Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sophos Free A-V For Mac May Kill Time Machine Backups

Posted by timothy on from the mysteriouser-enough-already dept.

kdawson writes "Herewith the tale of the instantaneous loss of 19 months of Time Machine backup data, with the possible involvement of a fresh install of Sophos's new free Mac A-V package. Sophos support has been contacted but has not responded as of this writing."

6 of 133 comments (clear)

  1. Assuming this is true.... by 8127972 · · Score: 3, Insightful

    ... Then this is a serious hit to Sophos as they have a very good reputation. Having said that, AFAIK this is their first Mac app. So perhaps it needed more QA before release. Until more reports of this phenomenon appear, I'd reserve judgment. However it might be wise for Sophos to get out front of this issue before the spin gets out of control.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
    1. Re:Assuming this is true.... by baddaybeav · · Score: 3, Insightful

      we've used the business side of it for over a year, major performance headaches... as to the time machine part, if my memory serves, time machine creates one large file (like tar, but a lot more advanced) it saw the "virus" in the one large file, didn't differentiate that and deleted what it saw as the "file containing the bad stuff" now that he's written data to the drive he's lost any good chance at recovery... I guess we'll need a time machine time machine soon.

    2. Re:Assuming this is true.... by uglyduckling · · Score: 3, Insightful

      Blame Sophos. Sparse bundles are a key feature of the Apple filing system and really, really useful. Sophos should know all about them. This would be akin to a Linux AV that could look inside .tar.gz files but would nuke the whole archive if one file inside was questionable, without making that absoluely clear to the user.

  2. Re:How does Sophos do this? by am+2k · · Score: 2, Insightful

    That's also why for quite some time my company policy has been at least two CPU cores per computer - one for the virus scanner and the OS/apps can have the rest.

    That doesn't make sense. When the scanner kicks in, the application is blocked on the open() call until the scanner is finished analyzing the file, so your second CPU does nothing, and vice versa.

  3. Re:Sophos by webmistressrachel · · Score: 2, Insightful

    If you're a government, educational institution, or a large corporation, you've definitely heard of them.

    If you're a troll on /. with no real experience working in IT, then of course you haven't heard of them.

    --
    This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  4. Re:SOME GUY LOST SOME FILES by david_thornley · · Score: 2, Insightful

    It's the media effect. If we invade another country and accidentally kill a few tens of thousands of civilians, and suffer hundreds of casualties, it won't be presented as effectively as the death of the single journalist who got shot in all of this.

    Mess up a few hundred random computer dudes, and nobody may hear of it. Don't even in the slightest mess with a /. editor, or lots of people will know.

    --
    "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes