Tearing Apart a Hard-Sell Anti-Virus Ad

climenole writes "I came across an email sent by a security vendor, reminding me, no urging me with the liver-transplant sort of urgency, to renew my subscription to their product, lest my pixels perish. I spent a minute or two staring at the email, thinking about all the poor souls out there who do not have the comfort of being a geek and who may actually take the advertisement seriously." That led to this insightful deconstruction of these over-the-top ads, the kind that make it hard to keep straight the malware makers and the anti-malware makers.

Obligatory.

[migla]

Does it run on Linux?

Re:Obligatory.

Malware on Linux? That's unpossible!
http://forums.unrealircd.com/viewtopic.php?t=6562

Re:Obligatory.

No but ou can just dual boot.
That way you can start up in windows and scan windows for vira, and then boot back to linux and work. .... I'm using a Mac, and on forums if anyone ask if a game/program runs on mac, there is always someone that says. "Yes, just install Boot Camp"
And I really want to hurt then for that anwser

Re:Obligatory.

OK, it's bad enough when people write or say virii, but vira? Really?

Re:Obligatory.

[Runaway1956]

A shame you posted as AC - I would have modded you up.

Yes, of course malware will run on Linux. And, you do point out that the malware was installed from a subverted "trusted source".

You also remind me that I've been stupid sometimes. I've been lazy, and failed to double check the md5 checksums of tarballs on occasion. With that Unreal story in mind, maybe I'll be less lazy in the future. Thanks for the reminder, Mr. Coward.

Re:Obligatory.

[Kitkoan]

A shame you posted as AC - I would have modded you up.

Yes, of course malware will run on Linux. And, you do point out that the malware was installed from a subverted "trusted source".

You also remind me that I've been stupid sometimes. I've been lazy, and failed to double check the md5 checksums of tarballs on occasion. With that Unreal story in mind, maybe I'll be less lazy in the future. Thanks for the reminder, Mr. Coward.

As a Linux user myself, I forget about how possible it is too. Would explain the new (that I've noticed) function in Ubuntu 10.04 that marks any program downloaded from a non-trusted as Non-Executable (you can make it executable by right-clicking it and checking the Executable box under Property-Permissions) to prevent you from blindly installing possible malware. Reminds me of Android's way of programs, preventing you from installing anything randomly unless you at least somewhat understand it might be bad to just install anything.

Re:Obligatory.

[jimicus]

Unless you've been living under a rock for the last 10 years, you'll know that while malware in Windows can spread when the user inadvertently executes something (which Linux does protect you against), it also frequently spreads by tricking the user into thinking they want to execute it (which Linux can't protect against) or taking advantages of security holes (which Linux can't protect against).

It only pains me to see you've been modded +5.

Re:Obligatory.

[f3rret]

Incidentally, what would happen if you downloaded and ran (through wine) malware.exe on a linux machine?
I've always wondered about that, I mean it runs and replicates the windows directory structure just fine.

Re:Obligatory.

[Kitkoan]

it also frequently spreads by tricking the user into thinking they want to execute it (which Linux can't protect against)

Thats why I wrote that 'preventing you from installing anything randomly unless you at least somewhat understand it might be bad to just install anything'. Its a warning to basic users that this isn't a trusted program from the safer channels and your taking your own risks installing it. If the user is tricked into installing it anyways even after having to go around such a warning then it's their fault and there isn't much you could do. Not everything you download from the internet isn't going to be good for your computer, but not everything you download will be bad either. By at least taking these steps to help prevent against problems like these (while offering a wide selection of pre-approved software like those found in the Ubuntu Software Centre) it only helps the user I see. Sure it's a minor annoyance to have to keep checking the box to install whatever you want, but you still have that freedom while beginners are given a good, solid warning. And I feel that this is a much better approach to software security then Windows annoying 'Are you sure you want to do this?' warnings as there are safe, pre-approved selections (that a free so it's not someone trying to make the biggest kickback).

As for security holes, there is only so much that can be done. In Ubuntu I have a Update Program that updates both the OS and programs that were installed from the Ubuntu Software Centre. I can also (following very basic instructions on many sites) have it update software from other locations I feel are safe. While security can never be perfect (history shows this time and time again), there are steps that can be taken to help improve it and I feel many of these steps are taken in Linux.

Re:Obligatory.

[Runaway1956]

Depends on how sophisticated the malware is, really. And, it also depends on how your Wine bottles are set up. Installing malware to it's own bottle would allow it almost no resources to work with. Installing to your "main" default bottle would provide a lot of resources, with their potential exploits. Of course, even with a rather sophisticated malware, and a lot of resources in the Wine bottle to which it was installed, you can just kill the process at any time. I've not yet seen the malware that can fool the various Linux resource monitors, like they can fool Task Manager.

To date, the worst malware that I've seen run on Linux are browser hijacks. The kind that grab your browser, runs a fake security scan, and tells you that you have various infection on Drive C:/ And, I've been Rickrolled. Running Noscript pretty much takes care of that nonsense, though.

Re:Obligatory.

[ByOhTek]

malware in Windows can spread when the user inadvertently executes something (which Linux does protect you against)

Unless you've been living under a rock for the last 10 years, you'll know that both Windows and Linux protect against inadvertent execution - they use different methods, but that doesn't mean Windows doesn't have protection, and it doesn't mean Linux is foolproof.

Re:Obligatory.

[Lord+Kestrel]

Wait, are you stating that ubuntu has modified the default web browsers to explicitly make some files downloaded executable? Seriously, wtf? You should *always* be forced to manually flip the permissions on a downloaded file to make it executable. That you are getting excited that some things downloaded *aren't* executable worries me.

It's not "insightful"

He's a pedant.

Sure, he may make a good point in the last paragraph, but the first few points he makes are stupid.

Re:It's not "insightful"

[WrongSizeGlass]

I don't get it ... he's complaining that an e-mail shouts "Danger Will Robbins!" because his AV subscription has expired? On Windows that's a situation to be concerned about. Of course, if he's switched security products or OS's then he doesn't care, but the vendor doesn't know that and he should out-out/unsubscribe to their notices.

I'm not defending the ugly "your computer may actually be on fire Right NOW!" type of add, but doesn't an expired AV subscription warrant some sort of urgency being conveyed in the message?

Re:It's not "insightful"

Agreed, I got a distinct Comic Book Guy vibe.

Re:It's not "insightful"

[gumbi+west]

Yeah, the article lacked a good punchline. I was underwhelmed and thinking, "I'll never get these 5 minutes back."

Re:It's not "insightful"

I don't get it ... he's complaining that an e-mail shouts "Danger Will Robbins!" because his AV subscription has expired? On Windows that's a situation to be concerned about. Of course, if he's switched security products or OS's then he doesn't care, but the vendor doesn't know that and he should out-out/unsubscribe to their notices.

Not to mention that he's upset that a link in the email contains his email address in PLAINTEXT!!!! Does he not understand how mail gets routed around the whole intarwebs?

Re:It's not "insightful"

[Smauler]

It's not necessarily a situation to be concerned about. I've used Windows 2000 and Vista as my desktop for over 10 years, and have used antivirus only occasionally (to test it out for other people predominantly (MSE completely hosed my system last time I installed it). I've had _one_ successful virus - still not sure how it got there, back in the win2k days. I cleaned it out in a couple of hours.

As long as you're not stupid about running stuff, there aren't too many remote exploits to worry about, and most of those are specific application based. Basically my point is you can run a windows system easily with no AV - I've done it for over 10 years, with only one mishap. Another thing to remember is that AV will not protect against all threats - just because you install AV, doesn't mean you won't get a virus. I've cleaned computers "protected" by AV way more often than computers not protected.

Re:It's not "insightful"

[erroneus]

I concur with that general feeling. It was a huge waste of time. The article is worthless for the most part.

There was one point he started to touch on but didn't go into well enough, in my opinion. It's one of my favorite speaking points:

Pity and forgive the poor user. There are just some things that will never come naturally to them. They tend to buy into advertising as fact rather than spin or fiction. I try my best to educate users without their feeling as though I am shoving unwanted information down their throats. I offer, I give a sample, see how it tastes to them and then offer another spoonful. If they don't have time for it or don't like it, I just let it go and never use their lack of desire for knowledge against them.

Too often, experts try to push their knowledge and wisdom out in a less than gentle way. They know they are right and it is correct to make people learn these important things. People just won't learn that way.

Trying to stay relevant to the article, the users do, in fact, need something to grab them to certain facts. Hype is the only thing that seems to get any attention at all. In the world we live, everything is loud and flashy and trying to get our attention. If your important information doesn't contain a bit of that, you might miss a few people even if a select few find that style to be completely repugnant.

Re:It's not "insightful"

[insertwackynamehere]

You aren't the person AV expiration warnings are targets at then. You successfully ran a network connected Windows machine for years and only got one virus, so by definition you aren't the targeted audience.

Re:It's not "insightful"

[nunojsilva]

That indeed explains it — see, people who don't filter that kind of emails (HTML, unique ID URLs,...) aren't aware of how to really keep the computer safe. They're the target audience of the email.

Re:It's not "insightful"

[nunojsilva]

But usually e-mails are not routed through spammers, while URL's can point to spammers...

Re:It's not "insightful"

[TwoUtes]

The quote is "Danger Will Robinson!" There, fixed that for you.

Re:It's not "insightful"

[Peach+Rings]

I liked this quote from TFA:

So, my email is sent in clear-text, in unencrypted form to the security vendor server

:>

Re:It's not "insightful"

But usually e-mails are not routed through spammers, while URL's can point to spammers...

What does this even mean? It sounds like you're just throwing words together.

Re:It's not "insightful"

[Canie]

I'll add that 10 years is a very long time to go with only "one mishap." But that one mishap for the hapless consumer wipes out 10 years of their pictures, music, and other data because those same users don't know about backing up their data. That's priceless stuff for those consumers.

Re:It's not "insightful"

[kaini]

I've had _one_ successful virus - still not sure how it got there, back in the win2k days.

you've had _one_ successful virus/piece of malware you're aware of. malware tech advances at the same rate as other tech.

Re:It's not "insightful"

The worst part was where he incorrectly calls McAfee a security vendor.

Re:It's not "insightful"

[shog9]

I don't get it ... he's complaining that an e-mail shouts "Danger Will Robbins!" because his AV subscription has expired? On Windows that's a situation to be concerned about.

He's complaining that an email from the vendor of a AV product he tried three years ago is shouting assertions as to the status of his AV protection. This is just a little different from an AV vendor reminding you to renew your subscription - it's probably a safe bet that he's moved on to a different AV product.

...doesn't an expired AV subscription warrant some sort of urgency being conveyed in the message?

The day/week/month after the subscription expired? Maybe. But three years later? That's getting disturbingly close to those sketchy telemarketers who call up to warn you that the warranty on your automobile is expiring. Whether or not you have a warranty. Or an automobile.

Is it somewhat unrealistic to expect advertisers to reign in the hyperbole? Yeah, sadly, it is. But at the same time, it does speak rather poorly of a company that purports to be a legitimate vendor of security software, when they're using tactics very similar to those used by the producers of software they should be protecting you from.

Re:It's not "insightful"

[shog9]

It's the principle of the thing. You go to a doctor, and you expect to see him wash his hands and/or put on gloves before examining you. Never mind that it's unnecessary most of the time; it should be a habit for him, simply because sometimes it matters, and when it matters it matters a lot.

Seeing a security company take a cavalier attitude with your information - even when that information probably isn't terribly sensitive and probably won't get intercepted anyway doesn't inspire confidence in their dedication to protecting your information in the scenarios where it does matter.

Re:It's not "insightful"

[hairyfeet]

That is why I give the people I care about (as well as use myself) Comodo AV so they don't have to worry about expiring AV. While I agree that it is good that his AV gave him a heads up, I'd rather they not have to worry about expiring at all. I've got family members that can make a WinXP PC have more viruses than a Bangkok Whore, and Comodo has kept them clean as a whistle.

It doesn't hassle you, or bug you to upgrade to the pay version, has a much better firewall than Windows, and when combined with Comodo Time Machine makes it so short of a hardware failure their PC will be easily recoverable, even if they do something REALLY stupid.

So as someone who has been using their products, on both x86 and x64, I highly recommend them. One word of advice though, don't use time machine with a dual boot involving Windows 7. It won't screw anything up, it simply won't install thanks to Windows 7 changing its drive letter to C. If you have 7 on C and XP on D it works fine, just not the other way around. But other than that after two years on several desktops and laptops not a single problem.

Re:It's not "insightful"

[Zontar+The+Mindless]

Ahem, it's "Danger, WIll Robinson!"

Re:It's not "insightful"

[cp.tar]

I don't get it ... he's complaining that an e-mail shouts "Danger Will Robbins!" because his AV subscription has expired? On Windows that's a situation to be concerned about. Of course, if he's switched security products or OS's then he doesn't care, but the vendor doesn't know that and he should out-out/unsubscribe to their notices.

The vendor doesn’t know?

Really?

How then does the vendor know that the software is still installed on his computer? It is what it says in the e-mail.

The only proper way to notify your user is through the software itself. At least in cases like this.

I'm not defending the ugly "your computer may actually be on fire Right NOW!" type of add, but doesn't an expired AV subscription warrant some sort of urgency being conveyed in the message?

Still, I’d bet anything you please that McAffee didn’t bother to check whether he really had their software installed. They could’ve; all it would take is the last update notify McAffee to send an upgrade offer.
But that takes more time and effort to program, and possibly decreases their income. So instead they resort to spammers’ techniques. Way to go.

Re:It's not "insightful"

[quantumphaze]

I don't think there is much money in that. If I was a virus writer I would make it send me useful information like credit card numbers, PayPal accounts and have it network together with other compromised computers to form some kind of bot network. I hope the guys making "format C:" viruses don't get any ideas.

Re:It's not "insightful"

How do you know you only had one virus? Are you trusting what your AV software is telling you based on what it is capable of reporting?

Re:It's not "insightful"

[tuxgeek]

My guess is that you didn't RTFA
The author downloaded a free version of McAfee 3 years ago as a test/review of their product
He wasn't a paying customer

McAfee recently spammed him with the ad in question
Carefully crafted fear as a marketing tool is the issue at hand here

Maybe next time you should RTFA before posting .. then your post wouldn't sound stupid
No flame intended, just a suggestion ..

Re:It's not "insightful"

[ByOhTek]

Doesn't seem so to me - at least with a tech-savvy user. It's been 12 years since my last infection (Since then, none of the AVs I've used have even picked up anything). And no suspicious behavior.

You don't use the internet like an idiot, and you stay safe.

Re:It's not "insightful"

[godefroi]

Well, hell, there goes your computer. How're you supposed to keep yourself protected when the SECURITY VENDOR knows your EMAIL ADDRESS?

Re:It's not "insightful"

[gumbi+west]

Yeah, that made me laugh too. How does he think his email gets to him, anyway?

So you know they're there

[calmofthestorm]

Friend of mine has the most annoying product ever. Whenever it updates itself, it plays a recording of a voice saying "virus database updated". So we'll just be sitting there and hear that. Since a well-functioning anti-virus just does its thing without bugging the user for the most part, the ones that are for profit have to make themselves loudly obvious and play up the threat level (not to imply there isn't one of course).

I'm not convinced anti-viruses are any better than snake oil, really. Some like Norton are basically viri themselves, slowing your system to a crawl, and all they can do is look for fingerprints of known viri. Sure they can occasionally be bandaids on a sucking chest wound, but the main key to windows security is to not expect it, stay updated, avoid IE, and not run random programs strangers email you. Sure there might be a 0 day in your browser or mail client that causes something like a picture to execute code, but those aren't the main uses.

*gets off rantbox*

Re:So you know they're there

I expect a product named "Avast!" to be loud.
I did disable the voice in it's preferences after a while though.

Re:So you know they're there

Sounds like Avast, which isn't too intrusive. Tell him/her to go into the options menu and turn off the audio notification of the update.

Re:So you know they're there

Yeah, it's pretty easy to disable that.
I don't even use AV software anymore. It only protects me from torrents, and since I buy my games legally, I only torrent on Linux.

Re:So you know they're there

If you are a basic user and you have a silent antivirus, you don't know that you have one.
Having an antivirus that is telling "I'm here, and I'm protecting you" seems really good from a commercial point of view than another not doing it. It'll maybe annoy advanced users that know that it could do the same without the annoying voice, but either you provide an option in the software to disable it or you just tell them "screw you!", it's such a negligible part of the market anyway.

Re:So you know they're there

[UNHOLYwoo]

So you're refusing to like a product because of it's default settings? Good luck in life being the guy that won't buy a car because he doesn't know (or care to know) how to adjust the seat.

Re:So you know they're there

[calmofthestorm]

When I think the default settings are manipulative instead of just incompetent or a bad fit for me? Yes, I do think that's a good reason to distrust a product and the company that makes it.

Re:So you know they're there

[Mad+Merlin]

The core problem is that security is only good security when it's transparent to the user. Of course, users won't buy products that appear to do nothing for them (even if they did actually work perfectly well), thus vendors are forced to produce bad software so that people will buy it.

Re:So you know they're there

[The+Grim+Reefer2]

Whenever it updates itself, it plays a recording of a voice saying "virus database updated". So we'll just be sitting there and hear that. Since a well-functioning anti-virus just does its thing without bugging the user for the most part, the ones that are for profit have to make themselves loudly obvious and play up the threat level (not to imply there isn't one of course).

As other said, it sounds like Avast, and is a easy enough default to change. BTW, while they do sell it, there is also a free version for non-commercial users. Frankly the free version of Avast seems to do a better job than Norton and McAfee by far and IME better than NOD32 and Kaspersky.

Re:So you know they're there

[UNHOLYwoo]

...and you've purchased a copy of Windows in your life? You know its far from a fail-proof OS. How about some other software, like Adobe's CS? or MS Office? Then again, why keep the conversation to just software? Got an iPhone? or an Xbox? Shit man, any car you buy has a "manipulative" twist here and there... In all cases, you just have to know where to find them. Finding the right product is not about finding the perfect one, its about finding the one that pisses you off the least. If a verbal alert is your breaking point, I guess thats just too bad.

Re:So you know they're there

[MoonBuggy]

Friend of mine has the most annoying product ever. Whenever it updates itself, it plays a recording of a voice saying "virus database updated". So we'll just be sitting there and hear that.

Yes, but it also gives you the opportunity to say "Thank you, computer, that will be all" like you're in Star Trek.

Wait... What do you mean I'm the only one who does that? Guys?

Re:So you know they're there

its as easy to shut avast! up as it is to stop windows from going ding! when you close or open a window, or a menu, or lock or log on/off

If you don't like the noise, make it stop.

Re:So you know they're there

[PenguinBob]

Avast? Yes I have that, but I turned on the Silent/Gaming mode just to get it to leave me alone. Anti-Virus Vendors: Don't bother me unless there is a problem. I'm sure there is a UI design consideration that says not to bother the user unless they really need to know about the change.

Re:So you know they're there

[Smauler]

AV does not protect against 0 day exploits

Re:So you know they're there

[Therilith]

That takes like ~5 seconds to turn off. 15 if you don't know where to look.

Re:So you know they're there

[Minwee]

Friend of mine has the most annoying product ever. Whenever it updates itself, it plays a recording of a voice saying "virus database updated".

You know, all your friend has to do is open up the settings dialog and turn off audio notification. It's about three clicks of the mouse and then all of those messages will disappear.

Just because you're using Windows doesn't mean you have to accept every annoying misfeature of every application as normal.

Re:So you know they're there

[Joce640k]

No ... it's much easier to stop Avast.

The person who designed Windows' "sounds" dialog needs to be taken out back and shot.

Re:So you know they're there

Maybe, when they're infected by a virus that disables their AV software and they don't hear it say "virus database updated" they'll realize something is wrong.

Re:So you know they're there

[bendodge]

While I think it's atrocious that Windows has to have a third-party layer akin to the FDA to keep users from getting waylaid by malicious code, I'm a little surprised that you think Avast is better than NOD32 or Kaspersky. The most recent AV-Comparatives report is rather unflattering to Avast. I'm personally a NOD32 (ESET) fan.

http://www.av-comparatives.org/images/stories/test/ondret/avc_report26.pdf

Re:So you know they're there

Who the hel pruchases a copy of Windows? I havent and not about to start now ;)

Re:So you know they're there

[Opportunist]

There are some like Norton (Boss: "We don't say anything bad about our competition. So when someone raises the topic Norton, we say 'Norton is packaged in a really well designed looking box'"). And I can understand why they have to dig into the system so deeply. Simply because they, being big players in the AV biz, have become targets for malware themselves. So it has become a battle between these companies and the malware writers who can dig deeper into the system and make sure the other one cannot uproot them.

In other words, if you reach for an AV tool, reach for one of the lesser known ones. They actually can spend their dev time on fighting malware, not trying to keep from being fought by malware.

Whether it's a "bandaid on a sucking chest wound" depends mostly on the user, I'd say. You, me and about 99% of the readers here most likely do not profit much from using AV. Almost all contemporary malware uses social engineering as their entry point into the user's PC. The promise of a certain crack, the threat of a lawsuit or whatever else is necessary to get a person to double click. But do you expect Joe Randomuser to watch out? Do you expect him to even know about the threat that is looming for him in his next spam mail? In case you're wondering: Better don't. You could almost as well expect a politician not to be corrupt. Your chance that your expectations are met are about equal.

Re:So you know they're there

[Opportunist]

Not yet. But we're working on it.

Re:So you know they're there

[Stupendoussteve]

ClamAV makes a great scanner for a questionable torrent file anyway.

Re:So you know they're there

Some like Norton are basically viri themselves, slowing your system to a crawl, and all they can do is look for fingerprints of known viri.

The Norton products got a little sloppy in years past, particularly around the 2006-2007 time frame. Symantec underfunded development because they assumed Microsoft was going to jump in an take over the antivirus business with free software. When the didn't happen, more investment was made and there have been great strides in product performance in the years since. Also, the claim that these products do only fingerprint based scans is completely false.

One reason antivirus products can sometimes feel like viruses themselves is because they must use quite a bit of anti-tampering technology to defend themselves against virus attacks. They cannot use standard installers and uninstallers because viruses would simply remove them. As a consequence, if anything in their configuration gets out of whack it can cause problems for the upgrade or uninstall procedures.

Re:So you know they're there

[dolo724]

You buy a car to drive it, and figure out how to adjust the seats. You tell your mechanic to change the oil because most of us couldn't be bothered to do it ourselves, or we know enough to recycle the used oil and don't dump it on the ground.

People gonna buy computers and drive them whether or not they care about AV. They figure out how to use basic software unless they have aptitudes approaching what most ./ers claim. My clients' computers might have an antivirus program or not, but most rely on my instruction to update the signatures manually or to set the program to update itself.

Re:So you know they're there

[UNHOLYwoo]

Touché.

Re:So you know they're there

[The+Grim+Reefer2]

I guess it all depends on what you expect an "anti-virus" program to do. I'm only concerned with Avast looking for viruses and none of the other things listed in the link you posted. ESET detected 183 viruses vs. 182 by Avast, which is virtually identical. Kapersky only detected 105, which makes Avast better in my mind.

I pretty much gave up on NOD32 on my work system when it got hit with Winfixer and ESET missed it. Spybot had no problems with it though and also detected several hundred other trojans that NOD32 missed.

In regards to worms, I rely on Zone Alarm and a hardware firewall.

I guess the difference is that I am not looking for a all encompassing security solution as IME there really isn't one short of turning off all network connectivity.

And I totally agree with you that it's ridiculous that all of this third party software is needed just to keep a Windows system functional.

Re:So you know they're there

[cgenman]

I'd say about a quarter of the completely messed up machines I've seen have come from AntiVirus software that went rogue and deleted large chunks of the system. The only systems that I've had to entirely re-flash were from said destructive AV software. And all of those were either McAfee or Norton.

Re:So you know they're there

[Pax681]

um.... silent/gaming mode switches the various scanners off. it's to free up resources (not that is uses much) not to stop you hearing the update message

going into setting is how you disable sound.

Re:So you know they're there

[Opportunist]

Boss: "We don't say anything bad about our competition. So when someone raises the topic MyAfee, you excuse yourself and go to the bathroom, and you better hope the topic changes before you return. To be sure, make it a long dump."

Re:So you know they're there

[Pharmboy]

While I think it's atrocious that Windows has to have a third-party layer

They don't. I have been using MS Security Essentials for a year now, on several XP, Vista (ugh) and W7 boxes (over a dozen). Uses less resources than even AVG, and haven't had a single virus yet, even with all the stupid browsing that gets done by users. And it is free.

It is sad that you need AV, but at least it is now free, good quality (relatively speaking) and works as good as or better than the average. Of course, I still would rather we switched the whole office to Linux or BSD, but if you have to use Windows, you don't have to use a 3rd party AV solution.

Re:So you know they're there

[perryizgr8]

actually i used avast just because of the voice playbacks.
in the middle of the night:"virus database updated!"
when you plug in a friend's usb drive: "[loud siren]Attention!! A virus has been detected!!"
its cool and scifi!! unfortunately avast also made my pc slow as molasses and then msse was released.

Re:So you know they're there

[st0nes]

viri

Viruses please. And calluses, octopuses, platypuses, polypuses. Thank you, that is all.

Re:So you know they're there

[tomweeks]

When an antivirus subscription expires, it's an excellent time to reconsider your OS selection. Here's my story...

For a while, one of my Christmas presents for my wife every year was her NortonAV re-up subscription. It was frustrating, and made me (and avid Linux evangelist) livid -- paying into the very system that I every fiber in my being was techno-morally opposed to. However.. the NAV re-up what she wanted, and it was a necessary evil as it was the one Windows box on our network that we also used for running the TurboTax CD-install from every year.

When I found that Turbo-tax could be run completely on-line now, AND was non-IE/Firefox friendly.. I asked her, "so what do you need your machine to do now if we can do taxes on line instead of buying the Windows/CD every year?"... To which she replied.. "As long as it makes toast.. I don't care what OS it is!". "Makes Toast?", I asked. "Yes.. Unlike for you, to me a computer is just a toaster. If it doesn't 'make toast'' (check email, surf the web, and play a few games) then I don't want it!.". "Oh! Okay.. let me see what I can do." So I set her up with a second laptop in the form of a new, Dell mini-9 with Ubuntu preinstalled and she loved it. It "Made Toast" and I had no more Antivirus subscriptions to deal with (and no more viruses or worries about the backdoor known as MS-Outlook).

She now checks email with Thunderbird and Squirrelmail, plays all her regular web-flash games... Plus, what really made her fall in love w/Linux were all the free/included versions of FreeCell/Blackjac and Mahjongg. Come to find out, FREE GAMES was the "big driver" for my wife's acceptance of the mythical "Linux Desktop".

Now I take that $50 every Christmas and buy her something from Victoria Secrets. A gift that keeps on giving ;)... instead of taking.

Re:So you know they're there

[Kitkoan]

To turn off those sounds bring up the Avast User Interface. In the top right of Avast box click on the Settings button. Under the Sounds tab (fourth from bottom) uncheck the Enable avast! sounds. Your done and it'll shut up.

Re:So you know they're there

I have given up on antivirus software. It doesn't protect you against 0-day attacks, which is what I usually encounter, so it is next to useless - and a resource hog. It just gives you a false sense of security. The only time I've had my machine destroyed by a virus was when I was running the very lastest up-to-date MacAfee.

It is better simply to image your hard drive on a regular basis. That way you can recover quickly.

Re:So you know they're there

[El_Oscuro]

I have my computer set to say "Just what do you think you are doing, Dave?" when I reboot it.

Re:So you know they're there

[gringofrijolero]

Autorun and USB sticks are much more dangerous than the internet.. Sure wish they had real write protection..

Re:So you know they're there

What do you think heuristics are for? Maybe your AV product doesn't, but mine does.

Re:So you know they're there

[nbucking]

I do believe you are talking about Avast! antivirus (which is free). If set to its default settings it will say "virus database updated" it is neat at first (like having your own star trek ship computer!) and annoying later on. But I doubt it is there to scare anyone. I use Avast! because I grew up with McAfee and Symantec. They were terrible because they did the things you mentioned (slow your system to a crawl and made it impossible to uninstall the AV). I also got Avast! because it has the ability to check on 64 bit programs and most importantly it is FREE. I still work with Symantec at work (Air Force) but it has been pushed to the side and it is updated by a centralized AF AV server that rarely needs maintenance. The processing power has also increased to a point where I do not notice the background virus checks.

Re:So you know they're there

While I think it's atrocious that Windows has to have a third-party layer akin to the FDA to keep users from getting waylaid by malicious code, I'm a little surprised that you think Avast is better than NOD32 or Kaspersky. The most recent AV-Comparatives report is rather unflattering to Avast. I'm personally a NOD32 (ESET) fan.

http://www.av-comparatives.org/images/stories/test/ondret/avc_report26.pdf

Any operating system needs some sort of code checking layer if it wants to stop users from installing malware. This is nothing special for Windows, and the security model in Win7 is just as good as OSX and other OSs (actually, as the winner of the Pwn2Own competition and other security experts point out, its in many respects better, se below).

The self-spreading silent virues of many years ago are no longer the major threat on Windows either. A huge for-profit malware industry using social engineering and targeting the biggest market is.

Hacker: Windows More Secure Than Mac OS X:

It is of the opinion of Charlie Miller, a well known Mac security guru, that even Snow Leopard, the latest version of Mac OS X, isn't as safe as Windows.

Winner mocks OS X hacking contest:

Why Safari? Why didn’t you go after IE or Safari?

It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.

It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it.

Re:So you know they're there

[Registered+Coward+v2]

When an antivirus subscription expires, it's an excellent time to reconsider your OS selection. Here's my story...

For a while, one of my Christmas presents for my wife every year was her NortonAV re-up subscription.

SNIP

Now I take that $50 every Christmas and buy her something from Victoria Secrets. A gift that keeps on giving ;)... instead of taking.

Be sure to package it in a Norton box and tell here you need to do a thorough install and check to see if it works.

Of course, if the protection fails...

Re:So you know they're there

No, I agree with him. It don't matter that I can change it. Avast's default setting were so annoying and so over the top, I immediately uninstalled it. Why should I have to go fiddle with the setting to make it less annoying? It should start out that way. WHY do they need a voice AND a systray pop to announce the update. It shouldn't have either. It should sit in the background and STFU!

Re:So you know they're there

[Hurricane78]

and haven't had a single virus yet that was detected, even with all the stupid browsing that gets done by users.

There, fixed that for ya. ...considering that the detection rates of that thing are a complete joke.

Re:So you know they're there

[Hurricane78]

No, you’re not. :)

We were promised smart speech interfaces all our lives, so I better damn can at least act as if.

Oh, and a tiny script will allow you to let it answer “You’re welcome!”. ;)

Re:So you know they're there

[i.r.id10t]

But is your name Dave?

Re:So you know they're there

[Xyrus]

...but the main key to windows security is to not expect it...

The main key for ANY security is not to expect it.

Re:So you know they're there

[jjoelc]

SuRun is a great little utility. Effectively brings 'sudo' to windows. They weren't the first people to have the idea, they just did it better than everyone else. Not a shill, just a pleased customer (like anywhere, we have some really 'computer-dumb' people working here...)

Re:So you know they're there

[Krau+Ming]

when my computer was fried i said "open the pod bay doors HAL....OPEN THE %^$&ING POD BAY DOORS HAL!!!". then i opened the pod bay doors myself.

Re:So you know they're there

They're using Avast. Turn on "Silent/Gaming mode" from "user interface" control panel, and it won't make silly noises any more.

Re:So you know they're there

[The+Grim+Reefer2]

While I think it's atrocious that Windows has to have a third-party layer

They don't. I have been using MS Security Essentials for a year now...

I guess it's technically not a third-party solution, but it still has to be installed like one. That's what is truly a shame. Why couldn't they have just made it secure to begin with! Then we wouldn't have to worry about this shit in the first place. So you'll have to pardon me for not having much faith in it now.

Re:So you know they're there

[Pharmboy]

I'm not a fan of MS either, but we have no choice on the corporate desktop. AV is a shim, but it is as well on Linux if you run AV. Windows 7 is honestly much better than XP even if it is still flawed, but then again, XP was designed a decade ago. I'm just buying time until Linux is more desktop ready than it currently is. Now on the server, I've not run Windows in over 10 years.

My problem with MS isn't about the usability of Windows. It is still easier on the desktop than Linux, although that is more of an issue of drivers and applications. My problem is the company itself and their history of abusing wholesale and retail customers.

Re:So you know they're there

I'll bet that is Avast.

(1) There's a free version.
(2) You can turn off the voice.

Re:So you know they're there

[captainClassLoader]

It probably would have worked if you had phrased it differently. "Sudo, open the pod bay doors, Hal" always worked for me.

Spam exclusion

Little known, though highly comical peice of info, is back in the day the McAfee spam filter constantly triggered on the McAfee advertising emails. You'd think the marketing guys would have figured out their techniques needed adjustment... but instead the smart ones at the top demanded a fix... so the engineers built an exclusion into the software for anything coming from the company... becuase clearly that was the right course of action. I'm not at all surprised their 'emails' can't be distinguished from Phishing spam after all these years.

McAfee is for noobs

[kaptink]

McAfee is for those who have no idea and therefore the warnings make perfect sense. Ethically wrong, sure. Its been made up by the marketing department with the sole purpose of getting the likely clueless user to cough up. And that i'm sure they do. Tobacco causes cancer yet cigarette companies will still do whatever they can to flog their products to anyone who will buy them. It doesnt mean its right. What do you think about Microsofts 'Windows Genuine Advantage' program? It does absolutely nothing for the user but certainly helps Microsoft make a lot more money. Yet its pushed as giving some sort of advantage.

Re:McAfee is for noobs

[Shadow+of+Eternity]

It's not any more ethically wrong than anything else. The REAL problem are those "YOU HAVE A VIRUS CLICK HERE" fake-windows webpages. Even if you know better sometimes finding a way out can be tricky because the fuckers have started opening "OK" boxes over where you'd normally click to close the window.

Re:McAfee is for noobs

[Smauler]

Tobacco causes cancer yet cigarette companies will still do whatever they can to flog their products to anyone who will buy them. It doesnt mean its right.

I enjoy tobacco and don't mind dying younger. They're not doing anything wrong by supplying what I ask of them. They might be abusing dimlows but that does not mean they're abusing me. What they are doing _is_ right. AV vendors on the other hand only have a business from abusing dimlows - anyone who knows anything about it will generally either use free AV or none at all.

Re:McAfee is for noobs

[bagman1673]

another little trick mcaffee has up it's sleeve is to periodically mine their credit card database and ding random people for bogus charges. i had this happen to me a few years ago after i had foolishly subscribed to their on-line virus checker. After it quit working and i could get no support for it, I unsubscribed. About 2 years later i got a charge on my credit card from the friendly folks at mcaffee. The credit card company would not remove the charge and advised me to contact mcaffee which, of course, is impossible. mcaffee has an inferior product which they market very aggressively to the endless supply of uninformed and unsuspecting windows users. windows will die eventually and so will mcaffee.

Re:McAfee is for noobs

[ACS+Solver]

I enjoy tobacco and don't mind dying younger. They're not doing anything wrong by supplying what I ask of them. They might be abusing dimlows but that does not mean they're abusing me. What they are doing _is_ right.

This is something I wonder about. I do consider tobacco companies an evil force in some sense. They're useful to governments because of taxes so governments certainly don't want to fight them. Let's see, tobacco isn't something that's probably harmful - it has been well proven scientifically that there's tobacco causes health problems. It is also known that it's not causing some minor problems but causes significant problems like cancer, with a statistically significant reduction in life extensiveness. Plus, it's known that tobacco is, because of nicotine, addictive.

It seems like a major part of this is that smoking/tobacco use has been around for a while before modern medicine and before definitive proof of its ill effects. Imagine this - I invent a device that, when used, gives you huge, orgasmic physical pleasure. That would be addictive enough psychologically. Now imagine this device also has slight physically addictive effects and, most importantly, gives you an above-normal dose of gamma radiation, high enough so that a significant amount of device users would eventually succumb to cancer or radiation sickness caused by it. Would I really be allowed to market and sell the device? I'm pretty sure I wouldn't, certainly not unless the government would stand to gain very serious revenue from taxes on that, and even then I'm doubtful.

Re:McAfee is for noobs

[astar]

do you wish to assert that your dying young is not going to have some sort of social cost I have to pick up?

I question the dimbulb argument. I have a very nice IQ. No doubt I am a dimbulb here and there anyway. But tobacco has often been a big issue in my life. And I come out of an era where tobacco company out and out lies are well established. I wonder how I should process your remarks.

Lastly your argument would also support giving out smack on the street corner. Somehow, I suspect that you would find making that argument inconvenient.

Re:McAfee is for noobs

[ldcroberts]

I enjoy tobacco and don't mind dying younger. They're not doing anything wrong by supplying what I ask of them.

hmm sounds like you are knowingly asking them to assist you to terminate your life prematurely, I'm pretty sure there's quite a lot wrong with that.

Re:McAfee is for noobs

You invented an orgasmotron?

Re:McAfee is for noobs

Living kills!

Outlaw life!

Re:McAfee is for noobs

[tunapez]

Thomas Midgley Jr would protest, good sir, if he were not spinning in his grave.

Re:McAfee is for noobs

EVERYONE says they don't mind missing 2-10 years from their life at one point. Until it comes time to die, and they remember what an idiot they were. Maybe you should consider volunteering at a local cancer center. It won't hurt, and at best, you will have learned something.

Re:McAfee is for noobs

not gamma. gamma rays pass through anything. say xrays or beta.

Re:McAfee is for noobs

No, actually, most economic studies show that tobacco users more than 'pay their way' when it comes to medical and social costs. They're taxed to oblivion, and die early enough that they don't use the benefits of the tax systems they pay into.

I don't understand what you mean by your second paragraph, so I'll not comment.

And finally, no, no it wouldn't. That's obviously a poor analogy. In light of this, your incoherence in the second paragraph is now more enlightening and ironic.

Re:McAfee is for noobs

[Kitkoan]

I enjoy tobacco and don't mind dying younger. They're not doing anything wrong by supplying what I ask of them. They might be abusing dimlows but that does not mean they're abusing me. What they are doing _is_ right.

This is something I wonder about. I do consider tobacco companies an evil force in some sense. They're useful to governments because of taxes so governments certainly don't want to fight them. Let's see, tobacco isn't something that's probably harmful - it has been well proven scientifically that there's tobacco causes health problems. It is also known that it's not causing some minor problems but causes significant problems like cancer, with a statistically significant reduction in life extensiveness. Plus, it's known that tobacco is, because of nicotine, addictive. It seems like a major part of this is that smoking/tobacco use has been around for a while before modern medicine and before definitive proof of its ill effects. Imagine this - I invent a device that, when used, gives you huge, orgasmic physical pleasure. That would be addictive enough psychologically. Now imagine this device also has slight physically addictive effects and, most importantly, gives you an above-normal dose of gamma radiation, high enough so that a significant amount of device users would eventually succumb to cancer or radiation sickness caused by it. Would I really be allowed to market and sell the device? I'm pretty sure I wouldn't, certainly not unless the government would stand to gain very serious revenue from taxes on that, and even then I'm doubtful.

Sure you would be able to. Its called 'high glucose corn syrup'. You can find it in MANY different food products and it causes serious health issues like unhealthy weight gain (they are 'empty' calories). It also causes Diabetes, a life changing and possible fatal health condition. Its even been linked to possible liver scarring. And the best part about this? Its not heavily taxed like cigarettes.

Re:McAfee is for noobs

Unless you sell it in weapon form. Then the government wouldn't be able to order them fast enough.

Re:McAfee is for noobs

What a hard man! Something tells me you'll feel differently when you actually *are* dying (and a typically horrible, drawn-out death it will be as well, if it's smoking-related).

Wanker.

Re:McAfee is for noobs

do you wish to assert that your dying young is not going to have some sort of social cost I have to pick up?

I will assert that your nebulous claims of unspecified and unquantifiable "social costs" are of absolutely no concern to me, and ultimately are in fact a matter of opinion. Usually these vague statements are made by anti-tobacco activists who, when pressed for details, are unable (and unwilling) to supply any kind of actual example of these alleged "social costs", refuse to make any logical, rational comparison to the "social costs" of early death by any other means, and are primarily a Straw Man used to deflect any type of actual debate.

Re:McAfee is for noobs

[ultranova]

I enjoy tobacco and don't mind dying younger. They're not doing anything wrong by supplying what I ask of them. They might be abusing dimlows but that does not mean they're abusing me. What they are doing _is_ right.

It's questionable whether someone knowingly inhaling a carcinogenic agent should call anyone "dimlow". It's also questionable whether supplying such a person the means to self-abuse is morally right. What isn't questionable is that having others suffer from second-hand smoke is quite thoroughly evil.

But then again, I just ate a fat-soaked meal and followed it with a nice strong pot of coffee to counteract the beer from yesterday, so pots and kettles and all that.

Re:McAfee is for noobs

[selven]

do you wish to assert that your dying young is not going to have some sort of social cost I have to pick up?

I question the dimbulb argument. I have a very nice IQ. No doubt I am a dimbulb here and there anyway. But tobacco has often been a big issue in my life. And I come out of an era where tobacco company out and out lies are well established. I wonder how I should process your remarks.

Lastly your argument would also support giving out smack on the street corner. Somehow, I suspect that you would find making that argument inconvenient.

Well, good, because I have absolutely zero problems with making the argument that giving out smack should be legal.

First of all, sin taxes on tobacco, alcohol, etc are meant to cover the costs of providing medical care to their users. That covers the social costs of those substances. Secondly, the parent accepted that tobacco companies do lie and deceive their customers, he just stated that they're not deceiving him, since he's an informed consumer and understands that tobacco consumption is a high-risk activity. He sees that tobacco has value to him (relieving stress, entertainment, social status, whatever) and to him the value outweighs the health cost. Antivirus software, however, has very little or no value, therefore its business relies on tricking dimbulbs more than the tobacco business does.

Re:McAfee is for noobs

[astar]

thank you for a response.

On sin taxes, a few random thoughts cross my mind. "Intend" is often tricky. For most of the last century, the relevant intent was the tobacco people, mediated through southern politicians. I think I could make a good argument that the sin taxes have yet to cover the social costs. Since the sin taxes are never supported by the tobacco companies, but are forced by the government under some sort of general welfare approach, I wonder how you manage to support the sin taxes. Can the tobacco companies be doing the right thing if they do not support sin taxes

Considering recreational drugs in general, like smack, and suppose you will embrace public health measures, and making a few hypotheticals.

Suppose we know who is taking the dope and how much. Suppose there is a cure for dependence, not necessarily convenient. Maybe some meds, some restraint, and some feeling real bad.

Suppose a high density of recreational drug use is undesireable, a public health thing. I have done some drug culture. Drug culture, even in peace and love days, can be easily conjectured as a potential public health issue. I suspect now it could be argued as a national security issue.

so at a certain point the local druggies get rounded up and "cured". All very transparent and even closely predictable. Then they go home. Maybe next time when the local usage stats get high, they will just quit for a while.

Re:McAfee is for noobs

[Khyber]

"It's questionable whether someone knowingly inhaling a carcinogenic agent should call anyone "dimlow""

Consider your atmosphere and current city pollution levels.

Rethink your statement.

Backpedal faster than a politician.

Re:McAfee is for noobs

[Dexter+Herbivore]

Alt-F4?

agree

[AffidavitDonda]

next thing he'll complain about are ads for health products that are not healthy, but use green color to look "natural" that's just how advertisement works...

Re:agree

[nunojsilva]

I'd me more like complaining about an ad for a product which protects from unhealty food by discarding bad food, and using the kind of packaging often associated with unhealty food.

It's not about ads that lie, it's about the ad being built in a way McAffee itself disapproves (or should disapprove...), while "health product" companies generally don't issue rules on which packages should not be trusted.

More obligatory

Will it blend?

Takes one to know one.

[cacba]

You seem to use the exact same hyperbole that you claim is so harmful. This is a needless article that is preaching to the choir.

Seriously, there are blatant scams advertised and you write an article about a product emphasizing its need.

Re:Takes one to know one.

[mindbrane]

This is a needless article that is preaching to the choir.

uhmmm, ya maybe, but me, i think of it as more of a contrapuntal invention inviting the choir to join in, but then, that's how i see most /. articles.

Also obligatory:

[Nimey]

Kill yourself.

Advertisers are deceptive assholes, film at 11

[sootman]

Right up there with those assholes at Domain Registry of America.

Re:Advertisers are deceptive assholes, film at 11

[MoonBuggy]

Yeah, I did a double take the first time I heard from them, assuming that it was just a different trading name for one of the registrars I actually do use - it didn't take me long to confirm that it was nothing to do with anyone I purchase from (the rather excessive prices were the first clue!) but it was still misleading enough that I had to check.

I must admit that I do feel a little bit of satisfaction knowing that they're paying to send several pieces of snail mail across the Atlantic to me every year.

Re:Advertisers are deceptive assholes, film at 11

[zzyzyx]

Their letters come with prepaid reply envelopes. I always take some time to inform them of the other great opportunities I receive along in the mail.

Re:Advertisers are deceptive assholes, film at 11

[ducomputergeek]

It looks like an invoice. If you're a small business owner that doesn't know any better it can get in a stack of bills and you see the $37.50 and something about your domain name and cut a check. That is what they are hoping for. I bet I get 10 - 15 a month from them.

Re:Advertisers are deceptive assholes, film at 11

[discord5]

I must admit that I do feel a little bit of satisfaction knowing that they're paying to send several pieces of snail mail across the Atlantic to me every year.

The sad thing about that is that they're probably making enough money to be able to send out that many letters in international mail each year. I get about 3 or 4 of those things in the mail each year, each for a separate domain, and so do a couple of acquaintances of mine. If for every 10 letters they send, one sucker gets fooled, that still makes it profitable.

Re:Advertisers are deceptive assholes, film at 11

Its closer to 1 in 80, based on US mail rates.

Re:Advertisers are deceptive assholes, film at 11

[Paxtez]

Oblig Bash.org Quote.
http://bash.org/?127039

<wolf> 1. Save every Free Credit Card Offer you get, Put it in pile A
<wolf> 2. Save every Free Coupon You get, put that in pile B
<wolf> 3. Now open the credit card mail from pile A and find the Business
       Reply Mail Envelope.
<wolf> 4. Take the coupons from pile B and stuff them in the envelope you hold
       in your hand.
<wolf> 5. Drop the stuffed to the brim envelopes in your mail and walk away
       whistling.
<wolf> I have now received two phone calls from the credit card companies
       telling me that they received a stuffed envelope with coupons rather
       then my application. They informed me that it they are not pleased that
       they footed the bill for the crap I sent them. I reply with "It says
       Business Reply Mail" I'm suggesting coupons to you to ensure that your
       business is more successful. They promptly hang up on me.
<wolf> Now, I did this for about a month before it got boring, so I got an
       added idea! I added exactly 33 cents worth of pennies to the envelope
       so they paid EXTRA due to the weight. I got a call informing me about
       the money, I said it was a mistake and I demanded my change back. After
       yelling at the clerk and then to the supervisor they agreed to my
       demands and cut me a check for the money. I hold in my hand at this
       very moment a check from GTE Visa for exactly 33 cents.

This Was More Fun

[hduff]

Dirty Stacey Needs Registry Cleaner 5.4

http://maximumhoyt.blogspot.com/2010/04/dirty-stacey-needs-registry-cleaner-54.html

WARNING This website can see your IP address

WARNING This website can see your IP address.

My Windows PC is unimpaired by ANY of their products. Even the "respectable" AV, I take it as seriously as I take the subject of this post. I backup the data which is what matters. If the modem goes crazy and/or I see strange processes then I run a scan using a free product. Occasionally, I use a free product just to see if anything is weird, and for the past 2 years the only wierdness has been "tracking cookies" which are relatively benign.

Let's face it--Windows is getting closer to "fixed" everyday and if it's fixed then AV is a dead biz... unless of course you like to "punch the monkey". OK, so it's not an entirely dead biz yet--plenty of people will click just about anything and/or install every sketchy app they think they might like.

Windows.

Because computers can't contract HIV.

Re:WARNING This website can see your IP address

[couchslug]

"My Windows PC is unimpaired by ANY of their products."

My Linux PC is unimpaired by Windows products.

Must be a slow news day

AV subscriptions start/finish all the time. Would you rather believe that it is still running without being notified? You can have all the warnings in the world and some users will not notice/care. Why the fuck does this crap make Slashdot?

The .NET installator comment is perfectly OK

>Thank you, I can disconnect now from the Internet. It's no longer useful now that I have the framework installed.
This is retarded. What if I'm using a dial-up and I pay for time? What if I'm on GPRS using my mobile phone and I can't phone because of it?
But right, everyone has broadband. This guy has, right? So everyone else too.

Re:The .NET installator comment is perfectly OK

[Jeremy+Erwin]

If you have a laptop, the internet is not necessarily ubiquitous. And if your battery life is so bad that you absolutely must be tethered to an outlet, you should think about getting a new one.

.Net installation audacious?

[adonoman]

Maybe I'm missing something, but why is he all of a sudden complaining about the .NET installation saying when you can disconnect from the internet? I realize that he most likely has an always-on connection, but there is still a large number of people using dial--up connections that only give you x number of hours per month. It's helpful to know that the installation is not going to need the internet again to download some extra bits later on. I'd hardly call a little note of convenience for those who need to ration their internet usage "totally audacious". Maybe somebody can explain how it's shocking and reckless, but I'm just not seeing it.

What a waste

[X3J11]

The one time I actually decide to RTFA, and it's this? What a waste. It probably would have been more amusing if he'd dissected some of the spam e-mails waiting in his inbox.

Buy a new and modish watch today, and become recognizable tomorrow. If you are looking for fancy and cheap jewelry, you just found it.

a click away

That's just a sample of the excitement waiting in mine!

Why pay?

[owlnation]

If you must use windows, I totally fail to understand why you need to PAY to use anti-virus. There's plenty of free anti-virus software out there that is better than any of the racketeering paid-for versions. I would have thought every single reader of /. knows this.

Should this article be on /.? It seems more suited for some AOL support board.

Re:Why pay?

[evilviper]

There's plenty of free anti-virus software out there that is better than any of the racketeering paid-for versions.

That's fine, as long as you don't use your PC for any commercial purposes at all. All the free antivirus software specifically says it's for non-commercial use only, leaving small business, and the like, in limbo.

Re:Why pay?

[MikeyO]

. All the free antivirus software specifically says it's for non-commercial use only

clamwin is GPL which, of course, can be used in a commercial setting.

Re:Why pay?

[pnutjam]

Commodo will allow business users.

Re:Why pay?

[evilviper]

Yes, but the performance of Clamwin is horrible, taking at least 2X as long as any other Windows antivirus application, and also eating up lots of RAM for no good reason. In our tests, we've found at least a couple (old) Windows viruses which ClamAV definitions do not pick-up, etc.

I've long wished Clamwin was an option, but it simply is not.

OMG - the email is in CLEAR TEXT!@#!#$!

Thats terrible behavior, delivering the email address over clear text in teh HTTP request...

Its lucky SMTP and POP3 wouldn't do that now, isn't it. Thank the internet god (what deity is that anyway?) we have teh switches.

Windows privelege separation

[Post-O-Matron]

I'll probably get laughed at for this, but I thought I'd use this opportunity to get some advice, on something that I have been wondering about lately

I recently switched from XP to Win 7 after the XP got raped bad by a virus (my family did it!). I still decided against an anti-virus as I hate them, but to try and minimize the chance of this happening again I decided to use privilege separation this time around. i.e I'm writing this post from a non-privileged user account, and I type the admin password 50 times a day for all sorts of installations, configuration settings, etc.

My question is: how (un?)safe is a Windows 7 box running under a non-privileged account?

Re:Windows privelege separation

[Nimey]

In theory, the worst that can happen is that the unpriv'd account will get raped, but the Win7 install will be OK.

IMO, you should still install an anti-virus for the belt-and-suspenders stuff, since you can still have compromised personal information if an unpriv'd account is owned. MS Security Essentials isn't bad and doesn't bug you much.

Re:Windows privelege separation

[adonoman]

Really? You need to reconfigure windows and install crap 50 times a day? That's the real reason your XP system got hosed.

Re:Windows privelege separation

[Post-O-Matron]

All of my sensitive information is encrypted. If my unpriv'd account gets owned all they can get out of it is some PHP code for a couple of projects I work on and a few illegally downloaded movies...

I don't even use the "remember password" feature in FF for this reason.

Re:Windows privelege separation

[Post-O-Matron]

That was just a figure of speech of course :-). I just meant that I accept the annoyance of that popup.

Re:Windows privelege separation

[Nimey]

My previous post didn't take into account privilege-escalation attacks, of which there may be some undiscovered/unreported ones.

It's best to have multiple layers of defense.

Re:Windows privelege separation

[cdrguru]

1. Windows 7 ALWAYS runs as non-privileged. The only difference you would see is not having to type the password, just clicking OK.
2. Why are you having to escalate privilege levels all the time? It should not be necessary at all. Even if some old software is trying to write in the wrong place and cannot be configured (or used) properly, then you can set the permissions for where it is trying to write to eliminate the privilege escalation.

The whole point is to eliminate privilege escalation entirely. Yes, it is needed if you are installing something - and non-Admin users shouldn't be installing software. Yes, it is needed if you are modifying files in the Windows folder, but you shouldn't need to be doing that much either.

Internet Explorer runs pretty much in a wholly separate privilege domain where it can't really write anywhere. Or call stuff to write anywhere. So that is pretty safe. However, if you have software adhereing to an old security model (the "I can write anywhere I want" model), then you are going to either have to change permissions or put up with a lot of escalation to get things done. Problem is, that means anytime something asks, you are going to escalate.

Me, I'd be looking at fixing the software problem.

Re:Windows privelege separation

[Culture20]

I'm writing this post from a non-privileged user account, and I type the admin password 50 times a day for all sorts of installations, configuration settings, etc.
My question is: how (un?)safe is a Windows 7 box running under a non-privileged account?

Reasonably safe, as long as you're typing that admin password to temporarily log in to the admin user, then logging out and logging back in as ordinary user. Don't let any user use UAC, even yourself; that way you can be sure that Malware never tricks you into unlocking UAC (or waiting until you unlock UAC to do its dirty deeds).

Re:Windows privelege separation

[Opportunist]

No, but Win7 suffers from the same problem all Windows versions since 2k suffered: Badly written software that doesn't give a rat's ass about user privileges, and whose advice when you're facing a problem due to (unnecessarily) elevated privilege expectations is to "run our software with admin privileges".

If you happen to install software in the "program files" directory, which is the default location for programs since Windows was born, you are already heading for desaster. Why? Because since Vista, this tree is not writable for non-privileged accounts. Why? Because it makes effing sense NOT to be writable! That's where the public program files reside. Do you give full read/write privs to a nonpriv account to /usr/sbin?

Programs, though, for some odd reason, expect this folder to be writable to tinker with their configs and drop off temporary files. Why? Ask the dimwits who wrote the crap! And the more useless the program, the less it has reason to have elevated privileges, the more likely it will want them. Try to install a game, any game, in a public area and then try to run it with a non-priv account. Provided its copy protection does not expect admin privileges to make sure the all-holy original DVD is inserted (because that's what really counts, not whether your shoddy, half-baked, crapfest of a game leaks enough memory to move whole malware servers through), it will sure as hell complain when it can't write in its installation directory. What cheek! The user wants to limit our access to his machine! That cannot be!

Re:Windows privelege separation

[Opportunist]

You do not play many games on your Windows PC, I can see that...

Re:Windows privelege separation

[MillionthMonkey]

I'll probably get laughed at for this, but I thought I'd use this opportunity to get some advice, on something that I have been wondering about lately

...has anyone seen my red stapler?

Re:Windows privelege separation

[Post-O-Matron]

That's exactly what I thought, but then I thought: I'm trying to protect myself from the odd "inside an image in the browser" virus here. I'm not trying to protect a publically available server.

So the question is, how likely is it for Win 7 to have escalation vulnarbilities, and how likely is it for viruses to eventually target priv-spe'd win boxes?

Re:Windows privelege separation

[Post-O-Matron]

Excuse... excuse... me... I... believe... you... have... my... stapler...

Re:Windows privelege separation

Internet Explorer runs pretty much in a wholly separate privilege domain where it can't really write anywhere. Or call stuff to write anywhere. So that is pretty safe. However, if you have software adhereing to an old security model (the "I can write anywhere I want" model), then you are going to either have to change permissions or put up with a lot of escalation to get things done. Problem is, that means anytime something asks, you are going to escalate.

IE8 is still a vector though. My last two repairs both involved IE8 being completely owned, launching new tabs (and windows) faster than anyone could click to close them. And it received all the privileges it needed to install it's own software ALL over the place.

re

[JohnVanVliet]

sad to say but this stuff is all to common
i just had "vuse" want to install MS windows AV software on my LINUX install .

Expired AVs do popups, not emails

[Joce640k]

The flurry of popup windows you get when an AV expires, along with all the dire warnings from Windows Security Center, won't leave you in any doubt about the status of your antivirus. No email required.

The bigger the vendor, the more "Insert credit card now!" message you'll get.

Danger! Bad Times Virus!!!

[swamp_ig]

If you receive an e-mail with a subject of Badtimes, delete it immediately WITHOUT READING IT. This is the most DANGEROUS e-mail virus ever.

It will rewrite your hard drive and scramble any disks that are even close to your computer. It will recalibrate your freezer's coolness setting so all your ice cream melts. It will demagnetize the strips on all your credit cards, screw up the tracking on your VCR, and use subspace field harmonics to render any CDs you try to play unreadable.

It will give your ex-boy/girlfriend/ex-husband/wife your new phone number. It will mix antifreeze into your fishtank. It will drink all your beer and leave its socks out on the coffee table when company comes over. It will put a kitten in the back pocket of your good suit and hide your car keys when you are late for work.

Badtimes will make you fall in love with a penguin. It will give you nightmares about circus midgets. It will pour sugar in your gas tank and shave off both your eyebrows while dating your current boy/girlfriend behind your back and billing the dinner and hotel room to your Visa card.

It moves your car randomly around parking lots so you can't find it. It will tease your dog. It will leave strange messages on your boss's voicemail in your voice. It is insidious and subtle. It is dangerous and terrifying to behold. It is also a rather interesting shade of mauve.

Badtimes will give you Dutch Elm disease. It will leave the toilet seat up. It will make a batch of methamphetamine in your bathtub and leave bacon cooking on the stove while it goes out to chase high school kids with your snowblower.

These are just a few of the signs. Be very, very afraid!

Re:Danger! Bad Times Virus!!!

[Hurricane78]

What? Badtimes is my Ex??

Re:Danger! Bad Times Virus!!!

What? Badtimes is my Ex??

Nice one.. almost had coffee spewage here.

Re:Danger! Bad Times Virus!!!

[titanium93]

If loving a Penguin is wrong, I don't want to be right! Hey, there's my new Sig!

I have to apologize on behalf of the industry

[Opportunist]

I'm sorry. I'm honestly sorry. Trust me, if we (the techs) could fire the markedroids, they'd be going out the next cannon. And as far as we can overload said cannon without endangering human life (markedroids are NOT human).

The whole scaremongering bothers us the most. Trust me on that one. Because when we, the ones who do actually know when something really is bloody dangerous, cry bloody murder over a security threat, nobody listens anymore.

Re:I have to apologize on behalf of the industry

[Nimey]

Maybe the Navy would let you arrange a demonstration with USS Wisconsin's 16" main battery.

Re:I have to apologize on behalf of the industry

[Opportunist]

And given the amount of grease in the 'droids, that should oil their cannons pretty well too. Win-win!

Protection

[NicknamesAreStupid]

This was once a well known form of extortion, principally of small business owners. While it may still exist, this Internet version seems to have eclipsed it. Crime marches on.

Re:Insightful deconstruction?

[BronsCon]

So you're trying to tell me that McAfee has their marketing department send out emails, but doesn't have them make decision about branding?

Tell me, just why do you think McAfee chose red as their "goddamned branding color"?

Re:WARNING This website can see your IP address

[Opportunist]

Windows is fixed, all right. When you get the users fixed so they don't click on anything promising them dancing bunnies, I'll go out of business.

I'm 35 now. I'm pretty sure I can stay in anti malware 'til I retire...

"Social networking"?!

from TFA: "Not only is this kind of tactics perpetuating the state of fear and the lack of knowledge among Windows users, enslaving them to the financial teat of security moguls, it actually increases the risk of their exposure to social networking tricks. If a user clicks on a security warning in a email once, they might do it twice." [emphasis added]

errr, doesn't he mean social engineering tricks?! And I'm not exactly sure this is news, but I digress ;-)

guy's himself a fraud

[perryizgr8]

seriously, after all the ranting about mcafee being ambiguous and misleading, he himself says "oh and btw, surun[or something equally exotic sounding] is a great and powerful tool." at this point of time the best recommendation to a windows user regarding malware protection is ms se. i'm really surprised to see that se has not become the dominant antivirus. but now i know that its because of people like the author, who is either an asshole or an idiot.

Re:Insightful deconstruction?

[crossmr]

I'm convinced Kdawson killed Timothy in his sleep and has been posting as him for quite some time.

MS Security Essentials

[p51d007]

I gave up on the paid AV's. Even when you find a good clean one, they end up making it BLOATED by throwing in the kitchen sink. I don't visit/download crap, behind a router & firewall, have a couple anti-malware software I run on demand. Anyone that gets a virus these days isn't being smart.

Bad? It depends...

[azrider]

They're useful to governments because of taxes so governments certainly don't want to fight them.

Yet they are a perfect example of the schizophrenic nature of our legislators:

• They ban smoking in office buildings that might be visited by the public
• They try to ban smoking in cars where children are present
• They ban smoking on beaches and other open air venues

Yet,

• They slap high taxes on purchase - so high that governments are dependent on people to continue smoking
• They subsidize tobacco farmers at the same rate as food stuffs
• They salivate at the bribes^W campaign contributions from tobacco growers

Imagen how many more cities, counties and states would have to declare bankruptcy if everybody stopped smoking tomorrow.

Re:Bad? It depends...

[Sigma+7]

They ban smoking in office buildings that might be visited by the public

If something might be visited by the public, chances are that there's other workers. Second hand smoke can be just as bad to people, as well as computers. Most non-smokers chose not to smoke because they prefer not having a nicotine addiction, having an awful smell, or eventually getting cancer because they can't find a smoke-free environment (and no, living off welfare doesn't count because that's stigmatized.) In case of children, I'm sure they prefer not being actively screwed over by their own parents.

They ban smoking on beaches and other open air venues

While there are smokers who know how to properly dispose cigarettes, there's a large chunk that don't. Besides, people prefer getting their feet dirty with sand rather than getting their feet dirty with various junk.

They slap high taxes on purchase - so high that governments are dependent on people to continue smoking
[...]
Imagen how many more cities, counties and states would have to declare bankruptcy if everybody stopped smoking tomorrow.

If everyone stopped smoking tomorrow, then countries that have basic healthcare for citizens won't have to spend as many resources to ensure people remain healthy. In particlar, each pack of cigarettes costs $11 - more than twice the costs of the cigarettes themselves. At worst, there's a short term shock, which will level out later.

Plus, people can more easily switch to other potentially taxable drugs, such as alcohol, caffeine, or glucose. The damage from those three drugs is more contained, and has less collateral damage.

McAfee browser toolbar intrusive and wasteful

[CuteSteveJobs]

McAfee are going in for the hardsell. At work our enterprise uses McAfee Anti-virus products. They've had add-ons to IE and Firefox for some time, but the latest automatic updates were ridiculous. They've added a McAfee toolbar WHICH TAKES UP AN ENTIRE LINE of screen space just to list a little red/green McAfee button. Firefox already lists McAfee as a "problematic extension" but doesn't mention the wasted space problem: http://kb.mozillazine.org/Problematic_extensions

It doesn't affect Chrome. Ironically one of Chrome's selling points it makes maximum use of available screen space. McAfee now makes that even more true!

this is worthy of a mass email

[ChipMonk]

I very rarely send out emails to multiple parties, and I never send out something worthy of a Snopes review. But I did send out a mass email containing the link from TFA, even to some who already understood what it explained. They could use it to explain to others, the inherent un-trustworthiness of commercial AV "providers."

The plural of virus is ....

viruses ...

"and all they can do is look for fingerprints of known viri."

And no, there is also something called heuristic scanning. Look it up.

Hello 1991!

[Rix]

How are you posting into the future? Can you send us some of those colour changing t-shirts? Maybe we could trade for the Friends DVDs.

Re:WARNING This website can see your IP address

My Windows PC is unimpaired by X Windows and/or graphics drivers that are slower so we can "be free as in freedom".

Of course, it's been a couple years since I've tried it. I always try it once in a while, and it never has the snappy feel of a Windows GUI. Even if they do manage to pull it off some day, it'll just prove that the FSS/OSS communities can't give us what we want as quickly as the other guys can.

Text Analysis

[FrootLoops]

The article mostly ignores the text of the add, which is also manipulative (in the ways many ads are). For instance, "McAfee would like to ensure you continue to enjoy a fast and safe online experience" implies your internet will slow down or be scarily unsafe without their product. "We do care about your security" tries to demolish negative views of large companies by putting on a human face. The ad follows up with a friendly special deal (just for everyone): "we would like to offer ... protection ... at a very competitive price: ... 50% off". They don't give price comparisons justifying their use of "competitive", either. They slip the assertion at the end of a sentence that has another idea as its focus in the hopes you'll just accept that their price is in fact competitive. That manipulation is probably the most clever device in the ad.

One thing that struck me as improbable was that the full price the ad quotes is 49.98 pounds, which happens to be neatly divisible by 2. It seems as if the full price was calibrated to be cut in half just so ads could say "50% off" instead of the messier "nearly 50% off", or similar. The ad finishes with a list including some scary words (anti... "virus", "spam", and "spyware") followed by the comforting thought that their product "preserves you and your computer from the most dangerous online threats." At the bottom, they add a sense of urgency to accepting their offer: "Offer expires 31 December 2009," so you don't put off renewing your subscription.

It's speculation, but I don't think a single part of that ad was written with the motivation of actually helping users. Every part of it is dripping with pretty transparent manipulation with the clear motivation of getting you to buy, buy, buy.

3 Years with No AV

[gilgongo]

My wife bought a new Dell laptop 3 years ago. Its hard disk crashed out a couple of weeks later, so we were given a new one and I re-installed Vista. This time, however, I decided not the chase the AV dragon, to see what would happen. So, no AV installed. At all.

Long story short, it's 3 years later and she's not had a single problem. She uses Firefox and Windows Mail, and Office 2003. She surfs the web daily, but mostly looks at YouTube and maybe about 5 other sites on a regular basis (discussion boards mainly).

Make of that what you will. Obviously, her machine may be a hopeless zombie sending out gigabytes of spam a day, but if it doesn't crash, or run slowly, then what does she care?

The alternative would be me having to install and explain AV to her and why she's getting pestered to renew shit she doesn't need.

Re:3 Years with No AV

[Killjoy_NL]

Not having AV is just like having unprotected sex, she could be infecting other people all the time.

Keeping your comp clean is more like being a responsible adult in this community, get her a free AV, they are out there. ClamAV, AVG, etc.

Re:3 Years with No AV

[gilgongo]

I think you're not getting the rather veiled point of my comment: the machine is not infected.

The anti-virus industry feeds off the rather well-founded paranoia of geeks who surf infected porn sites all day. Just because *your* machine would get shot to hell after a couple of hours of *your* browsing habits, doesn't mean everyone else's does, and I think I can prove it.

I'll put it to you this way: try telling an LA Harley rider to wear a helmet. See what they say about that.

Re:3 Years with No AV

[Killjoy_NL]

I think your ignorance is showing instead of me not getting any veiled or not points.
You do not NEED to browse to get infected.
Some years ago I installed a PC, hooked it up to the internet to get drivers and within seconds I had the MS-Blast worm, no browsing needed.

With all due respect, this type of thing is my job, I know what I am talking about.

And please do not imply anything about my browsing habits without any evidence. Online porn got boring many many years ago, it's just pneumatics after a while.

at least it's a legit ad

and they ain't holding the computer hostage for money like a truly bad app.. you know the kind: one that when they say "you're infected, click here to pay to remove it"... the only thing you're usually infected with is that same rogue app (that won't go away and is a bugger to get rid of), and whatever else *IT* put on there.

the only systems i've seen with mcafee installed AND a virus or malware issue is one that mcafee had been left to expire and was severely out of date... so just maybe the problem is really that those scary advertisements aren't scary enough?

Why shouldn't Windows users install an AV program?

[id+est]

It seems absolutly counter intuitive to say that a user running a Windows OS shouldn't use an anti-virus program. Yet, some of the comments in this thread, and many articles at dedoimedo.com are saying that their use is uncalled for. That's hard to believe. The malware writers aren't passivly waiting for users to visit their sites or download infected software. A review of honeypot statistics will verify this.

But why? Stating that "You don't need an anti-virus in Windows" is intreging. But, statements like this need to be backed up. Otherwise, its just an opinion without foundation.

I would love to run my XP system without the use of an AV program. I'd uninstall the one I have now if:

• I can get solid reasons why it's not needed.

• Be given alternatives which, at least, equally secure my system against attack.

• Have these assertions backed up with verifiable facts.

More than you know in FREE methods (HOSTS)

Per my subject-line above, here is a person who runs Windows 2000, no service packs &/or hotfixes, and NO ANTIVIRUS or ANTISPYWARE programs running resident in memory all the time (tasktray icon + services etc.) and has drastically reduced his malware infestation rate gigantically by merely using a custom HOSTS file only:

---

http://forums.theplanet.com/index.php?s=80bbbffc22d358de6b01b8450d596746&showtopic=89123&st=60&start=60

"the use of the hosts file has worked for me in many ways. for one it stops ad banners, it helps speed up your computer as well. if you need more proof i am writing to you on a 400 hertz computer and i run with ease. i do not get 200++ viruses and spy ware a month as i use to. now i am lucky if i get 1 or 2 viruses a month. if you want my opinion if you stick to what APK says in his article about securing your computer then you will be safe and should not get any viruses or spy ware, but if you do get hit with viruses and spy ware then it will your own fault. keep up the good fight APK." - Kings Joker, user of my guide @ THE PLANET

---

It costs him nothing (other than taking the time to read his email & extract out the HOSTS file I use which I send to him each day after it is updated from reputable reliable sources online, & those sources are noted in the security guide's URL above @ its termination) &, it works for securing he FAR better than he was doing without one, and it also makes he faster online as well (bonus).

I have seen him go down from 200++ infestations a month, down to MAYBE 1 infestation every year at most (real ones, not just registry entries to amend for better security etc. which the 2 I have seen from him were, one being the "DSO exploit" patch which Spybot S&D recommended he reset vs. it)... & he got that because he downloaded "questionable material" from some website in my HOSTS file he "comments out" (essentially removes by preceeding them with a "#" symbol, the *NIX analog of a REM or : leading statement in batch files) so he CAN use that website (even if it is to his dismay, he still goes there).

This part though, I cannot control - what a user does that "does him in", himself... he realizes this though.

Nuff said...

APK

P.S.=> HOSTS files work on the SIMPLEST PRINCIPLE THERE IS, & that is "If you can't go into the kitchen, you can't get burned" basically... &, yes, they work, to stop YOU from infesting yourself essentially by blocking YOU from known bad sites &/or servers, AND, they work to stop malware, once it IS inside of your system, from talking back to "the mothership" for orders (as in botnet "command & control" servers), because if YOU yourself cannot reach the URL sites that botnets use? Well, then neither can the malware for the botnet to control you either!

In fact, as an aside? Well - When Kings Joker & I used to do my COMPLETE GUIDE's POINTS to his systems (now he only does the HOSTS file to test its efficacy alone, this is an actual test he & I have been doing for around 1 yr. now in fact to see how effective it is)?

He did better than he is doing now even...

Layered security + conscientious patching in hotfixes & service packs? IT WORKS, & no "antivirus + antispyware" is REALLY needed (IF you know how to spot infestors & remove them, & process explorer alone is usually enough for THAT much, believe it or not)! apk