Slashdot Mirror
Avira Premium Anti-Virus Bug Disables Windows Machines
New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."
Couldn't we be using Avira at work?
Then I could go home and play Diablo.
I like you, Stuart. You're not like everyone else, here, at Slashdot.
Still think this is good advice? Worse is when the vendor forces the update silently w/o informing the user. Then suddenly your PC is broke or browser and you don't know why.
My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
I guess that's one more to add to my list of AV products I recommend against.
But hey, they'll give you a month free subscription for your troubles*.
*Hyperbole, they'll most likely give users nothing.
Cheers!
"Helping to keep you two steps ahead of the Thought Police!"
It seems Avira is taking a page out of McAfee's playbook.
When AVG caused a boot failure several years ago I switched started switching everyone who asked to Microsoft Security Essentials; still seems to be the best free one. At work I'm happy with NOD32; I suppose that they could have a similar problem, but they've been really good so far.
This is a very effective security measure. If your system cannot boot it cannot get infected.
It's a classic case of artificial intelligence vs. human stupidity. The artificial intelligence algorithm employed by Avira for keeping computers secure has determined that the only way to achieve real security for most users it's to turn the PC into a brick. Some people are simply too stupid to wander online unsupervised, so it's for their own protection. If you can restore your computer to normal operation, you have just passed the test and you are worthy of computer access.
I only use Windows to play games (the ones that can cause some issues under Wine), so it wasn't that big a deal. Anyway, I had avira blocking explorer.exe and cmd.exe from running. Luckily they still ran fine if I logged in as administrator, so I just added them to the list of exceptions, and seems to work properly now. At least good enough for my scope, which is playing games. No big loss, though, Skyrim works perfectly fine in Wine....
Erh... no.
Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.
First of all, there is very, very little "new" malware. Ok, there's lots, but very, very little thereof actually becomes a problem. There are only so many that actually become a worldwide problem. What happens is that big malware packages that actually constitute a problem come in thousands, if not millions, of variants. Often just differing in some minor points, like their C&C server, their encryption, their packaging... think of a biological virus that mutates just a little while having essentially the same payload. Modern AV toolkits come with very sophisticated heuristic algorithms that can to some extent find simple mutations easily, as you can easily see if you watch the various AV kit tests closely. To test it, they take a signature file from a few months ago and test how many of the more recent attacks they can identify. It's not perfect, but some come close to 95%. No, that is not perfect. But we're far from "can only identify after the fact".
And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.
There is always the option to boot your machine with a known-clean OS and run a scan, which is bundled with pretty much all AV toolkits worth their salt today. Usually the CD you get with your AV toolkit is a Linux boot disc with a fitting scanner, most of the time working in a way that you slip in the DVD, boot the machine, get updates for the signature and have it scan your machine. If you don't feel like buying a AV toolkit, some of those scanners are also available online or as part of computer magazines.
The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do.
This is unfortunately NOT possible to do. At least if running Windows. And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target.
You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.
The human brain is the only perfect anti-virus utility in existence.
You expect the average computer user to use it? I do not know what rays come out of computers, but it must be some kind of stupifying rays, they can turn people holding PhDs into bumbling fools. The alien mindbenders from Zak McKracken could not have come up with a better device.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How have the AV companies not come to realize that they need to have an automated testing lab where they apply the newest update to every variant of Windows and have the machine reboot and then run a test suite? Even basic QA should have caught this level of stupidity. In the six years we ran Trend the only problem we ever had was extreme slowness on our Notes servers, it turns out they didn't have a Notes server in their lab and none of their early adopter program participants were running Notes either. We talked to the head of QA and he assured us that they would add a Notes server to their test environment, that was QA done properly.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
My list of serious bugs in AV products:
Panda (ancient versions) - failed to install correctly, impossible to uninstall. Two botched Windows XP installations.
BitDefender (relatively recent) - very messed-up definition file marked ALL executables as infected, putting them in quarantine. I still have the feeling any malicious executables would not have been marked.
Kaspersky 2012 - screws up Windows Home Server (v.1 and 2011) connector, has to be disabled for backups to work
McAfee - Won't even protect anything if the license has expired. Still bloats up your computer, though.
Norton - everything you've heard is true. It's impossible to uninstall, it's a resource hog, blocks stuff randomly...
The one exception so far is MSE - considering the amount of malware the others have caught so far (less than 10 times, if you count tests as detections), how light it is and how it doesn't piss you off, it's my favorite.
Does anyone have a quick writeup of what versions of Windows are affected? The...summary...declares "32-bit versions of Windows" - so, just 32-bit - is that everything? Does it stop at XP? What about some poor fool running Windows ME - how is s/he going to cope or does s/he even have to worry? Is it really just 32-bit Windows versions or will this affect a 64-bit Windows install running a 32-bit version of Avira? I really appreciate it when we get a summary with no actual article on it, just links to Avira's forums and website.
....decided the only winners in the game don't play.
Nobody has ever produced a single email or a distruntled employee rating out or any other kind of actual hard evidence that any company is paying for comments on slashdot of all places - a mostly irrelevant website in the larger tech world. Although, depending on your level of personal narcisism you might have an overinflated sense of importance of the things that in reality nobody is paying attention to.
THIS. Does anybody out there really think corporations are going to spend real money paying people to argue with anonymous idiots on a site that 99.9% of the population doesn't even know exists? Someone please explain how Slashdot has any sort of "sway" in the consumer electronics industry.
"But this one goes to 11!"
that recently had Avira anti-virus identify itself as malware:
http://www.theregister.co.uk/2011/10/26/avira_auto_immune_false_positive/