Slashdot Mirror
Symantec Anti-Virus Supresses Privacy Tool
salimfadhley writes "Symantec's 'Norton Antivirus' now attempts to remove Freegate, a program designed to help Chinese internet users view websites blocked by the government firewalls. Symantec offered no reason why the program (which is not spyware) was marked as a 'trojan' in Chinese versions of the software, however even an unattuned conspiracy theorist will guess that this was done at the request of the Chinese government. "
I'd certainly like to see the official line on this one. Probably a bit like Cisco - "Hey, anything to make a buck, right? We don't have no scruples." Similar issues appeared with web censorware which were illuminated by the organization, PeaceFire a few years back. Not only were the censorware lists blocking "legitimate" websites but also blocked sites that could (without imagination) be construed as agendas beyond the scope of "protecting children" against sex. Outsourcing your software increases the risk of being subjugated by others. It is unfortunate that we need so dearly the protection that antivirus software provides - but we're putting our trust in corporations that do not hold honor over profit (few do, nothing special about this one.) The same struggle with subjugation appears in the Digital Rights Manglement issues, where Microsoft chooses what you do with your computer. Fortunately as we've seen with the adware war, Freegate and friends will continue to evolve. Let us hope that the antivirus vendors have as much trouble blocking Freegate as they do catching legitimate malware! Bill
AVG Antivirus is a great alternative to Symantec's Norton AntiVirus.
It's free for home users, has a memory-resident scanner, scheduled updates, limited scheduled scans and doesn't bog down your system with unnecessary crap like the Norton or Mcafee anti-virus programs.
"Can of worms? The can is open... the worms are everywhere."
There were viruses a long time before Outlook. There will be viruses a long time after Outlook. As far as "allowing someone to send email as you" - that's not Outlook's fault, that's SMTP's fault: the From: header is never authenticated. Yes, Outlook's security model sucks, but security issues are a lot more subtle than you're allowing.
For instance: what antivirus software is really designed to do is not to stop 0 day infections, but to put a limit on how long a virus can be effective. When was the last time you heard about someone who had the Michelangelo virus? Can't remember? That's because antivirus software is doing its job: preventing viruses from sticking. How about RedAlert or MSBlast (gee, Outlook had nothing to do with those, did it? Yes, we can all blame MS's sloppy approach to security, with full justice, but we have to remember that MS is a product of its niche - if IBM had ended up in the monopoly role of the monoculture, it is entirely possible that their products would have introduced "user friendly" features that undercut security, too.)
Your approach frankly isn't going to work with the majority of users. You're never gonig to be able to prevent things like "Here is the report you asked for / report.doc.vbs" showing up in a user's mailbox when that user really was expecting a report from the putative sender (I've seen this happen - precisely what the virus writer is shooting for - and in that situation, a manager waiting for an important time-sensitive report from a subordinate, it's all too easy for the recipient to fail to notice that the icon is wrong, that there's an extra extension, etc.). Some users email exes for legitimate reasons. Some users are too busy to run an MD5 check on every attachment they get (and have you ever tried to explain how MD5 works to a secretary?). If viruses can be blamed 99% of the time on anything, they can be blamed on social engineering: the same impulses that make people give out their credit card numbers to total strangers who "call from the bank" will make viruses continue to spread.