Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Software IT

A Bad Week for Symantec 239

Evan Hughes writes "NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. — all in less than a week. In what seems to be a string of stupid mistakes culminating in the infection of CNN-parent Turner Broadcasting Systems by Rinbot— a virus dedicated to the eradication of Symantec from the known world."
This discussion has been archived. No new comments can be posted.

A Bad Week for Symantec

Comments Filter:
  • maybe... (Score:5, Funny)

    by User 956 ( 568564 ) on Thursday March 01, 2007 @07:25PM (#18201472) Homepage
    NeoSmart Technologies has published a scathing editorial regarding 3 high-profile mistakes by Symantec Corp. -- all in less than a week

    Maybe they're not mistakes... maybe it's just a form of viral marketing.
  • by devphaeton ( 695736 ) on Thursday March 01, 2007 @07:25PM (#18201474)
    ....in my experience modern Symantec products such as Norton Internet Security is the most malicious, but successful form of malware ever. It actually gets people to pay money for the product, and in a lot of cases, pay other people to install it and keep it on their system.

    I'm so glad I moved out of software maintenance and into hardware maintentance. Now I just wipe harddrives clean as a whistle and make sure the hardware works. Such a load off!
    • Re: (Score:3, Insightful)

      by bluephone ( 200451 )
      I used to swear by it, but around 2002, it just sucked up too much in the way of system resources. I switched to the Corporate client and got back a lot of CPU and memory, ditched the flashy idiot-targeted UI, and kept the engine. For the past 15 years it hasn't let me down once.
  • No great loss (Score:5, Insightful)

    by ravenspear ( 756059 ) on Thursday March 01, 2007 @07:30PM (#18201530)
    Every experience I have ever had with a Symantec product has been utterly terrible. Generally they cause more problems than they solve.
    • "Every experience I have ever had with a Symantec product has been utterly terrible. Generally they cause more problems than they solve."

      Give this man a kewpie doll http://en.wikipedia.org/wiki/Kewpie_doll_(toy) [wikipedia.org] or mod up, or something.

       
    • by Farmer Tim ( 530755 ) on Thursday March 01, 2007 @08:08PM (#18201946) Journal
      Symantec: more full of bugs than a frog on a binge.
    • Re: (Score:3, Informative)

      by sumdumass ( 711423 )
      You must be reletivly new to their products. They used to have good/decent products but around 2002/2003 it started going downhill fast. I have stopped recomendig them since 2005 or so and get really frustrated when I have to remove them now.

      You right, They suck now. But they used to be half way decent at one time. I don't know what happened.
      • Comment removed (Score:4, Informative)

        by account_deleted ( 4530225 ) on Thursday March 01, 2007 @11:04PM (#18203248)
        Comment removed based on user account deletion
        • Re: (Score:3, Insightful)

          by sumdumass ( 711423 )
          I have used the AVG server and pro versions at a couple locations. I love them. The administration control console thing (if you use the server and a few clients too) allows you to update and push them out, You can schedule scans and checks the status of them. You can even delete the files remotly if neccesary. There is quite a bit of control it gives you. And best of all, the service doesn't take a brand new computer with plenty of memory and proccesing power and make it apear to be some slow piece of yest
      • Re:No great loss (Score:5, Interesting)

        by Radon360 ( 951529 ) on Friday March 02, 2007 @01:04AM (#18203942)

        Well, somewhere in 1990, Peter Norton sold things to Symantec. They (Symantec) continued to associate themselves with Peter Norton up until 2001 or so. About that time is the consensus that things went downhill. I'm not certain how much involvement Norton had with Symantec up until that point, but I'm willing to speculate that when the two parted companies, that's when Symantec began their transformation into selling the crap they do now.

        Gosh, I miss the good ol' days of Norton Utilities and the like...in DOS nonetheless. Now there was a powerful piece of software that was truly easy to use. The UI actually showed you some shred of respect that you knew what you were doing.

    • by nurb432 ( 527695 )
      Guess you never used Ghost.. ( yes i realize they BOUGHT that product, but it is there now. )

      Or PCA ( again, another acquisition ).

      Or Altiris.. err wait, that product sucks anyway :)

      Do they develop anything on their own or just eat other companies now?
  • by rasafras ( 637995 ) <tamas.pha@jhu@edu> on Thursday March 01, 2007 @07:33PM (#18201558) Homepage
    Turner apparently got hit because it had not yet updated the Symantec programs on its computers. A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.

    Hmm hmm hmm people are dumb.
    • by Bacon Bits ( 926911 ) on Thursday March 01, 2007 @08:37PM (#18202238)
      If you'd ever been the person responsible for updating the Symantec Antivirus client, you would not be so quick to judge. LiveUpdate only handles scanning engine updates and virus definitions. Anything else is a huge nightmare.

      I don't like Symantec products because they make the life of a sysadmin *more difficult*.
      • Re: (Score:3, Insightful)

        LiveUpdate only updates the defs for Corporate, but you can easily deploy updates via Active Directory. Corporate is the only good product that Symantec makes. I admined 300+ seats of it. Granted Turner has more than 300 seats, but it took me about 10 minutes to get my 300 seats updated. They have no excuse. Someone wasn't on top of this.
        • by Gary W. Longsine ( 124661 ) on Friday March 02, 2007 @01:44AM (#18204122) Homepage Journal
          One of my clients has a relatively large Symantec AntiVirus deployment (something like 35,000 Windows PCs). I was, among many other things, directly and soley responsible for their Symantec AntiVirus architecture for several years. I assure you that there are many issues which can be easily overcome at the scale of 300 machines which are pretty close to show stoppers at the 30,000 node scale. I agree that Symantec Enterprise Edition is a reasonable AntiVirus product, but its weakest link, ironically enough, are the issues that arise when trying to deploy, operate, and maintain it at the scale of a real enterprise.
          • I administered about 2,500 to 3,000 seats myself. IMX any one patch would arbitrarily fail on about 2-3% of the systems, either because they were disconnected from the network, because they were not installed in the standard way, or for any other various reasons. I wasn't allowed to use AD to deploy updates so I don't know how well that works. I used Altiris. Still, 2% of 300 is 6. That's not so bad. 2% of 3000 is 60, which is a lot for one person to manage if they have other responsibilities. 2% of
    • by killjoe ( 766577 )
      I think that's a copout. If updating your product is not dead easy and absolutely 100% safe and undo-able then you can't blame people for being cautious about their updates.

      How many times have you run a windows update and messed something up? Yea me too. That's why I always wait a while before updating windows. I know it's risky but I am damned if I do and damned if I don't.
  • by RESPAWN ( 153636 ) <respawn_76@NOsPaM.hotmail.com> on Thursday March 01, 2007 @07:35PM (#18201572) Journal

    What kind of anti-virus product only updates once a week (on Wednesdays)... And most importantly, what kind of security company lets its product remain installed without updating?
    To be quite honest, those are all user configurable options, are they not? To think! Some of us may not WANT Symantec to hold our hands when it comes to maintaining our AV installs. Can you really hold Symantec liable for the mistakes of its customers?

    Furthermore, doesn't Free AVG only update once a week as well?
    • What kind of virus rule updates would you not want to download? Is there a particular virus you don't mind getting? Installing an antivirus scanner means you're trusting people with more experience than you to do what they promise and remove malware. It seems that people with your line of thinking can get a job at CNN... just saying
      • What kind ? (Score:3, Insightful)

        by Archfeld ( 6757 ) *
        the kind that crash servers, it is not like they haven't done it before, but for most purposes I agree with you. In a large scale environment with lots of custom apps. you had better be checking these patches prior to general deployment or you WILL get bitten...*speaks from experience*
      • by SwashbucklingCowboy ( 727629 ) on Thursday March 01, 2007 @08:50PM (#18202358)

        What kind of virus rule updates would you not want to download?
        The kind that treat widely installed legitimate programs, e.g. Excel, as a virus [com.com].
      • by RESPAWN ( 153636 ) <respawn_76@NOsPaM.hotmail.com> on Thursday March 01, 2007 @10:27PM (#18203022) Journal
        My point is this: the corporate version of Symantec does not automatically install any download rules. They leave this up to the installer who is hopefully capable of properly configuring their update rules and/or updating their servers manually, most likely so that they can properly test the latest virus definitions for errors or anomalies before pushing them in to production. See the comment below that links to the article about Excel being treated as a virus.

        I work for... well, it doesn't matter. In our facility absolutely NO patches or virus definition updates are applied without first being approved by another group whose sole job it is to make sure these pathces don't affect something critical to our operations. Furthermore, we only download our defs from approved (IE our own) sources so as to ensure that we are ONLY downloading what's already been tested.

        In short, we are all professionals and we should be capable of ensuring that our defs are up to date. We don't need (nor will we allow them to in our case) Symantec to hold our fuckin' hands throughout this process. When I install a corporate virus scanner, I fully expect to have to configure the machine policies in order to match our IT policies. If somebody's only updating their definitions once a week, then that's not Symantec's fault. That's the fault of whatever sysadmin was too stupid to properly configure his software.

        That said, I still think Symantec's a piece of shit and I wish we were allowed to use other solutions in its place, but that's not for me to decide. Their management software is no where near as feature rich as EPO, and I seem to have to spend more time dealing with Symantec issues than I do with EPO issues. (Because, yes, we do monitor our machines each day to ensure that they are updating properly. CNN we are not.) Please don't think for a minute that I like defending Symantec. I just believe in placing the blame properly where it belongs, and in this case it's the idiot sysadmins who weren't doing their job.
        • and in this case it's the idiot sysadmins who weren't doing their job.
          Everyone including you is blaming sysadmins. Don't forget there's a PHB somewhere within CNN who is definitely ultimately responsible and might be the cause.
          • by RESPAWN ( 153636 )

            Everyone including you is blaming sysadmins. Don't forget there's a PHB somewhere within CNN who is definitely ultimately responsible and might be the cause.

            Good point. It's hard for me to imagine that there would be somebody out there with such an idiotic policy... Then I remembered a client of mine back in '03. The office was such that it had a nominal IT position to handle minor stuff, but then would bring my group in for the more advanced IT tasks. Anyway, after repairing a couple of computers I informed the "IT" guy that I really needed to patch his servers ASAP as there was a new virus running rampant and infecting 2K/XP machines and I knew that their

    • Symantec typically releases new definitions once a week. You an fetch them as often as you like, though.
      • by RESPAWN ( 153636 )
        Odd. Are you sure about this? We receive new defs (with new date stamps in our management software and new .vdb file names) each day. Are they just changing the dates and renaming the updates before we receive them?
        • It appears that Symantec has finally begun moving to daily updates. Information about their Live Update [symantec.com] system indicates that for their 2006 home user product daily updates were available. Users of prior versions of the product receive only weekly updates. They have been under tremendous pressure from customers to make daily updates available for several years. I'm glad to see them finally moving that direction.
    • Re: (Score:2, Informative)

      afaiaa avg updates as and when needed. I certainly get update notices more than once a week. Before and after the recent switch.
      • by RESPAWN ( 153636 )
        OK. For some reason I thought it was only once a week, but I could be mistaken. I only have it installed on one of my laptops here and that laptop hasn't been turned on in ~2 months -- I installed Ubuntu on another laptop and have been using the Ubuntu laptop instead.
  • by L. VeGas ( 580015 ) on Thursday March 01, 2007 @07:35PM (#18201580) Homepage Journal
    a virus dedicated to the eradication of Symantec from the known world

    That's not a virus. That's a feature.
  • by winkydink ( 650484 ) * <sv.dude@gmail.com> on Thursday March 01, 2007 @07:41PM (#18201662) Homepage Journal
    because CNN is infected?

    1. Estimates are 100-150 million machines are currently part of botnets
    2. Loss estimates exceed 200 billion annually on a global basis
    3. Over 80% of all spam comes from botnets

    Yes, I can cite. Or you can Google. They are all easy to find.

    This is a HUGE problem that is, in many ways, like spam was in 1996 or 1997. The technical community acknowledges it, the average consumer has no clue, and, left unaddressed the problem and associated looses will get much, much worse.
  • by SwashbucklingCowboy ( 727629 ) on Thursday March 01, 2007 @08:08PM (#18201940)

    A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.
    Turner can't update their software in EIGHT MONTHS? That's not a problem with Symantec, that's a problem at Turner.
    • Updates (Score:5, Insightful)

      by fm6 ( 162816 ) on Thursday March 01, 2007 @08:31PM (#18202174) Homepage Journal

      People often don't update their software for years at a time. Hey, it costs. Which is why NAV is designed to update itself automatically. You just have to configure it correctly.

      I'm no fan of Symantec. It's perfectly true that they're badly run. Hey, they used to be a lot more than a "security software" company, but all their other business (natural language databases, compilers, IDEs, desktop software, backup software) just died on them. But to blame them for the ineptitude of the CNN's IT department is idiotic.

    • That is because "clods" at Turner hire ppl that Christopher Walken
      in the movie the Prophecy referred to as "Talking Monkeys".

      I work in the IT support sector and receive calls everyday from
      some ppl that are brilliant and some ppl that should send their
      server back now.

      That's right, I said "server" .

      I am baffled by how many ppl call in for support on a "server"
      that are clueless, and don't know how to download their
      drivers from a "well known" support site.

      Ppl that ask why their server crashed when they have NEV
  • A virus dedicated to the eradication of symantec? Sign me up! ...I suppose I'll have to turn off AVG first...What then?
  • by gelfling ( 6534 ) on Thursday March 01, 2007 @08:37PM (#18202236) Homepage Journal
    We're chucking our desktop firewalls, spyware tools and AV scanners for one big Symantec managed client. And if any of you have ever tried to uninstall Symantec you'll know that you're chained to them for life.
    • by jd142 ( 129673 ) on Thursday March 01, 2007 @08:55PM (#18202398) Homepage
      I uninstall Symantec Corporate Edition all the time. Works a treat.

      We've got an AV server and all of our clients are managed. We set the server up to check Symantec every two hours for updates and those updates are pushed down to the clients almost immediately.

      Need to install all of your clients to the latest version (say from 9 -> 10)? Click Tools | Install Client Remotely and push it down from a central location.

      We check our clients and any computer that is more than a week out of date is turned on and updated.

      The only reason I can think of that so many people are complaining is because they've only used the consumer version. When we get student laptops we immediately remove it and install the corporate version that is free for them. I've never had a problem uninstalling the trialware version of the AV that ships with so many laptops.
      • Re: (Score:3, Interesting)

        by will_die ( 586523 )
        The corporate/enterprise versions of symantec and mcafee are great. They scan mail and scan the system and files so they do everything you want from a virus program.
        In additon they take up alot less resources then the home versions, and are usally easy to uninstall. Even without the management software you can use them, and they will download info from the web sites of the appropriate company.
      • Re: (Score:2, Interesting)

        by Brimstar ( 838937 )
        As a former Symantec Corp customer, I'll disagree with that. The uninstaller for 8 was horrible, and the push install of 9 flat out didn't work for about half of my network (frequently caused by issues with 8). Nothing special about the network either, it just didn't work. In fact, about 1 in 20 network installs didn't work at all for some reason and I had to go install by hand. 9->10 seemed like it was going better until I had several systems start randomly screwing up and causing our EE and ME CAD
    • I'm sure I am not the only one who has had to format the Windows XP partition to get rid of these products that have seemingly "gone bad".
      When I got through, I had two new XP installs on the same computer, different partitions. I left AOL off of one, and it seems to run very well, using a free virus scanner there. So far so good, but I really do not know if those installs will stay put. Windows updates as needed, and so does the scanner. Just lucky I guess.
      I don't use that machine, others do, and if they ha
  • Astroturfing (Score:4, Interesting)

    by jotok ( 728554 ) on Thursday March 01, 2007 @08:54PM (#18202386)
    Symantec has seen quite a bit of negative publicity in the past year on slashdot.

    I have to wonder how much of it is simply astroturfing by disgruntled former employees? When there's a negative op/ed piece on a "software development and security research" website where none of the SQL even works, I just have to wonder if some no-talent assclown is pissed off because he lost his helpdesk or HR job.
    • Re:Astroturfing (Score:4, Interesting)

      by swordgeek ( 112599 ) on Thursday March 01, 2007 @09:35PM (#18202682) Journal
      OK, there's no doubt that Turner is pretty incompetent for not fixing this hole with a patch that's been out for most of a year.

      But at the same time, I have to ask how incompetent a company that writes security software can be, when their own code is written so as to allow this type of exploit.

      Furthermore, I've had quite a bit of experience with Symantec over the past few years. I've been using Veritas products for a decade and change (Netbackup and Volume Manager primarily), and know them very well. Once in a while, I'll come up against a bug and phone Veritas for support/workarounds/whatever. For years they weren't top notch, but they were decent and consistent.

      Since Symantec took over, support has fallen through the bottom of the toilet. Their help desk is driven by 'time-to-close,' and actual technical experts are no longer brought in for difficult cases. Bug reports are not even accepted anymore! (Well they'll _take_ the bug report, but won't give you a bug ID to track it with.)

      Furthermore, they've started to crank up the version release numbers so that they can promise support for two versions, but only support products for two years from initial release. TWO YEARS FROM RELEASE!!! That's completely unacceptable even in the home PC marketplace, let alone in an enterprise environment, where a product rollout may take over a year.

      So yesterday I went to install the newly-free version of Storage Foundation, because I needed to migrate some data from an old system (flawlessly running vxvm 3.5) to a new one, where we'd then move it to ZFS and be done with Veritas for good. The installer put 40 packages on my newly built Solaris 10 system (11/06 release), but failed to actually install the volume manager! After screwing around with it for a while, I gave up and went to uninstall it. The uninstaller hung in kernel space, and for twelve hours did nothing but couldn't be killed.

      I don't care about any axes that people have to grind. Symantec is an incompetent company, and DESERVES all of those people holding grudges against them. I'll be glad to see them die horribly.
      • by Dunbal ( 464142 ) on Thursday March 01, 2007 @11:25PM (#18203362)
        OK, there's no doubt that Turner is pretty incompetent for not fixing this hole with a patch that's been out for most of a year.


              Personally I'm surprised that he hasn't broadcast it on the news as a terrorist attack and recruited the Boston police and bomb squad to deal with this threat...
    • Re: (Score:3, Interesting)

      by GJSchaller ( 198865 )
      I do not, and have not, worked for Symantec, but I will concur their products are crapware, and their staff is made up of A-Grade assholes. As another person posted above, their support is driven by time to close - when I opened a case with them that went unresolved for several weeks (and not due to lack of trying on my end), I finally got a call back from someone that sounded more like a back-alley enforcer than a support specialist. He tried to bully me into closing the case by blaming me for the issue.
    • by Dunbal ( 464142 )
      I have to wonder how much of it is simply astroturfing by disgruntled former employees?

      Work for Symantec, do you?

      I'm not a symantec employee. Their programs have the following annoying features:
      1) Bloat
      2) they don't necessarily protect your PC as advertised
      3) the popups are designed to make you feel the program is doing its job however the program is only mediocre at doing its job - the "firewall" is a JOKE
      4) it's IMPOSSIBLE for the average user to uninstall that
      • by jotok ( 728554 )
        Can you elaborate on some of those?

        I mean, aside from the duplicate items you used to pad the list--Is that what you meant by "bloat?" Your list comes down to "It's bloatware, it doesn't do its job, and I have an issue with the support."

        In all seriousness, these are all valid complaints. I suppose you used the appropriate feedback channels to communicate this?
  • by flyingfsck ( 986395 ) on Thursday March 01, 2007 @08:55PM (#18202400)
    Whenever I have to fix a screwed up PC, MsAfee or Symantec is disabled by the malicious code. So, I always uninstall whatever is on the machine and install something else like AVG or ClamWin.
    • Re: (Score:2, Interesting)

      by tom_jaimz ( 953279 )
      I tried ClamWin on a recent install of Windows, and despite keeping it up-to-date I got infected with a virus for the first time since the early 90s (Brontok.N - pretty annoying little thing). ClamWin never detected it, not even after I was badly infected. I'm back on Kaspersky now. I won't be recommending ClamWin to anyone.
      • by Spad ( 470073 )
        Clamwin, at least last time I used it, doesn't offer real-time scanning, only on demand. So if you just installed it and then expected it to protect you then I'm not suprised you ended up with an infected machine.
  • by purduephotog ( 218304 ) <`moc.tibroni' `ta' `hcsrih'> on Thursday March 01, 2007 @09:21PM (#18202574) Homepage Journal
    ... Every machine that comes to me for service has one requirement: No Norton. Take norton off, and people are *amazed* at how much faster their machines run.

    I substitute Free-av.com for Norton- better infection detection, less memory overhead, free (with the option of buying a license- I usually guilt them into doing it), and nightly upgrades.

  • Can you say AVAST? (Score:5, Interesting)

    by rizzo320 ( 911761 ) on Thursday March 01, 2007 @10:30PM (#18203038)
    Although they may hold on to the enterprise market, why even bother with Norton AntiVirus or Internet Security when you can get Avast AntiVirus Personal edition for free! http://www.avast.com/eng/download-avast-home.html/ [avast.com]

    No, I don't work for them, or own stock. They've even updated it for Vista. The cost? Register for a free serial number every 14 months.

    Comodo firewall http://www.comodo.com/ [comodo.com] is nice free step up for those who think they need something more than Windows firewall.

    In the year 2007, there is really no need for a consumer to pay for a product from Symantec/Norton, McAfee, or any other security software vendor that has been fleecing us for the last several years.
    • Re: (Score:2, Interesting)

      by evilgiu ( 995172 )
      Kudos to Avast! I've been using it for the past 3 years and it is beautiful. I even bothered to upgrade to the paid Pro version, which has a couple more resident scan modules and works with push updates from their servers, instead of me having to remember/set a schedule for it. There have been occasions where I got up to 3 virus definitions updates in a single day =) Could it be just eye-candy? Perhaps, but it feels good, is not invasive and doesn't clog my system. Very happy customer here.
  • a virus dedicated to the eradication of Symantec from the known world

    We can only hope.

"The great question... which I have not been able to answer... is, `What does woman want?'" -- Sigmund Freud

Working...