Slashdot Mirror
Symantec Anti-Virus Supresses Privacy Tool
salimfadhley writes "Symantec's 'Norton Antivirus' now attempts to remove Freegate, a program designed to help Chinese internet users view websites blocked by the government firewalls. Symantec offered no reason why the program (which is not spyware) was marked as a 'trojan' in Chinese versions of the software, however even an unattuned conspiracy theorist will guess that this was done at the request of the Chinese government. "
The thing about Chinese Virus Scanners. After an hour you are still infected and need to scan again.
...But I digress. TREMBLE PUNY HUMANS!ONE DAY MY SPECIES WILL DESTROY YOU ALL!
I'd certainly like to see the official line on this one. Probably a bit like Cisco - "Hey, anything to make a buck, right? We don't have no scruples." Similar issues appeared with web censorware which were illuminated by the organization, PeaceFire a few years back. Not only were the censorware lists blocking "legitimate" websites but also blocked sites that could (without imagination) be construed as agendas beyond the scope of "protecting children" against sex. Outsourcing your software increases the risk of being subjugated by others. It is unfortunate that we need so dearly the protection that antivirus software provides - but we're putting our trust in corporations that do not hold honor over profit (few do, nothing special about this one.) The same struggle with subjugation appears in the Digital Rights Manglement issues, where Microsoft chooses what you do with your computer. Fortunately as we've seen with the adware war, Freegate and friends will continue to evolve. Let us hope that the antivirus vendors have as much trouble blocking Freegate as they do catching legitimate malware! Bill
AVG Antivirus is a great alternative to Symantec's Norton AntiVirus.
It's free for home users, has a memory-resident scanner, scheduled updates, limited scheduled scans and doesn't bog down your system with unnecessary crap like the Norton or Mcafee anti-virus programs.
"Can of worms? The can is open... the worms are everywhere."
No one should be using Norton anyway. I jumped Norton's ship (after using it for free for a month) after discovering you need to pay for updates past that point and it annoys you daily about it (and even offers a "remind me after..." prompt where the only choice is 1 day). The only way to stop the annoyance is to uninstall the program or buy a year subscription. I did what they didn't want me to do. Take that Symantec. Hello Grisoft.
In so much as having no sense of humor. That and the blatant censorship is starting to happen. I've actually noticed "politically incorrect" posts disappearing completley. I got my first warning about posting as an AC today. That's kinda the point of posting as an AC. So everyone else can ignore it. If things keep up, it will be just like Fark where everyone is scared to death to speak their mind for fear of bans and censorship.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
Yanking a program you know about out just because one of these programs says it is bad isn't smart...though I've felt like choking a few admins who took any report as 100% valid.
That said, is this stupidity or malace?
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
But do all bug you daily with a pop-up box that disrupts any full-screen program currently running (and crashes a few), pointing out your subscription is up, or not allowing you to turn the box off or extend the amount of time it appears by? No, really, do they? I've only used Norton, so tell me if McAfee or Panda does that.
Pretty well... yeah
All of them are obnoxious.
McAfee being the most so... it has one of those tray popups which will kill your fullscreen game.
PC-Cillin I don't think does anything obnoxious, but I haven't used it for a few years.
EZ-Trust Antivirus will popup a web browser directed to their site.
I think that's about it. I've never used Panda. I don't use a virus scanner, personally. I have a firewall and I'm the only one with access to my computer, and I only run trusted executables.
Jay | http://oldos.org
I personally believe anti-virus it a waste of time.
/dev/null
1: Trusted sites should be trusted.
2: It is new viruses that are more prevalent, and the ones you are less likely to be protected against.
3: Behavioural systems (i.e. secure systems) shoudl be in place to stop NEW code doing things, like an internal firewall - would you like xyz.exe whihc has been on your system for 30 minutes / 3 days or whatever to acces ABC resource / network, reg setting etc.
4: Signed content can lead to more trust.
5: this would stop dialers, toolbars, spyware, fuckware, malware, shitware, pancreasware and all other forms of binary information that belongs in
I think anti-virus has gone far enough. I use google when I download a funny file, I google the filename, I google the filesize. If I am still not happy, I don't run it.
I mean who would run whoah_funny_check_this_shit_out.exe ??
setup.exe's - again, d/l from a trusted source. Run as a low priv user if need be, test it on a sandbox to be sure... but don't fsskin virus scan it - and then run it on your prized system, because anyone can right a rm -rf ~ and cause simple havoc, and this file will not be picked up by any antivirus software.
Don't reply on virus software, I'd say it gives a false sense of security at the best of times.
Educate users is important, and I would love to see an 'untrusted file' idea, where a custom made trojan would find itself in a pretty lame sandbox if someone runs it the first time, this behaviour gets recorded, then judged if it may be harmful, and above certain levels (tried to access a network resource, tried to remove a file, tried to access existing registry tree, tries to send emails to your entire address book) it quarantines, and alerts an admin.
Any linux developers like that idea? temporal / quantitative security measures for automated sandbox maintenance and binary acceptance program.
or gnutqsmasmbap.
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
I have to say I half agree with you.
,notify the user.
Our email attachment rules - block all that content. f course people zip up some of that content, so maybe unzip and block, this is email attachment filtering.
Checking for knwon virus signatures, yes this is an application of virus detection that is not used as a security measure, but as a decision maker, or audit trail.
Outlook is causes 99.99999* of virus problems, allowing someone to send email as you, with viruses in it - embarrassing!
I still cannot believe people use that....
Knowing a file is a known virus is ok, and useful, but you are right in saying that mail attachment filters are better. Remove anythign remotely hazardous.
Send a link to a file if you want someone to d/l it, and then use the trust rule, and fallback on the behavioural checking.
Never be in a position to run code that you have been assured by a virus checker that it is not a virus.
Of course, my approach would stop trojans, worms, scripts, anything that has this efect (each application can extend the security layer into its own realm, so openoffice could have a protect sandbox that would test scripts and if it crosses a line, like tries to embedd itself, or open a new document, or search or something
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
Don't use Norton if you wanna use Freegate?
Get paid to search..It's geniune and
There were viruses a long time before Outlook. There will be viruses a long time after Outlook. As far as "allowing someone to send email as you" - that's not Outlook's fault, that's SMTP's fault: the From: header is never authenticated. Yes, Outlook's security model sucks, but security issues are a lot more subtle than you're allowing.
For instance: what antivirus software is really designed to do is not to stop 0 day infections, but to put a limit on how long a virus can be effective. When was the last time you heard about someone who had the Michelangelo virus? Can't remember? That's because antivirus software is doing its job: preventing viruses from sticking. How about RedAlert or MSBlast (gee, Outlook had nothing to do with those, did it? Yes, we can all blame MS's sloppy approach to security, with full justice, but we have to remember that MS is a product of its niche - if IBM had ended up in the monopoly role of the monoculture, it is entirely possible that their products would have introduced "user friendly" features that undercut security, too.)
Your approach frankly isn't going to work with the majority of users. You're never gonig to be able to prevent things like "Here is the report you asked for / report.doc.vbs" showing up in a user's mailbox when that user really was expecting a report from the putative sender (I've seen this happen - precisely what the virus writer is shooting for - and in that situation, a manager waiting for an important time-sensitive report from a subordinate, it's all too easy for the recipient to fail to notice that the icon is wrong, that there's an extra extension, etc.). Some users email exes for legitimate reasons. Some users are too busy to run an MD5 check on every attachment they get (and have you ever tried to explain how MD5 works to a secretary?). If viruses can be blamed 99% of the time on anything, they can be blamed on social engineering: the same impulses that make people give out their credit card numbers to total strangers who "call from the bank" will make viruses continue to spread.
The whole reason zero day exploits are the most dangerous is precisely because anti-virus software exists. If it didn't, day 300 or day 3000 exploits would be as dangerous as 0 day expoits.