Slashdot Mirror
McAfee Anti-Virus Causes Widespread File Damage
AJ Mexico writes, "[Friday] McAfee released an anti-virus update that contained an anomaly in the DAT file that caused many important files to be deleted from affected systems.
At my company, tens of thousands of files were deleted from dozens of servers and around 2000 user machines. Affected applications included MS Office, and products from IBM (Rational), GreenHills, MS Office, Ansys, Adobe, Autocad, Hyperion, Win MPM, MS Shared, MapInfo, Macromedia, MySQL, CA, Cold Fusion, ATI, FTP Voyager, Visual Studio, PTC, ADS, FEMAP, STAT, Rational.Apparently the DAT file targeted mostly, if not exclusively, DLLs and EXE files." An anonymous reader added, "Already, the SANS Internet Storm Center received a number of notes from distressed sysadmins reporting thousands of deleted or quarantined files. McAfee in response released advice to restore the files. Users who configured McAfee to delete files are left with using backups (we all got good backups... or?) or System restore."
What about a *nix firewall with antivirus software on it?
;-), plus you will be able to forget the burden of whatever "ANTI-*.* " software that wastes your precious resources.
You only need that headless pentium 3 (even a pentium pro could make it!) that you are using to rest your feet
Of course that is if you use Windows (for whatever reason, I also do it).
Ubuntu is an African word meaning 'I can't configure Debian'
Even better are McAfee's instructions for how to recover from the damage their product has done. The first option is to restore the files from quarantine, assuming your version of McAfee actually lets you do this (not all, including the corporate version, have this option). The second is to use Windows System Restore.
This probably would have worked great on my machine if it weren't for the fact that half of the files McAfee quarantined were *System Restore files*.
Apparently McAfee hasn't heard of a novel concept called "testing". (I like how they've posted a list on their website of the false positive files, now 7 pages long and still woefully incomplete; they ought to just admit it's going to take a random assortment of exes and dlls on any machine.)
Combine this with the fact that the default settings on a McAfee install are to quarantine without prompting, and IMHO McAfee is the most dangerous virus I've ever had on my machine.
let's be honest, how many people actually look at the source of programs (updates) they install? I am a programmer, and I never looked the code of an Open Source program I installed
The point of open source is not that you PERSONALLY can look at the source to find problems (although you can if you like).
The point is that thousands of other people can. And usually, no one's stopping them from reporting a problem if they do find one.
Admittedly, this leaves gaps (what if no one else looks?), but it works pretty damn well, for the most part.
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
I have removed Adobe Acrobat reader from my systems. In it's place, I use Foxit Reader (http://www.foxitsoftware.com/pdf/rd_intro.php) for reading PDF files. It's a lot faster to load, and I have yet to come across a PDF it can't read.
For creating PDF files, I use PDFCreator (http://sourceforge.net/projects/pdfcreator). It works like Adobe Distiller used to, you create your PDF files by printing to PDFCreator.
Looks like there may be a reason for this behavior. That package hasn't been available from its creators for nearly a year, and it seems (as indicated by this site) that there may be versions of the installer floating around that have had trojans attached to them...