Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

A Bad Week for Symantec

Posted by CowboyNeal on Thu Mar 01, 2007 08:21 PM
from the seen-better-days dept.
Security Software IT
Evan Hughes writes "NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. — all in less than a week. In what seems to be a string of stupid mistakes culminating in the infection of CNN-parent Turner Broadcasting Systems by Rinbot— a virus dedicated to the eradication of Symantec from the known world."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

A Bad Week for Symantec 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • maybe... (Score:5, Funny)

    by User 956 (568564) on Thursday March 01 2007, @08:25PM (#18201472) Homepage
    NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. -- all in less than a week

    Maybe they're not mistakes... maybe it's just a form of viral marketing.

  • With all due respect... (Score:4, Interesting)

    by devphaeton (695736) on Thursday March 01 2007, @08:25PM (#18201474)
    ....in my experience modern Symantec products such as Norton Internet Security is the most malicious, but successful form of malware ever. It actually gets people to pay money for the product, and in a lot of cases, pay other people to install it and keep it on their system.

    I'm so glad I moved out of software maintenance and into hardware maintentance. Now I just wipe harddrives clean as a whistle and make sure the hardware works. Such a load off!

  • No great loss (Score:5, Insightful)

    by ravenspear (756059) on Thursday March 01 2007, @08:30PM (#18201530)
    Every experience I have ever had with a Symantec product has been utterly terrible. Generally they cause more problems than they solve.
    • Symantec: more full of bugs than a frog on a binge.

      • Re:No great loss (Score:5, Interesting)

        by Radon360 (951529) on Friday March 02 2007, @02:04AM (#18203942)

        Well, somewhere in 1990, Peter Norton sold things to Symantec. They (Symantec) continued to associate themselves with Peter Norton up until 2001 or so. About that time is the consensus that things went downhill. I'm not certain how much involvement Norton had with Symantec up until that point, but I'm willing to speculate that when the two parted companies, that's when Symantec began their transformation into selling the crap they do now.

        Gosh, I miss the good ol' days of Norton Utilities and the like...in DOS nonetheless. Now there was a powerful piece of software that was truly easy to use. The UI actually showed you some shred of respect that you knew what you were doing.

  • So this is kinda obvious, but.... (Score:5, Informative)

    by rasafras (637995) <tamas&pha,jhu,edu> on Thursday March 01 2007, @08:33PM (#18201558) Homepage
    Turner apparently got hit because it had not yet updated the Symantec programs on its computers. A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.

    Hmm hmm hmm people are dumb.

    • Re:So this is kinda obvious, but.... (Score:5, Interesting)

      by Bacon Bits (926911) on Thursday March 01 2007, @09:37PM (#18202238)
      If you'd ever been the person responsible for updating the Symantec Antivirus client, you would not be so quick to judge. LiveUpdate only handles scanning engine updates and virus definitions. Anything else is a huge nightmare.

      I don't like Symantec products because they make the life of a sysadmin *more difficult*.

  • What kind of anti-virus product only updates once a week (on Wednesdays)... And most importantly, what kind of security company lets its product remain installed without updating?
    To be quite honest, those are all user configurable options, are they not? To think! Some of us may not WANT Symantec to hold our hands when it comes to maintaining our AV installs. Can you really hold Symantec liable for the mistakes of its customers?

    Furthermore, doesn't Free AVG only update once a week as well?

      • Re:Is this guy serious? (Score:5, Informative)

        by SwashbucklingCowboy (727629) on Thursday March 01 2007, @09:50PM (#18202358)

        What kind of virus rule updates would you not want to download?
        The kind that treat widely installed legitimate programs, e.g. Excel, as a virus [com.com].
      • My point is this: the corporate version of Symantec does not automatically install any download rules. They leave this up to the installer who is hopefully capable of properly configuring their update rules and/or updating their servers manually, most likely so that they can properly test the latest virus definitions for errors or anomalies before pushing them in to production. See the comment below that links to the article about Excel being treated as a virus.

        I work for... well, it doesn't matter. In our facility absolutely NO patches or virus definition updates are applied without first being approved by another group whose sole job it is to make sure these pathces don't affect something critical to our operations. Furthermore, we only download our defs from approved (IE our own) sources so as to ensure that we are ONLY downloading what's already been tested.

        In short, we are all professionals and we should be capable of ensuring that our defs are up to date. We don't need (nor will we allow them to in our case) Symantec to hold our fuckin' hands throughout this process. When I install a corporate virus scanner, I fully expect to have to configure the machine policies in order to match our IT policies. If somebody's only updating their definitions once a week, then that's not Symantec's fault. That's the fault of whatever sysadmin was too stupid to properly configure his software.

        That said, I still think Symantec's a piece of shit and I wish we were allowed to use other solutions in its place, but that's not for me to decide. Their management software is no where near as feature rich as EPO, and I seem to have to spend more time dealing with Symantec issues than I do with EPO issues. (Because, yes, we do monitor our machines each day to ensure that they are updating properly. CNN we are not.) Please don't think for a minute that I like defending Symantec. I just believe in placing the blame properly where it belongs, and in this case it's the idiot sysadmins who weren't doing their job.

  • Symantec - semantics (Score:5, Funny)

    by L. VeGas (580015) on Thursday March 01 2007, @08:35PM (#18201580) Homepage Journal
    a virus dedicated to the eradication of Symantec from the known world

    That's not a virus. That's a feature.

  • Why is this is only news now? (Score:5, Interesting)

    by winkydink (650484) * <sv.dude@gmail.com> on Thursday March 01 2007, @08:41PM (#18201662) Homepage Journal
    because CNN is infected?

    1. Estimates are 100-150 million machines are currently part of botnets
    2. Loss estimates exceed 200 billion annually on a global basis
    3. Over 80% of all spam comes from botnets

    Yes, I can cite. Or you can Google. They are all easy to find.

    This is a HUGE problem that is, in many ways, like spam was in 1996 or 1997. The technical community acknowledges it, the average consumer has no clue, and, left unaddressed the problem and associated looses will get much, much worse.

  • Sounds as Though Turner Made One Mistake (Score:5, Insightful)

    by SwashbucklingCowboy (727629) on Thursday March 01 2007, @09:08PM (#18201940)

    A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.
    Turner can't update their software in EIGHT MONTHS? That's not a problem with Symantec, that's a problem at Turner.

    • Updates (Score:5, Insightful)

      by fm6 (162816) on Thursday March 01 2007, @09:31PM (#18202174) Homepage Journal

      People often don't update their software for years at a time. Hey, it costs. Which is why NAV is designed to update itself automatically. You just have to configure it correctly.

      I'm no fan of Symantec. It's perfectly true that they're badly run. Hey, they used to be a lot more than a "security software" company, but all their other business (natural language databases, compilers, IDEs, desktop software, backup software) just died on them. But to blame them for the ineptitude of the CNN's IT department is idiotic.

  • Astroturfing (Score:4, Interesting)

    by jotok (728554) on Thursday March 01 2007, @09:54PM (#18202386)
    Symantec has seen quite a bit of negative publicity in the past year on slashdot.

    I have to wonder how much of it is simply astroturfing by disgruntled former employees? When there's a negative op/ed piece on a "software development and security research" website where none of the SQL even works, I just have to wonder if some no-talent assclown is pissed off because he lost his helpdesk or HR job.

  • First thing I Uninstall is Symantec (Score:4, Interesting)

    by flyingfsck (986395) on Thursday March 01 2007, @09:55PM (#18202400)
    Whenever I have to fix a screwed up PC, MsAfee or Symantec is disabled by the malicious code. So, I always uninstall whatever is on the machine and install something else like AVG or ClamWin.
  • ... Every machine that comes to me for service has one requirement: No Norton. Take norton off, and people are *amazed* at how much faster their machines run.

    I substitute Free-av.com for Norton- better infection detection, less memory overhead, free (with the option of buying a license- I usually guilt them into doing it), and nightly upgrades.

  • Can you say AVAST? (Score:5, Interesting)

    by rizzo320 (911761) on Thursday March 01 2007, @11:30PM (#18203038)
    Although they may hold on to the enterprise market, why even bother with Norton AntiVirus or Internet Security when you can get Avast AntiVirus Personal edition for free! http://www.avast.com/eng/download-avast-home.html/ [avast.com]

    No, I don't work for them, or own stock. They've even updated it for Vista. The cost? Register for a free serial number every 14 months.

    Comodo firewall http://www.comodo.com/ [comodo.com] is nice free step up for those who think they need something more than Windows firewall.

    In the year 2007, there is really no need for a consumer to pay for a product from Symantec/Norton, McAfee, or any other security software vendor that has been fleecing us for the last several years.

    • Re:AVG (Score:5, Funny)

      by nsayer (86181) * <nsayer AT kfu DOT com> on Thursday March 01 2007, @08:57PM (#18201820) Homepage
      every reboot or once a day which ever comes first.

      Since we're talking about Windows machines, I can tell you for certain which comes first.

        • Re:AVG (Score:5, Insightful)

          by Southpaw018 (793465) * on Thursday March 01 2007, @09:50PM (#18202350) Journal
          Seconded. The only time I get reboots is when it's required for a security patch, or the occasional "application freaking the #$@%^& out" kinda thing...servers, workstations, all of 'em. And if it weren't for that, I'd be pushing 90-120 day uptimes on most of my machines. Yes, Windows machines.
          In fact, I'll get you the data.

          Main server has rebooted twice in the last four months for security patches, total ~19 minutes downtime.

    • Re:How much will it take? (Score:4, Insightful)

      by SwashbucklingCowboy (727629) on Thursday March 01 2007, @09:46PM (#18202320)

      How bad does it have to be for people to Stop using windows?
      Really bad. But if everyone started using Linux or OS X then all of their security problems would have a spotlight shown on them.

    • Re:How much will it take? (Score:4, Funny)

      by Lumpy (12016) on Thursday March 01 2007, @09:48PM (#18202334) Homepage
      How bad does it have to be for people to Stop using windows?

      when the OS let's Steve ballmer and Microsoft know when you are in the shouse so a guy can show up dressed as clippy and forcibly anal rape you.

      Yes, it will have to get that bad before the sheeple out there actually switch.

    • Re:Just in time for us to migrate to Symantec (Score:4, Informative)

      by jd142 (129673) on Thursday March 01 2007, @09:55PM (#18202398) Homepage
      I uninstall Symantec Corporate Edition all the time. Works a treat.

      We've got an AV server and all of our clients are managed. We set the server up to check Symantec every two hours for updates and those updates are pushed down to the clients almost immediately.

      Need to install all of your clients to the latest version (say from 9 -> 10)? Click Tools | Install Client Remotely and push it down from a central location.

      We check our clients and any computer that is more than a week out of date is turned on and updated.

      The only reason I can think of that so many people are complaining is because they've only used the consumer version. When we get student laptops we immediately remove it and install the corporate version that is free for them. I've never had a problem uninstalling the trialware version of the AV that ships with so many laptops.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.