Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Windows Live OneCare Can Eat Your Email

kdawson posted more than 7 years ago | from the have-a-care dept.

Security 204

FutureDomain writes in to point us to a blog sponsored by PC Magazine, reporting about another problem with Windows Live OneCare. Apparently, it sometimes deletes the entire Outlook or Outlook Express .PST mailbox when it finds a virus in one of the messages. The only solution is to tell OneCare to exclude the entire Outlook mailbox. This is the software that came in last in antivirus tests. The trail of tears is ongoing over on the Microsoft forums.

Sorry! There are no comments related to the filter you selected.

trail of tears? (5, Insightful)

Raab (863350) | more than 7 years ago | (#18301188)

isnt the term 'trail of tears' a bit extreme for some lost email?

Not sure about tears... (1)

zappepcs (820751) | more than 7 years ago | (#18301194)

but if it were compared to a nail, I'd ask "just how many nails does it take to seal the lid of a coffin?"

Re:Not sure about tears... (0)

Anonymous Coward | more than 7 years ago | (#18301398)

but if it were compared to a nail, I'd ask "just how many nails does it take to seal the lid of a coffin?"

Crucifixtion takes fewer nails but bigger ones.

Debbie eats my male, and I like it that way ! (-1)

Anonymous Coward | more than 7 years ago | (#18301200)

Debbie eats my male, and I like it that way !

Re:trail of tears? (2, Insightful)

Darundal (891860) | more than 7 years ago | (#18301216)

Depends on whats in the emails. It could be your normal grouping of spam and chain letters, at which point I would actually send Microsoft a thank you not. Or it could be an email with some vital information in it (yes, should be backed up, but realistically, how many people do that?).

Re:trail of tears? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18301268)

should be backed up

If onecare can find the virus in your .pst file, I suspect it can also find the virus in your backup file too.

Re:trail of tears? (5, Funny)

OiToTheWorld (1014079) | more than 7 years ago | (#18301236)

No, because losing your mail is TOTALLY similar to the forced relocation of the Cherokee people you insensitive clod!

Re:trail of tears? (1)

Threni (635302) | more than 7 years ago | (#18301252)

If `some` means `one or two spam messages` then perhaps. If `some` however means all your email, including details of job interviews, passwords etc then I'm not so sure.

Re:trail of tears? (0, Insightful)

Anonymous Coward | more than 7 years ago | (#18301306)

Do you honestly think that losing your email is anywhere near on par with being forcably relocated from the land your ancestors had lived on for centuries to be moved to Oklahoma? Because that's what the "trail of tears" [wikipedia.org] describes -- the forced relocation of the Cherokee people.

Say what you want about MS, I don't think they have started to tread near the "genocide" area yet.

Re:trail of tears? (5, Funny)

kennygraham (894697) | more than 7 years ago | (#18301374)

Do you honestly think that losing your email is anywhere near on par with being forcably relocated from the land your ancestors had lived on for centuries to be moved to Oklahoma?

Yes. Now I'll have to pay full price for viagra. I consider the two to be on par.

Re:trail of tears? (5, Funny)

ColaMan (37550) | more than 7 years ago | (#18301264)

There's 119 posts on that thread. It's a trail of something, most likely pissed-off users.
I smell an opportunity..... Quick! Someone post some linux evangelism there!

Re:trail of tears? (0)

Anonymous Coward | more than 7 years ago | (#18301414)

Quick! Someone post some linux evangelism ...

Keep-it-simple-stupid. Unless there's some compelling reason to do otherwise, keep yer email in plain ol' text in ~/Mail.

Re:trail of tears? (4, Informative)

Kjella (173770) | more than 7 years ago | (#18301422)

Yeah, like Linux never loses mail. One of the grave RC bugs of Debian Etch has been bug 321102/332473/350851 where KMail will nuke your disconnected IMAP folder under certain conditions. It's closed now and due for archiving today, but they're still listed here [debian.org] . I haven't been checking Thunderbird, Evolution but I doubt they're a symbol of perfection either. Wouldn't you just love to have some smug Microsoftie drop by your support thread to spread the One Microsoft Way?

Pine (1)

HomelessInLaJolla (1026842) | more than 7 years ago | (#18301630)

I've never lost mail read with pine. :)

I am not a linux geek (1)

aepervius (535155) | more than 7 years ago | (#18301700)

But I feel it is different. The bug reported would be akin to AVG deleting my whole my folder because there is a virus in it. Or an anti virus on linux deleting your folder. Or a firewall deleting your word document (all of 'em) because one has a macro virus. In the bug list is there anyhting like that ?

Re:trail of tears? (1, Interesting)

myowntrueself (607117) | more than 7 years ago | (#18301886)

where KMail will nuke your disconnected IMAP folder under certain conditions

The severity of this bug would only match that of the microsoft bug if it deleted the imap folders on the server.

I take it that this is not the case?

Linux evangelism? No, hard reality (4, Interesting)

jmorris42 (1458) | more than 7 years ago | (#18301540)

> Quick! Someone post some linux evangelism there!

Yes Linux has a better record. But then so does everyone else. Go ahead, name the operating system with a security record equal or inferior to Windows over the last decade.

*BSD? Nope, even if you exempt OpenBSD *BSD has a far better record than anything Microsoft has released in the past decade. And OpenBSD wears the crown when it comes to security. Usability, scalability and such are legitimate counter concerns though and explain why OpenBSD hasn't conquered the world.

Linux? Regardless of the distribution, if it is a large enough operation to keep up with the torrent of errata teh universe of OpenSource/Free Software generates they have all done better then Microsoft when it comes to timely updates. And with the bonus of the existence of "Enterprise" distributions for a good part of the decade that focus on errata updates that won't have unrelated breakage.

Apple? Their record with OS 8 and OS 9 beat Microsoft and OS X just upped their game.

Sun? HP? IBM? Please.

I'm not saying anyone should be proud of their security history and methodology, all software currently sucks ass. But since we have to use something NOW the question is why is the worst vendor on 90% of the world's machines?

What I'd like to see is a major concerted effort to raise software quality over adding new features. Engage the CS departments in teh universities to have all students audit some code. After all, most operating systems these days allow access to the source. And auditing real code would be a good experience for em. They would see first hand how wretched much of the code actually in use is firsthand. And if legends are writing that stuff they just might listen a bit more when when the prof is badgering about not hotdogging in the belief they are too leet to make those 'idiot' mistakes.

And for the Linux world I'd like to see the major distros come together to take every package not currently at 1.0 and finish em or dump em. Then stabilise the codebase, audit the crap out of it and then freeze them, only accepting bug fixes. And a nice side effect is they would all have the SAME version. The original project can still release new versions but it won't get integrated into a major stable distro until they announce a new feature complete and AUDITED version. Seriously, is there anything else that needs to go into glibc? So why not stabilize it, sudit it and then freeze it? We need a trusted core that we don't have to update several times per year. As computers become central to our civilization we need them to work a lot more than we need shiny new features.

Godwinner (-1)

Anonymous Coward | more than 7 years ago | (#18301278)

Don't deny this email holocaust!

Re:trail of tears? (4, Funny)

Anonymous Coward | more than 7 years ago | (#18301314)

Fine. It's really more of a holocaust going on over at the Microsoft forums.

Re:trail of tears? (0)

Anonymous Coward | more than 7 years ago | (#18301444)

I moderated you funny, but I felt bad about it.

(I don't *think* this post will revert that mod.)

Lost email (2, Interesting)

HomelessInLaJolla (1026842) | more than 7 years ago | (#18301322)

Some people become attached to their collections--no matter what the collection is. It is psychologically difficult for some people to face the reality that some things are simply not worth saving.

I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.

Re:Lost email (1)

jlarocco (851450) | more than 7 years ago | (#18301502)

I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.

Why? Is there a downside to having a large collection of "stuff"?

Large collections (0)

HomelessInLaJolla (1026842) | more than 7 years ago | (#18301550)

There are higher motivations for promoting a society in which people recognize the value of (as opposed to assigning arbitrary value to) the things they choose to accumulate. The overly fanatical attachment to mere collections, without any sense of real worth, is detrimental to self-improvement. I don't mind living in a society which has some social groups of packrats--but I wouldn't want to live in a society composed entirely (or even primarily) of packrats. Packrats, like everyone, have a few customary idiosyncracies in the way they see the world. I do not share them all.

Re:Lost email (0)

Anonymous Coward | more than 7 years ago | (#18301952)

Fucktard, my thousands of *good* (not fillers) digital photography .raw needs so much more than just a CD. And i don't want to lose *any*.
My art ain't random numbers filled.

Re:Lost email (1)

Thondermonst (613766) | more than 7 years ago | (#18302130)

Fucktard, my thousands of *good* (not fillers) digital photography .raw needs so much more than just a CD. And i don't want to lose *any*. My art ain't random numbers filled.

Why do you save your pron pics as .raw?

Re:trail of tears? The Unemployment line (1)

Fox_1 (128616) | more than 7 years ago | (#18301408)

I worked in an office where the recently hired tech guy managed to destroy the VP of marketing's Email 3 separate times. All in the first 3 months of his contract. That was the end of him. It's not such a big deal to lose personal email, but for people who have integrated the use of email into their business it's ugly. I would like to think that people are backing up their 1.2 gig PST files, but I know that there are many smart successful people out there with big PST's that have no backup. This kind of behaviour by a Windows Live OneCare is just asking for disaster.

Re:trail of tears? The Unemployment line (1)

zappepcs (820751) | more than 7 years ago | (#18301440)

This is exactly why I don't keep my .pst file on a work server. I use a laptop from work, and by keeping that huge .pst file on my local drive, I can choose to back it up when and where I like. No matter how good the guys in corporate IT might be, I just don't trust them. With most of my backup processes, it would take 2 disastrous events to happen at the same (or near enough) time to cause total loss of data. It would only take one careless IT person, or software update to cause complete loss if I trusted them.

Re:trail of tears? The Unemployment line (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18301736)

Actually, the idea of storing all email in a huge single file is beyond stupidity.

Re:trail of tears? (1)

kripkenstein (913150) | more than 7 years ago | (#18301460)

Extreme? Not in the least, some people live off of their inboxes. This can cause real personal and financial damage.

Speaking of tears, I had a good laugh when I read this:

After the latest update which required a restart
I really don't intend to be mean, but this just took me back a few years to when I was using Windows. I had totally forgotten about updates that require reboots (well, kernel updates do, even on Linux). Amusing, to me at least.

Anyhow, OneCare has bugs, not that surprising really, all software projects have bugs, Microsoft, open-source, or whatever.

Re:trail of tears? (0)

Anonymous Coward | more than 7 years ago | (#18301588)

This can cause real personal and financial damage.

But not genocide.

You do realize that the "Trail of Tears" is what the forced relocation of the Cherokee people, during which about 1/4 were killed off from disease, is called, don't you*?

In the first ten pages of a google search for "trail of tears", there are only eleven links not directly related to the Cherokee. (Only two are in the first five pages.) They are about evenly divided between things about a Norwegian heavy metal band called "Trail of Tears" and things that are remotely related to the Cherokee relocation. So either the author of that phrase in the summary (kdawson? it's not in italics and quotes...) choose a poor phrase, or baby Godwin'd the thread right in the summary.

*If you aren't from the US, then I back off the "you should know this" attitude.

Re:trail of tears? (1)

kripkenstein (913150) | more than 7 years ago | (#18301650)

But not genocide.

You do realize that the "Trail of Tears" is what the forced relocation of the Cherokee people, during which about 1/4 were killed off from disease, is called, don't you*?

*If you aren't from the US, then I back off the "you should know this" attitude.

Well, I learned something just now, I had no idea that that was a US cultural reference; I am, in fact, not from the US (lived there as a child for a few years, decades ago). Actually I didn't even think it might be a reference, so I didn't Google it. It didn't have the 'look' of a quote, to me. (I guess that shows what I know)

Ok, now that I am informed, I agree with you completely, 'trail of tears' is definitely extreme for this situation.

Re:trail of tears? (0)

Anonymous Coward | more than 7 years ago | (#18301754)

I had no idea that that was a US cultural reference

I don't know for sure that it was intended to be... but it does seem more likely than not that whoever came up with it at one point had heard about it even if it wasn't supposed to be an overt reference. (I'd like to think that even the anti-MS people here wouldn't go so far as to make an intentional reference like that...)

Ok, now that I am informed, I agree with you completely, 'trail of tears' is definitely extreme for this situation.

And I should probably say that I agree, if you ignore the reference bit, it is pretty appropriate. ;-)

(BTW, I should probably say that I came into the thread originally to post something like the origional post, because at the time there weren't any comments listed on the main page. But when I loded the page, the first post was there already, so I moderated it instead. Hence the A/C posting.)

Re:trail of tears? (0)

Anonymous Coward | more than 7 years ago | (#18301714)

Inquisition is far more appropriate.

This is just another in a long series of failues (3, Insightful)

jmorris42 (1458) | more than 7 years ago | (#18301210)

And just remember, this is the same development house that the whole world seems to have no problem with the thought of giving root acces to their machines so they can keep them 'safe.'

If those idiots don't screw the world up by their own incompetence first they are going to get Windows Update 0wn3d and allow someone malevolent to wreak even worse havok on the world.

Seriously, I can't understand how any Microsoft product is permitted to be used in any role where failure isn't an option. Finance, military, medical, etc should have imposed a ban a decade ago, forbidding the stuff from even being connected to a network port inside the secure inner firewall. Instead we are installing the stuff into the engine room on our warships, giving it sole control of the propulsion system.

This is insanity on a global scale. A lot of people even seem to understand the danger yet are too afraid to speak up loudly enough to be heard.

Microsoft (0)

Anonymous Coward | more than 7 years ago | (#18301402)

has much to be modest about.

Re:This is just another in a long series of failue (0)

Anonymous Coward | more than 7 years ago | (#18301528)

Indeed, only a few weeks ago a friend of mine was in hospital for a serious operation. During the prodecdure the doctors had to wait for 5 minutes while the computer rebooted. Seriously, I'm not making this shit up, but it sounds like comedy material doesn't it. Microsoft products are more than just a few tears spilled over lost emails, they are a debasement of computer science and a threat to human life and security. I agree with you very strongly that they should be banned from any safety critical system, in fact I will be writing to my representatives and forming an actin group with precisely that agenda.

Re:This is just another in a long series of failue (1)

Black Parrot (19622) | more than 7 years ago | (#18301548)

> Seriously, I can't understand how any Microsoft product is permitted to be used in any role where failure isn't an option.

I can't understand why software is permitted to be used in any role where failure isn't an option.

But I get your point.

Re:This is just another in a long series of failue (1)

cbreaker (561297) | more than 7 years ago | (#18301742)

I think it all stems from the same old problem of people wanting to use software that they know. And really, people generally know Windows more then anything else. It's not an excuse, and I think it's the epitome of laziness, but I believe that's the main cause.

I mean, I work for state government and the majority of the people running the systems just don't know computers very well. It sucks. So, their comfort zone is Windows, because it APPEARS easier to manage. (Of course, it's not, it's just as complicated as anything else when you look past the pretty start button.)

And they say FOSS doesn't get professional testing (1)

Theovon (109752) | more than 7 years ago | (#18301212)

You hear the complaint both ways, of course. Commercial software gets professional testing, which means that engineers are paid to test un-fun corner cases, apply heuristic analysis, and other stuff like that. FOSS software gets more intense testing, because there are more people testing, although it's somewhat less organized.

Well, here's an example of how it can go wrong, no matter who you are. Of course, we're never surprised when Microsoft has a bug. It's really funny to me, actually. Huge company--can never get their shit together.

Re:And they say FOSS doesn't get professional test (1)

Frosty Piss (770223) | more than 7 years ago | (#18301244)

FOSS software gets more intense testing, because there are more people testing

Is this really true in a general sense? Obviously the "darling" FOSS projects do, but that's a very small percentage of the whole.

Re:And they say FOSS doesn't get professional test (0)

Anonymous Coward | more than 7 years ago | (#18301856)

In all the companies I've worked for the testing of software has been inferior to that I've observed in most Open Source projects. It's the first thing to be cut from the schedule.

Re:And they say FOSS doesn't get professional test (1, Informative)

Anonymous Coward | more than 7 years ago | (#18302258)

FOSS software gets more intense testing, because there are more people testing,


I disagree with both assertions.

First, because there are more people testing, does not mean it gets more "intense" testing. The FOSS mentality is, "I will code up this patch, test it, then submit it." How many of those developers do you really think are rigorous in their testing? Does someone say, developer X tested these situations, I think I will add a test for this? Do they even tell each other what was tested, or does everyone re-invent the wheel? Did they test all of the boundary / corner tests? Every degenerate case? Every mind0numbingly boring condition? Or did they just test the easy stuff over and over again? Did their tests just consist of "Works For Me"?

Second, are there actually more people testing? Do you think that there are people with watches on the code tree just salivating for a chance to write test cases for other people's code? If they test other's work at all, it's going to be because they found a fault caused by someone else being sloppy, and that fault led to a failure while they were using the program... the exact same sequence that causes a user to submit a bug report to a closed source product.

quarantine (1)

firpecmox (943183) | more than 7 years ago | (#18301218)

Have they not heard of a quarantine?

Re:quarantine (0)

Anonymous Coward | more than 7 years ago | (#18301380)

Quarantine? I thought you said "guillotine". My bad ...

Re:quarantine (1)

x_MeRLiN_x (935994) | more than 7 years ago | (#18301590)

Depending on how high Microsoft rates a malware threat, affected files sometimes bypass quarantine and are seemingly permanently (save recovery tools) deleted.

Cry me a river (-1, Troll)

wumpus188 (657540) | more than 7 years ago | (#18301258)

Don't know about you, but my trail of tears leads to the nearest Apple store...

Linux users! Let's show some solidarity (4, Funny)

adnonsense (826530) | more than 7 years ago | (#18301286)

Don't just sit there feeling smug! Every now and again, when you have a free moment, delete your mbox file, or the directory where the mail client of your preference stores its data. That'll go a long way towards helping Windows users to stop seeing us as arrogant and aloof and let them know we share their pain.

(And if you're really feeling altruistic, knock up a shell script which turns your machine into a spam-spewing zombie).

Re:Linux users! Let's show some solidarity (0)

Anonymous Coward | more than 7 years ago | (#18301442)

while your at it, install telnet with root access, poke holes in your firewall, and then once a month rm-rf ~/

Windows reinventing Unix poorly since the 1990's.

OS X Cause making unix pretty was easier than fixing windows.

Re:Linux users! Let's show some solidarity (0)

Anonymous Coward | more than 7 years ago | (#18301958)

knock up a shell script

I tried that but all I got was internet AIDS.

Skip .pst Files? (0, Redundant)

WrongSizeGlass (838941) | more than 7 years ago | (#18301290)

Since many viruses arrive via e-mail, wouldn't excluding .pst files from a virus scan be a bad idea?

It's The Lt. Ripley Virus Scanner (5, Funny)

Anonymous Coward | more than 7 years ago | (#18301300)

Nuke the mailbox from orbit, it's the only way to be sure.

Then the computer said... (1)

physicsboy500 (645835) | more than 7 years ago | (#18301328)

"FEED ME"

Re: Then the computer said... (1)

Black Parrot (19622) | more than 7 years ago | (#18301576)

> "FEED ME"

Imagine my embarassment when I found out it was merely a bug, and my insurance won't pay for the exorcist or the damage done by the SWAT team.

PST file (5, Insightful)

pe1chl (90186) | more than 7 years ago | (#18301330)

Maybe it wasn't such a good idea to put all mail, including not only INBOX but also all extra folders, in a single file?
At least other MUAs usually have a separate file for each folder.

Re:PST file (1)

moranar (632206) | more than 7 years ago | (#18301372)

It doesn't depend so much on the MUA (although if that's the only option on the software you're certainly shit outta luck): mbox is a common format for mail. It does get unwieldy if there's a lot of mail in the file, of course, but it's easier to search by hand than a plethora of directories. I think.

Re:PST file (1)

pe1chl (90186) | more than 7 years ago | (#18301556)

mbox is a file format for a single folder. when you have an inbox, sent-mail, trash and some saved-mail folders you will have several mbox files.
when you receive a mail and your inbox is deleted, you "only" lose the recently received mails and not all those valuable mails you saved in the past.

Re:PST file (1)

DavidD_CA (750156) | more than 7 years ago | (#18302092)

No thank you. Keeping everything in one file, albiet sometimes a very large one, has made it VERY easy for me to support Outlook for my clients, even over the phone, and yes this sentence is running on, way too much.

Users tend to create a lot of sub-folders, and folders in sub-folders. While moving things around is usually as simple as drag-and-drop, having all of them stored in one file is great.

Now any old hack can delete all their email (1)

ksuMacGyver (562019) | more than 7 years ago | (#18301344)

Hmm, now's the time to send your Windows 'friends' who are using onecare a nice virus attachment surprise. :-P

OneCare deletes nothing (5, Informative)

The Bungi (221687) | more than 7 years ago | (#18301346)

Obviously they screwed up on the 1.5 RTM where now apparently they'll quarantine the whole PST file (don't get me started on the "one huge fucking file for everything" mentality...), but AFAICT OneCare does not delete the file. The problem is that it essentially hides it under [C:\Documents and Settings\All Users]\Application Data\Microsoft\OneCare Protection\Quarantine, compressed in a .CAB file and not accessible from a non-admin account. But if you can log into the machine with an admin account, you can recover the file, and turn off OneCare scanning of your mail file for good measure.

Then, get a good AV package - or better yet, just exercise some fucking common sense and don't open that "Re: Malaca Superfund Stranded" email from "Roberta Plantagenet~=%" that has a "postcard.exe" attachment.

Re:OneCare deletes nothing (0)

Anonymous Coward | more than 7 years ago | (#18301990)

But what if I am expecting my good friend "Roberta Plantagenet~=%" to reply to my message titled "Malaca Superfund Stranded" with an attachment of his "postcard.exe" program? I guess sometimes you just can't win :(

Re:OneCare deletes nothing (1)

master0ne (655374) | more than 7 years ago | (#18302128)

2 problems with your post.... 1... If outlook or outlook express in RUNNING, the file is locked, and cannot be coppied, therefore, onecare skips quarantine, and deletes it directly (which i would imagin it has some difficulty doing, but apparently it manages) 2... You dont need to OPEN the file, just RECEVE it, when OneCare sees theres a virus laden attachment in the PST file, even if it hasnt been opend and the virus never run, it attempts to quarantine the whole pst file, and when it fails it simply deletes it, and i would suspect that once you reopen the mail client, it recreates the file, possibly overwriting the original "deleted" file, making even the best recovery tools useless in most cases... so basically, OneCare delets your inbox, go buy a mac or linux box... MS's software is broken anyway, and dont even get me started on the exploitability of Outlook, IE, or the horror that is Vista!

deleted my email, too (1, Interesting)

Anonymous Coward | more than 7 years ago | (#18301348)

i was using it on my windows box and it deleted my entire email. great, Microsoft. well done. i think now i understand why everyone switches to Linux. as of today i am making my Linux box my primary machine. period.

Good Grief! (0)

Anonymous Coward | more than 7 years ago | (#18301412)

Good Lord! How can the parent be modded "interesting"? The guy doesn't know what a shift key is, are he's just parroting the "DUDE! Micro$loth SUXORS!!!!" line anyway. What exactly is "interesting" about it?

Boda Bing... (2, Funny)

coastin (780654) | more than 7 years ago | (#18301370)

Ahh, nice a inbox ya got dere, it'd be a shame if somethin was to happen to it!

Running theme with Microsoft's "security"? (5, Interesting)

Anonymous Coward | more than 7 years ago | (#18301378)

That theme seems to be "The cure is worse than the disease"

Example 1:
Problem- Malware has carte blanche in XP to do damn near anything if it's run from an account with admin privileges.
Solution- UAC in Vista. ("You are moving your mouse cursor. Cancel or allow?")
Solution Sucks Because- UAC is so friggin' annoying with the popups that people will either shut it off or get in the habit of blindly clicking "OK," which means they are likely to give malware carte blanche to do damn near anything.

Example 2:
Problem- Viruses.
Solution- Windows OneCare Antivirus.
Solution Sucks Because- One infected email can cause your whole inbox to go bye-bye.

Great job, guys! The five years it took you to get this stuff perfect was really worth it!

Re:Running theme with Microsoft's "security"? (4, Funny)

FSWKU (551325) | more than 7 years ago | (#18302190)

"You are moving your mouse cursor. Cancel or allow?"

While still incredibly annoying, at least it's a SLIGHT step up from what we used to have. "Your mouse cursor has moved. Windows must be restarted for the change to take effect."

On a side note - Backup your files (2, Insightful)

rhyno46 (654622) | more than 7 years ago | (#18301468)

Yes, this is off-topic. Yes, OneCare sucks if it deleted someones email.

If you don't backup your data you will lose it someday. It's not a question of "if" it is "when". Your hard drive will eventually crash!

I feel so sorry for people that encounter this. My business provides remote backup via the web & we try to help people prevent events like this, but it doesn't matter. I think all of our remote backup customers have previously experienced data loss.

Re:On a side note - Backup your files (0)

Anonymous Coward | more than 7 years ago | (#18301680)

If you don't backup your data you will lose it someday


Thankfully, Microsoft's development team saw that potential disastrous data loss and so made sure it would happen in a controlled manner. Now you can rest assured that losing your email will not happen randomly, but in a Microsoft Certified way.

Hardly an unheard of problem (2, Interesting)

khendron (225184) | more than 7 years ago | (#18301474)

I've had Norton Anti-Virus delete my Thunderbird Inbox when it detected an incoming virus. This was the main thing that made me get rid of Norton on all my computers.

It isn't MS fault you get the virus (1)

terrible76 (855014) | more than 7 years ago | (#18301478)

Microsoft policy is "Do not open e-mail attachments from persons you do not know" or an EXE, .js or any virus type of file. Also their solution for Internet Explorer bugs is to turn off scripting and active-x and do not goto websites that you don't trust. So in general it isn't Microsoft's fault they put the inbox into quarantine, it is the user's fault for getting the virus or going to a website that gives them the virus. Of course that is from a MS point of view. While most of the IT community is trying to fight viruses, fraud and all the evil things out there, MS seems to put the blame on the consumer. MS is proving this as they try harder to tell the end-user that they are doing everything they can but it is the users responisbility to protect themselves. In all if you use Microsoft products that is equvilant of buying a car, but you have to install or replace any safety features - brakes, seatbealt, airbag - yourself!

Stop tagging all MS-related articles defective... (3, Informative)

Dachannien (617929) | more than 7 years ago | (#18301488)

The term "Defective by Design" was specifically invented to describe products containing DRM, where the usability of the product is intentionally compromised in order to protect the profits of a third party.

Yes, Microsoft has a lot of DRMed software, with Vista being the granddaddy of them all, but not everything Microsoft makes is defective by design. And in this particular case, the defect appears to be a bug rather than intentional anyway. So, please, save the "defectivebydesign" tag for situations where it's really warranted. Sure, it may be an amusing term, but when you use it where it doesn't apply, it waters down its meaning for the situation it was intended to be applied to: DRM.

Re:Stop tagging all MS-related articles defective. (1)

fireboy1919 (257783) | more than 7 years ago | (#18301554)

The term "Defective by Design" was specifically invented to describe products containing DRM, where the usability of the product is intentionally compromised in order to protect the profits of a third party. ...and to apply to the security policy that's intentionally insecure to accomodate user issues and program writers.

Most of the things that we see this appear in are because we see an exploit. Such exploits in a better written file system wouldn't be an issue at all. So the defect is the design more than the actual flaw.

This case is a similar matter. The virus scanner is scanning a file, finding a virus in it, and quarantining it. The bug isn't with the AV, its in the fact that an entire user's mailbox is stored in a single file, which is a defect in the design of Microsoft's mail system. This wouldn't happen if Microsoft was using a better mechanism for storing mail.

So I say we let the "defectivebydesign" tags keep coming. We can stop when we stop seeing the obvious design defects.

Re:Stop tagging all MS-related articles defective. (0)

Anonymous Coward | more than 7 years ago | (#18301662)

No, you are talking about "defective due to bad programming and poor choices" whereas defectivebydesign should be used to refer to "defective because it was deliberately and maliciously designed to cripple the computer's function". See the difference?

Re:Stop tagging all MS-related articles defective. (0)

Anonymous Coward | more than 7 years ago | (#18301716)

Come on, how can you guys argue against the OP when he's completely right? Maybe you can say that it is "defective because they're stupid" or "defective because of a bad design". I would simply call it "defective", period. The same thing happened to MS Promotion Site Flagged By MS Anti-Phishing [slashdot.org] .

Re:Stop tagging all MS-related articles defective. (1)

master0ne (655374) | more than 7 years ago | (#18302214)

you do realize that most all mail clients use one large file to store most mail in, not just MS, but FOSS projects too... Thunderbird.... pine.... etc... all have one large file for all mail and folders, or sevral large files for mail in individual folders, if any one of them happens to redeve a virus laden email, than that whole folder, or whole mailbox all togeather gets hosed... Also, im by no means a MS fanboy, but the NTFS filesystem isnt half bad, and this defect has NOTHING to do with how the filesystem works, more how the AV handles the detection of viruses in certin "special" places, such as inboxes... It would seem more of a bug, and one that alot of AV's share, as there doesnt seem to be a good way to tell what file is a mail folder, and what isnt just by looking at it, it would need to be pre-programmed into it, and updated accordingly for each new mail client, and each time a existing mail client changes the way it stores its mail...

Re:Stop tagging all MS-related articles defective. (1)

Miseph (979059) | more than 7 years ago | (#18301612)

I agree that it's inappropriate to use in the conext of an unintentional bug, but I can see legitimate uses outside the issue of DRM... for instance, consumer electronics designed to break after about 1 year of regular use (Sony used to do this constantly with the Discman) in order to drive consumers into buying new ones regularly, or Lexmark's (old? haven't used their stuff in ages) practice of selling ink cartridges with very small reservoirs at higher prices in order to subsidize cheap yet very high quality printers.

Point is, "defective by design" describes DRM, but also accurately describes many other shady business practices intended to increase sales through incompatibility and early obsolescence. The fact that it wasn't coined until the advent of DRM doesn't mean we should horde it for that sole use.

Re:Stop tagging all MS-related articles defective. (1)

game kid (805301) | more than 7 years ago | (#18301892)

I'm just slightly shock no one's tagged it "onecarewilleatyoursoul" yet.

Come on, the guys at Microsoft are obviously Aphex Twin [google.com] fans. :D

oops (1)

game kid (805301) | more than 7 years ago | (#18301910)

...and the fact that I mistyped "shocked" is shocking indeed.

Re:Stop tagging all MS-related articles defective. (1)

noctrl (452600) | more than 7 years ago | (#18301994)

heh,

Putting all email into ONE file is a defective design.

So this 'article' is tagged as it should be :D

Re:Stop tagging all MS-related articles defective. (0)

Anonymous Coward | more than 7 years ago | (#18302078)

"defective design" != "defective by design"

just like "broken hand" != "broken by hand".

Re:Stop tagging all MS-related articles defective. (1)

j_rhoden (214320) | more than 7 years ago | (#18302020)

Don't feel too bad. Someone used to tag every single Microsoft related article "itsatrap" too.

So what exactly is the problem? (1, Insightful)

SmallFurryCreature (593017) | more than 7 years ago | (#18301492)

A virus scanner found an infected file and put it somewhere safe. It is in the logs so you can find out what happened.

Yes it is not very userfriendly but it sounds to me a bit like you complain that the fireman who got you out of burning building bumped you against the doorframe and now you got a sore toe. Cry me a river.

Should infected files NOT be moved just because they belong to a certain program?

I could understand the upset if it had moved a critical system file and brought the whole machine crashing down but that is now what happened.

Would it be as bad if a virusscanner moved a document because it was infected?

Truly this to me sounds like the conflict that arises between making software actually do anything and some users who expect computers to work by magic. Sorry, they do not.

Maybe MS virusscanner should know about special files, especially those belonging to its own products, maybe it should be capable of handling these files securely without having to move them. Perhaps.

It is not like the email disappeared. The file was moved. Move it back, and voila, all is restored. (I am guessing here, this is how it works on unix mailboxes anyway.)

Yes, perhaps the virus scanner did NOT report it clearly what it had done (more likely, the user in question simply did not read the log) and perhaps a proper virusscanner by MS should be able to handle the insides of a MS file and clean it on the spot, not have to move the entire file. BUT if this happened on a unix I would find it perfectly acceptable. Then again, I read logs.

Re:So what exactly is the problem? (4, Insightful)

TerminaMorte (729622) | more than 7 years ago | (#18301602)

The problem is not that a single email was moved, but that the entire mailbox was quarantined and that the user was not told about it. RTFA.

Re:So what exactly is the problem? (5, Insightful)

earnest murderer (888716) | more than 7 years ago | (#18301936)

Precisely. For that matter, considering the target audence the concept of a Log file as notification is not only ineffective but probably offensive to most. Of the people I know who might use this product, every single one of them would have ended up in a shop and paying a lot of money to have a tech figure it out. Or more than likely paying them to re-install Windows and hope it didn't happen again.

Re:So what exactly is the problem? (1)

LiquidCoooled (634315) | more than 7 years ago | (#18301676)

Surely infection potential is considered based upon whether its executable or not?

I can write "format C:\" here and be 100% certain that it would not format my drive.
Same thing with Viruses, I used to keep a vault of them with none executable extensions.

If the virus is extracted by the application and forwarded for executation THEN there is a problem, not until.

Re:So what exactly is the problem? (1)

RobertLTux (260313) | more than 7 years ago | (#18301710)

the problem is in some cases the file gets scrambled/ encrypted

what should have been done is One Care should have used some sort of api to extract the mails in question and then quarenteen just those mails
or
scan the emails as they came in and then bounce those (i mean ive heard that getting api stuff from microsoft is hard to do but in this case
MICROSOFT IS THE VENDOR IN BOTH CASES

Re:So what exactly is the problem? (1)

civilizedINTENSITY (45686) | more than 7 years ago | (#18301712)

Apparently (according to postings in the article) sometimes it quarantines and sometimes it irrecoverably deletes (beyond what recovery tools can recover.) In these cases, if they actually occurred as described, it is more like you have a fire in the tool shed in your back yard and the fireman level your house and garage as well as the tool shed.

So I totally agree with what you said, but that doesn't matter since the real problem is worse than what you described.

Counter example : AVG free (2, Informative)

aepervius (535155) | more than 7 years ago | (#18301734)

AVG free move the concerned attchment to a quarantine directory and leave me a note telling me why in the email. My whole mailbox is file left untouched. So why is microsoft unable to do that ?

baby, water (1)

Black Parrot (19622) | more than 7 years ago | (#18301524)

Bah, let God sort them out.

Ah! Ah! (2, Insightful)

Chutulu (982382) | more than 7 years ago | (#18301526)

use Thunderbird instead....

Re:Ah! Ah! (0)

Nom du Keyboard (633989) | more than 7 years ago | (#18301870)

use Thunderbird instead....

Second this! And when MS starts deleting Thunderbird files "by accident", sue them!

Re: Use Thunderbird (1)

TropicalCoder (898500) | more than 7 years ago | (#18301984)

I use Thunderbird and Symantec AntiVirus.

I did a deep scan one day and Symantec found a virus in my inbox. It quarantined the whole thing. When I looked at my in box, which usually has hundreds of emails going back for the past year or so, it was empty.

I simply restored it from quarantine, and went thru the emails, deleting everything I didn't need, but especially some old spam messages that I had never opened. Scanned again, and no more virus.

Now I keep the amount of mail stored in the inbox to a minimum, and back it up from time to time. WinXP Thunderbird users will find their inbox and other mail folders at...

C:\Documents and Settings\[user name]\Application Data\Thunderbird\Profiles\[*].default\Mail\Local Folders\

Mail is stored in files named after the folder.

Better yet, back up your entire profile folder. C:\Documents and Settings\[user name]\Application Data\Thunderbird\Profiles You can lose this sometimes when updating Thunderbird - at least - that has happened to me in the past.

This is silly! (1)

Supreme Dragon (1071194) | more than 7 years ago | (#18301656)

One message gets a virus, so they delete EVERYTHING. This is not suprising, coming from the creator of Microsoft Bob 2......... I mean Vista.

OneCare? (2, Funny)

ozbird (127571) | more than 7 years ago | (#18301684)

OneCare - from the same onomatopoeic geniuses that thought up the "Wang Cares" campaign?

This FP for 6NAA (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#18301740)

playing so it's been looking for! pallid bodies and DOWNWARD SPIRAL. this mistake or won'7 vote in plainly states that Performing.' Even end, we need you do, and with any

Not the only AV software that has managed this (1)

Miksa (300587) | more than 7 years ago | (#18301954)

This reminds me of the professor, whose .pst was deleted by some old version of F-secure years ago. The software knew the .pst format well enough to tell exactly in which email the virus was and give the subject and sender info of it. Would have expected it to be able to only delete the offending email.

MS 'Once Cared' Email scanning (2, Interesting)

grolschie (610666) | more than 7 years ago | (#18301966)

From the forum posts, it seems that MS don't want to scan incoming or outgoing emails and they also now don't want to scan the .pst file. They are happy for dormant viruses to exist on your machine because these are supposedly detected when being executed. Going by their current track record, I wouldn't be confident of any kind of protection from Microsoft 'Once Cared'.

Rename the product (1)

unoengborg (209251) | more than 7 years ago | (#18301970)

Perahaps Microsoft should consider renaming their OneCare product to Microsoft WhoCares, I'm sure many of the affected users would find that a more appropriate name.

Depends on your AV scanner (1)

A_Non_Moose (413034) | more than 7 years ago | (#18302094)

Someone already pointed out that Norton quarentines the whole inbox, and older CAVs do too.

The behaviour is "essentially" correct, because pst and mbx's are single files, but the
bigger problem is pst's are binary format, whereas mbx's are text/UUE and text editor
"recovery" is possible.

Newer AV scanners can "snip" out the infected UUE portion, but you have to set the behaviour
yourself as is the case with CAV, and even then it works on IMAP folders, but blasts local ones
on occasion.

(snort)

Thankfully, in my case, the last local folder to get bitten was the junk mail folder that I
use to train future filters. Now, Tbird needs good mail to balance out the junk mail, so
the one saving grace is the filters are usually quick enough to shove the messages where
they belong before the AV ax falls on the infected file and folder.

Yeah, "Oh, noes my junk folder got deleted" vs "Oh, noes my entire inbox is gone".

Bit of a difference.

off topic but .... (1)

thephydes (727739) | more than 7 years ago | (#18302140)

It constantly amazes me that a company as old as MS can continue to produce software that isn't compatible with other parts of its "suite". Yeah yeah, I know that programming is a very complex business, but after 20+ years, surely they must have learned something. Perhaps it's the very close integration of all the parts that is the problem? Hey wait, I think I've heard other people say that.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?