Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Anti-Virus Supresses Privacy Tool

Posted by timothy on from the could-be-an-unfortunate-mistake dept.

salimfadhley writes "Symantec's 'Norton Antivirus' now attempts to remove Freegate, a program designed to help Chinese internet users view websites blocked by the government firewalls. Symantec offered no reason why the program (which is not spyware) was marked as a 'trojan' in Chinese versions of the software, however even an unattuned conspiracy theorist will guess that this was done at the request of the Chinese government. "

8 of 46 comments (clear)

  1. I for one welcome our new... awww forget it by macz · · Score: 3, Funny

    The thing about Chinese Virus Scanners. After an hour you are still infected and need to scan again.

    --
    ...But I digress. TREMBLE PUNY HUMANS!ONE DAY MY SPECIES WILL DESTROY YOU ALL!
  2. Where's the follow up with Symantec? by Wanderer1 · · Score: 4, Interesting

    I'd certainly like to see the official line on this one. Probably a bit like Cisco - "Hey, anything to make a buck, right? We don't have no scruples." Similar issues appeared with web censorware which were illuminated by the organization, PeaceFire a few years back. Not only were the censorware lists blocking "legitimate" websites but also blocked sites that could (without imagination) be construed as agendas beyond the scope of "protecting children" against sex. Outsourcing your software increases the risk of being subjugated by others. It is unfortunate that we need so dearly the protection that antivirus software provides - but we're putting our trust in corporations that do not hold honor over profit (few do, nothing special about this one.) The same struggle with subjugation appears in the Digital Rights Manglement issues, where Microsoft chooses what you do with your computer. Fortunately as we've seen with the adware war, Freegate and friends will continue to evolve. Let us hope that the antivirus vendors have as much trouble blocking Freegate as they do catching legitimate malware! Bill

    1. Re:Where's the follow up with Symantec? by gl4ss · · Score: 3, Insightful

      ... and it's all the more suckier when basically you're paying symantec to prevent others messing around with your computer like this!

      since they now evidently can be convinced to remove package x from customer system z with y number of dollars at stake, it's up for questioning if you can as a customer trust them enough to actually PAY them to do a JOB and except they get it done, and not the total opposite. indeed though even more puzzling is that is chinese goverment using this software? and how do they dare to do so when evidently symantec can not be trusted to not have tampered with the software to spy/otherwise affect what they're doing.

      in all fairness it could have probably been about being the only feasible option the chinese goverment gave(hey could you add feature x, OR you'll loose us as a customer and the business permit in china) them but security isn't about taking the easy way out every time.

      it could be also intresting that if some malware scanners flagged symantecs china offering as malware... because that's what it is, now.

      --
      world was created 5 seconds before this post as it is.
    2. Re:Where's the follow up with Symantec? by Hooded+One · · Score: 3, Insightful

      As far as I can tell from the article, Norton marks it as a potential threat and suggests removing it. If that is indeed the case, I'm inclined to agree with you. If Freegate were being specifically targetted, I imagine they'd just remove/disable it silently.

  3. Don't like Symantec? Try an alternative... by stefanlasiewski · · Score: 4, Informative

    AVG Antivirus is a great alternative to Symantec's Norton AntiVirus.

    It's free for home users, has a memory-resident scanner, scheduled updates, limited scheduled scans and doesn't bog down your system with unnecessary crap like the Norton or Mcafee anti-virus programs.

    --
    "Can of worms? The can is open... the worms are everywhere."
  4. False positive? by Spoing · · Score: 3, Insightful
    Virus/trojan detectors give false positives all the time.

    Yanking a program you know about out just because one of these programs says it is bad isn't smart...though I've felt like choking a few admins who took any report as 100% valid.

    That said, is this stupidity or malace?

    --
    A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
  5. Re:I'd say bouycott any software that doesn't suit by Kris_J · · Score: 3, Interesting
    I personally believe anti-virus it a waste of time.
    Not true. Our email attachment rules (ie; no .scr, .pif, .exe files, etc) are pretty good at blocking malicious content while letting the legit stuff through, but being able to detect a known virus makes things a lot cleaner. If it's just whatever.scr, we bounce it, but if it's whatever.scr with a known virus we blackhole it.
  6. Re:I'd say bouycott any software that doesn't suit by kalidasa · · Score: 4, Insightful

    There were viruses a long time before Outlook. There will be viruses a long time after Outlook. As far as "allowing someone to send email as you" - that's not Outlook's fault, that's SMTP's fault: the From: header is never authenticated. Yes, Outlook's security model sucks, but security issues are a lot more subtle than you're allowing.

    For instance: what antivirus software is really designed to do is not to stop 0 day infections, but to put a limit on how long a virus can be effective. When was the last time you heard about someone who had the Michelangelo virus? Can't remember? That's because antivirus software is doing its job: preventing viruses from sticking. How about RedAlert or MSBlast (gee, Outlook had nothing to do with those, did it? Yes, we can all blame MS's sloppy approach to security, with full justice, but we have to remember that MS is a product of its niche - if IBM had ended up in the monopoly role of the monoculture, it is entirely possible that their products would have introduced "user friendly" features that undercut security, too.)

    Your approach frankly isn't going to work with the majority of users. You're never gonig to be able to prevent things like "Here is the report you asked for / report.doc.vbs" showing up in a user's mailbox when that user really was expecting a report from the putative sender (I've seen this happen - precisely what the virus writer is shooting for - and in that situation, a manager waiting for an important time-sensitive report from a subordinate, it's all too easy for the recipient to fail to notice that the icon is wrong, that there's an extra extension, etc.). Some users email exes for legitimate reasons. Some users are too busy to run an MD5 check on every attachment they get (and have you ever tried to explain how MD5 works to a secretary?). If viruses can be blamed 99% of the time on anything, they can be blamed on social engineering: the same impulses that make people give out their credit card numbers to total strangers who "call from the bank" will make viruses continue to spread.