Slashdot Mirror
Microsoft Anti-Spyware Removes Norton Anti-Virus
An anonymous reader writes "According to a story over at Washingtonpost.com, the latest definitions file for Microsoft's Anti-Spyware beta flags Symantec's Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. Microsoft's support forum is quickly filling up with complaints about this problem, many from businesses that have been pretty hard hit. This should be a cautionary tale about deploying beta products in production environments."
Probably the best thing any user can have happen. The removal or norton anti-virus.
"Go into the hall of mirrors and have a bloody hard look at yourself" - HG Nelson
Wait... Is not spyware? It's definitely malware.
Is it really worth the hassle to use Windows, especially when it comes to business users? I mean, when I set up a system for a firm, they want it to work. They don't want to be hassled with issues like this. This sort of nonsense drastically cuts down on the performance of the IT staff, as they're forced to deal with it rather than with other issues.
Each time I hear about a problem like this, I'm glad I recommend and employ the use of Solaris and OpenBSD. There's no worry about installing anti-virus software, let alone anti-virus software from one vendor which targets anti-virus software from another.
Cyric Zndovzny at your service.
Well I can't say I'm surprised. Microsoft just announced their own antivirus subscription service and now their Anti-Spyware product deletes another anti-virus product. Does this really come as a shock to anyone?
This has nothing to do with using beta products in production or not. This has to do with the failure of big organizations to recognize that /any/ update applied to all computers within the organization should /always/ be tested, however short. I have fought hard with a previous client, as in the past one of the datfiles updates for McAfee managed to render most PC's useles becuase of a bug in the engine that was triggered by this particular datfile.
Really, in a big organization, any update going to all PC's must always be tested.
This also brings up some interesting possibilities. Is it possible to craft a virus to deliberately have similar signatures to a commercial product? An anti-virus company that doesn't have quite all commercial applications on hand to test against could be caught by that. Maybe not, but I'm sure someone will try now.
I'm glad I run Linux, and when things like this happen, I wish everyone did.
Bruce
Bruce Perens.
This should be a cautionary tale about deploying Microsoft products in production environments.
Excuse me? NAV is a steaming heap of complete crap.
AVG does the job better, faster, and with far less resource consumption. Every time I have been called on to disinfect a machine which was running NAV, I recommned the owners switch to AVG. Without exception, they comment on how much more responsive their system is. I have little trouble convincing them to support Grisoft by getting the not-for-free version.
The machine I am on right now is running (probably unnecessarily) a full AVG install. It checks my email, it checks my downloads, it checks all of the crud running on the system, and it does this while burning some fraction of 1% of the CPU and a tiny bit of memory.
If you are currently running NAV, disable it (if you can) and try running AVG for a couple of days. I think you'll notice the difference.
Does MS Anti-Spyware still not detect Gator^H^H^H^H^HClaria crap as malware?
If alternatives become more common then Windows, then expect the same sorts of attacks.
Sure, in theory the system level is more secure, but if something blows away user data, its still just as effective.
And dont kid yourself, unix has holes too.. Just no one digs deep enough.
---- Booth was a patriot ----
Maybe it's just me, but one of the key components of ensuring availability of computer systems for end users involves NEVER running beta or pre-production code on production systems. I can understand using a release product in a controlled environment for testing of a new product in your production environment, but anyone who uses pure beta software in the work environment is asking to face these kinds of trouble and shows they have absolutely no idea what they're doing when it comes to providing IT services and technologies. Beta code, by it's very nature, is going to have and cause problems.
Remember the Alamo, and God Bless Texas...
Installing a software firewall on the machine it's meant to protect is like wearing a bullet-proof vest on the inside.
From the Slashdot story: "This should be a cautionary tale about deploying beta products in production environments."
That's not what happens in the case of Microsoft's virtual monopoly. Many people, when they find their computer has become slow, buy a new computer. Then Microsoft sells another copy of Windows, which, of course, still has huge security risks.
The incredible CPU-sucking of Norton software also helps Microsoft sell more copies of Windows, also.
Somehow Microsoft has arranged that owners of Microsoft Windows XP must pay again when they get a new computer.
It's miserable to have billionaires who care only about money riding on your back. That's why open source is necessary.
AVG is by far the best Ive found, and its free. At least the version I install on windows machines. Glad I knew enough when I got my Mac I didnt buy that worthless software.
>I switched to Symantec AntiVirus a while ago and...
I just switched.
From the parent comment: "This isn't really a beta issue..."
I agree completely, and for a different reason, also. Microsoft bought their anti-spyware software because it was successful commercial software. There was a lot of publicity that ignored the "beta" designation, including articles in the mainstream media.
This is a case of Microsoft having it both ways: Getting credit for clearing spyware, and avoiding responsibility.
Anyhow, as the parent poster said, this is NOT a failure in the anti-spyware software. It is a failure in the definitions that Microsoft provided. It's amazing to me, but Microsoft didn't test the definitions on a computer with Norton Anti-virus! Microsoft is amazingly sloppy, but this carries Microsoft's habitual sloppiness to a new level.
Its still there. Only slashdot linked incorrectly.
There is only thread about NAV problems and 41 replies.
Is slashdot tring to hide the fact its not really filled with user complaints as it claims?
Anyways an updated definition was available within a couple of hours.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Of the hundreds of thousands of people reading this, you're probably the only one that thought he was serious and didn't know that the article he linked was a joke.
I thougt all Microsofts products was more or less beta.
You're thinking of Google, who release great products but keep them in beta for years.
This is easily confused with Microsoft, who release mediocre products instead of keeping them in beta for years.
This is so funny it's just sad. My Linux servers have an average uptime of over 150 days. Don't even talk about Solaris, because I have one that has 459 days of uptime.
Windows? 40-60 depending on how many patch reboots they want.
Seriously, the fact that a so-called "hobbyist" OS can make MS look lame on so many different fronts despite the money behind it is just pathetic, as are MCSE vetted admins who think that "net use" and a bit of registry hacking is getting medieval on the command line. The fuckers would probably explode if they had to write a regular expression.
Yes it's called not forcing people to use your products even though they resent them because they have to in order to be able to do business. Apple, like most other companies isn't compelled to do harm to their own customers by locking them into their own products at every turn.
Unsurprisingly companies who don't treat their stakeholders the way Microsoft has don't have armies of disgruntled users forced into using their product every day, and don't have armies of people creating malicious software for that platform.
I agree. I am a computer services provider for mostly home users and I often find NAV and internet tools to be single greatest contributor to draining system resources. I usually recommend disabling NAV, using safe internet practices, and scanning weekly or if there appears to be a problem.
Oh yeah, but I've yet to find any antivirus software which doesn't do this.
I have also found that attempting to educate users about safe Internet practices is futile at best. I do, quite literally, have my father as the perfect example; despite many government-sponsored training courses, he still doesn't actually know the difference between two windows. "Dad, a window is an area on the screen which belongs to a program. The idea of a window is that it lets you do several things at once. Choose a window by pointing at its title bar - right there - and clicking on it. You can have several windows open at once, allowing you to choose your task as quickly as you can reach for the mouse."
So, what do I get from other, more advanced, users?
"Use FireFox instead of IE." - "You're just being alarmist, Internet Explorer can't be that bad."
"Don't open executables, especially if they're from strangers." - "My friend sent me trojan.scr, so I opened it."
"Don't open Word, Excel or PowerPoint files which didn't originate on your computer." - "All of my spreadsheets stopped working and one of them tried to dial a 1-900 number!"
Microsoft's support forum is quickly filling up with complaints about this problem, ma...Having had to use and support enough Microsoft crap over the years, I consider it to be suspicious that there's a "problem" appearing after Microsoft introduces a competing product.
Although I am sure that Microsoft's anti-virus/anti-spyware uses less CPU and memory, what with all the undocumented Windows features which were mysteriously used in their software.
Bastards. I hope Bill Gates, Steve Ballmer, all employees and all shareholders of that company contract inoperable colorectal cancer.
Fire and Meat. Yummy.
"Undocumented API"
The higher the technology, the sharper that two-edged sword.
"If you could run most apps in non admin and set up the file permissions properly, you'd eliminate a lot of viruses as a side effect."
This assumes that if an OS like OSX was relevant, virus writers would write viruses for it that assumed admin/root permissions. Malware doesn't *need* root/admin permissions to carry our their primary tasks.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.