Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Bad Week for Symantec

Posted by CowboyNeal on from the seen-better-days dept.

Evan Hughes writes "NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. — all in less than a week. In what seems to be a string of stupid mistakes culminating in the infection of CNN-parent Turner Broadcasting Systems by Rinbot— a virus dedicated to the eradication of Symantec from the known world."

12 of 239 comments (clear)

  1. No great loss by ravenspear · · Score: 5, Insightful

    Every experience I have ever had with a Symantec product has been utterly terrible. Generally they cause more problems than they solve.

  2. Is this guy serious? by RESPAWN · · Score: 3, Insightful

    What kind of anti-virus product only updates once a week (on Wednesdays)... And most importantly, what kind of security company lets its product remain installed without updating? To be quite honest, those are all user configurable options, are they not? To think! Some of us may not WANT Symantec to hold our hands when it comes to maintaining our AV installs. Can you really hold Symantec liable for the mistakes of its customers?

    Furthermore, doesn't Free AVG only update once a week as well?
    --

    If Murphy's Law can go wrong, it will.

    1. Re:Is this guy serious? by RESPAWN · · Score: 4, Insightful

      My point is this: the corporate version of Symantec does not automatically install any download rules. They leave this up to the installer who is hopefully capable of properly configuring their update rules and/or updating their servers manually, most likely so that they can properly test the latest virus definitions for errors or anomalies before pushing them in to production. See the comment below that links to the article about Excel being treated as a virus.

      I work for... well, it doesn't matter. In our facility absolutely NO patches or virus definition updates are applied without first being approved by another group whose sole job it is to make sure these pathces don't affect something critical to our operations. Furthermore, we only download our defs from approved (IE our own) sources so as to ensure that we are ONLY downloading what's already been tested.

      In short, we are all professionals and we should be capable of ensuring that our defs are up to date. We don't need (nor will we allow them to in our case) Symantec to hold our fuckin' hands throughout this process. When I install a corporate virus scanner, I fully expect to have to configure the machine policies in order to match our IT policies. If somebody's only updating their definitions once a week, then that's not Symantec's fault. That's the fault of whatever sysadmin was too stupid to properly configure his software.

      That said, I still think Symantec's a piece of shit and I wish we were allowed to use other solutions in its place, but that's not for me to decide. Their management software is no where near as feature rich as EPO, and I seem to have to spend more time dealing with Symantec issues than I do with EPO issues. (Because, yes, we do monitor our machines each day to ensure that they are updating properly. CNN we are not.) Please don't think for a minute that I like defending Symantec. I just believe in placing the blame properly where it belongs, and in this case it's the idiot sysadmins who weren't doing their job.

      --

      If Murphy's Law can go wrong, it will.

  3. Re:With all due respect... by digitig · · Score: 4, Insightful

    "Effectively free" is still overpriced as far as I am concerned. The amount it slows the system down is unforgivable.

    --
    Quidnam Latine loqui modo coepi?
  4. Sounds as Though Turner Made One Mistake by SwashbucklingCowboy · · Score: 5, Insightful

    A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.
    Turner can't update their software in EIGHT MONTHS? That's not a problem with Symantec, that's a problem at Turner.
  5. Updates by fm6 · · Score: 5, Insightful

    People often don't update their software for years at a time. Hey, it costs. Which is why NAV is designed to update itself automatically. You just have to configure it correctly.

    I'm no fan of Symantec. It's perfectly true that they're badly run. Hey, they used to be a lot more than a "security software" company, but all their other business (natural language databases, compilers, IDEs, desktop software, backup software) just died on them. But to blame them for the ineptitude of the CNN's IT department is idiotic.

  6. Re:How much will it take? by SwashbucklingCowboy · · Score: 3, Insightful

    How bad does it have to be for people to Stop using windows?
    Really bad. But if everyone started using Linux or OS X then all of their security problems would have a spotlight shown on them.
  7. Re:AVG by Southpaw018 · · Score: 4, Insightful

    Seconded. The only time I get reboots is when it's required for a security patch, or the occasional "application freaking the #$@%^& out" kinda thing...servers, workstations, all of 'em. And if it weren't for that, I'd be pushing 90-120 day uptimes on most of my machines. Yes, Windows machines.
    In fact, I'll get you the data.

    Main server has rebooted twice in the last four months for security patches, total ~19 minutes downtime.

    --
    ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
  8. Re:With all due respect... by Zantetsuken · · Score: 5, Insightful

    yes, its close to zero cost when you buy the software in store, but its still subscription based, which is where they get you - its like a subsidized cell phone from a major carrier - sure, the phone is zero cost or 50 bucks off, but you've still got to pay for airtime minutes...

  9. Re:How much will it take? by pak9rabid · · Score: 3, Insightful

    The reason Windows has so much malware problems is because it's the most common operating system used, therefore it's in the best interest of the malware developers to write malware for Windows. If the most popular operating system was OS X, then OS X would have the most malware problems. The same goes for Linux or .

  10. Re:With all due respect... by bluephone · · Score: 3, Insightful

    I used to swear by it, but around 2002, it just sucked up too much in the way of system resources. I switched to the Corporate client and got back a lot of CPU and memory, ditched the flashy idiot-targeted UI, and kept the engine. For the past 15 years it hasn't let me down once.

    --
    jX [ Make everything as simple as possible, but no simpler. - Einstein ]
  11. Re:Astroturfing by swordgeek · · Score: 3, Insightful

    Thanks for your note. I'm going to reply to it rationally (more or less), hoping that you'll see it and take my comments as constructive criticism rather than just ranting.

    First of all, I may have misstated Symantec's support policy, but that is verbatim what I was told by a support engineer. (I even have the email to prove it.) Maybe some internal training is in order?

    "...you've downplayed the fact that two years is a long time in the world of security software."

    Did I mention the "Veritas products" part of the equation? Two years is barely time to get one's feet wet with most (former) Veritas products. There's also support from other vendors to consider: Sun didn't actually provide support for Volume Manager 4.0 until after 4.1 was released. Already we're into the two year window, and we haven't even started a cluster OS upgrade!

    And that's just volume manager. A full-blown enterprise Netbackup installation is a MAJOR event. Here's one scenario I dealt with recently:

    NBU 5.0 gets released. After six months of waiting for it to become stable enough to actually use, the company started the implementation. This involved $980k of new hardware (and they already had the tape library and infrastructure in place). The planning, architecture, implementation, cutover, and validation took a total of roughly eight months. That's 14 months after initial release, and we've just gone live with the product. At that point, after over a million dollars of gear and time and effort, I am NOT planning on a major version upgrade in ten months or twenty or thirty. I want a MINIMUM of three years of full support after that point, and five is much more reasonable. We shouldn't be forced to upgrade our software until we've outgrown our infrastructure, which is about a 3.5-4.0 year turnaround for most big companies.

    Furthermore, service packs or not, the very WEEK that NBU6.0 was released, we were told we couldn't get any more NBU 5.x client licenses. That's it, no more, thanks for coming out. Suddenly, regardless of bug support, we're left without any legal means of growing without upgrading to 6.0.

    That is, in a word, crap.

    This isn't a $100 anti-virus package for a PC that's going to be chucked in two years, this is software that runs enterprise installations. We don't spend $5k per client machine for a product that's obsolete almost as soon as we install it.

    Now you can say that Symantec doesn't operate like this, that my details are all incorrect. That may be, but that is what we were told by our local sales guys, our regional managers, and the other end of Symantec's international support group.

    So on the one hand, we have the model you describe, which is crap. On the other hand, you have the reality that I've described which is rancid festering crap. Add to this the fact that VxVM5.0 Basic (the freebie package) simply doesn't work, and you've got a company that is either too incompetent to survive, or trying very hard to destroy the Veritas products/division they bought a few years ago.

    As for you liking your job, that's great. I really am genuinely happy every time I hear about someone enjoying their work, because we spend a lot of time at it. (random aside: Until recently I hated my job although I love my work, so I quit--now I'm working for a better company for less pay, and loving it.) Unfortunately, that doesn't change the fact that your company doesn't even have the vaguest understanding of what enterprise computing is really about.

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban