Slashdot Mirror
A Bad Week for Symantec
Evan Hughes writes "NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. — all in less than a week. In what seems to be a string of stupid mistakes culminating in the infection of CNN-parent Turner Broadcasting Systems by Rinbot— a virus dedicated to the eradication of Symantec from the known world."
NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. -- all in less than a week
Maybe they're not mistakes... maybe it's just a form of viral marketing.
The theory of relativity doesn't work right in Arkansas.
....in my experience modern Symantec products such as Norton Internet Security is the most malicious, but successful form of malware ever. It actually gets people to pay money for the product, and in a lot of cases, pay other people to install it and keep it on their system.
I'm so glad I moved out of software maintenance and into hardware maintentance. Now I just wipe harddrives clean as a whistle and make sure the hardware works. Such a load off!
do() || do_not();
already slashdoted. If you have watched the blog article pls put a copy here.
Every experience I have ever had with a Symantec product has been utterly terrible. Generally they cause more problems than they solve.
Turner apparently got hit because it had not yet updated the Symantec programs on its computers. A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.
Hmm hmm hmm people are dumb.
webpage
Furthermore, doesn't Free AVG only update once a week as well?
If Murphy's Law can go wrong, it will.
a virus dedicated to the eradication of Symantec from the known world
That's not a virus. That's a feature.
Best Windows Freeware
neosmart link provides a page which states...
:)
PHP has encountered an Access Violation at 7C8224B2
Looks like they were "violated"
"Furthermore, doesn't Free AVG only update once a week as well?"
No.
AVG(free) checks for updates every reboot or once a day which ever comes first.
because CNN is infected?
1. Estimates are 100-150 million machines are currently part of botnets
2. Loss estimates exceed 200 billion annually on a global basis
3. Over 80% of all spam comes from botnets
Yes, I can cite. Or you can Google. They are all easy to find.
This is a HUGE problem that is, in many ways, like spam was in 1996 or 1997. The technical community acknowledges it, the average consumer has no clue, and, left unaddressed the problem and associated looses will get much, much worse.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
How bad does it have to be for people to Stop using windows? With all these security issues and putting there eggs in 3rd party tools which are more of a hack on the the OS then actual protection.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Most successful would have to be MS windows itself.
The problem isn't Windows. It's having an always-on connection to the internet.* This wasn't as big an issue in the dial-up days.
*Especially if it's not really needed, except under the guise that slashdot must always be accessable or the geeks will revolt.
the kind that crash servers, it is not like they haven't done it before, but for most purposes I agree with you. In a large scale environment with lots of custom apps. you had better be checking these patches prior to general deployment or you WILL get bitten...*speaks from experience*
errr....umm...*whooosh* *whoosh* Is this thing on ?
A virus dedicated to the eradication of symantec? Sign me up! ...I suppose I'll have to turn off AVG first...What then?
-- David
You cannot blame symantec for this. The update was released months ago. Blame the CNN IT deptarment.
People often don't update their software for years at a time. Hey, it costs. Which is why NAV is designed to update itself automatically. You just have to configure it correctly.
I'm no fan of Symantec. It's perfectly true that they're badly run. Hey, they used to be a lot more than a "security software" company, but all their other business (natural language databases, compilers, IDEs, desktop software, backup software) just died on them. But to blame them for the ineptitude of the CNN's IT department is idiotic.
Error establishing a database connection
This either means that the username and password information in your wp-config.php file is incorrect or we can't contact the database server at localhost. This could mean your host's database server is down.
Are you sure you have the correct username and password?
Are you sure that you have typed the correct hostname?
Are you sure that the database server is running?
If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress Support Forums.
We're chucking our desktop firewalls, spyware tools and AV scanners for one big Symantec managed client. And if any of you have ever tried to uninstall Symantec you'll know that you're chained to them for life.
Mod me up, mod me down, tell me to shutup or give me nazi looks and frown.. Since slashdot
.. then on monday that was discovered and exposed ..
t _of_the_conspiracy.html
isn't going to carry this voluntarily we'll just have to find a place for it..
and talking of having a bad week this certainly sounds like a valid venue.
If you think Symantec had a bad week, you should stick a finger into the hot
water the BBC is boiling in right now as I'm typing this:
First they report the "collapse" of WTC7 26 minutes too early with the building
still visible in the interview
and then all they could come up with was a lame excuse they lost the tapes they
had of their 911 coverage.
All in all it was also a very busy week for video.google.com and youtube deleting
the videos exposing this maximum faux pas.
But don't take my word for it and instead check out the facts yourself:
http://video.google.com/videosearch?q=bbc+wtc+7
You can read the BBC's official reply here.
http://www.bbc.co.uk/blogs/theeditors/2007/02/par
Here's an excerpt from that reply:
4. We no longer have the original tapes of our 9/11 coverage (for reasons of cock-up, not conspiracy). So if someone has got a recording of our output, I'd love to get hold of it. We do have the tapes for our sister channel News 24, but they don't help clear up the issue one way or another.
5. If we reported the building had collapsed before it had done so, it would have been an error - no more than that. As one of the comments on You Tube says today "so the guy in the studio didn't quite know what was going on? Woah, that totally proves conspiracy... "
They (THE BBC!) says lost their tapes of the 911 coverage and they'd like you to help them out.
Another interesting fact you should keep in mind is that buildings can not be "pulled" or
demolished by explosive within mere hours. It can't be done in one sunny afternoon, it takes
at least a week of careful planning and preparation.
Hey, eliminating Symantec (more specifically Norton) from the world is my goal too! :D Then again, I'd target AOL first if I wrote a virus lol. But yay to the person who wrote it. I mean really, when you remove a Symantec product from someone's computer it's like removing a virus. It runs twice as fast and everything works again. They're doing everyone a service!
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
Symantec has seen quite a bit of negative publicity in the past year on slashdot.
I have to wonder how much of it is simply astroturfing by disgruntled former employees? When there's a negative op/ed piece on a "software development and security research" website where none of the SQL even works, I just have to wonder if some no-talent assclown is pissed off because he lost his helpdesk or HR job.
Whenever I have to fix a screwed up PC, MsAfee or Symantec is disabled by the malicious code. So, I always uninstall whatever is on the machine and install something else like AVG or ClamWin.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
... Every machine that comes to me for service has one requirement: No Norton. Take norton off, and people are *amazed* at how much faster their machines run.
I substitute Free-av.com for Norton- better infection detection, less memory overhead, free (with the option of buying a license- I usually guilt them into doing it), and nightly upgrades.
Rinbot is devoted to destroying Symantec? Must have been written by an Ex-employee. The only ones you really despise a company are the disgruntled ex employees.
Ok, I read over the articles. I like how they mentioned that the security hole in the Symantec software that was used to infect TBS has had a patch available for over 8 months. (I forgot if they said march or may.)
So TBS didn't bother to update their security to deal with known issues. TBS gets hit by infector because they didn't bother to update. How is this Symantecs fault?
Gee, what year are their virus definitions for? Did they ever update those? When was the last time they made a backup, and tested it? Are their doors still using those old two cylinder locks that open with skeleton keys? Maybe their IT department heads idea of a car alarm is giving a buck to a passing kid to watch his car.
Sorry Symantec bashers, It's time to bash TBS for being stoopidd. (That's stupid for the really dumb.) Seriously, whoever didn't update (or prevented the update) should be fired. (I can bash Symantec better than most of you when I want, but lets at least stick to something that's actually their fault.)
Symantec typically releases new definitions once a week. You an fetch them as often as you like, though.
If you mod me down, I shall become more powerful than you could possibly imagine.
I bought a copy of defender pro it did not work with my laptop and xp. So after trying to save money i bought norton av it had rebates they said no so i did not get all of them. lame excuses so i was happy to have anti virus but i would never fall for the rebate scam again. My box got f ed up so i reinstalled everything, but now when i put in the key on my paid for cd is says its not valid. i still have 9 more months of time. I installed sabayon linux and have not looked back 64 bit ver is so trouble free. They pushed me into it. I just got tired tired enough than when this laptop no longer works i will not replace it. The fad after the purchase of my 8080 till now is over. I am turning 45 this year and just bought a new hobby it has strings and a amp.:)
Although they may hold on to the enterprise market, why even bother with Norton AntiVirus or Internet Security when you can get Avast AntiVirus Personal edition for free! http://www.avast.com/eng/download-avast-home.html/
No, I don't work for them, or own stock. They've even updated it for Vista. The cost? Register for a free serial number every 14 months.
Comodo firewall http://www.comodo.com/ is nice free step up for those who think they need something more than Windows firewall.
In the year 2007, there is really no need for a consumer to pay for a product from Symantec/Norton, McAfee, or any other security software vendor that has been fleecing us for the last several years.
Free AVG updates daily.
I don't respond to AC's.
"dedicated to the eradication of Symantec from the known world"
So where do I DL this program?
pretty much has brought all staff/faculty/student computers on campus down.
It appears that Symantec has finally begun moving to daily updates. Information about their Live Update system indicates that for their 2006 home user product daily updates were available. Users of prior versions of the product receive only weekly updates. They have been under tremendous pressure from customers to make daily updates available for several years. I'm glad to see them finally moving that direction.
If you mod me down, I shall become more powerful than you could possibly imagine.
One of my clients has a relatively large Symantec AntiVirus deployment (something like 35,000 Windows PCs). I was, among many other things, directly and soley responsible for their Symantec AntiVirus architecture for several years. I assure you that there are many issues which can be easily overcome at the scale of 300 machines which are pretty close to show stoppers at the 30,000 node scale. I agree that Symantec Enterprise Edition is a reasonable AntiVirus product, but its weakest link, ironically enough, are the issues that arise when trying to deploy, operate, and maintain it at the scale of a real enterprise.
If you mod me down, I shall become more powerful than you could possibly imagine.
Was I the only one who thought "when did symantec get into D&D?"
We had a Cisco router wigging out once.
Our Network Admin decided to reset it, and it offered this up:
Kodiak_Rtr uptime is 6 years, 9 weeks, 3 days, 10 hours, 43 minutes
Go Cisco!
Used to love good 'ole Norton Utilities in the DOS days, but around the time of Windows '95 they completely lost it. I remember the first supposedly Windows '95 compatible version trashed every long filename on my HDD when I tried to defrag, leading to one of my first (of many) OS reinstalls.
The philosophy under which these OSes are built is completely different and ensure better security.
And now with virtualization made easy (unlike with WIndows, where all kind of asinine licensing restrictions discourage virutalization) one is able to isolate even more logical instance of machines. This enhances security and reliability.
IANAL but write like a drunk one.
Malware is firmly constrained to the priviledges of the user doing dumb things. Many things remain off limits.
And if you install any of the rule based security applications in Linux, the constraints are even stronger, this without sacrificing the versatility or the user's experience.
Linux is not attacked for lack of popularity, it is not attacked because it is more of a bitch to do an attack.
IANAL but write like a drunk one.
It is not anymore the little box out there hidden under a desk.
Most (all?) companies offering web hosting or collocations support Linux. Actually being able to 0wn a Linux server gives you much better malware posibilities since a system can have hundreds or thousends of users.
But black hats don't attack Linux not out of popularity, but simply because Linux has a better design when it comes to security (UNIX, and Linux, which takes its inspiration from it, were designed in the understanding that you may have different people working in the same computer at the same time. That has mae immensely easier to make these OSes cracker unfriendly. In the meantime MS has been hacking a multiuser systems in top of their offerings, the amount of holes left behind and the constant form over function ensure the systems will be easier to crack).
Security has nothing to do with popularity, it has to do with proper or improper security policies and their implementation.
IANAL but write like a drunk one.
he, he, he,
Symantec AV is useless. I got it bundled in my laptop and after 60 days I uninstalled and installed eTrust. It is far better and cheaper.
Oh boy they're really "upset". The parent post got swatted down to 0 within two minutes of me putting it up,
five minutes later when I checked back again it was down to -1. Now in a thread that _already has_ a parent at -1
which means few people will actually ever read this I get all my follow up posts modded down.
Re:Not nearly as bad as the week was for the BBC: Friday March 02, @12:06AM 0, Offtopic
Re:Not nearly as bad as the week was for the BBC: Thursday March 01, @11:10PM 0, Troll
Re:Not nearly as bad as the week was for the BBC: Thursday March 01, @08:57PM 0, Offtopic
Not nearly as bad as the week was for the BBC: Thursday March 01, @08:40PM -1, Troll
Actually they're doing me a favor here, because their over the top reaction and ultramoronic denial
is just going to draw more attention to this.
a virus dedicated to the eradication of Symantec from the known world
We can only hope.
If I wrote viruses and wanted to make a living from it, subscription-model anti-virus software would do me very nicely, thankyou very much.
America, Home of the Brave.
No shit. It's like reading about a strain of flu that cures/prevents AIDS. Where can I get it?
A polar bear is a cartesian bear after a coordinate transform.
Who moderated this guy insightful? His facts are wrong and he doesn't even make a sincere attempt to use logic! AVG Updates daily and virus definition updates should always be updated. That's why you use an anti-virus because you don't have the time to research every threat out there yourself and create a way to catch it and fix it.
daily updates have been available to years. just not to certain classes of customer.
I'd comment but i can't figure out if that virus is a bad thing or not ;(
Ahh, feel the love here.........
Although other AntiVirus vendors provided daily udpates for years, Symantec released updates via Live Update once a week for many many years, and apparantly began more frequent, almost daily updates in 2006. I know (from experience) that as recently as the fall of 2005 Symantec updates were delivered weekly. I used to *beg* on behalf of my client (and via Symantec's expensive enterprise support contract of questionable value) for Symantec to produce more frequent updates. I still have scars on my knees and lips from the chaffing. I'm here as a survivor to tell you they did *not* deliver daily updates via Live Update until relatively recently.
During major outbreaks a mid-week update or two would sometimes become available. Those were sometimes delivered at the request of their enterprise customers (e.g. "We're seeing a rise in foo infections, could you please consider releasing the definition update for that ASAP?") but were made available through all their distribution channels to all their customers.
On occasion Symantec would release a particular definition via consumer channels on an ad-hoc basis (e.g. between the regular weekly udpates) but only via the enterprise-focused "Live Update" system several days later during the regular update. When I asked them about this (each time we noticed) the reason given was that the definition "needed additional testing" before it could be certified for enterprise use. Presumably this was to reduce the number of false positives which when they occur in an enterprise environment can be almost as costly as an actual virus outbreak.
If you mod me down, I shall become more powerful than you could possibly imagine.
Pining for the fjords, eh? Serious security professsionals realized this argument was stone cold (in fact I took the liberty of examinging this here argument and discovered that the only reason it was still standing on its perch at all was that it had been nailed there) dead when the Witty Worm smacked all the vulnerable systems for a given defect within an hour. The particular realization perhaps didn't sink in until a day or so later when the number of said vulnerable systems was shown to be something quite small, quite possibly as few as 12,000 total vulnerable systems. Exploiting niche platforms became no more difficult than exploting any other platform given a remote root vulnerability.
Elsewhere in this discussion it's claimed that worms are irrelevant because modern attacks are directed at browsers and the like. The continual emergence of new worms suggests that malware authors do not agree with that assessment. Even if it were true, recent surveys suggest that over 4% of web surfers are using Safari. That's millions of potential victims. A botnet master needs only a few thousand systems to spam the bejeezus out of the entire world.
The niche platform argument is bogus and should be consigned to the dustbin of history.
If you mod me down, I shall become more powerful than you could possibly imagine.
sorry gary, just not so. i've been an enterprise customer for more than seven years. daily updates for enterprise customers started at least before 2004.
It comes down to what you believe is necessary. I get EZ Armor Firewall and A/V as a gimmee from Roadrunner. My Internet experience is fast, and there is never any slowdown while safe programs get massaged over and over to no purpose.
Goddamned kids! Get off my lawn!
You received daily updates only if you were able to use the "Symantec enterprise console" system to obtain and distribute the updates. Symantec had 3 different update paths at that time, LiveUpdate was the original "enterprise" update system which used FTP as a transport and a special "Live Update Administrator" software to fetch from Symantec. The "enterprise console" system used a different mechanism and a "push" transport from the console server to the clients. (Incidentally, I think it is this built in distribution and control system which provided the hole for the worm which spawned this article. The "unmanaged" client configuration didn't have a listener on the client and thus couldn't be exploited that way.) The third mechanism were downloadable update bundles available from the web. Those were updated weekly in concert with Live Update, and occasionally on an ad-hoc basis. There are many, many more details that I could provide, but really, you can't possibly care this much. It was a cluster fsck, the Symantec update situation, for years, and was still a cluster fsck as of the fall of 2005.
If you mod me down, I shall become more powerful than you could possibly imagine.
I'm sure it's been said here already - and that many people have already said that they consider Symantec's AV as deeply flawed product.
Still, just in case:
Symantec's AV is, IMHO, a terrible product. I have a parttime job working on a university heldesk in their central computing facility. We see this AV appear on user's machine regularly, and the first thing we do is get the user to uninstall it [if they can!], and to then install AVG Free Edition. I've never know a user to *not* come back and thanks us, and to report that their machine is running better after they've done this.
@peetm
AVGFree updates daily, and is my recommendation for antivirus for regular home users with ordinary security needs.
I turn off the scheduled morning scan (a bit overkillish, and also still slows things down too much, even in low impact mode). I set the Window Task Schedular to launch the Test Center once a week to remind folks to scan their computers and that's it.
It works just fine, and if there is a problem, it's extremely easy to uninstall it and reinstall it, whichs fixes practically everything.
I swore by Norton Antivirus until the 2004 version came out. Then I started swearing at it. Currently, I regard it as worse than nothing.
Fundamentalism is a crime against humanity