Symantec Hopes To Deliver Anti-Virus Online

daria42 writes "Symantec today said it will slowly move towards supplying its consumer applications online as services." From the article: "Sykes also said there was the possibility that tiny pieces of an application or a single virus scan could be resold by organisations such as online banks, which may choose to ensure their customers are not infected with a virus or spyware before they log on to their account ... This could be paid for by the customer using their credit card or by adding it to their mobile phone bill by sending a text message, said Sykes, who warned that banks could decide not to provide access to anyone with an infected computer."

Broken Internet

[theRiallatar]

What happens when a virus or spyware cripples your ability to launch the service via the web? What happens when you want to boot into a safe, standalone environment (no web access) and scan?

Re:Broken Internet

[IAmTheDave]

An online virus scan at your bank/credit card/stock trading website

So... does that mean I have to install an ActiveX component on my browser? Or perhaps enable a JAVA applet? Do I have to wait for the bank to scan my entire HD every time I want to check my balance? Does this require me to use IE? Can I still check my balance using Linux or OSX computers?

Don't get me wrong. I certainly understand that safety is important, and I support the idea of an ISP dropping a customer off of the net if their computer is infected / a spam bot until corrective action is taken. But really, websites requiring scans? Hmm...

Linux?

[Rydia]

So, uh... what about those of us that run just linux? Will banks assume we're clean, or will they just lock us out because Symantec's stuff returns an error? That's a pretty big concern.

Let me add another concern...

[Hakubi_Washu]

If I were a credit institute/bank/whatever, I'd:

Step 1: Offer virus scanning for a charge
Step 2: Require my customers to be virus-free
Step 3: Since I can only be sure they are virus-free after they have been checked (With my scanner, since I can't be bothered to support other peoples solutions): PROFIT!

Add to this the legitimate question about other OSes and AV-solutions and you have a bona fide extortion scheme.
But then, I'm a computer scientist, so I don't do "online banking" anyway...

Punk Buster

[LiquidCoooled]

This model for killing viruses sounds very much like the code gamers are getting used to seeing.

Its down to trust.

Before you can come on MY website, you have to run MY code. If you run my code and it gives the wrong result, then your fucked.

Problems, OS dependence, other people have mentioned already, but another is security - what kind of permissions do I have to give to allow arbitary code to be run which can access the running list of applications and OS internals, how do I know the code being run is safe?

Would you really feel safe opening up so much of your machine for a general internet site?

We are moving away from internet explorer and the nightmare of activeX, lets not go back to it.

After thought, if the banks implimented this as a standalone application and it did this scan as part of its initial authentication (like the gaming world), I would be less bothered than expecting this kind of code to be run in a browser. strange isn't it.

Whose computer is it anyway ?

[Quiberon]

Look, really, it's my computer. Sometimes it's private (none of anyone else's business what it's doing); sometimes I want some help checking whether it in infected with a virus, bacterium, worm, amoeba, horse, elephant, or whatever. Sometimes it's doing something confidential between me and my employer; in which case the bank had better check with my employer if they want to do anything with the computer.