Slashdot Mirror
Symantec Updates Cause Chaos in China
Hello Kitty writes "According to Computerworld, a signature update to Symantec's anti-virus software has knocked out thousands of Chinese PCs. Apparently the latest update for the AV component of the various Norton packages mistook two system files in the Chinese edition of Windows XP SP2 for the 'Backdoor.Haxdoor' trojan. Piracy issues may complicate recovery, since once the updates are installed Symantec says the only hope for reviving an affected system is to re-copy the affected DLLs from the Windows restore disks. Everyone has their official restore disks handy, right?"
Although it seems easy to accuse Symantec of receiving bribes form Microsoft to try to make piracy in China more difficult, this is unlikely to be the case. Never attribute to malice that which can be adequately explained by stupidity.
I'll probably be modded down for this...
So, you have no sympathy for paying customers because many other people in the same country presumably did not pay? I think there are about 1300 million Chineese - you should allow yourself not to judge them all together.
...until some jackass posts a link to the files netapi32.dll and lsasrv.dll under the guise of a fix for these systems, but he has ACTUALLY infected with the backdoor.haxdoor virus?
Not a false positive. The Chinese pirated copies of windows probably come pre-installed with Backdoor.Haxdoor
I only mod funny =D
This is no longer trojan but a full symbiant in china. If you kill the virus you kill the host.
Some drink at the fountain of knowledge. Others just gargle.
That makes about as much sense as saying they should nuke all Windows installations because world-wide there's many more pirated ones. And how is that exactly going to do anything:
1. "Damn, my pirated copy stopped working"
"You should have bought a real copy"
"Would that have helped?"
"No."
2. ???
3. Piracy problem solved
Live today, because you never know what tomorrow brings
I guess this thread is going to become full of posts in the spirit of "they got what they deserved", as if this was an anti-piracy measure. Of course, piracy of IP is only legitimate when commited within USA, otherwise it is "OMG commies are stealig our moneyz". This was an effing software bug, which casued trouble to everyone, legitimate users too, and I don't see how piracy talk could be relevant. As a side note, having recovery CD's does not have to do anything with piracy. If you pirate Windows, you have all the CD's you need.
Okay, I understand when people say that patches cannot be tested against EVERY software package out there.
But to not test against the core files of the operating system you KNOW they will be installed upon?
And people pay an annual subscription fee for that kind of "service".
> I've got no sympathy for the Chinese.
Expressing as much stupidity in only 8 words certainly is a world record.
What next ? You've got no sympathy for blacks, blonds, left-handed or bue-eyed people ?
Racism at its best !
Votez ecolo : Chiez dans l'urne !
China is quick to legislate change. I believe after this, all of their social organizations will adopt Linux for the sake of national security.
Sounds to me like it's time for a change. The Chinese have already demonstrated that when something from Western corporations runs amok they are quite willing to force a change on their people. I'm not saying it's right, it's just so.
Now, this problem has actually highlighted a bigger problem; that Windows is Western software controlled by Western interests. Even the ancillary software you need to run Windows effectively (read: anti-virus) is from third parties in the West who obviously wouldn't necessarily have the desires of the Chinese government in mind. Now, at best I can see the Chinese government is going to realize that their reliance on Western anti-virus solutions may be a flawed dependency and they will write their own Chinese-specific AV solution. At worst... this might just highlight to the Chinese government how vulnerable they are to a "cyber attack", either malicious or accidental that could potentially cripple them.
Microsoft might want to start "spinning", and quick. Chinese people are well aware there are better solutions out there than Windows for an operating system. It's only a matter of time before someone in power starts talking about "Red Flag Linux" and how it's openness can help prevent problems exactly like this... then it's all over for Microsoft in that market.
Yes, I realize the pirated Windows market is huge in China as well... but it's still a massive market for Microsoft to lose because of the accidental actions of one of their "trusted third parties".
I think there are about 1300 million Chineese - you should allow yourself not to judge them all together.
We hate every non-American equilly, along with homos and librals! We are gods chosen patriots and the presidunt says so and we must always obey so that it will keep us safe from all the terrists that hate us becuz we are free to be dumb.
For years I always installed Symantec products, and before them Central Point and Norton products.
They worked, they worked well, and I could see how they helped me.
Somewhere along the line though they became first large, then irritating, then expensive to keep updated (pay for virus signature updates?), then finally began actually damaging systems.
And somewhere along the line I stopped buying their products, installing their products, and recommending their products.
I've come to view Microsoft the same way. Between excessive DRM, excessive hardware demands, and a generally customer hostile attitude I find it hard to think that I would ever move to a Vista machine. Thus far Windows 2000 still does everything that I need with a lot less hassle.
Someday though I will need to upgrade. The question is what will fill the gap? Linux still isn't there, nor are most Open Source replacements for common Microsoft and Adobe applications.
Is there a company that can step in with a viable replacement for Photoshop or MS Office? Can OpenOffice or GIMP make the final leap to become a reasonable and reliable alternative to those tools? I don't want something that sort of does everything that Photoshop does, I want a professional tool that does everything, and does it equally well.
The door is open, we're just waiting someone to step through.
Three Squirrels
Let's just shorten it to 4 words (including one contraction), and be done with it.
"I've got no sympathy."
See? Even more accurate than before, without the need for any racial discrimination.
I avoided prepackaged computer systems throughout the 90s for precisely that reason. Knowing the state of software copyright laws at the time, if I wasn't going to receive a full backup copy of all the software necessary to restore the system from ground zero then I wasn't interested in the system. That said I did have to make a few long distance phone calls to USR to be given a dial-in BBS number to download updated drivers for one of their 56k modems. Generic drivers only worked to 2400.
I saw it as a travesty when the computer industry offloaded millions of systems between '94 and '00 with little or no factory backup disks. I was even less amused when companies began shipping restoration image disks which only worked if the (usually flawed) software on the disk determined that the system needed to be restored--and usually did so without any consideration paid to settings which had been customized by the user after the system was shipped.
the NPG electrode was replaced with carbon blac
Fascinating. So you are floating the possibility that this was PLANNED? And what possible reason could Symantic have for annoying their customers this much?
The "pirates" will have every CD and diskette ever made readily available to them.
The only people who won't have the disks are the home users who have been spending their lives doing things other than storing and tracking everything that ever touched their computer.
But they've been PAYING for the regular updates to PROTECT them from "problems".
Not to mention that many OEM's don't provide the right disks. You get a "recovery" CD which will reformat your box and re-install all the software TO THE CONDITION YOU ORIGINALLY RECEIVED THE BOX.
Too bad about all your files and pictures and such.
Still waiting on the reasons why Symantec would do plan this and test it.
The difference is that when you buy a "real copy" of something, you usually also acquire the privilege to call someone and complain when it doesn't work the way it's supposed to.
In the USA, that's process is called a law suit.
-Billco, Fnarg.com
just another reason symantech is one product that immediately gets deleted from my computer.
Good lord! And how exactly do you manage THAT? The thing is impossible to delete - at least for the layman...
Seven puppies were harmed during the making of this post.
Yes. If they need help I'm sure that VMWare will be happy to provide them some expertise (seeing as how they seem to be sorely lacking it). And than is JUST FOR INSTALLING THE PATCH.
And you don't need to test "other intermediate patched up versions".
This is a virus scanner. Right?
So they only need to test against the various released versions of the files. All they need is a set of DIRECTORIES with the files to be scanned in them.
So one box could have ALL the various patches for that system. Based upon the variances in the files. One box for the US release. One box for the Spanish release. Etc.
And as I said, they don't have to be physical boxes. VMWare can help out a whole lot in that regard.
It's called "Computer SCIENCE" for a reason.
NOBODY has original install discs anymore. Go buy a PC and see if you get original install discs. You're screwed.
The best you can hope for now is that your machine allowed you to make a set of full system restore discs when you got it. Some of those will allow you to restore individual files, but many of these utilities just re-image your system drive, so you lose everything on there that was installed since the machine was new (at least, anything on the boot partition).
I'd say this is probably MORE destructive to people with legitimate copies, who probably just have such images. The pirates are more likely to have install CDs.
Look people they're just dumb. No company is intentionally going to want to shoot their foot off in China.
-- Lattyware (www.lattyware.co.uk)
the pirated versions of windows I ran (win2k), I had full install disks.
the oem versions (win98, winxp, winxp) I bought at best buy and other places, my only option is to wipe everything and reinstall.
So, I would be screwed on the machines where I am a legitimate paying customer, and hunky dory on the machines where I was pirating.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
law suit? Read the fine print of your EULA. If you can sue so easily over software quality, there will be no software company left in the world.
Not only did you bring nationality into this, you (and many others) also brought piracy. Both of those are irrelevant and off-topic, as this affects all users at least equally, if not legitimate users more.
True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
Because China buying Linux would create a change.
Change creates unknown circumstances.
People often have an innate fear of the unknown.
Fear leads to anger.
Anger leads to hate.
Hate leads to the Darkside.
Therefore, Chinese workers using Linux would cause an influx of Sith who would surely wipe us out. Just follow basic logic.
no, a quadraplegic wouldnt protect you against anything.
a better analogy would be
Buying a Symantec product to protect your Windows PC is like hiring a suicide bomber to be your bodyguard.
it protects you, and blows you and everyone around you to pieces in the same run!
Is all this Symantec's fault for not protecting Monkeysoft better?
If you replace "common" with "most vulnerable", your statement makes sense. If a program can be downloaded and run from the internet, it can be a virus. Sure... and if it runs with root or root-like privileges, it can do serious damage. Guess which OS lets that happen? To protect yourself, you can install AV software and dedicate one (or both) of your dual CPU cores to constantly scanning every file that is accessed so you can be "safe". A fine value proposition for your computer investment. This is Symantec being incredibly irresponsible. Failing to find something like this in pre-update testing (or the failure to test updates) is insane and they should be required to pay for repairs. I agree that Symantec made a serious error in deploying an updated defence for the weak OS that they make money defending. But I bet they'll pay nothing, or at least as much to pirates as they do to licensed owners.
Rich And Stupid is not so bad as Working For Rich And Stupid.
The more you regulate a company, the worse its products become.
Oh really? And how many Americans have sued MS, despite billions of dollars in damage for lost time and data due to their software not working as advertised over the last 25 years?
Or has there been a distinct drop in spam since this happened? :)
The recovery disk shipped with most systems will reset the computer to factory state, deleting all user files. Everybody here does have a recent backup, don't they? And you have all checked recently that it works?
Quidnam Latine loqui modo coepi?
Actually, it's even worse.
Linux would then be a proved Communist OS.
As such, it would be un-American, un-democratic and therefore obviously a tool of the terrorists.
Therefore, only terrorists use Linux.
And Slashdot, as a site more or less advocating Linux, will be shut down for terrorist activity.
Ignore this signature. By order.
Or we'd have the best software companies ever due to the high requirements for secure and "bug-free" software.
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
From: thomson@symantec.com
To: gates@microsoft.com
CC: genuine-advantage@microsoft.com
Subject: Mission Accomplished
Hi Bill,
Done as requested. That will be one billion; pleasure doing business with you.
-John
#rm -f
and lets see how far your computer gets?
Still fine.
Probably be different if I was logged in as root, but Linux discourages that.
"I've got more toys than Teruhisa Kitahara."
First off, let me say I have no sympathy whatsoever for anyone who is unable to recover their PC after this snafu because they were running a pirated version of Windows. No sympathy whatsoever.
Now, for all of those who were running a legitimate version of Windows and a legitimate version of Norton who were affected by this problem (probably a small percentage of all systems actually affected..) it really does suck.. and there are two sources of fault, here:
1) MS. Aren't critical OS files supposed to be protected, such that they can't be unwillingly be deleted or modified? Maybe this is part of the reason why MS didn't want AV vendors to have kernel mode access to Vista..
2) Norton (duh). How they could manage to screw this up so badly boggles the mind.
I am the maverick of Slashdot
Exactly! This is precisely why MS wanted to prevent antivirus products (amongst others) from running in kernel mode in vista in the first place. I believe Symantec was one of the most vocal opponents of this decision, even though there is no technical reason for allowing antivirus software into the kernel in the first place, as Trend Micro and others all had vista-compatible solutions that worked without requiring kernel access.
/. saying that MS shouldn't be restricting access to the kernel, but this just goes to show that the people who demand access to it often shouldn't have access to it. I know that the problem in the article relates to XPSP2 but the fact remains - Symantec shouldnt be installing kernel mode drivers in the first place.
Back when that story was making news, there was a lot of commentry here on
Being Chinese doesn't automagically make you a pirate, but actually living in China means you learn not to ask embarassing questions; so when the asshole at the flea-market is selling Windows XP for a weeks pay, you dont go to the official store-front where it costs 4 months pay just to get the hologram on the case.
Apocalypse Cancelled, Sorry, No Ticket Refunds