Avira Premium Anti-Virus Bug Disables Windows Machines

New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

For crying out loud

[NoSleepDemon]

Come on editors, would it kill you to actually READ the submissions before publishing them? Come back Taco :(

Re:For crying out loud

"seemS [anti-virus vendor] avira is having difficulty with a update of all their premium customers. aN update that has been downloaded over 70 million times is causing the 32-bit version of windows to block almost all critical applicationS. avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

missing letters in capitals.

Re:For crying out loud

"seemS [anti-virus vendor] avira is having difficulty with aN update of all their premium customers. aN update that has been downloaded over 70 million times is causing the 32-bit version of windows to block almost all critical applicationS. avira has responded promptly with an interim solution for this problem. In most cases this causes windows to not boot properly."

missing letters in capitals.

FTFY

Re:For crying out loud

[L4t3r4lu5]

You call them "Editors". Why? They don't edit anything. All they do is wade through the "Free p1llz 2 make sausage fatter!" "Designer shoes for the women of your website" and "I hate all $demographic" posts, modding them down, and picking through the rest to get something worth reading on the fron... Wait, what's that? That's what the Firehose is for?

Then just what the fuck do these people do? They're not paid, are they?!

This is an English language website. Please hire some editors who can correct the grammar of non-English speakers (as is most likely the case here) before posts are on the front page. Here, let me give you an example:

" It [s]eems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. An update that has been downloaded over 70 million times is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem . In most cases this causes Windows to not boot properly."

I even added a link for you. I wasn't even paid to do this, and it took me 5 minutes.

Re:For crying out loud

Trolling is a art.

Re:For crying out loud

[L4t3r4lu5]

I forgot; The subject, unless defined, is assumed from the previous sentence. Really the last sentence should be changed so it doesn't parse as "In most cases (the interim solution) causes Windows to not boot properly." Still, most folk here know that's now what was intended.

Re:For crying out loud

[vlm]

responded promptly with an interim solution for this problem [avira.com]

Minor technical error remains. You meant to write

responded promptly with an interim solution for this problem

Re:For crying out loud

[djsmiley]

With all the rage, its almost like your paying to view this....

Wait, PEOPLE DO?! XD

Re:For crying out loud

Yeah, thanks, buddy, the knee-jerk snarkiness and subject change really isn't helping.

Re:For crying out loud

[helix2301]

I agree bring back taco he fact checked everything and since when does Slashdot post forum threads. Sorry to say but I think the sight is on a slow slippery slope. After a quick product update all was fixed. Why was this even posted?

Re:For crying out loud

in most cases...

Re:For crying out loud

[camperdave]

" It [s]eems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. An update that has been downloaded over 70 million times is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem . In most cases this causes Windows to not boot properly."

Just curious - wouldn't it read better like this:

"It seems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. The update, which has been downloaded over 70 million times, is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem. In most cases the malfunctioning update causes Windows to not boot properly."

Re:For crying out loud

[denmarkw00t]

You beat me to it! I had it ready to copy-edit - maybe /. should hire us to be editors? Of course, now I can do my own rewrite instead of the grammatically correct one you posted above:

Avira totally pisses off customers.

I think that sums it up

Re:For crying out loud

Grammar Nazis... Shouldn't the last line have a comma?

"In most cases, this causes Windows to not boot properly."

(Just asking!)

Re:For crying out loud

[mcgrew]

50% troll, 50% insightful. I thought it was funny. It seems slashdot has been taken over by the Microsoft shills, anything remotely critical of Microsoft is modded "troll" (I had several of these abysmal mods yesterday in the thread about 30 new features in W8). Give it a rest, Ballmer.

Maybe you'll get four "underrated" mods and wind up with the coveted "+5 troll." I wish they'd bring back the old metamod system, this shit used to be rare. Now they'll mod you troll of flamebait for bashing Sony of all paople.

Damn but I hate astroturfing shills.

Re:For crying out loud

[mcgrew]

With all the rage, its almost like your paying to view this

Timothy? Is that you?

Re:For crying out loud

It was never funny, you astroturfing shill.

Re:For crying out loud

Feel free to conveniently forget anti-ms groupthinks that are regularly modded up.

Nobody has ever produced a single email or a distruntled employee rating out or any other kind of actual hard evidence that any company is paying for comments on slashdot of all places - a mostly irrelevant website in the larger tech world. Although, depending on your level of personal narcisism you might have an overinflated sense of importance of the things that in reality nobody is paying attention to.

Re:For crying out loud

[Mister+Whirly]

Nobody has ever produced a single email or a distruntled employee rating out or any other kind of actual hard evidence that any company is paying for comments on slashdot of all places - a mostly irrelevant website in the larger tech world. Although, depending on your level of personal narcisism you might have an overinflated sense of importance of the things that in reality nobody is paying attention to.

THIS. Does anybody out there really think corporations are going to spend real money paying people to argue with anonymous idiots on a site that 99.9% of the population doesn't even know exists? Someone please explain how Slashdot has any sort of "sway" in the consumer electronics industry.

Why, oh why...

[NecroPuppy]

Couldn't we be using Avira at work?

Then I could go home and play Diablo.

Re:Why, oh why...

[metalgamer84]

Not really. My coworker took this week off for D3. After it went live this morning he still cant get in as the game wont actually launch. Apparently others are having the same issue as well. Ahh Blizzard, I don't miss you in the slightest.

Re:Why, oh why...

[Entropius]

but ... but ... but pirates!

Seriously, wtf. D2 sold gajillions of copies and had working single player and LAN. You could be sitting out in the middle of the desert with a solar panel and a netbook and play with your friends.

Re:Why, oh why...

[metalgamer84]

Yep, exactly why I refuse to purchase D3. If they release a patch down the line that doesn't require me to be online with their servers just to play single player, then I will buy it.

Re:Why, oh why...

[Cito]

There is already a pirated version that doesn't require you to be online :)

I downloaded it off demonoid, and picked up the skidrow patch and can enjoy it offline.. never liked playing diablo online as it was just chain lightning spam and KEKEKEKE's all over the screen anyhow

so demonoid single player is perfect

Re:Why, oh why...

It is fine, the login servers and the character create servers were really loaded down... but they are working I'm level 19 after playing until I had to head to work, no biggie just lost sleep for 1 day, lol

Re:Why, oh why...

[danomac]

I took the day off to play it too, I'm just getting ready to install it. I sure hope I don't have problems...

Re:Why, oh why...

[Entropius]

Hm, I can't seem to get to skidrow's website. Are they slashdotted?

This crack allows actual singleplayer, right? This is relevant to my interests since my ISP is so lossy (~20% packet loss) that I can only play SP.

Re:Why, oh why...

[danomac]

Figures, it finally installed and the battle.net servers are down. Go Blizzard!

Re:Why, oh why...

Couldn't we be using Avira at work?

Then I could go home and play Diablo.

Work? on Diablo release day?! Real men call in sick and don't tell their wives.

Re:Why, oh why...

[snookiex]

What kind of "real man" stays at home playing Diablo instead of going to work AND has a wife?

Re:Why, oh why...

Hm, I can't seem to get to skidrow's website.

...facepalm

Fail

See subject.

It's AN update, not A update.

Also: The first word should be "Seems," with an S on the end. Same with "application" at the end of the second sentence; it should end with an S, as well.

Slashdot Editors: Not editing anything since 1997.

Captcha: INFERIOR. Coincidence? I think not.

Update immediately; update immediately.

[cpu6502]

Still think this is good advice? Worse is when the vendor forces the update silently w/o informing the user. Then suddenly your PC is broke or browser and you don't know why.

Re:Update immediately; update immediately.

[The+MAZZTer]

Some people can't be bothered to install updates themselves and even if they could they don't know how to analyze and see if they need the update or not.

For them automatic updates make the most sense. Of course if the company pushing out the updates isn't competent you probably shouldn't be using their products at all in the first place, manual or automatic updates.

Re:Update immediately; update immediately.

[arth1]

Then suddenly your PC is broke or browser and you don't know why.

My PC is always broke; I won't let it have a wallet.
But it has never become browser.

Re:Update immediately; update immediately.

But it has never become browser.

Mine has once. I lost it during three days and it came back with a pink dressed princess and started messing up with all the pipes in the house. Really annoying...

Re:Update immediately; update immediately.

I second this. Microsoft forced IE9 down our throats with the windows update and it breaks several corporate websites... something to do with CSS. What's interesting is that has the exact same setup (Windows 7 SP1, IE9) on other computers do not have the same issue.

Re:Update immediately; update immediately.

[cpu6502]

That means I would stop using Microsoft and Apple (both have pushed updates that broke the computer). Then what would I do?

Re:Update immediately; update immediately.

[war4peace]

Ubuntu is the answer, especially if you're a desktop user and don't play games.

Re:Update immediately; update immediately.

[TheLink]

I don't install antivirus software on my home Windows PC. And I know what I'm doing. At least more than the various antivirus vendors who have done similar screw ups every few years or so! If I need to check some stuff I check it with virustotal.

I do install antivirus software on other people's computers. But you don't update stuff ASAP. Yes viruses are a risk, but so are mistakes by software vendors. And AV software makes your computer system slower- you pay for that all the time.

FWIW I'm one of those that thinks AV software should not be installed on production servers (unless they happen to be servers that are supposed to scan for viruses - gateway scanner etc).

Re:Update immediately; update immediately.

Why are your "corporate" desktops using Microsoft's update servers? Not real big on testing at your shop?

Re:Update immediately; update immediately.

[Grishnakh]

Depends on the size of his company. If his company is one with 30,000 employees, then yes, you'd expect them to have an IT department that tests everything beforehand, doesn't use MS's update servers, etc. However, if his company has 50 employees, that's not a reasonable assumption at all, and they probably only have one "IT guy" who's already overworked, and expecting them to do their own Windows updates is pretty silly.

Re:Update immediately; update immediately.

[cpu6502]

Ubuntu GNUlinux also has pushed updates that have broken things in the past, so no it isn't the answer.

Re:Update immediately; update immediately.

[mcgrew]

That means I would stop using Microsoft and Apple (both have pushed updates that broke the computer). Then what would I do?

Well, I'd say Linux if I hadn't updated to 12.04 on Sunday and had Flash break.

Re:Update immediately; update immediately.

Yes, you do a great job with your PC. I, for one, really appreciate the extra processing power, bandwith, and hd space that your PC provides my botnet.

Re:Update immediately; update immediately.

[aztracker1]

Yeah... I can't even count the number of times an update for a Linux distro has broken things... I think I've had issues with almost every major linux update I've ever had. Usually wind up doing a clean install for a new major update. Though, I'm now using Debian for most of my linux instances.

Re:Update immediately; update immediately.

[war4peace]

Wait a minute... I'm not saying updates were flawless, but at least with Ubuntu I never got something updated without my consent. I mean, no automatic updates. The OS checks, tells you "here be updates" and you check the ones you want. I have configured Windows the same way as well, it never adds updates by itself.

Re:Update immediately; update immediately.

>Ubuntu is the answer, especially if you're not a desktop user and don't play games.

FTFY

Re:Update immediately; update immediately.

[TheLink]

Car analogy: rally cars and F1 cars do not have airbags. But the drivers are still safer in the same sort of crashes.

Because the drivers know what they are doing and the cars have other protections configured. Airbags in those scenarios would just cause more problems than they'd solve.

Same goes for antivirus software. If you know what you are doing, antivirus software is more likely to cause you problems than viruses are.

My different browsers (for different tasks) run using different user accounts. So even if they get pwned by a drive by, it is less likely to affect my main user account.

Wow... McAfee 2.0...

[killfixx]

I guess that's one more to add to my list of AV products I recommend against.

But hey, they'll give you a month free subscription for your troubles*.

*Hyperbole, they'll most likely give users nothing.

Cheers!

Re:Wow... McAfee 2.0...

[Intrepid+imaginaut]

The big surprise for me is they have 70 million paying customers. I'm in the wrong business!

Re:Wow... McAfee 2.0...

[danomac]

I think if you blacklist every AV vendor for random f-ups you wouldn't have any left to buy from. I've had issues in the past with: Trend Micro, McAfee, Symantec, AVG (most recent - they decided to bundle 32-bit binaries for 64-bit machines and this causes all 64-bit machines to bluescreen), ESET (issues with our accounting systems) and probably others I've forgotten about. This is mixed personal and work experiences.

So far I've had OK luck with MSE at home, but I'm sure at some point Microsoft will screw that up too, like they've done with other apps...

Re:Wow... McAfee 2.0...

Only 'screw-up' from MS Security Essentials I know of was reporting one of Google.com's scripts as a malicious file. Apparently, they fixed it within a day, but still happened. There was likely a Slashdot story on it, but finding it is left as an exercise for the reader.

Despite that, MSE has been leaps and bounds above the others.

Re:Wow... McAfee 2.0...

[danomac]

Well, I guess that's the only way they can get people to use Bing... ;)

Found the link to the slashdot article.

Re:Wow... McAfee 2.0...

Sorry, I am recommending this to all my windows using ... acquaintances. I'm sure that Avira will solve this minor glitch some day. Perhaps then they can brick the computer completely.

looks like timmy needs

a effing copyeditor to fix the grammar errors in summaries

McAfee

[SJHillman]

It seems Avira is taking a page out of McAfee's playbook.

AVG had a problem like this years ago

[b0bby]

When AVG caused a boot failure several years ago I switched started switching everyone who asked to Microsoft Security Essentials; still seems to be the best free one. At work I'm happy with NOD32; I suppose that they could have a similar problem, but they've been really good so far.

Re:AVG had a problem like this years ago

[MurukeshM]

Several years ago? MSE is that old?

Re:AVG had a problem like this years ago

[b0bby]

MSE came out in fall 2009, so not quite 3 years ago; IIRC the AVG issue was probably earlier that year and made me start looking around for the best replacement & MSE came out to generally good reviews. I find that MSE with an occasional Malwarebytes scan will keep most people's home machines pretty clear, even people with teenagers...

Re:AVG had a problem like this years ago

[asdf7890]

I'm currently running Avast as various testers found it to have the best detection rates of the common choices at the time (though it didn't have such a good repair rate IIRC). I've been telling people to use MSSE on low spec machines (like netbooks or just really old boxes) as it seems to test fairly well and last time I tried it (on a laptop that somehow got declared "Vista ready" despite only having 512Mb RAM) I found it to be noticeably less demanding on RAM and to have less detrimental effect on performance.

As MSSE is apparently going to be bundled with Windows 8, I wonder how the other vendors will react.

Re:AVG had a problem like this years ago

[danomac]

Pretty sure that AVG issue is the one I mentioned in another post, where they mixed 32-bit binaries in the package for 64-bit installation. Pretty sure that happened in 2010, as we switched at work to ESET in early 2011 because the lack of AVG's QA.

Re:AVG had a problem like this years ago

[xelan]

MSE isn't a bad product. From personal experience, I'd rate it higher than Symantec's Endpoint Solutions from a usability and end user standpoint.The only gripe I have with MSE is that its script blocking capabilities aren't as good as Avast's - my AV of choice. Every antivirus product seems to have had an issue like this from time to time. In this case, Avira, which normally does very well in testing, probably released an update too quickly and disabled machines resulted. Regrettable, but not all that unusual.

Re:AVG had a problem like this years ago

[citylivin]

Except that MSE routeenly doesnt detect shit!

I ran it for a year or so after it first came out. Then one day i had popups on a machine. MSE said it was clean, MSE in another machine said it was clean (with hard drive removed and put in other machine). Only aviria was able to find the virus.

That said, aviria is godawful. The software itself shows popups forcing you to blacklist avnotify.exe with local group policies (yuk!) and they really push their premium version down your throats. Despite this, it does have the absolute best antivirus engine imho. It finds things avg, kaspersky and MSE do not find period. Which makes it the best.

This is a sad state of affairs indeed. The software is really scammy, but it does the best job of any free product i have tried. Once you jump through the hoops.

If anyone else has a better free antivirus, I am all ears to try it.

Re:AVG had a problem like this years ago

[sunspot42]

I just had my machine get totally infected last month by some Java-spread garbage. MSSE was useless. I tried several programs, and Avast did by far the best job at detecting and removing the infection. It's my new AV of choice.

I also switched to Chrome and set it so that I have to click to run any Java or Flash crap. Hopefully that'll help prevent drive-by attacks in the future that exploit the gaping security holes in Java and Flash.

Really?

Is this really the case?

"Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

Or is it just another error to add to the spelling-/grammar ones?

people still use antivirus software?

Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.

And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.

The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do. It does require not volunteering to run any random script that any random web page asks you to run - that's just being an idiot, and you deserve what you get. The only safe model is whitelists for both native software and web scripting / javascript type things. Sure, run your bank's javascript, but don't run ANY javascript from ANY page. Any use model where you run arbitrary things without thinking is doomed to failure, whether they're native applications or "sandboxed" scripts, because the sandboxes are never perfect.

The human brain is the only perfect anti-virus utility in existence.

Re:people still use antivirus software?

Your approach requires that people use their brains. Most people are incapable of doing that, so it cannot work. Anti-virus programs are needed by the vast legions of people to whom computers are "magic".

Re:people still use antivirus software?

Actually, if your anti-virus program stops your operating system from functioning, it CAN stop you from getting viruses.

Re:people still use antivirus software?

Which is all well and good, until you take a brand new flash drive out of its sealed container and get infected with malware that was slipped in at the factory. And that's, of course, ignoring Trojans, attachments, and all of the various other infection vectors that you're completely ignoring.

Anyone who deals with computer/network security knows that there is nobody, regardless of experience or technical aptitude, who is "too good" to get malware.

Re:people still use antivirus software?

[dontclapthrowmoney]

I went to a Sophos event once (mostly because it was catered...), the only content I remember was one speaker who spent 10 minutes of his presentation time showing various screenshots of web sites and asking the audience whether they were phishing scams, or the real thing. Towards the end it was very difficult, and this was an audience of technical IT people.

I also don't trust an OS once it has been compromised, and I agree that actually thinking/paying attention is vital to complete security. For me it is a question of risk mitigation. I've had an AV signature update cause problems, more than once. I'm also aware that I'm basically a couple of unthinking mouse clicks away from running something malicious.

AV isn't that expensive to protect against brain fade.

Re:people still use antivirus software?

[Opportunist]

Erh... no.

Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.

First of all, there is very, very little "new" malware. Ok, there's lots, but very, very little thereof actually becomes a problem. There are only so many that actually become a worldwide problem. What happens is that big malware packages that actually constitute a problem come in thousands, if not millions, of variants. Often just differing in some minor points, like their C&C server, their encryption, their packaging... think of a biological virus that mutates just a little while having essentially the same payload. Modern AV toolkits come with very sophisticated heuristic algorithms that can to some extent find simple mutations easily, as you can easily see if you watch the various AV kit tests closely. To test it, they take a signature file from a few months ago and test how many of the more recent attacks they can identify. It's not perfect, but some come close to 95%. No, that is not perfect. But we're far from "can only identify after the fact".

And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.

There is always the option to boot your machine with a known-clean OS and run a scan, which is bundled with pretty much all AV toolkits worth their salt today. Usually the CD you get with your AV toolkit is a Linux boot disc with a fitting scanner, most of the time working in a way that you slip in the DVD, boot the machine, get updates for the signature and have it scan your machine. If you don't feel like buying a AV toolkit, some of those scanners are also available online or as part of computer magazines.

The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do.

This is unfortunately NOT possible to do. At least if running Windows. And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target.

You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.

The human brain is the only perfect anti-virus utility in existence.

You expect the average computer user to use it? I do not know what rays come out of computers, but it must be some kind of stupifying rays, they can turn people holding PhDs into bumbling fools. The alien mindbenders from Zak McKracken could not have come up with a better device.

Re:people still use antivirus software?

[NJRoadfan]

Despite it being pretty old, Vundo is still alive and well, just in a slightly different variant every couple of months. I suspect it will become less common over time as people finally move to Windows 7 as most will be using the 64bit version, which Vundo can't really infect (it injects code into running system processes, which must be 32bit). Macs were targeted, and it seemed to be pretty effective (and profitable) host for malware.

Re:people still use antivirus software?

new flash drive out of its sealed container and get infected with malware that was slipped in at the factory. And that's, of course, ignoring Trojans, attachments, and all of the various other infection vectors that you're completely ignoring.

What?

If you auto-run things from random media put in your computer, that's exactly what the GP was talking about. Don't do that, it's idiotic.

Same for running random attachments.

What you say makes no sense. Those are all things you shouldn't be doing, and if you DO them, you're just begging to get pwned. That's the GP's point. Use your brain.

Re:people still use antivirus software?

[Hatta]

You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.

I know my browser has security holes, which is why I don't run any scripts that I don't need to. I know Adobe's software is full of holes, which is why I run Sumatra PDF when I'm on Windows. I know that these are not perfect security measures, so I run both of these apps under a limited user account.

These are pretty simple precautions, and much easier to deal with on a practical basis than antivirus.

Re:people still use antivirus software?

[Hatta]

I should have added this to my previous post. These measures are also much more effective than antivirus. For example, my boss has had several viruses on his computer in the past year. Not one of them was detected by the university mandated antivirus, or his own antivirus. They were all detected simply by noticing the computer was behaving strangely.

On the other hand, I disabled the university antivirus, and simply use the precautions I mentioned earlier. I haven't had one noticable infection. I could have some sort of dormant or asymptomatic virus on my machine, but judging by my boss's experience antivirus software doesn't detect those anyway.

Re:people still use antivirus software?

Autorun's not the only way to deliver malware with a flash drive, and not every infected email attachment is a "random attachment" from an unknown or unrecognized sender. And those are only two of the more obvious examples from the dozens upon dozens of vectors an everyday user is exposed to. You've got the same kind of inexperienced mentality as the people who assume you have to get viruses from porn sites and software piracy. There are plenty of infection vectors that don't rely on outright stupidity, and no one can avoid them simply by being "too smart" for them. Nobody is disagreeing that people, in general, need to exercise a lot more common sense when it comes to what they're doing, but no experienced security professional in their right mind would ever say that you don't need malware protection if you're "smart enough".

Re:people still use antivirus software?

[a_claudiu]

And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target

I heard this quote/excuse same time ago but I still do not believe it. Most of the servers are running Linux and a server it's a bigger target than a home computer. For the moment being Linux is safer. The user space is more strictly enforced than a Windows machine. Looking historically Linux came from a server platform with strictly enforced security and move to a desktop/more user friendly distribution, and Windows started as a single user OS and goes to a more multi user platform. The legacy of both systems is still making a difference now. Not that Windows didn't made big steps but the legacy is still there.

Re:people still use antivirus software?

For the moment being Linux is safer.

Mostly because nobody targets "Linux", they target shitty PHP apps that could just as easily have been running on windows and still let people in the front door.

Re:people still use antivirus software?

OK, well, it's exactly this simple.

I don't get viruses. I've been using computers since the 8 bit days, and I don't get them. Ever. Yes, I have verified this.

Yet, the people who keep saying how hard it is to avoid malware, seem to keep getting them.

The simple reality is that I seem to know something about it that they don't. You can listen to someone who *objectively* does better on this front, and try to learn, or you can keep believing that computers are some magical devices that are incomprehensible, behave in random ways, and that no one is capable of understanding how to avoid getting malware.

Somehow, the people who seem to have all the virus problems never seem to want to listen, though. All they want to do is proclaim how it's impossible to do what I seem perfectly able to do and have been doing for decades.

Re:people still use antivirus software?

This is unfortunately NOT possible to do. At least if running Windows.

And yet, I manage to do it just fine. So the question you should be asking yourself is: why is it that I can do what you claim is impossible?

I've been using Windows since 3.1 (currently on Win7), and Linux since the late 90's (currently on Precise), and Android for a year. I've yet to get malware on any platform. I occasionally run a scan just for grins, and nothing has ever been found. There's been no unknown network activity, and no unexpected behavior, and no triggers from MSE or anything else I've ever run to check for it.

So since I, and plenty of other people too, seem able to do what you claim is not possible, perhaps you need to reevaluate your assumptions. This is not some magical ability I have. I am not radically smarter than most people: I'm just an ordinary person. Yet, I seem able to do what you claim is impossible.

Perhaps the people who seem have virus problems over and over again need to start listening to the people who don't, instead of telling us that it's "impossible". When we say things like, "don't click on shit like CuteDancingKittens.exe", *we're trying to help*. We're not in possession of some high-priest-like knowledge. Using simple common sense, some of us have been virus free for *all of our computing history so far*. It amazes me that people will claim this is impossible. It's not only possible, it's downright easy.

I've looked into this a lot, on people's machines that have been infected. Invariably, they did something I told them *not to do*, and then got jacked. It's bizarre! I give people about 5 or 6 simple rules that prevent about 99% of malware, and whenever I look, they did one of those 5 or 6 things.

Me: Don't do X. It's dangerous and you will get malware if you do.

... time passes....

User: My machine got jacked! Help me!
Me: What did you do?
User: I did X.
Me: Well, I told you not to do X, and that if you did, you'd get jacked. You did X, and you got jacked, just as I told you you would. I'm going to fix this, but you should stop doing X. It's dangerous, as you can now see first hand. If you do it again, you will get jacked again.

... time passes...

User: My machine is jacked again! Help!
Me: What did you do?
User: I did X.
Me: (after about 4 repetitions of this) .... sigh.... Go fix it yourself. I hear Best Buy will do it for a hundred bucks or so.

Re:people still use antivirus software?

[TheLink]

10 minutes of wasted time. People who know what they are doing don't decide whether sites are phishing scams or not by using screenshots, or by how they look.

If a phisher does things "properly" the phish site should look EXACTLY like the real thing, and it should even have the same stupid check pictures/words that some sites like to have.

You'd do stuff like check the certificates, including who they are signed by, and contacting the bank if you think their site has been pwned. Get some sort of document trail - so if they say it's OK and it's not you have more ammo against them. Yes I have chosen to not sign on to a bank when I thought their certificates were suspicious (the cert changed, the CA changed and the cert type changed to a multiple country one) - the bank got back to me later and said it was OK.

Re:people still use antivirus software?

Huh you think linux servers aren't pwned regularly? They are! Where do you think phishers get some of their phishing servers from? Drive-by malware stuff ends up on pwned linux servers for distribution too. You can put the blame on PHP if you want, the Windows fans can put the blame on Adobe and PHP too.

Windows, Linux, whatever, no big difference. In practice both have primitive security systems. Pwn the user, get full access to the user's data, get to do everything that user can do. Which is pretty darn stupid.

Yes you can use stuff like SELinux but good luck with that- it's more painful than it should be. As for AppArmor - I've seen some default Ubuntu apparmor profiles that were rather useless if you actually cared about security.

So you have to make your own SELinux/AppArmor "profiles" if you care about security - but you then need to know what you are doing. Thing is if you know what you are doing, Windows is about as safe too! Maybe slightly less safe, but not really by much.

Re:people still use antivirus software?

[Opportunist]

To you, yes, maybe. To the average user, hardly.

I'm also pretty sure the average mechanic dreads the mass of computer gizmos in today's cars that make tinkering with it near impossible, while the average standard guy certainly welcomes them because now he gets a pretty good idea what's wrong instead of that simple "failure" light going on... or that engine stopping without any good reason.

The point is that you're an expert for the machine you're using. You're a minority, though. 99% or more of the people using computers know little to nothing about its inner workings and often don't even know what dangers exist, let alone take precautions.

And while using alternative software is an option for you, it's a completely different matter with organizations who have to conform to some standard, either because of internal rules or external certification requirements.

And even limited user accounts don't amount to much if it's the normal account that is always logged in, for everything from playing games to doing online purchases. If there's only one user account used for everything, it's pretty moot whether I infect the "whole machine" or just this one account. Although, I give you that, it's harder to hide when I don't get ring0 privs. Then again, it should be trivial to wait until you install the next piece of software that needs a reboot, hook my routines behind it and have it ask for admin privs when the computer restarted. Chances are pretty good that you'll think it's part of the software you just installed.

The point is, it's still rather easy to trick the user into clicking that "accept" button. Mostly because installation routines tell you exactly jack about what they really do. How many programs do you know that actually tell you WHY they need those admin privileges to install something as trivial as a game?

Re:people still use antivirus software?

[Opportunist]

Don't get me wrong, but the statistician in me says that your sample size is a tad bit small...

Re:people still use antivirus software?

[Opportunist]

There is a very simple reason for this: Servers are usually run by admins who not only know what they're doing but also part of a company that has some rules concerning software used. They can't simply download any crap from anywhere and install it, much like private users would. The main attack vectors simply don't apply to commercial servers:

1. Manipulated webpages and browser bugs: Business servers are not used to browse the internet.
2. Mislabeled software (malware disguised as some tool): Gets weeded out in the approval process and the installation on the test machine.
3. Spam-links: Even if the admins were stupid enough, see 2.

You will also notice that it's not Windows Servers in a business environment that are amongst the most infected machines. It's desktop machines. And, let's be frank here, Linux on the desktop didn't really reach the Joe Average user group yet.

Re:people still use antivirus software?

[Opportunist]

Allow me a car analogy, if I may be so bold.

Have you ever had a car accident? If not, why use safety belts? You're a safe driver, but still you buckle up, just 'cause it's the law (or not, depending on where you live)? Or because it just MIGHT save your life one day?

An AV kit is pretty much the same. Yes, I have not had an infection (other than deliberate ones to study the pests), but then again, I'm not 100% fully and absolutely alert all the time when sitting in front of the machine. One wrong click is all it takes, just once hitting the wrong link and you just don't know what just happened. Yes, chances are rather slim, but then again, I've seen it happen. It's far from impossible. Nobody is keeping you safe from mistakes.

It's nice to know that there is another layer of security. It's one of those "just in case" things. Freaky stuff happens occasionally. Like, say, clicking exit from a game, the game not responding right away, you clicking again, the game closing JUST at that moment and you hitting the link in the browser that was open behind it...

Re:people still use antivirus software?

Sure, let's go with car analogies :).

There are two sets of people. The first set is the majority. They are having having one car accident every few weeks, even one every few days for some of them. They're nearly all caused by one of a small number of factors: things like mashing the accelerator instead of the brake in their garages, or pointing the car directly into oncoming traffic. Not random one-off events that are out of anyone's control, but things they *directly do* which cause the accident.

There is another set of people who drive for decades and have had no accidents. Not a single one.

The second set isn't trying to tell the first set that seatbelts are a bad idea, only that they don't prevent these accidents, and that wearing one isn't necessarily going to save you from death or severe injury. The first group insists on wearing seatbelts "for safety" while continuing to drive into walls and opposing lanes of traffic on a weekly basis. Further, it claims the second group can't possibly exist, because everyone knows that to drive a car means having an accident every few weeks. There's just no way to avoid these accidents! All we can do is wear these seat belts, you see, and keep running our vehicles into things.

The second group keeps trying to tell the first group *exactly how to avoid the accidents*. Look, you steered into the opposing lane of traffic and hit a bus. That's the same thing you did last time, and the time before, and the time before that, and the one before that. Yet they keep doing this, again and again and again, refusing to listen to the set of people who never seem to be running into buses.

Sure, a few of the second set might have an accident once in a very rare while. The point is that the other set is having ten thousands times as many accidents per person, and they'd be WAY safer by learning to not to drive into buses even if they give up wearing their seat belts, than they are by wearing seat belts and hitting two buses a month.

Re:people still use antivirus software?

[Kalriath]

The user space is more strictly enforced than a Windows machine. Looking historically Linux came from a server platform with strictly enforced security and move to a desktop/more user friendly distribution, and Windows started as a single user OS and goes to a more multi user platform.

Who cares? Malware these days doesn't need ring-0 access. It doesn't need kernel access. All it needs is the ability to watch keystrokes in userland, and to open outbound connections on port 25 (and maybe 80). Whether the user space is "more strictly enforced" is irrelevant.

Re:people still use antivirus software?

[Opportunist]

But I guess we can agree that the safest practice is still to have a seat belt and drive like you don't have one?

Re:people still use antivirus software?

And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target.

As a person with 30+ years of experience on Win and *nix platforms tells me quite a different story about safety.
Do tell me if Microsoft network is run on a Windows server... Oh yes, Google just called, they are going to make their next data center by binding together huge amounts of Win2008 servers with velcro and bubblegum.
Now get off my lawn, you ignorant pimple-farmer!

419 Scam

Is this post from another country?

How does the interim solution work?

[vlm]

How does the interim solution get implemented if the machine won't boot?

In ye olden days, if you compiled a new linux kernel, deleted the old one, forgot to run lilo, it doesn't reboot, then the solution was to boot and run lilo, which was a task that separated the men from the boys, err it wasn't that difficult, maybe separated the 7 year olds from the 6 year olds or whatever. Anyway...

Also a note to the editors, that link would have been a million times funnier if it pointed to a ubuntu.com live cdrom/dvd/usb image, or maybe the android-x86 project, which is really quite usable.

"Most people" don't need much more than a working web browser. Even at work, "they" were recently f-ing around with a firewall and managed to block ssh, so I installed ajaxterm to work around that, and I mostly use the webmail page anyway, so all I really need at work is a working browser. I would not want to use ajaxterm on a regular basis 10 hours a day, but its survivable in a pinch until the firewall guys get their stuff together. For example I really enjoy how it floods the logs unless you do extra work....

Re:How does the interim solution work?

That's what safe mode is for. You press F8, select safe mode, disable the snake oil and reboot.

Re:How does the interim solution work?

[dyingtolive]

You might try GateOne. It's much slicker than AjaxTerm. You need a HTML5 WebSockets capable browser, but it's actually responsive.

Re:How does the interim solution work?

[BackwardPawn]

How does the interim solution get implemented if the machine won't boot?

Magic, how else?

Re:How does the interim solution work?

[mcgrew]

How does the interim solution get implemented if the machine won't boot?

External media. CD, USB, whatever is handy. That's another way Linux is ahead of Windows, you can usually fix an unbootable computer easily.

I had a similar situation with McAfee

[Gotung]

Though not nearly as bad. I trialled a small business product designed to make managing your AV/Firewall across multiple computers easy via a central web interface. It was all great in concept, except the default configuration for the individual install blocked itself from communicating with the central service. And while managing everything on the web interface was slick, attempting to fix the configuration on the installs without the benefit of that centralized web interface was a huge pain in the ass. Needless to say, that trial didn't convert to a sale.

Editors, do your job!

"Seem[s] [anti-virus vendor] Avira"..."is causing the 32-bit version of Windows to block almost all critical application[s]."

Apparently the S key is included in the set of critical applications. Seriously, editors; read the submissions or hire a copy editor!

causing the 32-bit version of Windows to block al

I fail to see the problem...
Isn't this its purpose?

It's funny how my secret word was "payments"... :)

So, it works.

[PPH]

Too well.

Very effective security.

[doctormetal]

This is a very effective security measure. If your system cannot boot it cannot get infected.

Re:Very effective security.

[Wattos]

yes, and if it is infected, the virus cannot do any harm!

Artificial intelligence

[Stellian]

It's a classic case of artificial intelligence vs. human stupidity. The artificial intelligence algorithm employed by Avira for keeping computers secure has determined that the only way to achieve real security for most users it's to turn the PC into a brick. Some people are simply too stupid to wander online unsupervised, so it's for their own protection. If you can restore your computer to normal operation, you have just passed the test and you are worthy of computer access.

Re:Artificial intelligence

[danomac]

I thought that should be funny more than insightful, but oh well...

It sounds like the free version is unaffected. I find that kind of interesting, you wind up paying for more features that invariably breaks your machine..

I guess I'll find out if the free version is affected, as I've installed Avira Free on a few people's personal computers. They'll probably think they've gotten a virus and bring it back to me for repair.

Re:Artificial intelligence

[fast+turtle]

No. It's not an AI test. Instead it's aliens trying to determine if there's inteligent life here.

Re:Artificial intelligence

[Lisias]

No. It's not an AI test. Instead it's aliens trying to determine if there's inteligent life here.

Stubborn aliens these of you! :-)

Re:Artificial intelligence

[HybridST]

"I thought that should be funny more than
insightful, but oh well..."

Once upon a slashdot past funny mods gave karma. These days though the better the laugh, the insightfuller the mod. How times have changed!

Re:Artificial intelligence

[hairyfeet]

That would be like saying "anybody that can't rebuild an engine shouldn't drive" which is stupid. nobody can be an expert on everything.

For my customers as well as my family i recommend either Comodo Internet Security or Avast Free. Comodo is free for business OR home use but until recently needed more fiddling as it does have some pretty fine grained control, but now its default mode is just as simple as Avast, pretty much install and go. Both have sandboxing as default for the browser and both do scan before load on webpages so either one will do the trick and keep most users perfectly safe without having to know anything.

Personally I am leaning towards Comodo as Avast does pop up occasional offers for their other services, but either AV is good and AFAIK neither have had any "lets make the PC unbootable!" problems, at least as long as i have been recommending them which is a couple of years. if you have a clueless relative and want to give them Avast just use Ninite. all you have to do is send them the link and tell them to check the box, couldn't be simpler.

Now *that's* secure

[Klync]

Just need to encase the PC in cement and bury it at sea, and then those evil hackers will never be able to get to it! ... of course, that's going to cost you extra....

It happened to me...

[Brandano]

I only use Windows to play games (the ones that can cause some issues under Wine), so it wasn't that big a deal. Anyway, I had avira blocking explorer.exe and cmd.exe from running. Luckily they still ran fine if I logged in as administrator, so I just added them to the list of exceptions, and seems to work properly now. At least good enough for my scope, which is playing games. No big loss, though, Skyrim works perfectly fine in Wine....

Re:It happened to me...

[networkzombie]

You run Antivirus on a gaming only machine? With the firewall turned on how would you expect to get a virus?

Re:It happened to me...

[ABCC]

Installing pirated games, perhaps?

Re:It happened to me...

Or installing add-on packs, maps, mods, browsing gaming sites, etc. etc.

Re:It happened to me...

Iv'e gotten viruses from many "free to play" games. QA issues aren't limited to the AV firms.

Its a feature

[slackerfilm]

If you can't fix it, feature it.

At least that is the mantra at my company.

Re:Its a feature

[BackwardPawn]

You work for Apple? And how does that work in this case:

Avira--ask about free bricking!

Re:Its a feature

[slackerfilm]

You work for Apple? And how does that work in this case: Avira--ask about free bricking!

Guaranteed virus protection if you can't log into your computer.

Re:Its a feature

[BackwardPawn]

touche. This is why I'm not in marketing.

MS Security Essentials

This would never happen with MS Security Essentials. Free, effective, fast antivirus. Doesn't popup shit in your face or use language and graphics indistinguishable from malware. Systray icon looks like a green milk box with a straw coming out.

Stop buying these turds.

Total failure

[afidel]

How have the AV companies not come to realize that they need to have an automated testing lab where they apply the newest update to every variant of Windows and have the machine reboot and then run a test suite? Even basic QA should have caught this level of stupidity. In the six years we ran Trend the only problem we ever had was extreme slowness on our Notes servers, it turns out they didn't have a Notes server in their lab and none of their early adopter program participants were running Notes either. We talked to the head of QA and he assured us that they would add a Notes server to their test environment, that was QA done properly.

I've seen this before

[ericloewe]

My list of serious bugs in AV products:

Panda (ancient versions) - failed to install correctly, impossible to uninstall. Two botched Windows XP installations.

BitDefender (relatively recent) - very messed-up definition file marked ALL executables as infected, putting them in quarantine. I still have the feeling any malicious executables would not have been marked.

Kaspersky 2012 - screws up Windows Home Server (v.1 and 2011) connector, has to be disabled for backups to work

McAfee - Won't even protect anything if the license has expired. Still bloats up your computer, though.

Norton - everything you've heard is true. It's impossible to uninstall, it's a resource hog, blocks stuff randomly...

The one exception so far is MSE - considering the amount of malware the others have caught so far (less than 10 times, if you count tests as detections), how light it is and how it doesn't piss you off, it's my favorite.

Re:I've seen this before

[Intrepid+imaginaut]

I've had good results with ClamAV on a USB drive, together with spybot S&D, Hijack This, and portable Firefox, there ain't much that combination can't deal with.

Re:I've seen this before

[tokul]

The one exception so far is MSE

There are two more exceptions. Microsoft Antivirus and snake oil. Both offer no real protection for your PC. Not sure MSE offers more. AV can't be lightweight without taking shortcuts in security checks.

Re:I've seen this before

[ericloewe]

MSE does take shortcuts (though newer versions are better at actually protecting your computer).

However, personal experience just tells me that the bloated laternatives don't help much anyway.

Re:I've seen this before

Eh, an AV cannot work AT ALL without taking shortcuts at security checks.

Wow

[lwriemen]

An anti-virus software that gets to the root of the problem! :-)

Who wrote this software?

Who wrote this software?

It's blocking RUNDLL32.EXE and CMD.EXE.

70 million downloads? Absurd.

This is what you get when the PHB cuts QA / testin

This is what you get when the PHB cuts QA / testing

So...

[denmarkw00t]

Does anyone have a quick writeup of what versions of Windows are affected? The...summary...declares "32-bit versions of Windows" - so, just 32-bit - is that everything? Does it stop at XP? What about some poor fool running Windows ME - how is s/he going to cope or does s/he even have to worry? Is it really just 32-bit Windows versions or will this affect a 64-bit Windows install running a 32-bit version of Avira? I really appreciate it when we get a summary with no actual article on it, just links to Avira's forums and website.

Re:So...

[Man+On+Pink+Corner]

They probably did what I tend to do -- develop on 64-bit Windows and then completely forget to test the Win32 build.

New Mod Needed

[SuperKendall]

What would be great is if Slashdot introduced a new moderation which was "better summary", 20 up votes and the summary in the post would replace the main one...

Re:New Mod Needed

[Jeng]

That is actually an interesting idea, I wonder how the trolls would abuse it.

And just to be clear, even though it would be abused by trolls, that isn't a reason to not try it.

WOPR heuristics.

[gatfirls]

....decided the only winners in the game don't play.

Lupis

Funny how the cloud resembles the immune system.

Re:causing the 32-bit version of Windows to block

Did anyone else who saw the subject line and first couple lines think "oh god another APK link-fest post" before scrolling further?

If Premium disables the machine

[Ukab+the+Great]

Does the Lite editing cause your machine burst into flames and burn down half your house after posting compromising photos to Facebook?

Finally. . .

. . . antivirus software that keeps the Windows virus from spreading!

Looking for alternative

Not just because of this, but also because Avira is getting too pop-up-y. One of the primary reasons you want an AV program is because you don't want pop-ups, so I'm looking for an alternative. But I've heard nothing but horror stories about the competition. Can anyone recommend a good alternative? Requirements:
- Must be free, otherwise it does more damage than a virus would.
- No resource hogs please.
- No popups.
- Good protection, including on-access protection.

These are the same geniuses...

[nuckfuts]

that recently had Avira anti-virus identify itself as malware:

http://www.theregister.co.uk/2011/10/26/avira_auto_immune_false_positive/

Nothing new here, but some advice.

[kyrio]

If AV vendors really want to stop this from happening again and again, all they need to do is give premium users (paying customers) an USB dongle that has some sort of encrypted something that disables the software when it's read. The software just has to check for this dongle every time the computer reboots/the software starts. How do you keep viruses from using this killswitch to disable the AV software? I don't know, but I'm assuming some sort of encrypted something that's decoded using something that has to do with the customer's serial (or whatever the vendor uses) would work. In fact, the same dongle might be useful to activate the software, and even perform other functions, as well. It's not like it would cost much to implement this, either.

Linux server level security in 2011-2012... apk

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:

Re:Linux server level security in 2011-2012... apk

Moddowns of facts in post parent to mine's lame. Truth HURT, Penguins? It must because this was modded down DAYS after it was 1st posted.

Modding down my posts don't hide truth

In the post parent to this one I just replied to, & here too http://tech.slashdot.org/comments.pl?sid=2851381&cid=40051935

APK

P.S.=> Are you "penguins" SO WEAK & unable to face truths that ALL YOU HAVE/BEST YOU HAVE, is unjustified moddowns vs. facts I posted? Apparently so... thus, "U FAIL", fools... apk

Linux "security" 2011-2012... apk

Modding down my original post to hide truths & facts in it? Ok, insta-reply/"Play it again Sam":

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, Gl

LMAO - Like I said earlier

Moddowns aren't going to hide truth & facts here -> http://tech.slashdot.org/comments.pl?sid=2851381&cid=40089047 so, like before? Well... since you're a cowardly WORM who's attempting to "hide" facts/truths I posted here originally? I'll just post them again, & let you BLOW YOUR MOD POINTS (saving some other person your unjustified moddowns b.s. you use worm)!

APK

P.S.=> So, get ready to blow some more of your mod points downmodding this, because I'll just post my list of facts & truths on "Linux security" once more too to UNHIDE your attempt @ hiding them... lol! This is just "too, Too, TOO EASY"... apk

Re:LMAO - Like I said earlier

I haven't "blown" a single mod point. Just clicked "Report" and let a site admin waste one of their unlimited modpoints on you.

Linux security 2011-2012

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:

Ur SO "believable", stalking/harassing as AC

"I haven't "blown" a single mod point. Just clicked "Report" and let a site admin waste one of their unlimited modpoints on you." -

Sure, sure - ac trolling/stalking/harassing as you are now, you're "believeable"... even IF that were the case? Well, lol, even simpler:

I won't ALLOW that, ala reposting the FACTS I DID, here yet again -> http://tech.slashdot.org/comments.pl?sid=2851381&cid=40118801

(She's RIGHT BACK INTO VIEW, facts & all, that you TROLLS can't seem to disprove... which pretty much "says it all", as to BOGUS downmods done to my original post!)

* That's right, troll - I win, as always... especially vs. BOGUS unjustified downmods & "all-powerful admins" (lol, NOT).

APK

P.S.=> That solves THAT, "lickety-split/no-shit", easily... lol, thus? I win... as always!

... apk

"Fine Linux Security" (NOT) 2011-2012

None of your bogus downmods can hide facts boys...

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these a