Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Live OneCare Can Eat Your Email

Posted by kdawson on from the have-a-care dept.

FutureDomain writes in to point us to a blog sponsored by PC Magazine, reporting about another problem with Windows Live OneCare. Apparently, it sometimes deletes the entire Outlook or Outlook Express .PST mailbox when it finds a virus in one of the messages. The only solution is to tell OneCare to exclude the entire Outlook mailbox. This is the software that came in last in antivirus tests. The trail of tears is ongoing over on the Microsoft forums.

39 of 204 comments (clear)

  1. trail of tears? by Raab · · Score: 5, Insightful

    isnt the term 'trail of tears' a bit extreme for some lost email?

    1. Re:trail of tears? by Darundal · · Score: 2, Insightful

      Depends on whats in the emails. It could be your normal grouping of spam and chain letters, at which point I would actually send Microsoft a thank you not. Or it could be an email with some vital information in it (yes, should be backed up, but realistically, how many people do that?).

    2. Re:trail of tears? by OiToTheWorld · · Score: 5, Funny

      No, because losing your mail is TOTALLY similar to the forced relocation of the Cherokee people you insensitive clod!

    3. Re:trail of tears? by ColaMan · · Score: 5, Funny

      There's 119 posts on that thread. It's a trail of something, most likely pissed-off users.
      I smell an opportunity..... Quick! Someone post some linux evangelism there!

      --

      You are in a twisty maze of processor lines, all alike.
      There is a lot of hype here.
    4. Re:trail of tears? by Anonymous Coward · · Score: 4, Funny

      Fine. It's really more of a holocaust going on over at the Microsoft forums.

    5. Re:trail of tears? by kennygraham · · Score: 5, Funny

      Do you honestly think that losing your email is anywhere near on par with being forcably relocated from the land your ancestors had lived on for centuries to be moved to Oklahoma?

      Yes. Now I'll have to pay full price for viagra. I consider the two to be on par.

    6. Re:trail of tears? by Kjella · · Score: 4, Informative

      Yeah, like Linux never loses mail. One of the grave RC bugs of Debian Etch has been bug 321102/332473/350851 where KMail will nuke your disconnected IMAP folder under certain conditions. It's closed now and due for archiving today, but they're still listed here. I haven't been checking Thunderbird, Evolution but I doubt they're a symbol of perfection either. Wouldn't you just love to have some smug Microsoftie drop by your support thread to spread the One Microsoft Way?

      --
      Live today, because you never know what tomorrow brings
    7. Re:trail of tears? by aardvarkjoe · · Score: 2, Insightful

      You are apparently wrong. Check out the link: http://bugs.kde.org/show_bug.cgi?id=104956 Around comments 35-36, they state that the copy on the server is deleted.

      --

      How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
    8. Re:trail of tears? by Master+of+Transhuman · · Score: 2, Informative


      Actually a recent version of Thunderbird would in fact hose your email.

      Apparently a bug crept in that when Thunderbird's spam detector detected a certain kind of spam, it proceeded to mark ALL the mail in the mailbox for deletion on the next compaction.

      For those people who compact on exit, that was seriously bad news.

      However, the fix was also easy - since all mail is in text files rather than proprietary binary formats. You simply dumped the Thunderbird release with the bug and downgraded to the last release. Then you opened your mail in a text editor and did a search and replace of a single simple code in each email. Takes you a few minutes to fix.

      And of course back up your email outside of your profile to be sure.

      Compare that to the Outlook 2GB file limit bug - where you can't access your email or anything else in your PST file until you download a tool from Microsoft that chops off fifty MB from the file so you can open it again.

      Just brilliant, that one.

      Way to go, Bill - you MORON!

      --
      Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
    9. Re:trail of tears? by Anonymous Coward · · Score: 4, Funny

      Say what you want about MS, I don't think they have started to tread near the "genocide" area yet.

      I see you haven't tried to upgrade to Vista yet.

  2. This is just another in a long series of failues by jmorris42 · · Score: 3, Insightful

    And just remember, this is the same development house that the whole world seems to have no problem with the thought of giving root acces to their machines so they can keep them 'safe.'

    If those idiots don't screw the world up by their own incompetence first they are going to get Windows Update 0wn3d and allow someone malevolent to wreak even worse havok on the world.

    Seriously, I can't understand how any Microsoft product is permitted to be used in any role where failure isn't an option. Finance, military, medical, etc should have imposed a ban a decade ago, forbidding the stuff from even being connected to a network port inside the secure inner firewall. Instead we are installing the stuff into the engine room on our warships, giving it sole control of the propulsion system.

    This is insanity on a global scale. A lot of people even seem to understand the danger yet are too afraid to speak up loudly enough to be heard.

    --
    Democrat delenda est
  3. Linux users! Let's show some solidarity by adnonsense · · Score: 4, Funny

    Don't just sit there feeling smug! Every now and again, when you have a free moment, delete your mbox file, or the directory where the mail client of your preference stores its data. That'll go a long way towards helping Windows users to stop seeing us as arrogant and aloof and let them know we share their pain.

    (And if you're really feeling altruistic, knock up a shell script which turns your machine into a spam-spewing zombie).

    1. Re:Linux users! Let's show some solidarity by c · · Score: 4, Funny

      > when you have a free moment, delete your mbox file
      > ...
      > knock up a shell script which turns your machine into a spam-spewing zombie

      See, that's the problem with Linux. You have to do all that extra work to get functionality which just plain works under Windows.

      c.

      --
      Log in or piss off.
  4. It's The Lt. Ripley Virus Scanner by Anonymous Coward · · Score: 5, Funny

    Nuke the mailbox from orbit, it's the only way to be sure.

  5. Lost email by HomelessInLaJolla · · Score: 2, Interesting

    Some people become attached to their collections--no matter what the collection is. It is psychologically difficult for some people to face the reality that some things are simply not worth saving.

    I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.

    --
    the NPG electrode was replaced with carbon blac
    1. Re:Lost email by silas_moeckel · · Score: 2, Insightful

      I fail to understand the value in getting rid of these old emails, it takes time to purge things no longer useful more time and effort than archiving them. Personally my online email archive goes back 3 years and I have off line storage back to the 80's and see no reason to spend the time to sort though them for the few potentially needed ones rather than just archiving out the data. I would also have to say that keeping everything to one cd or even one DVD would require deleting all the pictures and video I have of my son and frankly there is absolutely no probable reason I would ever part with those.

      I am sure if I lived in my parents basement, had no particular relationships with anybody, worked at walmart and never went anywhere I could fit anything I would want to archive onto a CD otherwise people would like to document there life for themselves and others. While this may not be your situation it would seem you have little that you would like to retain and a lot of time on your hands to sort though things to dispose rather than do new things.

      --
      No sir I dont like it.
  6. PST file by pe1chl · · Score: 5, Insightful

    Maybe it wasn't such a good idea to put all mail, including not only INBOX but also all extra folders, in a single file?
    At least other MUAs usually have a separate file for each folder.

    1. Re:PST file by gilroy · · Score: 3, Insightful

      I'd wager your experience is close enough to being unique as to make no difference. Generally, stuffing everything into a monolithic file makes the data less accessible, less stable, and even less searchable. It does help Microsoft hide features and implementation details from competitors and it does make the mail program more mysterious (driving more users to paid solutions for problems). But in terms of convenience for the user, it gives bupkas.

      --
      The Mongrel Dogs Who Teach
  7. OneCare deletes nothing by The+Bungi · · Score: 5, Informative
    Obviously they screwed up on the 1.5 RTM where now apparently they'll quarantine the whole PST file (don't get me started on the "one huge fucking file for everything" mentality...), but AFAICT OneCare does not delete the file. The problem is that it essentially hides it under [C:\Documents and Settings\All Users]\Application Data\Microsoft\OneCare Protection\Quarantine, compressed in a .CAB file and not accessible from a non-admin account. But if you can log into the machine with an admin account, you can recover the file, and turn off OneCare scanning of your mail file for good measure.

    Then, get a good AV package - or better yet, just exercise some fucking common sense and don't open that "Re: Malaca Superfund Stranded" email from "Roberta Plantagenet~=%" that has a "postcard.exe" attachment.

  8. Boda Bing... by coastin · · Score: 2, Funny

    Ahh, nice a inbox ya got dere, it'd be a shame if somethin was to happen to it!

    --
    I lost my sig...
  9. Running theme with Microsoft's "security"? by Anonymous Coward · · Score: 5, Interesting

    That theme seems to be "The cure is worse than the disease"

    Example 1:
    Problem- Malware has carte blanche in XP to do damn near anything if it's run from an account with admin privileges.
    Solution- UAC in Vista. ("You are moving your mouse cursor. Cancel or allow?")
    Solution Sucks Because- UAC is so friggin' annoying with the popups that people will either shut it off or get in the habit of blindly clicking "OK," which means they are likely to give malware carte blanche to do damn near anything.

    Example 2:
    Problem- Viruses.
    Solution- Windows OneCare Antivirus.
    Solution Sucks Because- One infected email can cause your whole inbox to go bye-bye.

    Great job, guys! The five years it took you to get this stuff perfect was really worth it!

    1. Re:Running theme with Microsoft's "security"? by FSWKU · · Score: 4, Funny

      "You are moving your mouse cursor. Cancel or allow?"

      While still incredibly annoying, at least it's a SLIGHT step up from what we used to have. "Your mouse cursor has moved. Windows must be restarted for the change to take effect."

      --
      "So after all this, you make my case for me. To end this stalemate, you must die..."
  10. On a side note - Backup your files by rhyno46 · · Score: 2, Insightful

    Yes, this is off-topic. Yes, OneCare sucks if it deleted someones email.

    If you don't backup your data you will lose it someday. It's not a question of "if" it is "when". Your hard drive will eventually crash!

    I feel so sorry for people that encounter this. My business provides remote backup via the web & we try to help people prevent events like this, but it doesn't matter. I think all of our remote backup customers have previously experienced data loss.

  11. Hardly an unheard of problem by khendron · · Score: 2, Interesting

    I've had Norton Anti-Virus delete my Thunderbird Inbox when it detected an incoming virus. This was the main thing that made me get rid of Norton on all my computers.

    --
    Life is like a web application. Sometime you need cookies just to get by.
  12. Stop tagging all MS-related articles defective... by Dachannien · · Score: 3, Informative

    The term "Defective by Design" was specifically invented to describe products containing DRM, where the usability of the product is intentionally compromised in order to protect the profits of a third party.

    Yes, Microsoft has a lot of DRMed software, with Vista being the granddaddy of them all, but not everything Microsoft makes is defective by design. And in this particular case, the defect appears to be a bug rather than intentional anyway. So, please, save the "defectivebydesign" tag for situations where it's really warranted. Sure, it may be an amusing term, but when you use it where it doesn't apply, it waters down its meaning for the situation it was intended to be applied to: DRM.

  13. Ah! Ah! by Chutulu · · Score: 2, Insightful

    use Thunderbird instead....

  14. Linux evangelism? No, hard reality by jmorris42 · · Score: 4, Interesting

    > Quick! Someone post some linux evangelism there!

    Yes Linux has a better record. But then so does everyone else. Go ahead, name the operating system with a security record equal or inferior to Windows over the last decade.

    *BSD? Nope, even if you exempt OpenBSD *BSD has a far better record than anything Microsoft has released in the past decade. And OpenBSD wears the crown when it comes to security. Usability, scalability and such are legitimate counter concerns though and explain why OpenBSD hasn't conquered the world.

    Linux? Regardless of the distribution, if it is a large enough operation to keep up with the torrent of errata teh universe of OpenSource/Free Software generates they have all done better then Microsoft when it comes to timely updates. And with the bonus of the existence of "Enterprise" distributions for a good part of the decade that focus on errata updates that won't have unrelated breakage.

    Apple? Their record with OS 8 and OS 9 beat Microsoft and OS X just upped their game.

    Sun? HP? IBM? Please.

    I'm not saying anyone should be proud of their security history and methodology, all software currently sucks ass. But since we have to use something NOW the question is why is the worst vendor on 90% of the world's machines?

    What I'd like to see is a major concerted effort to raise software quality over adding new features. Engage the CS departments in teh universities to have all students audit some code. After all, most operating systems these days allow access to the source. And auditing real code would be a good experience for em. They would see first hand how wretched much of the code actually in use is firsthand. And if legends are writing that stuff they just might listen a bit more when when the prof is badgering about not hotdogging in the belief they are too leet to make those 'idiot' mistakes.

    And for the Linux world I'd like to see the major distros come together to take every package not currently at 1.0 and finish em or dump em. Then stabilise the codebase, audit the crap out of it and then freeze them, only accepting bug fixes. And a nice side effect is they would all have the SAME version. The original project can still release new versions but it won't get integrated into a major stable distro until they announce a new feature complete and AUDITED version. Seriously, is there anything else that needs to go into glibc? So why not stabilize it, sudit it and then freeze it? We need a trusted core that we don't have to update several times per year. As computers become central to our civilization we need them to work a lot more than we need shiny new features.

    --
    Democrat delenda est
  15. Re:So what exactly is the problem? by TerminaMorte · · Score: 4, Insightful

    The problem is not that a single email was moved, but that the entire mailbox was quarantined and that the user was not told about it. RTFA.

  16. OneCare? by ozbird · · Score: 2, Funny

    OneCare - from the same onomatopoeic geniuses that thought up the "Wang Cares" campaign?

  17. Counter example : AVG free by aepervius · · Score: 2, Informative

    AVG free move the concerned attchment to a quarantine directory and leave me a note telling me why in the email. My whole mailbox is file left untouched. So why is microsoft unable to do that ?

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  18. Re:So what exactly is the problem? by earnest+murderer · · Score: 5, Insightful

    Precisely. For that matter, considering the target audence the concept of a Log file as notification is not only ineffective but probably offensive to most. Of the people I know who might use this product, every single one of them would have ended up in a shop and paying a lot of money to have a tech figure it out. Or more than likely paying them to re-install Windows and hope it didn't happen again.

    --
    Platform advocacy is like choosing a favorite severely developmentally disabled child.
  19. MS 'Once Cared' Email scanning by grolschie · · Score: 2, Interesting

    From the forum posts, it seems that MS don't want to scan incoming or outgoing emails and they also now don't want to scan the .pst file. They are happy for dormant viruses to exist on your machine because these are supposedly detected when being executed. Going by their current track record, I wouldn't be confident of any kind of protection from Microsoft 'Once Cared'.

  20. Re:It isn't MS fault you get the virus by Antique+Geekmeister · · Score: 2, Insightful

    Of course, many modern viruses send the mail from an infected machine, from someone you know, sending viruses to the accounts of addresses on that machine. The approach has certainly been around for decades and remains in wide use.

    And Microsoft taught people, for years, to click on random URL's in emails and random attachments to get all those "features". So your advice to "modern users" is in fact in diametric opposition to Microsoft's historical policies, and is in fact impossible to meaningfully. It's frankly easier to not send attachemnts and always send URL's, except that Microsoft's history of auto-flagging URL's as clickable links has encouraged people not to actually check the contents of the link, but to assume it's usable. It is, in fact, Microsoft's own fault for adding "features" in the face of glaring security holes.

  21. Re:deleted my email, too by Squozen · · Score: 2, Insightful

    Maybe you'll start backing up your important data too?

    Christ, what a bunch of idiots, especially the 'business' folk without a backup regime.

  22. RAV by Andrei+D · · Score: 2, Informative

    Does anyone remember Rav antivirus?
    It was a very good antivirus program developed by Gecad, a romanian company. It had support for Linux, BSDs, Solaris and it was highly appreciated in its days. It's so sad that Microsoft killed this fine product, removing support for rival platforms and turning it into this lame thing called Onecare.

    --
    We often refuse to accept an idea merely because the tone of voice in which it has been expressed is unsympathetic to us
  23. so effectively by AlgorithMan · · Score: 2, Insightful

    so effectively this means, that one care is everything but enterprise ready...
    or can you imagine a serious company (serious companies don't give admin access to their workers) to send a technician to EVERY WORKER who just RECEIVES an email with a virus infected file to recover his inbox from quaranaine?

    hey, why not piss off vista using companies by sending emails with attatched virusses (or was the plural virii?) to all their workers? man, if every worker loses all his emails multiple times or technicians have to be sent to every worker over and over again........ this might get LOTS of comanies REALLY mad and they might ditch vista and give linux a try - or at least other companies that stick with XP so far might hear of this and back off from a switch to vista...
    /troll

    --
    The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
  24. not a problem by AlgorithMan · · Score: 2, Funny

    not a problem
    OneCare doesn't ever find virusses anyways - so this is just a theoretical danger ;-)
    http://www.pcworld.com/article/id,129521-c,antivir us/article.html

    --
    The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
  25. Quarantine not Delete by SoopahMan · · Score: 2, Informative

    The email is Quarantined - meaning you can get it back unharmed - not Deleted.

    This is being misreported all across the Web even though the linked article in every case makes it clear.

    It's a serious flaw certainly and still more bad press for Vista, but this one is not nearly as severe as issues like DRM and Certificate-only drivers in Vista - it doesn't deserve the same level of press.

  26. OneCare has detected malware! by BadEvilYoda · · Score: 2, Funny

    Delete entire inbox, Cancel or Allow?

    ~Cancel~

    Delete entire inbox, Cancel or Allow?

    ~Cancel!~

    Delete entire inbox, Cancel or Allow?

    ~Cancel!~

    ~Cancel Failed, deleting inbox~