Windows Live OneCare Can Eat Your Email

FutureDomain writes in to point us to a blog sponsored by PC Magazine, reporting about another problem with Windows Live OneCare. Apparently, it sometimes deletes the entire Outlook or Outlook Express .PST mailbox when it finds a virus in one of the messages. The only solution is to tell OneCare to exclude the entire Outlook mailbox. This is the software that came in last in antivirus tests. The trail of tears is ongoing over on the Microsoft forums.

Lost email

[HomelessInLaJolla]

Some people become attached to their collections--no matter what the collection is. It is psychologically difficult for some people to face the reality that some things are simply not worth saving.

I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.

deleted my email, too

i was using it on my windows box and it deleted my entire email. great, Microsoft. well done. i think now i understand why everyone switches to Linux. as of today i am making my Linux box my primary machine. period.

Running theme with Microsoft's "security"?

That theme seems to be "The cure is worse than the disease"

Example 1:
Problem- Malware has carte blanche in XP to do damn near anything if it's run from an account with admin privileges.
Solution- UAC in Vista. ("You are moving your mouse cursor. Cancel or allow?")
Solution Sucks Because- UAC is so friggin' annoying with the popups that people will either shut it off or get in the habit of blindly clicking "OK," which means they are likely to give malware carte blanche to do damn near anything.

Example 2:
Problem- Viruses.
Solution- Windows OneCare Antivirus.
Solution Sucks Because- One infected email can cause your whole inbox to go bye-bye.

Great job, guys! The five years it took you to get this stuff perfect was really worth it!

Hardly an unheard of problem

[khendron]

I've had Norton Anti-Virus delete my Thunderbird Inbox when it detected an incoming virus. This was the main thing that made me get rid of Norton on all my computers.

Linux evangelism? No, hard reality

[jmorris42]

> Quick! Someone post some linux evangelism there!

Yes Linux has a better record. But then so does everyone else. Go ahead, name the operating system with a security record equal or inferior to Windows over the last decade.

*BSD? Nope, even if you exempt OpenBSD *BSD has a far better record than anything Microsoft has released in the past decade. And OpenBSD wears the crown when it comes to security. Usability, scalability and such are legitimate counter concerns though and explain why OpenBSD hasn't conquered the world.

Linux? Regardless of the distribution, if it is a large enough operation to keep up with the torrent of errata teh universe of OpenSource/Free Software generates they have all done better then Microsoft when it comes to timely updates. And with the bonus of the existence of "Enterprise" distributions for a good part of the decade that focus on errata updates that won't have unrelated breakage.

Apple? Their record with OS 8 and OS 9 beat Microsoft and OS X just upped their game.

Sun? HP? IBM? Please.

I'm not saying anyone should be proud of their security history and methodology, all software currently sucks ass. But since we have to use something NOW the question is why is the worst vendor on 90% of the world's machines?

What I'd like to see is a major concerted effort to raise software quality over adding new features. Engage the CS departments in teh universities to have all students audit some code. After all, most operating systems these days allow access to the source. And auditing real code would be a good experience for em. They would see first hand how wretched much of the code actually in use is firsthand. And if legends are writing that stuff they just might listen a bit more when when the prof is badgering about not hotdogging in the belief they are too leet to make those 'idiot' mistakes.

And for the Linux world I'd like to see the major distros come together to take every package not currently at 1.0 and finish em or dump em. Then stabilise the codebase, audit the crap out of it and then freeze them, only accepting bug fixes. And a nice side effect is they would all have the SAME version. The original project can still release new versions but it won't get integrated into a major stable distro until they announce a new feature complete and AUDITED version. Seriously, is there anything else that needs to go into glibc? So why not stabilize it, sudit it and then freeze it? We need a trusted core that we don't have to update several times per year. As computers become central to our civilization we need them to work a lot more than we need shiny new features.

Re:trail of tears?

[myowntrueself]

where KMail will nuke your disconnected IMAP folder under certain conditions

The severity of this bug would only match that of the microsoft bug if it deleted the imap folders on the server.

I take it that this is not the case?

MS 'Once Cared' Email scanning

[grolschie]

From the forum posts, it seems that MS don't want to scan incoming or outgoing emails and they also now don't want to scan the .pst file. They are happy for dormant viruses to exist on your machine because these are supposedly detected when being executed. Going by their current track record, I wouldn't be confident of any kind of protection from Microsoft 'Once Cared'.

Re:Large collections

Have you considered that perhaps what you think has "worth" is not what everybody else considers to have "worth"? I think that your idea of self-improvement involves needlessly discarding useful archives.