360" and some of the other products are bloated the Antivirus runs great. I do realize that its not the choice of many but I have NEVER seen the aforementioned "tatic" describe. So unless you got legitimate reference and articles to point out this is a mere trolling story line.

Re:ut it has a history of using fear mongering tac (1)

ledow (319597) | more than 2 years ago | (#38673008)

Measuring an antivirus (actually, "security suite") package by the performance of its runtime is kinda like measuring the effectiveness of a crane by its top-speed on the road, regardless of it only being able to life 1kg.

That business models is the logical way to go (0)

Anonymous Coward | more than 2 years ago | (#38672928)

They just figured, with everyone being Idiocracy-level retarded nowadays, why not profit from the idiocy and help natural selection out a bit.
After all, it works great for Microsoft, Apple, "our" governments, and really just about every other company.

That's why I stopped hating Microsoft: The more they make their users suffer, more of an advantage using Linux offers, and the more natural selection helps us out. Brain-up, or die out. Of course nobody wants to admit that, and everybody wants to stay politically correct, so the idiots don't catch on. So I will probably get modded to hell. But I'll still say it: That's a Good Thing.

Norton is a Virus (0)

Anonymous Coward | more than 2 years ago | (#38673150)

How many times have a come across a PC that cannot get on the internet as norton has borked winsock and other things in windows, and if you try to uninstall without the norton removal tool, good f-ing luck on getting on the internet to download the tool. norton just loves to bork internet connections worse than most viri

Hmm. (5, Funny)

slasho81 (455509) | more than 2 years ago | (#38673180)

Symantec is scaring people to get what they want. So by definition, Symantec are terrorists.

Shocking (0)

Anonymous Coward | more than 2 years ago | (#38673184)

This is really shocking! AV companies never try to scare users to buy into self-fed SCAM business.

Bad product. Shitty people. (-1)

Anonymous Coward | more than 2 years ago | (#38673270)

no text

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>