Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Labels Vicars' Software as Spyware

Posted by ryuzaki0 on from the should-fight-back-with-the-vicars'-machine-gun dept.

ukhackster writes "The curse of Norton Antivirus has struck again. This time, Britain's vicars have been hit. Norton mistook a legitimate file for a piece of spyware, and those who followed the instructions found that their sermon-writing application no longer worked. Norton was once an essential application. Is it turning into a joke?"

17 of 268 comments (clear)

  1. stupid nitpick, please ignore by bunions · · Score: 2, Insightful

    Just for completeness, I'll mention that it's the 'Vickers' machine gun, not 'Vicars.'

    http://www.firstworldwar.com/atoz/mgun_vickers.htm

    Yes, I realize it's a pun, but it would have worked either way, really.

    --
    there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
  2. To be fair.... by 8127972 · · Score: 4, Insightful

    ....we can replace the Norton name with any other vendor's name and still have the same discussion. The only reason that we're beating up on Norton is that they've shot themselves in the foot like this before.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
  3. Re:well... yes? by User+956 · · Score: 3, Insightful

    So what's the solution?

    Kaspersky AntiVirus. It's a small enough company that the malware writers don't test against it.

    --
    The theory of relativity doesn't work right in Arkansas.
  4. Essential? by pikakilla · · Score: 2, Insightful

    When has norton ever been an essential application? If a person is resonably cautious and knows the basics of computer security there is no need to have an antivirus program that clogs the system. Peridoic web checkups do just fine.

    On another note, now that this software has lost its credability with the clergy (as CHP has advised members to ignore threat warnings dealing with this software) im willing to wager that many clergy members would be willing to ignore many future threat warnings with the fear that the progam will break some other essential application. The money spent on the licenses for norton would be better spent on education for the clergy so they can avoid these problems all together.

  5. Re:well... yes? by pete6677 · · Score: 4, Insightful

    Norton has become the AOL of antivirus. Living off a brand. Too bad Symantec destroyed what was once a great product.

  6. turning into? hardly.. by wfberg · · Score: 4, Insightful

    Signature-based virus scanners have ALWAYS been a joke. Basically, it's a technology that was barely good enough when the first one was written, and all that time we've been using it until something better comes along.

    The real solution to virusses lies not in signature-based scanners, but in policing applications. The discontinued Thunderbyte AV (of DOS days) had the right idea. It scanned files for instructions that shouldn't be in normal programs, like an API call to format your hard disk. It had a list of exceptions (format.com etc.), but otherwise, it would complain loudly.

    Nowadays, we can do much better. We have usernames, credentials, priviliges etc. Why don't programs run as separate users with separate priviliges? There is NO reason why Word (or openoffice for that matter) should be able to access every part of the registry or harddisk that the user running it can. Firefox should basically be restricted to making TCP connections and writing it's configuration, cache, and a download directory. The security model now allows it to write to c:\windows\system32 if you're logged in as administrator, even though it clearly has no business doing so.

    Newly downloaded applications should be granted permission only to write to registry keys they themselves created, and files likewise. And if an app overstretches its default permissions, the OS should complain loudly and ask permission (OS "professional" edition), lookup a policy file (OS "corporate/enterprise" edition) or simply disallow it and require some sort of wizzardry - e.g. editing an .ini file - to overrule it (OS "home" edition).

    This doesn't require rocket science to implement, though it will break some stuff and force users to copy files from My Documents\Microsoft Office to My Documents\Firefox if they want to upload a document. Small price to pay, I say.

    Of course Norton and McAfee suffer not just from being unreliable in detecting virusses, they also fuck up your OS so it won't work properly anymore, and are a bitch to uninstall. But the solution to that is simple; switch to another product. The fact that the other product would, again, be a signature based scanner is the lamentable part.

    --
    SCO employee? Check out the bounty
    1. Re:turning into? hardly.. by honkycat · · Score: 3, Insightful

      While this is a more secure approach, I see two problems. First, although the inconvenience is objectively a small price to pay for the additional security, few people see security issues objectively. The thinking is "well it hasn't been hacked yet so it must be secure." As a result, a change that adds inconvenience with no benefit other than increased security will not be welcomed. I don't think this is insurmountable, though.

      The other problem is that a scheme like this requires that someone determine what privileges a particular application needs. You cannot trust the application to do this, obviously. I don't see a good way for the OS to know what privileges are needed. Really, I think this requires a technically sophisticated administrator for the machine. That may work well for businesses or high-security environments, but it's not going to fly at home, where most machines are administered by someone who knows enough to insert a CD and run install but not much else -- and that's the optimistic characterization.

    2. Re:turning into? hardly.. by ultranova · · Score: 4, Insightful

      I know saying something good about Trusted Computing around here is largely akin to taping meat to myself and dancing with lions, so here is an AC post.

      Only when you are clearly lying; in this particular case, you are trying to make it seem like Digital Restrictions Management is increasing security for the user of the computer, as opposed to some remote authority, which is a lie.

      One of the goals that Trusted Computing is working towards is 'Sealed Storage': only the program that generates the data can access the data it has encrypted.

      This is only usefull if the goal is to lock the user of the computer out of the data - that is, to prevent the user of the computer from doing anything with the data that the program make doesn't want them to, such as, say, opening a Word file in OpenOffice.

      For increasing security for the user, kernel-enforced access controls are far preferable - they are both sufficient and allow the user to transfer data from application to application. For an example of such controls, see the access control system of Unix-like operating systems, such as GNU/Linux; these controls need to be revised somewhat to allow finer-grained control, but this doesn't require DRM.

      I hope your corporate masters gave you a good price for your soul, astroturfer, but I doubt it very much.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

  7. unfortunately, yes... by Dretep · · Score: 1, Insightful

    At least since Norton got gobbled up by Symantec.

  8. Re:well... yes? by DCGregoryA · · Score: 1, Insightful

    Any stock machine (yes, even Windows) will block any attack you're likely to encounter if you do some common things.

    1) Keep it patched.
    2) Don't log in as root/administrator, ever.
    3) Don't use the same password as root/administrator.
    4) Your main login account should have LIMITED privileges and NOT any installation privileges.
    5) Make a secondary administrator account with a 10+ digit password and use that to install things/perform maintenance only.
    6) Do not download keygens, cracks, warez software, etc. Actually *gasp* purchase legitimate software and music.
    7) Do not open email attachments that you're not expecting to get or from people you do not trust.
    8) Limit your open ports to the bare minimum required (Use IPSec on Windows to enforce this).

    For Linux/Mac/Unix :
    Most of this stuff happens already. Kudos.

    For Windows :
    Run Internet Explorer in the highest security mode and add "Trusted Sites" for sites you trust, ONLY.

    Additionally, Microsoft should have most of this set up when you first install Windows, but alas it defaults to a very lax security setting, especially things like XP Home which will default you to an administrator. Microsoft would rather be "convenient" than "secure" which, while its a usability thing, annoys the crap out of us engineers/techs.

  9. regular crashes by stewwy · · Score: 2, Insightful

    At work I've disabled norton on my pc as if I don't nothing works, its set to update at 12 am (not pm)for some stupid reason so just before lunch everyones (except mine for some reason :) ) pc blue screens on update days

    I've tried explaining to my pointy haired boss that Norton crashes our pc's because of a conflict with our inventory SW and nortons update mechanism but he's got as much of a clue as dilberts cartoon boss
    He's supposed to be our IT guy, but usually makes it worse when he tries to 'fix' things, anyway rant over. I'm enjoying quietly converting people to firefox and thunderbird and have recieved lads of requests to 'speed up my computer' which usually means uninstalling all sorts of cr*p.
    Today the big boss asked me to sort out outlook express which I did by swopping it for an 'upgraded' version (i.e.thunderbird), which he now thinks is great so things are looking up!

  10. Your argument is 99% flawed... by gamlidek · · Score: 2, Insightful

    without religion, what would become of war? or hate? How would world leaders control the masses? Honestly, without religion most people would be nice to each other because they'd have to -- there would be no higher being that would forgive them for their inhumanity to other humans. People would have to make more of an effort...

    Now, *with* religion, you can slack off, cheat, lie, steal, kill, covet, etc, and still be forgiven regardless of how much you hurt those around you. You can waste all of the Earth's resources without concern because one day you'll be with your God and that's really all that matters. I mean, this Earth is temporary, right? People really don't matter so much as what those people believe in, right?

    I forgot what I was saying... I think I was agreeing with you or something...

    anyways...

    /gam/

    --
    "In theory, theory and practice are the same; in practice, they are not."
  11. Re:Trust me, I am an IT professional... by Anonymous Coward · · Score: 1, Insightful

    "Symantec Corporate Antivirus works great,"

    unless its set to scan your computer while your actually working on it!!
    Then you essentially must stop using the computer till its done as it sucks
    up all the computer resources. takes about 45 minutes.

  12. Re:well... yes? by ShadowBlasko · · Score: 4, Insightful

    What is it about say... AVG that you don't like?

    I like the small memory footprint, the timely updates, and the ease of interface. (hit it and forget it)

    Is there a reason they are not to be trusted? (seriously... not being a smartass)

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order- Ed Howdershelt Via Tass
  13. Re:Really? by plantman-the-womb-st · · Score: 3, Insightful

    No no no, let the silly Emac-fundamentalists preach the damnation and hell fire while thumping their lisp manuals.

    VI users don't preach, they just get the job done.

    --
    Say bad words about my book, in cold oatmeal, or I shall sue!
  14. The only crack here... by Mister+Transistor · · Score: 2, Insightful

    Is in yer ass. He's talking about way long ago...

    -- You probably weren't even born yet --

    Before there was Spyware, before there were viruses, before the Mac-centric (at the time) Symantec bought out and pussified it, there was:

    {brief fanfare}

    "The Norton Utilities"

    The finest and mightiest system utils evar. They had a nice collection of about 15 programs, all tiny .exe's, that did great things. There was a direct hex/ascii editor for files AND raw disk sectors. There was the first practical unerase/undelete for files and dirs and much more - a superb hacker's toolkit, everything you needed except debug (and that came w/DOS).

    Peter Norton was a god to us then. The moment Symantec bought up all his stuff they completely hosed them, they probably didn't know any better being Mac heads, but they drove what was the strongest techie software franchise in the PC world right into the toilet.

    --
    -- You are in a maze of little, twisty passages, all different... --
  15. symantec norton antivirus = adware by poor_boi · · Score: 2, Insightful

    I used to use Norton AntiVirus religiously. I recently uninstalled it and I won't be going back unless something drastic changes. Every new release lately has more and more popups which are seemingly impossible to disable. The thing basically spams you with messages and it's pretty clear they're intended to bring your attention on the program so you'll be more likely to pay for your yearly update. They're afraid antivirus has become something that sits in your tray and you ignore all year while it does its job silently ... and that software that behaves like that doesn't inspire users to shell out their yearly upgrade / subscription cash hastily enough. So they make all sorts of blinky popups to remind you that you're using Symantec Norton AntiVirus and it is Monitoring Your Computer and Status is Green and all sorts of shazz I really don't need to know. Tell me when there's a virus and shut up otherwise.