Forgot your password?
typodupeerror
Security Bug Microsoft

Windows Live OneCare Can Eat Your Email 204

Posted by kdawson
from the have-a-care dept.
FutureDomain writes in to point us to a blog sponsored by PC Magazine, reporting about another problem with Windows Live OneCare. Apparently, it sometimes deletes the entire Outlook or Outlook Express .PST mailbox when it finds a virus in one of the messages. The only solution is to tell OneCare to exclude the entire Outlook mailbox. This is the software that came in last in antivirus tests. The trail of tears is ongoing over on the Microsoft forums.
This discussion has been archived. No new comments can be posted.

Windows Live OneCare Can Eat Your Email

Comments Filter:
  • trail of tears? (Score:5, Insightful)

    by Raab (863350) on Saturday March 10, 2007 @03:26PM (#18301188)
    isnt the term 'trail of tears' a bit extreme for some lost email?
    • but if it were compared to a nail, I'd ask "just how many nails does it take to seal the lid of a coffin?"
    • Re: (Score:3, Insightful)

      by Darundal (891860)
      Depends on whats in the emails. It could be your normal grouping of spam and chain letters, at which point I would actually send Microsoft a thank you not. Or it could be an email with some vital information in it (yes, should be backed up, but realistically, how many people do that?).
    • by OiToTheWorld (1014079) on Saturday March 10, 2007 @03:32PM (#18301236)
      No, because losing your mail is TOTALLY similar to the forced relocation of the Cherokee people you insensitive clod!
    • by ColaMan (37550) on Saturday March 10, 2007 @03:36PM (#18301264) Homepage Journal
      There's 119 posts on that thread. It's a trail of something, most likely pissed-off users.
      I smell an opportunity..... Quick! Someone post some linux evangelism there!

      • Re:trail of tears? (Score:5, Informative)

        by Kjella (173770) on Saturday March 10, 2007 @04:01PM (#18301422) Homepage
        Yeah, like Linux never loses mail. One of the grave RC bugs of Debian Etch has been bug 321102/332473/350851 where KMail will nuke your disconnected IMAP folder under certain conditions. It's closed now and due for archiving today, but they're still listed here [debian.org]. I haven't been checking Thunderbird, Evolution but I doubt they're a symbol of perfection either. Wouldn't you just love to have some smug Microsoftie drop by your support thread to spread the One Microsoft Way?
        • But I feel it is different. The bug reported would be akin to AVG deleting my whole my folder because there is a virus in it. Or an anti virus on linux deleting your folder. Or a firewall deleting your word document (all of 'em) because one has a macro virus. In the bug list is there anyhting like that ?
          • It sounds like bug 104956 in Kmail will cause it to lose messages -- in some cases, even entire folders full of messages -- if there are network problems or the program gets disconnected at the wrong time. Several people posted in there that they had lost mail folders that way, so it's obviously not terribly uncommon. To be honest, I would say that this sounds at least as bad as Microsoft's bug -- a network hiccup or a kicked cable could result in you losing your messages -- but insert standard comment ab

            • by jrockway (229604)
              > but insert standard comment about how it's OK for free software to have bugs here

              It's a common comment because it's the whole point of free software. Bug 104956 is your fault because you haven't patched it yet.
        • Re: (Score:2, Interesting)

          by myowntrueself (607117)
          where KMail will nuke your disconnected IMAP folder under certain conditions

          The severity of this bug would only match that of the microsoft bug if it deleted the imap folders on the server.

          I take it that this is not the case?
          • Re: (Score:3, Insightful)

            by aardvarkjoe (156801)

            You are apparently wrong. Check out the link: http://bugs.kde.org/show_bug.cgi?id=104956 [kde.org] Around comments 35-36, they state that the copy on the server is deleted.

          • by Kjella (173770)
            The severity of this bug would only match that of the microsoft bug if it deleted the imap folders on the server.

            I take it that this is not the case?


            I was waiting for someone to presume that it'd be less severe than the Mircosoft bug, without actually doing a fact check. That same rhetoric that it's comparing apples to oranges shows up every time someone tries to give hard data. If the local copy is in any way corrupted, it'll think the IMAP folder should be empty and go on to delete every mail on the serve
        • I've never lost a email due to software malfunction using open source software. Thats 4 years of email totalling around 100,000 non-spam, non-mailing list messages.
          • by Cheapy (809643)
            And I've never had windows crash on me. That's 10 years of thousands of hours without a single crash.

            I'm not gonna go around strongly implying that windows never crashes though.
        • Re: (Score:3, Informative)


          Actually a recent version of Thunderbird would in fact hose your email.

          Apparently a bug crept in that when Thunderbird's spam detector detected a certain kind of spam, it proceeded to mark ALL the mail in the mailbox for deletion on the next compaction.

          For those people who compact on exit, that was seriously bad news.

          However, the fix was also easy - since all mail is in text files rather than proprietary binary formats. You simply dumped the Thunderbird release with the bug and downgraded to the last releas
        • If I remember correctly the bug, irritating none the less, kills the local cache (that's what disconnected IMAP stands for) of your mailbox but your messages reside on the remote IMAP server so... what's the point again?
        • by smchris (464899)
          The nice thing about Evolution is that it uses Mutt data format. It's easy to periodically burn an archive of your folders and grep/mutt as needed to search and retrieve.

          I still have fond memories of the Polarbar Java email program. Great filtering options. But I had it disconnect from its data more than once too.
      • by jmorris42 (1458) * <jmorris@[ ]u.org ['bea' in gap]> on Saturday March 10, 2007 @04:22PM (#18301540)
        > Quick! Someone post some linux evangelism there!

        Yes Linux has a better record. But then so does everyone else. Go ahead, name the operating system with a security record equal or inferior to Windows over the last decade.

        *BSD? Nope, even if you exempt OpenBSD *BSD has a far better record than anything Microsoft has released in the past decade. And OpenBSD wears the crown when it comes to security. Usability, scalability and such are legitimate counter concerns though and explain why OpenBSD hasn't conquered the world.

        Linux? Regardless of the distribution, if it is a large enough operation to keep up with the torrent of errata teh universe of OpenSource/Free Software generates they have all done better then Microsoft when it comes to timely updates. And with the bonus of the existence of "Enterprise" distributions for a good part of the decade that focus on errata updates that won't have unrelated breakage.

        Apple? Their record with OS 8 and OS 9 beat Microsoft and OS X just upped their game.

        Sun? HP? IBM? Please.

        I'm not saying anyone should be proud of their security history and methodology, all software currently sucks ass. But since we have to use something NOW the question is why is the worst vendor on 90% of the world's machines?

        What I'd like to see is a major concerted effort to raise software quality over adding new features. Engage the CS departments in teh universities to have all students audit some code. After all, most operating systems these days allow access to the source. And auditing real code would be a good experience for em. They would see first hand how wretched much of the code actually in use is firsthand. And if legends are writing that stuff they just might listen a bit more when when the prof is badgering about not hotdogging in the belief they are too leet to make those 'idiot' mistakes.

        And for the Linux world I'd like to see the major distros come together to take every package not currently at 1.0 and finish em or dump em. Then stabilise the codebase, audit the crap out of it and then freeze them, only accepting bug fixes. And a nice side effect is they would all have the SAME version. The original project can still release new versions but it won't get integrated into a major stable distro until they announce a new feature complete and AUDITED version. Seriously, is there anything else that needs to go into glibc? So why not stabilize it, sudit it and then freeze it? We need a trusted core that we don't have to update several times per year. As computers become central to our civilization we need them to work a lot more than we need shiny new features.
        • by Kjella (173770)
          I'm not saying anyone should be proud of their security history and methodology, all software currently sucks ass. But since we have to use something NOW the question is why is the worst vendor on 90% of the world's machines?

          Because users say they want security, but in reality want convienience. People want to be able to just click a program and run it, and expects the computer to figure out if this is safe or not, and whether this trojan was something they actually wanted to run, or if they were just trick
    • by Anonymous Coward on Saturday March 10, 2007 @03:43PM (#18301314)
      Fine. It's really more of a holocaust going on over at the Microsoft forums.
    • Lost email (Score:3, Interesting)

      Some people become attached to their collections--no matter what the collection is. It is psychologically difficult for some people to face the reality that some things are simply not worth saving.

      I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.
      • by jlarocco (851450)

        I advocate a training program for those people: once each year they should practice archiving everything they might ever want to save to one CD. Just one typical data CD. Not a DVD. One single CD. Anything which doesn't make it to the CD is random number filled.

        Why? Is there a downside to having a large collection of "stuff"?

      • Is compression allowed? I wonder if bzip2 could get my 6gig of email on to a CD. :)
      • Re: (Score:3, Insightful)

        by silas_moeckel (234313)
        I fail to understand the value in getting rid of these old emails, it takes time to purge things no longer useful more time and effort than archiving them. Personally my online email archive goes back 3 years and I have off line storage back to the 80's and see no reason to spend the time to sort though them for the few potentially needed ones rather than just archiving out the data. I would also have to say that keeping everything to one cd or even one DVD would require deleting all the pictures and vide
    • I worked in an office where the recently hired tech guy managed to destroy the VP of marketing's Email 3 separate times. All in the first 3 months of his contract. That was the end of him. It's not such a big deal to lose personal email, but for people who have integrated the use of email into their business it's ugly. I would like to think that people are backing up their 1.2 gig PST files, but I know that there are many smart successful people out there with big PST's that have no backup. This kind o
      • by zappepcs (820751)
        This is exactly why I don't keep my .pst file on a work server. I use a laptop from work, and by keeping that huge .pst file on my local drive, I can choose to back it up when and where I like. No matter how good the guys in corporate IT might be, I just don't trust them. With most of my backup processes, it would take 2 disastrous events to happen at the same (or near enough) time to cause total loss of data. It would only take one careless IT person, or software update to cause complete loss if I trusted
    • Extreme? Not in the least, some people live off of their inboxes. This can cause real personal and financial damage.

      Speaking of tears, I had a good laugh when I read this:

      After the latest update which required a restart

      I really don't intend to be mean, but this just took me back a few years to when I was using Windows. I had totally forgotten about updates that require reboots (well, kernel updates do, even on Linux). Amusing, to me at least.

      Anyhow, OneCare has bugs, not that surprising really, all

    • If its like my email then it would have been 4 years of email. (No Outlook doesnt handle that number of messages - I use IMAP)

      My mum uses Outlook and she would be furious if a email got in and OneCare deleted every email.
      Fortunately for her I wont allow malware like OneCare near any of our computers.

    • Yeah, right.

      You've obviously never had a client lose his PST file, right?

      You have no idea how the thought of losing their last thousand emails affects some people.

      Especially when those emails contain the email addies - and purchase orders - of every customer of that client.

  • And just remember, this is the same development house that the whole world seems to have no problem with the thought of giving root acces to their machines so they can keep them 'safe.'

    If those idiots don't screw the world up by their own incompetence first they are going to get Windows Update 0wn3d and allow someone malevolent to wreak even worse havok on the world.

    Seriously, I can't understand how any Microsoft product is permitted to be used in any role where failure isn't an option. Finance, military, medical, etc should have imposed a ban a decade ago, forbidding the stuff from even being connected to a network port inside the secure inner firewall. Instead we are installing the stuff into the engine room on our warships, giving it sole control of the propulsion system.

    This is insanity on a global scale. A lot of people even seem to understand the danger yet are too afraid to speak up loudly enough to be heard.
    • > Seriously, I can't understand how any Microsoft product is permitted to be used in any role where failure isn't an option.

      I can't understand why software is permitted to be used in any role where failure isn't an option.

      But I get your point.
    • I think it all stems from the same old problem of people wanting to use software that they know. And really, people generally know Windows more then anything else. It's not an excuse, and I think it's the epitome of laziness, but I believe that's the main cause.

      I mean, I work for state government and the majority of the people running the systems just don't know computers very well. It sucks. So, their comfort zone is Windows, because it APPEARS easier to manage. (Of course, it's not, it's just as com
      • by udippel (562132)
        And really, people generally know Windows more then anything else.

        So, their comfort zone is Windows, because it APPEARS easier to manage. (Of course, it's not, it's just as complicated as anything else when you look past the pretty start button.)


        I need to disappoint you:

        - My experience with my students shows, that they know Windows less than anything else (they only think they know it, because of the colourful start button and stuff).

        - My experience as sysadmin (in both worlds) shows, that W
        • by cbreaker (561297)
          Wait - how would I be disappointed?

          Plus, I don't see how you proved me incorrect in any way - people know Windows more then, say, UNIX. As a general rule. They use it at home, they can install software, they can add devices and device drivers. That's certainly *more* then any other operating system, right?

          You actually agree with me for the most part. Like I said, it's not less complicated then other systems once you get past the start button, which insinuates "past pre-fab admin tasks" without as many
          • by udippel (562132)
            Wait - how would I be disappointed?

            You wouldn't. Maybe a problem of language. I tried to rhetorically endorse what you said. Probably I should take an extra course in writing.

            Though I need to bow before you as the slightly - if only a few hours - more senior /.-user.
    • "And just remember, this is the same development house that the whole world seems to have no problem with the thought of giving root acces to their machines so they can keep them 'safe.'"

      For a single user desktop machine, there is no reason not to. If you're account ever is compromised, someone can just wrap your shell with something that uploads everything you enter, and the next time you su to root, you're toast. How many unix users do you know who switch to the login screen everytime they need to do so
  • You hear the complaint both ways, of course. Commercial software gets professional testing, which means that engineers are paid to test un-fun corner cases, apply heuristic analysis, and other stuff like that. FOSS software gets more intense testing, because there are more people testing, although it's somewhat less organized.

    Well, here's an example of how it can go wrong, no matter who you are. Of course, we're never surprised when Microsoft has a bug. It's really funny to me, actually. Huge company--
  • by adnonsense (826530) on Saturday March 10, 2007 @03:39PM (#18301286) Homepage Journal

    Don't just sit there feeling smug! Every now and again, when you have a free moment, delete your mbox file, or the directory where the mail client of your preference stores its data. That'll go a long way towards helping Windows users to stop seeing us as arrogant and aloof and let them know we share their pain.

    (And if you're really feeling altruistic, knock up a shell script which turns your machine into a spam-spewing zombie).

  • by Anonymous Coward on Saturday March 10, 2007 @03:41PM (#18301300)
    Nuke the mailbox from orbit, it's the only way to be sure.
  • PST file (Score:5, Insightful)

    by pe1chl (90186) on Saturday March 10, 2007 @03:45PM (#18301330)
    Maybe it wasn't such a good idea to put all mail, including not only INBOX but also all extra folders, in a single file?
    At least other MUAs usually have a separate file for each folder.
    • by moranar (632206)
      It doesn't depend so much on the MUA (although if that's the only option on the software you're certainly shit outta luck): mbox is a common format for mail. It does get unwieldy if there's a lot of mail in the file, of course, but it's easier to search by hand than a plethora of directories. I think.
      • by pe1chl (90186)
        mbox is a file format for a single folder. when you have an inbox, sent-mail, trash and some saved-mail folders you will have several mbox files.
        when you receive a mail and your inbox is deleted, you "only" lose the recently received mails and not all those valuable mails you saved in the past.
    • by DavidD_CA (750156)
      No thank you. Keeping everything in one file, albiet sometimes a very large one, has made it VERY easy for me to support Outlook for my clients, even over the phone, and yes this sentence is running on, way too much.

      Users tend to create a lot of sub-folders, and folders in sub-folders. While moving things around is usually as simple as drag-and-drop, having all of them stored in one file is great.
      • Re:PST file (Score:4, Insightful)

        by gilroy (155262) on Saturday March 10, 2007 @07:09PM (#18302838) Homepage Journal
        I'd wager your experience is close enough to being unique as to make no difference. Generally, stuffing everything into a monolithic file makes the data less accessible, less stable, and even less searchable. It does help Microsoft hide features and implementation details from competitors and it does make the mail program more mysterious (driving more users to paid solutions for problems). But in terms of convenience for the user, it gives bupkas.
        • by DavidD_CA (750156)
          Everyone's entitled to an opinion. What you may not understand is that the PST file is a massive database, and all of the emails, contacts, appointments, inside it are records. Exchange is the same way.

          I think the PST database file is a fantastic concept. I've used Outlook and the PST file for slightly more than a decade now, through five versions of Outlook. I've moved it around through multiple workstations, sometimes bringing it onto my laptop for just a week, sometimes sharing it between two compute
          • by udippel (562132)
            I've used Outlook and the PST file for slightly more than a decade now, through five versions of Outlook. [...] Despite the occasional computer crash, the PST has always been rock-solid for me and never became corrupted.

            And I can also say the same for everyone I've ever seen using Outlook in a personal and business environment. At word, Outlook 2000 needed to run the Inbox Cleanup Tool every now and then if there was a bad write, but it always recovered perfectly.


            Good for you.
            I have been using various POP3
          • Your complaint seems to be more about the filetype being proprietary than anything else. If you do a little bit of homework, you'll find that the data inside the database is actually quite accessible to developers. Just look at the slew of Outlook plug-ins that exist.

            And if you look at the details of any program which directly manipulates Outlook data, you'll find one of the system requirements is to have Outlook installed on the machine. You don't have to use Outlook to view the data, but some library or

            • by DavidD_CA (750156)
              Please educate me by sharing a time when an application would need to modify a PST file, when the user doesn't already have Outlook on the machine.

              In other words, why *wouldn't* the user have Outlook installed if he is running some kind of PST-modifying program?

              And don't say "because he's migrating away from Outlook" because there are utilities that will migrate emails and other objects from a PST file without having Outlook installed.

              On the contrary, having Outlook accessible via VBA allows programmers to
    • by Mr. Hankey (95668)
      Agreed, it's never a good idea to put all of your eggs in one basket. The biggest problems I've seen while supporting Outlook clients have been corrupt PST files, either due to Outlook crashes or exceeding the PST file size limit. Not too long ago that limit was 2GB. Even if you upgraded to the newest Office release though, you still needed to create a new PST file and move all your mail into it before you can raise the limit. Then you get to tell Outlook which PST to use for mail, primary address book and
    • Well, yes. But Microsoft is really attached to that monolithic, proprietary database approach to files. It's of course destabilizing and vulnerable to corruption that's extremely difficult to track down, but it does make the software stuffed with "features" that no one else can or is even allowed ot duplicate, if Microsoft can exert its sway with trade secrets, violating their own published API's, and patent protection.
    • by myxiplx (906307)
      huh?? wth not? Haven't you heard of databases? Using a single database for storage makes so much more sense than thousands of individual files cluttering up and fragmenting the filesystem. If you're using a database you can optimise for searches, reduce wastage, etc.

      Ok, PST is a horrible implementation of a database, but don't knock the concept for one bad example.
      • by pe1chl (90186)
        With that reasoning, you could argue that there should not be a filesystem and everything on a computer should be in a database.

        Lots of people, including Microsoft, have claimed that in the past. Few have been successful in actually implementing it (IBM S/38?).

        Of course, a database implemented as a big file with internal structure will have internal fragmentation just like data stored in a number of smaller files can lead to fragmentation of the filesystem. Here you are just comparing the quality of the f
  • by The Bungi (221687) <thebungi@gmail.com> on Saturday March 10, 2007 @03:48PM (#18301346) Homepage
    Obviously they screwed up on the 1.5 RTM where now apparently they'll quarantine the whole PST file (don't get me started on the "one huge fucking file for everything" mentality...), but AFAICT OneCare does not delete the file. The problem is that it essentially hides it under [C:\Documents and Settings\All Users]\Application Data\Microsoft\OneCare Protection\Quarantine, compressed in a .CAB file and not accessible from a non-admin account. But if you can log into the machine with an admin account, you can recover the file, and turn off OneCare scanning of your mail file for good measure.

    Then, get a good AV package - or better yet, just exercise some fucking common sense and don't open that "Re: Malaca Superfund Stranded" email from "Roberta Plantagenet~=%" that has a "postcard.exe" attachment.

    • so effectively (Score:2, Insightful)

      by AlgorithMan (937244)
      so effectively this means, that one care is everything but enterprise ready...
      or can you imagine a serious company (serious companies don't give admin access to their workers) to send a technician to EVERY WORKER who just RECEIVES an email with a virus infected file to recover his inbox from quaranaine?

      hey, why not piss off vista using companies by sending emails with attatched virusses (or was the plural virii?) to all their workers? man, if every worker loses all his emails multiple times or technicia
    • If you read through some of the posts on Microsoft's forum, you would find there are users who have had their file deleted one time and quarantined another. Since they were able to find it when it was quarantined, I would assume that they know what they are talking about when they say it was deleted.

  • by coastin (780654) *
    Ahh, nice a inbox ya got dere, it'd be a shame if somethin was to happen to it!
  • by Anonymous Coward on Saturday March 10, 2007 @03:53PM (#18301378)
    That theme seems to be "The cure is worse than the disease"

    Example 1:
    Problem- Malware has carte blanche in XP to do damn near anything if it's run from an account with admin privileges.
    Solution- UAC in Vista. ("You are moving your mouse cursor. Cancel or allow?")
    Solution Sucks Because- UAC is so friggin' annoying with the popups that people will either shut it off or get in the habit of blindly clicking "OK," which means they are likely to give malware carte blanche to do damn near anything.

    Example 2:
    Problem- Viruses.
    Solution- Windows OneCare Antivirus.
    Solution Sucks Because- One infected email can cause your whole inbox to go bye-bye.

    Great job, guys! The five years it took you to get this stuff perfect was really worth it!

  • Yes, this is off-topic. Yes, OneCare sucks if it deleted someones email.

    If you don't backup your data you will lose it someday. It's not a question of "if" it is "when". Your hard drive will eventually crash!

    I feel so sorry for people that encounter this. My business provides remote backup via the web & we try to help people prevent events like this, but it doesn't matter. I think all of our remote backup customers have previously experienced data loss.

  • by khendron (225184) on Saturday March 10, 2007 @04:10PM (#18301474) Homepage
    I've had Norton Anti-Virus delete my Thunderbird Inbox when it detected an incoming virus. This was the main thing that made me get rid of Norton on all my computers.
  • by Dachannien (617929) on Saturday March 10, 2007 @04:12PM (#18301488)
    The term "Defective by Design" was specifically invented to describe products containing DRM, where the usability of the product is intentionally compromised in order to protect the profits of a third party.

    Yes, Microsoft has a lot of DRMed software, with Vista being the granddaddy of them all, but not everything Microsoft makes is defective by design. And in this particular case, the defect appears to be a bug rather than intentional anyway. So, please, save the "defectivebydesign" tag for situations where it's really warranted. Sure, it may be an amusing term, but when you use it where it doesn't apply, it waters down its meaning for the situation it was intended to be applied to: DRM.

    • The term "Defective by Design" was specifically invented to describe products containing DRM, where the usability of the product is intentionally compromised in order to protect the profits of a third party. ...and to apply to the security policy that's intentionally insecure to accomodate user issues and program writers.

      Most of the things that we see this appear in are because we see an exploit. Such exploits in a better written file system wouldn't be an issue at all. So the defect is the design more th
      • "Defective by Design" doesn't mean that something has a design that happens to be defective. It refers to products that are, from the ground up, designed to be defective, intentionally and specifically. Sucking at software design is completely different from writing your software correctly and putting in DRM to make it less functional.

    • by game kid (805301)

      I'm just slightly shock no one's tagged it "onecarewilleatyoursoul" yet.

      Come on, the guys at Microsoft are obviously Aphex Twin [google.com] fans. :D

    • The tags system is nothing but an extra way to add snarky comments mirroring the slashdot groupthink to the front page. If anything, it's the one that's defectivebydesign.
  • Bah, let God sort them out.
  • Ah! Ah! (Score:2, Insightful)

    by Chutulu (982382)
    use Thunderbird instead....
  • OneCare? (Score:3, Funny)

    by ozbird (127571) on Saturday March 10, 2007 @04:43PM (#18301684)
    OneCare - from the same onomatopoeic geniuses that thought up the "Wang Cares" campaign?
  • by grolschie (610666) on Saturday March 10, 2007 @05:22PM (#18301966)
    From the forum posts, it seems that MS don't want to scan incoming or outgoing emails and they also now don't want to scan the .pst file. They are happy for dormant viruses to exist on your machine because these are supposedly detected when being executed. Going by their current track record, I wouldn't be confident of any kind of protection from Microsoft 'Once Cared'.
  • Perahaps Microsoft should consider renaming their OneCare product to Microsoft WhoCares, I'm sure many of the affected users would find that a more appropriate name.
  • Someone already pointed out that Norton quarentines the whole inbox, and older CAVs do too.

    The behaviour is "essentially" correct, because pst and mbx's are single files, but the
    bigger problem is pst's are binary format, whereas mbx's are text/UUE and text editor
    "recovery" is possible.

    Newer AV scanners can "snip" out the infected UUE portion, but you have to set the behaviour
    yourself as is the case with CAV, and even then it works on IMAP folders, but blasts local ones
    on occasion.

    (snort)

    Thankfully, in my ca
    • by jonwil (467024)
      The better solution is to do what software like AVG does and scan incoming email (and remove any viruses) when it comes in before the mail client even gets to SEE it, much less write it to the mailbox file.
  • RAV (Score:2, Informative)

    by Andrei D (965217)
    Does anyone remember Rav antivirus?
    It was a very good antivirus program developed by Gecad, a romanian company. It had support for Linux, BSDs, Solaris and it was highly appreciated in its days. It's so sad that Microsoft killed [infoworld.com] this fine product, removing support for rival platforms and turning it into this lame thing called Onecare.

  • 'Nuff said!

    Oh, hell, I'll say some more just to piss off the Windows shills!

    Microsoft crapware comes through again!

    Just when you thought Bill's crew couldn't get ANY dumber than they are, they manage to "shock and awe" again!

    Just so the OSS people don't feel left out, this is not QUITE on a par with a recent Thunderbird's ability to delete ALL email by incorrectly marking it as spam to deleted on the next compaction.

    That was fixed easily in a few days and the workaround was trivial: do a search and replace
  • not a problem
    OneCare doesn't ever find virusses anyways - so this is just a theoretical danger ;-)
    http://www.pcworld.com/article/id,129521-c,antivir us/article.html [pcworld.com]
  • by SoopahMan (706062) on Sunday March 11, 2007 @02:19AM (#18305816)
    The email is Quarantined - meaning you can get it back unharmed - not Deleted.

    This is being misreported all across the Web even though the linked article in every case makes it clear.

    It's a serious flaw certainly and still more bad press for Vista, but this one is not nearly as severe as issues like DRM and Certificate-only drivers in Vista - it doesn't deserve the same level of press.
  • I have a very low threshold of tolerance for malware. My usual reaction to an infestation is "nuke form orbit and re-install from scratch".
    (yes, that's my reaction to having other people's infected PCs. My PCs have been clean (to the best of my knowledge :-) and, given the pain of a reinstall, I might change my mind if it got infected regularly).

    It's hard enough getting benign software to cleanly un-install. Malware does not come with uninstallers, and it's designed to be as difficult as possible to ge
  • Delete entire inbox, Cancel or Allow?

    ~Cancel~

    Delete entire inbox, Cancel or Allow?

    ~Cancel!~

    Delete entire inbox, Cancel or Allow?

    ~Cancel!~

    ~Cancel Failed, deleting inbox~

As far as we know, our computer has never had an undetected error. -- Weisert

Working...