Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unsticking Yourself From Your Security Application

Posted by CmdrTaco on from the i-can't-even-unstick-from-their-spam-lists dept.

Ant writes "In Scott Dunn's Windows Secrets, he describes his informal tests of well-known computer security vendors when it comes to subscriptions and renewals. These days, most antivirus and other security products come with a subscription to update your virus definitions. He also explains ways to opt-out, users' comments, etc. Seen in EGeezer's Broadband/DSL Reports security forum thread. Always read those end user license agreements (EULAs)."

8 of 97 comments (clear)

  1. But why do we need these in the first place? by StonyCreekBare · · Score: 5, Interesting

    Maybe I'm an old stick in the mud. But I've had far, far more trouble CAUSED by most of these applications than I've seen prevented.

    When I get a new computer, the first thing I do is Nuke ALL of these things from the hard drive. I also tell Windows not to auto update. Never had a virus or infection.

    I do keep my machines behind a double firewall, and I do use the default Windows firewall in XP, or the free ZoneAlarm on my older machines.. And I do frequently scan using one of the many free adware and virus checkers just to be safe. But perhaps most importantly, I'm really, really careful about opening email attachments and what web sites I go to. As for the updates, occasionally I go to Windows update and review the "fixes" and install those that look interesting or benign.

    But Symantec, Norton, McAfee and the like I do not allow anywhere near any machine of mine, and I heavily discourage friends and family from using them.

    Safe computing is NOT blindly installing some "security package" and going to sleep.

    Stony

    1. Re:But why do we need these in the first place? by Creepy+Crawler · · Score: 4, Informative

      I'd say that is inadequate.

      Ive got mod points, but comments are more important than mods.

      1. First thing I do is disable all call-home nags from Windows, along with setting my timeserver to something local. As a default configuration, my machine has no need to go to the net. I also free up unused services that gobble ram (desktop switching gunk).

      2. I then install any sort of device drivers that I might need. These include for me are: VNC video driver, Daemon Tools (for mounting isos and other images).

      3. Then I install AVG and run it as non-resident. I know what to scan and what not to scan, so I target objects that are questionable. I also might download a decent firewall, but I'd like something with the rulesets like ipfw or iptables. I will also get AdAware for busting the few things I might get.

      4. Lastly, I then install the utility apps. Thats my biggest time right there. Ill give a list.

      a. Open Office
      b. Firefox, Thunderbird, necessary plugins
      c. Abiword (much quicker version of "open office")
      d. portaputty
      e. XMing
      f. VNCserver (if I hadn't already installed it)
      g. Winamp Pre-AOL version
      h. VideoLAN
      i. TOR
      j. Bunch of emulators with plenty-o-roms. NES/SNES/N64/MAME/PSX sure beats 'web games'.
      k. Azureus/BitTyrant (both really good bittorrent clients and servers)
      l. Video Codecs and a hacked version of VirtualDub (watching corrupt vids)
      m. DVD shrink (for sneakernet of a vid I like)
      n. Possibly Cygwin (mainly for RSYNC and DD for tough to deal with problems). Scripting in a GUI environment doesnt work well. Instead, use VBscript.
      o. Something to read PDF's. I prefer Ghostscript.

      Thats it in a nutshell.

      --
    2. Re:But why do we need these in the first place? by StonyCreekBare · · Score: 5, Interesting

      Well, I have agonized over this point.

      Last year I set up a system for a newbie, a retired history teacher who didn't know a browser from a word processor. He had used the web a little under the school IT umbrella, but was mostly clueless. Not exactly my parents, but close.

      After spending several hours explaining malware, adware and the like to him, and cautioning him about what to avoid, I nuked Symmantic and it's relatives.

      A year later, he is computing along nicely, no viruses, no problems.

      Shortly after, I set up a computer for my daughter, a 30-something who is fairly computer literate, but not exactly an engineer, if you get my drift. She insisted on installing the full suite of security protection. When I tried to give her some pointers about safe computing, I got that glazed look and a "yes dad I know how to use computers"

      Three times in the last year, I have had to "fix" her machine. Two other occasions I had to fiddle with her firewall as it was blocking something it shouldn't for no reason.

      Give me a clueless newbie who will listen and nor Norton every time!!!

      Stony

    3. Re:But why do we need these in the first place? by Andrew+Kismet · · Score: 4, Funny

      Parent: I'm surprised you found someone that's willing to sit there that long and listen to someone drone on about it...

      GP: ...a retired history teacher...

  2. to opt out: by Lehk228 · · Score: 4, Interesting

    to opt out, call and ask to be transferred to billing. tell them you revoke authorization for recurring charges. if they continue billing you call Visa and they will take care of it.

    --
    Snowden and Manning are heroes.
  3. Foolproof way not to get autorenewed by mrsam · · Score: 4, Interesting

    I have a trick I use every time I buy a limited-term subscription, or a service, if I suspect the company will try to stick me with an unwanted renewal. I just pay with whichever card I have that expires before the subscription term. I find that to be the path of least resistance. Usually I have one or two cards whose expiration dates are coming up.

    Many US credit card companies also offer a service where they give you a separate credit card number that goes to your account, but that automatically deactivates as you as you put one charge through, after which it is no longer valid. That's also one way to beat this racket.

    Then there are always a small number of obnoxious companies that supposedly renew you, bill you, and then go after you with dunning letters. I suspect that once a lot of people are on to the trick of giving them single-use charge numbers, that'll be the next popular tactic. Still, it's easier to handle that, then once your card is already dinged.

  4. Use a dedicated card for online shopping by cicho · · Score: 5, Interesting

    A way to stay relatively safe is to use a dedicated card. Here in Poland banks with online presence will supply you with what some call an "e-card". It looks like a Visa and is recognized as a Visa when you buy stuff online, but:
    a) it can ONLY be used for online transactions (it does not double as an ATM card)
    b) the card has its own virtual account with the issuing bank. You need to transfer money from your main account to the card before you make a purchase. Doing go takes authentication and a couple of clicks.

    Yes, it takes a minute or two more, but no-one will be able to charge you repeatedly, and any loss due to fraud is limited to the amount you charged the card with. If you suspect anything untowards, you can clear the card with a single click. As a side effect, it helps prevent impulse buying, since it adds that additional step.

    You could, of course, charge the card with a hefty sum and keep it over a long period, which would cancel much of the protection, but that's like installing a virus scanner and then running it disabled. In addition, if you charge the card in excess of about $1000 (depending on the bank), the transaction must occur within three days, otherwise the amount automatically reverts to your main account and the e-card is cleared.

    There is a chance that a seller will coincidentally attempt a repeat charge just when you have charged the card for an unrelated purpose, but the likelihood of that is small, reduced further by the fact that an e-card is valid only for a year. It is re-issued annually (at no cost or at a minimal charge) with the same number but different expiration date. So a vendor from whom I am buying today will not be able to charge the same card next year. (If I do want to give them that option, I can always use my regular Visa - but I've never had to in six years.)

    I don't know if US banks provide this kind of service as a rule; if they don't, you guys should raise bloody hell. It goes a long, long way to keep you safe, and will prevent any underhanded attempts like these.

    --
    "Only the small secrets need to be protected. The big ones are kept secret by public incredulity." - Marshall McLuhan
  5. As Usual, The Summary doesn't match TFA by rueger · · Score: 4, Insightful
    Having actually read TFA, none of these companies make it that hard to know that your credit card charge is recurring, although two place that information in the EULA.

    I wouldn't consider myself mis-led by any of these products, and actually would have assumed that when I purchase a "subscription" it will be renewed annually using my credit card information.

    Most absurd though was the author's complaint that he wasn't immediately offered an option to suspend the use of his credit card info for renewals, but still have the service remain live.

    After your purchase, you can go to Microsoft's Billing and account management page and sign in with your Windows Live e-mail and password. There, you can click on the service you purchased (Windows Live OneCare) and see links for complete cancellation of the service itself. But nowhere is there information on simply canceling recurring credit-card charges.
    Lord folks, do we really need to go this far to find something to complain about?
    --
    Three Squirrels