Slashdot Mirror
Symantec Adds Product Activation
maliabu writes "GlobeTechnology/CNET reports that Symantec has added an antipiracy technology to the new version of its main virus-zapping program, in the form of compulsory product activation. It is intended to protect consumers from widespread counterfeit copies of Symantec programs. The company estimates at least 3.6 million bogus copies of its programs are sold annually, causing headaches both for Symantec and unsuspecting buyers, who find out too late that the software isn't doing the job."
It is intended to protect consumers from widespread counterfeit copies of Symantec programs.
I don't believe it as a main cause.
Trolling using another account since 2005.
I'm sure THAT will work. Good job nobody knows how to turn that kind of thing off eh?
Hmmm.
How would product activation protect users? Piracy prevention only protects symantec.
The Television Wiki
Seems like the new standard - now they can enforce virus definition subscriptions as well - previously, reinstalling the product after a clean deinstall + registry clean would reset the subscription date for definition updates.
So the real question is - if there are 3.6M bogus copies sold, and (by RIAA numbers) an additional 360M pirated freely online, by enforcing the product activation, will the Internet see more viruses or less? (and yes, I know it's technically virii)
My vote is on more...
Subscribe for free to my show!
Symantec antivirus for home use is bloated as hell and has required yearly "subscriptions" for some time now. When that nonsense started, I bailed. Antivirus software should at the very least offer free updates to the virus definition files, given the havoc that these things have been causing of late.
Curb CO2 emissions: Kill yourself today!
Um... this article is about Symantec, not Microsoft. Not to mention the only people who will be affected by a rise in the cost base are the people who relied on a pirated version of it.
A properly configured windows box is just as secure as linux, tell that to the folks at gnu.org that were trojaned since march.
I am very disappointed with Symantec/Norton anyway, in recent weeks I have replaced 20 desktop licences with AVG by GRISoft. AVG found viruses on about 15 systems where Norton did not complain at all. Yes, Norton was up to date in all situations and many of the desktops were installed by other people, so no commonality there.
If I had shares in Symantec I'd be selling them now.
while NO anti-piracy strategy is foolproof (we can only talk about rates of piracy, not absolute values), the fact of the matter is that product-activation can be done without sending the user's SSN and first-born through the lines.
Actually, I'm just pissed off that some asshole russians wrote "crack" programs (still widely available on all those cracks sites) to break the security of a previous version of some shareware i wrote (cost of shareware: $20 and for a very specialized audience). So, in a later version of my software, I included a type of product activation and wrote a code in such a way that the compiled stuff would be harder to figure out. 2.5 yeas later - still no crack out fot the software that I can find anywhere, plus I am secure in the knowledge that my reg codes are doing a lot less walking.
Fair is fair.
And like most methods of protection, I wouldn't be surprised if Symantec's product activiation was cracked pretty quickly indeed. I suspect Symantec would be better off spending the money they spend on developing/buying this technology adding to the fund they use to pursue and close down the spammers who try and sell pirated copies of Norton AV, System Works et al.
If you're going to inconvenience your legit users in order to reduce illegal copying, just tell it like it is. Protecting the consumer against illegal copying would just require signing the software, no mandatory activation.
... they tell honestly that they want people to actually pay for the program? Norton AntiVirus is worth every buck you pay for it, and the online update features are very comfortable. I can't imagine of "bogus" copy's that don't work, and even if they existed, why counteract with a registration. if the bogus copy doesn't work, they don't have to fear it. Furthermore Symantec does a great deal in helping us for FREE (do you remember the W32.Blaster removal tool you could download even when you weren't a costumer of them?), so i think if you want to use AntiVirus from Norton you should pay for it, if you are greedy there are a lot of free alternatives
".Sig Stealer" was here
I agree with "Say no to Symantec" but what you should pick up if you're stuck using Windows is AVG Anti-Virus ... you just can't beat the price!
--- I'll have a Bloody Mary, a Steak Sandwich and a uh Steak Sandwich.
Just like the copy of my Symantec Anti Virus software I got for free with my DELL.
...Visit the website... Oh your version of Anti Virus has expired, please consider upgrading or buying our one year service plan...
Installed, and what pops up... Oh your virus files are out of date! Please visit our website.
The notebook was BRAND NEW...
This is called a money grab, boys and girls...
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Not suprised, whenever I've bought or installed their software it has never used a serial number.
- make the update protocol encrypted and secured;
- make virus pattern update sucription for money;
- release the client software itself for free;
- ???
- Profit!
Why? I hate product activation - it never works and users are always frustrated.Besides, the scanning and curing are not complicated operations per se. Virus patterns are the content that I am ready to pay money. Therefore the the other business model: charging for content rather than for software.
Less is more !
I personally don't mind product activation as long as consumers are aware of it before buying. I mean it is a matter of choice. I am sure you can find alternatives without product activation if you like. So it is simple. If you want to buy Symantec (Symantec is not a monopoly like MS so you do have many alternatives), then you will have to activate the product. I mean why do people talk as if trying to prevent piracy is a very bad thing. Only requirement is that the consumer should be informed, and after that let the consumer decide. I know some will argue that if Symantec is successful, others will incorporate same technology in their products as wel, but the point is that if Symantec succeeds, that means that a majority of consumers don't mind activating anyway. So in that case other would be fully justified in adding this technology to their own products. On the other hand, if people are bothered by it, they simply won't buy it. So just let the invisible hand of market take its course. I am sure we will reach an outcome which is benificial to the maximum number of people.
What's under yellowstone?
The only anti-piracy technology that really works is that which uses hardware.
It's difficult if not impossible to duplicate a hardware lock (parallel port dongle), and it costs money to do.
It would cost Symantec about $5 in mass production to include a dongle with their anti-virus software. It would cost the average person $25 to make that same lock, and would be difficult if not impossible to duplicate the firmware...
Software methods for anti-piracy were killed by copyiipc back in the 80's....
The thing is, in newer versions they do not include "innoculation". Innoculation used to simply take a fingerprint (CRC32) of your executables/libraries, and could be set up to refuse to run unknown, or, more importantly, changed executables. This is great because even if you're behind in virus signature updates, your virusscanner will still detect new and unknown virusses as long as they don't compromise the virusscanner engine itself; such virusses (as well as engine updates) are far and wide between, unlike signature updates.
Recent version do NOT check binaries' integrity using any sort of fingerprinting, be it crc32, md5, sha1 or whatever, thus forcing you to rely on the yearly subscription of virus signature updates. That's not because innoculation was broken or even not user-friendly enough (it was off by default), that's was a pure 100% unadulterated marketing decision!
Interestingly, the free-for-personal use personal firewall product I'm using DOES use checksums to check whether binaries that may have specific permissions (to access the internet or open ports) have changed!
SCO employee? Check out the bounty
The company estimates at least 3.6 million bogus copies of its programs are sold annually, causing headaches both for Symantec and unsuspecting buyers, who find out too late that the software isn't doing the job.
Well, when the customer tries to register the (bogus) product he probably bought it already. So it's too late as well, isn't it?
Knowing what an anti-virus program (or indeed any program) does, and access to it's source code is not the same as being able to get around it.
Any potential exploits might be noticed by virus writers. However, they may also be noticed and patched by users or developers of the software.
because if you have every used a Symantec product like Norton Internet Security (NIS) or Norton Antivirus (NAV) you must have realized how easy those have been to install on multiple computers.
:)
:)).
I've bought one back home and run it on all of my (2) home Windowsses, after all Norton is almost a synonym for quality when it comes to Windows utilities. I've also installed few from some public www page, where NIS 2003 (includes NAV 2003) was spread in 40MB fully working package.
Maybe they are just playing it wisely, waiting for the fuzz about M$ fascistic moves calmed down and then switching their own system on.. Can't blame them, this is IMHO the only way to go, no other realistic options.. However, I doubt that this will give them much more money, as hopefully most of the commericial side is already using their products legally so this would mostly target home and lifeless w4r3z d00ds
Though I have to admit that I haven't read any recent statistics about pirated stuff used at workplaces, only heard news that it'd be going down all the time (at least here in Finland or Scandinavia.. I have very bad memory
-rzei
...is their PRICING. When our school went to purchase a new license for Exchange it cost as much as the Exchange server license plus Windows 2003 license plus 200 CALs. And that's ACADEMIC pricing. Unbelievable.
They think they're God because they are a gold partner with Microsoft. Well, basically, I told them what they could do with themselves and went with Sophos instead who offered much more (an entire SITE license) for only half that price.
In light of this new info (concerning product activation), I'm that much gladder we didn't go with them this time around. Too bad, I rather liked Norton on Exchange 2000. But, there comes a time when you realize that paying more for the anti-virus software than for what the anti-virus software is running on simply doesn't make sense.
"...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
If Symantec were to recover a decent percentage of the currently pirated copies, this would generate more revenue to cover overhead and profit growth.
There then is an argument that this could lower the price that Symantec needs to (and does) charge the legitimate users.
I'm a big Linux enthusiast, but also fully support closed source and charging if that's what software companies need to do to make money. Without this, they wouldn't be in business so it's naturally their right.
Hunger is the best sauce.
Another possibility would be to use Panda Software Antivirus (free -as in beer- edition).
Trolling using another account since 2005.
Er, freeware anyone? Try avast for example - it's free for home (desktop) use, and has free definition updates as long as ye register.
I personally can't see what extra features would make me fork out on a costly alternative, that i can only install on one machine due to product activation, even though i have more that one pc at home...
Get it here. It's free for non-commercial use, even if the interface is a bit baroque. But so is Norton's.
When I am king, you will be first against the wall.
I've always thought it's a bit strange that a piece of software that has to phone home to work well (i.e. download signature files) was so incredibly easy to copy. I installed Norton Antivirus on my parents' old computer, and when they bought a new one I thought I'd have to go through some more or less complicated procedure to get the program to run on it. But nope, I installed it and not only did it work, I got 12 new months of free updates (only one year is included, then it's like $10 per year).
Martin
If Symantec, M$, et al really care about consumers, then they should change when consumer's credit cards are charged for buying the product. If the box and CD are useless until product activation, then consumers should not have to pay until they have successfully run the activation procedure.
I have nothing against antipiracy/product activation per se. But I do object to schemes that force people to pay up front and then jump through a series of hoops that have a non-zero probability of failure. Until a company delivers value, it should not expect consumers to deliver payment.
Two wrongs don't make a right, but three lefts do.
I, for one, am happy with Symantec's decision and hope that many much more Windows software companies do the same. The more obnoxious they get the more likely people are to go and look for alternatives that actually allows them to do their job instead of going in their way.
This trend looks like the proprietary software industry trying to shoot itself in the foot to me, and I welcome them to try.
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." Bill Gates,
I've also noticed that after a recent "Live Update" and reboot of my machine that one of the Symantec executables (ccApp.exe I think) insists on contacting crl.verisign.com when it didn't before...
Personally, I am getting tired of all this extra effort just to use a damn piece of software I purchased legally. I'm also tired of every single application wanting to contact the mothership for some reason.
-Phil
Shoot questions, first ask later...
It is possible that some technical users might be more comfortable taking the plunge with Linux/BSD than having to buy a Symantec license. Im not condoning piracy, far from from it, but the reality is that most home Windows/Office/Outlook/Antivirus users out there today do, or at least have in the past, used a pirate copy of (insert product name here).
In fact, there is evidence that the big players even tolerate a bit of this kind of thing because they recognise that to penetrate this "lower end" of the market, "free" is the way to go. (The subtext here is the recognition that today's Business Studies student with a bent copy of Office is tomorrow's Managing Director of Ford. - IBM failed to recognise this with OS/2 - and said future MD will go gut/comfort-zone when buying IT systems: guess where the comfort zone will be at).
I am therefore hoping that some of these users on a tight budget will find themselves squeezed by a pricey antivirus solution to a (mostly) windows-only problem and see Linux as a viable alternative due to its price (nil), security (better IMHO) and the number of pathogens out there (minimal).
I wish at was Friday, but I dont want to wish my life away. So I wish it was last Friday.
We bought Symantec licenses for our Windows workstations last year, and despite keeping everything up to date, several PCs got infected (silly people clicking on attachments, mainly). We switched to Grisoft's AVG. Free, simple, and very good.
This move by Symantec is an attempt to bolster revenue, and it will fail. They should (a) improve the quality of their product and (b) provide a free version for home users. If they do not do both of these, they will simply drop into obscurity, and this copy-protection move will speed-up their demise.
Ceci n'est pas une signature
[i]causing headaches both for Symantec and unsuspecting buyers[/i]
Damn!!! my $5 copy of Norton Antivirus 2008 isn't legit.
Wow! Who'da thunk.
You missed the point of product activation. It's a sure bet that 99.9% of the pirated copies being sold are bit-for-bit identical to the original. Ergo, any MD5 sums would match anyway, convincing the poor sap who purchased the pirated version that he/she was okay. Software doesn't have to be modified to be pirated.
By contrast, product activation seeks to ensure that users register their copy with the manufacturer, and that only one copy is in use at any time. This (sort of) effectively prevents selling duplicates of a CD, and (if properly managed) prevents selling duplicates of a registration number too.
--Brandon / Split Infinity Music
If only the RIAA could implement product activation on CD's... then everybody would be happy.
But they do! They require you to give them (or their agents) a specially authenticated token - in exchange for this, you recieve an activated CD from them you can legally use, without fear of punishment or retribution. Certain different tokens (or combinations thereof) also allow you to volume license CD's from them. As it stands today, without this token-based product activation scheme , you cannot legally acquire a CD from them.
If you are found in possession of copied or improperly activated CD's , the punishments can be severe.
You can obtain these tokens in exchange for goods or services you provide, so you can buy more CD's. The tokens themselves are rigorously scrutinised and authenticated by an organisation called a 'Treasury', so you know that they're secure.
You are in a twisty maze of processor lines, all alike.
There is a lot of hype here.
Imagine if every bit of software on your computer was tied to that one computer. All of your games, all of your utilities, your office software, etc. Everything.
Now imagine thinking about buying a new computer. You have all of that money invested in software which is tied to old computer. Suddenly, the cost of that new computer is a LOT more because you have to buy your software all over again.
Of course, defenders of product activation will say that you'll be able to remove the software from the old system and install it on the new system. But do we know that for certain?! It certainly didn't work that way for TurboTax users.
Essentially, switching will become a risk. You might be able to use some of your software, but some you will not. Plus, that old computer will have absolutely no software on it, thus, it'll be rendered useless.
Some will argue that installing software on two computers you own is illegal. They'd be right, BUT, and this is a big BUT, CONSUMERS ARE USED TO IT. They've been doing it that way from the very beginning. When consumers get used to doing something one way, they get pissed when it changes.
When product activation is widespread, Dell, Gateway, and every other computer manufacturer can kiss their asses goodbye.
If someone says he and his monkey have nothing to hide, they almost certainly do.
Our office of 50 people just removed McAfee from all computers and installed Virus Buster (Japanese edition) by Trend Micro (antivirus.com). Check it out, you might find it is useful.
Read the article.
Home i.e. NON CORPORATE products will require activation.
It would appear that few here have bothered to go look at Symantec's web site to see what they have to say about activation. Some of the things people have complained about, based solely on reading the Slashdot blurb, have no basis.
Interesting points are:
As a commercial software developer myself, I can understand why Symantec is doing this, though I too am amused at the "for your protection" approach that is so common. I also see activation is becoming more common (PowerQuest's new DriveImage 7 has it too), especially in products that people tend to buy once and install on multiple systems.
If formal and informal piracy wasn't so pandemic, such things would not be necessary. But it seems so many people believe that it's their RIGHT to steal software (or music), if they don't feel like paying for it. I know this is heresy for Slashdot, but there it is....
AVG Antivirus is pretty good, got automatic updates and it's free for personal use.
Last time I talked to Symantec Tech Support about this, the support representative said that Norton SystemWorks was the most pirated software in the world. He sounded proud. He said that all copies that are "CD only" are pirated, as are lots of the others. He said that the price should never be less than $60. (SystemWorks includes Norton AntiVirus.)
Even some of my distributors, very legitimate companies, offer a pirated SystemWorks, apparently unknowingly.
Allowing piracy until now seems to be a deliberate marketing policy of Symantec. The idea seems to be that people invest time in learning how a product works. Those who discover they have pirated copies may not want to invest time again. They may then buy a legitimate copy.
If allowing piracy is not a deliberate marketing policy of Symantec, does that mean that no one at Symantec is smart enough to use Froogle? It's not as though finding the illegal copies is an expensive task.
Microsoft seems to have used this as a way of destroying competitors to DOS back in the old days, and with Microsoft Office more recently. There was a time when ALL local distributors were selling pirated copies of DOS (often unknowingly). I don't know if it is happening now, but at one time everyone who bought a computer from local builders was offered a "completely legal OEM copy" of Microsoft Office for $50. I called Microsoft and was told that all such copies were pirated.
Apparently, Microsoft's policy of allowing piracy was a way of killing competitors. Instead of Microsoft Office for $400 and Corel Word Perfect for $50, it was Microsoft Office for beaucoup moolah and Microsoft Office for cheap. It was impossible for Corel to establish Corel WordPerfect as a reasonable alternative. All second-tier products were crushed by the piracy of the most popular products.
Here's a question: Doesn't allowing piracy as a marketing tool invalidate the copyright?
When companies allow piracy, that makes it difficult for legitimate companies like ours. Our price doesn't seem competitive. Piracy as a marketing tool makes it seem like we are over-charging customers. It damages our reputation, and often prospective customers don't even give us a chance to explain.
Legal notice: I'm stating here my long-standing opinion only. I'm not saying I know anyone is a pirate, or a piracy encourager, only that they appear to me to be.
NAV 2003 turned out to be a dog. It took 4 installs & activations before it worked properly on my Win 98 box.
A month later, I replaced my Win 98 box with a P4 box with Win XP. I installed & activated NAV 2003, which failed. I uninstalled and reinstalled it, then tried to activate it. I was informed (by Symantec's web site) that I had exceeded the maximum number of installs and was politely asked to purchase another license.
Three phone calls to Symantec tech support were useless. They repeatedly told me that this was Symantec's policy and absolutely refused to give me more installs FOR THE PROGRAM I BOUGHT FROM THEM. (Not from a store, but from Symantec's Web site itself!)
I just bought MacAfee's product earlier this week. To hell with Symantec and all of their crap.
God forbid they should make it so people need to buy their product. Welcome to capitalism.
Who doesn't like free music?
>>It's a sure bet that 99.9% of the pirated copies being sold
... including the likelihood that it really isn't protecting their PC," Mr. Smith said.
>>are bit-for-bit identical to the original.
>If that's the case, then those users wouldn't be having problems.
Well, I'd like to see some statistics here about "problems". If you read the GlobeTechnology article, it has exactly two quotes about this:
1) "The company estimates at least 3.6-million bogus copies of its programs are sold annually, causing headaches both for Symantec and unsuspecting buyers, who find out too late that the software isn't doing the job."
2)"What consumers don't understand is that while those units may appear to be legitimate, there are a number of risks associated with pirated software
What does "doing the job" mean?
It appears to me, based on background knowledge of the basics of antivirus software (namely, that the definitions must be kept updated to make the software useful) and the rather limited quotes above, that not enough detail is given in this story to assume that any users are having problems with the delivered pirated product. I would bet that most consumers install it, and it runs just fine and does exactly what Symantec advertises - right up until they try to update the definitions or purchase an upgrade.
The real headache for any big software company is not raw sales. Those happen just because it's good software. But the money goes out in tech support. I firmly believe that the real problem Symantec is trying to handle here is to reduce their tech support costs, dealing with unsuspecting dupes who bought pirated copies, and are furious that they cannot get it to update as they expected.
This argument looks suspiciously like a SMOKE SCREEN for Symantec, trying to make the USER'S problems sound worse than reality. Now, I agree that piracy is a real problem. Hey, I write and sell my own software, and I have the same questions and concerns. But the chances that some pirates out there are mangling copies of NAV and selling versions which don't work are pretty small, when it's far easier to sell a mere duplicate copy.
So as I see it, the entire issue about "protecting the consumer" here is NOT about protecting them from broken software, but rather protecting their ability to keep that software up to date. And it naturally has the side benefit for Symantect that more users will actually PAY for the software.
--Brandon / Split Infinity Music
So far we've seen people mention Grisoft's AVG (which I use at home), Avast, and even F-prot for DOS - but I haven't seen anyone mention this yet
Housecall - online virus scanner-- got someone who thinks they have a virus? Just send em to this site, while it doesn't prevent viruses, it will tell you if any show up! Its good in a pinch, and if you think your current virus scanner might be missing something.
...unfortunately no one can be told what The Mat^H^H^HGoatse is...they must experience it for themselves...
Not everyone is constantly a self-serving attention whore.
I installed SystemWorks 2002 on my wife's computer (yes, I let her run Windows ;-), and once the virus subscription ran out it went into daily nag-mode, popping up a subscription renewal box at random times throughout the day, and with NO WAY to tell it to never pop up again. As far as I can tell, Symantec will not allow me to continue with the current level of protection without the continual nag box -- either I live with it, subscribe, or uninstall.
I'll never buy anything from them again.
That's pure baloney, as anyone familiar with the corporate mindset would understand. The reason that Symantec is going for product activation is to try and make more money. They try to make us believe that it is for the user's benefit, but it really has nothing to do with that. Product activation hasn't been working for Microsoft (in terms of reducing illegal copying and increasing revenues) and it is unlikely to work for a major brand such as Symantec. And given the highly competitive nature of the anti-virus business, I suspect that many users will simply look elsewhere rather than deal with being prejudged a criminal. I certainly will, and I've been a long-time Symantec user. Oh well. Not my bottom line.
The higher the technology, the sharper that two-edged sword.
It's the same problem that XP has. One big reason I won't buy or use XP is due to the activation (and re-activation)issues. As a legal buyer I should not have to pay for the actions of others. If they want to protect themselves from piracy let them do it on their own time. Their piracy is their problem, not mine. I can see that they want to make it my problem. That is unacceptable. Luckily there are other options for antivirus software just as there are for operating systems. They are free to force their customers to jump through all kinds of hoops for no good reason. I am free not to buy (or recommend) their products.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
There are actually quite a few reasons.
1) This is quite similar to WinXP as it is a harbinger of "leased" software; When I buy or suggest that others buy software, it is under the assumption that they are getting a product which will then be the property of the purchaser; If it doesn't allow you to move it from machine to machine as upgrade cycles or repairs require, you are not the owner of the product.
2) Some activities don't use corporate licenses, and aren't connected to the Internet, and never will be for security purposes. They can't use this software easily.
3) It's spyware by my definition. Spyware, and SPAM, are Evil.
4) the corporate version will be pirated just as fast as the retail version; pirates will scoff at the non-cracked or non-corporate version. So what is the purpose of product activation? Spyware. Unless they are going to drag peter out of retirement to actually make this crack-proof, of course.
Why, yes, I AM a Pagan Libertarian.