Antivirus Vendors Headed for Court

SkiifGeek writes "A showdown between Rising Tech, a Chinese Antivirus vendor, and Kaspersky Lab in a Chinese court could have implications for software vendors that misidentify system files and files from their competitors as being malicious."

F--- the article

[acidrain]

Rising Tech announced on the 30th of May that they were planning to sue the Beijing office of Kaspersky for unfair competitive practices (though it isn't known whether this suit was brought to court).

This is a few scraps of slap talk dredged up from the bowels of the net. It isn't even a lawsuit or a comment by a legal professional, let alone an injunction or any kind of legal ruling.

Also, anti-virus software on Windows is so invasive that running two different scanners at the same time is just plain crazy. I imagine root kits and virus scanners do a lot of the same things. They all make a total mess of your OS. And not being a monopoly, I can't see how Kaspersky has an obligation to play nice with others.

Re:It Could Be Rising Tech Really Is Malicious

[El_Muerte_TDS]

And on the other side of the pond you've got companies that are for sale. For all you know Symantec allows certain backdoor software distributed by the MPAA/RIAA.

How much can you trust companies like that?

Happened to me too

[Spacejock]

I have a website with a bunch of my own freeware apps available. On two separate occasions I've had a number of emails from users of major AV software asking me what the hell I was playing at trying to install trojans on their PCs. In both cases it was false positives, one from NAV and the other from the company mentioned in this article (which is what prompted me to post). Each time they eventually got around to correcting their definitions, but sure as anything it'll happen again. And in the meantime, how many dozens or hundreds of people assumed I was one of them there nasty spammer trojan virus people trying to infect their PC?

Why should the onus be on ME to check THEY haven't stuffed up? You can't install and run all the different brands of AV software on one PC, unless you install a bunch of virtual machines with one AV prog on each, and then you'd have to update the definitions daily.

Re:False positives trick users. MS is adversarial.

[aerthling]

The Open BSD web site says 2 in 10 years.

It actually says 2 remote holes in the base installation in more than 10 years. If you want a full list of all the vulnerabilities in OpenBSD ever, you can count them all here: http://openbsd.org/errata41.html [openbsd.org]

Have fun.

Re:False positives trick users. MS is adversarial.

[Anonymous Coward]

Good FUD there.

On one computer I checked, temp files were stored in 49 different places, and that includes only temp file folders made by the Windows operating system and not temp file folders made by application software.

List the folders. All of them. Otherwise, I honestly refuse to believe that. Also, temp files are listed under Disk Cleanup. If you run that (and it will suggest you do if you start running out of space), then it will remove them.

The number of temp files or folders is nothing to do with security.

Only one of the vulnerabilities you listed is critical and requires that someone open a malicious .mdb file specifically in Access 2003. Most of the others require either physical access to the machine or access to a LAN connected to the machine, hence they haven't been treated with priority.

Saying "it is well known how to write secure software" is disingenuous bullshit, and shows a complete lack of knowledge on coding anything more than a 'Hello World' app. So is saying "Somehow it has been arranged that people pay the full amount for new versions, instead of an upgrade price." when upgrade versions are labelled clearly and with lower prices.

You are 100% full of crap and if your Slashdot account wasn't just a shill to get people looking at your shitty tech website I would probably care more.

Re:It Could Be Rising Tech Really Is Malicious

[NeverVotedBush]

I never said the American ones were good. I only said that I wouldn't install the Chinese or Russian ones. The simple reason being that China and Russia both are big into network infiltration and the USA is a prime target. I don't believe in handing over a back door. I have no clue if Kaspersky or Rising Tech are fronting or providing back doors for their respective governments. Maybe they are and maybe they aren't. But there is a very real possibility that they are.

And you say your virus checkers of choice have detected "ALL" viruses? How do you know? Ask anyone who knows anything about AV software and they will tell you that the new ones are frequently missed completely because their behaviors or signatures are unknown. Until your AV company of choice puts in new definitions, you simply do not see them -- even though you may be infected and possibly infecting others. You even cite such an example yourself. If Kaspersky was to decide not to include a signature - say for a Russian government botnet back door - then you don't know it's there.

The fact is (and please go look at SANS or other websites that report such news) that China, Russia, and actually just about every country in the world have discovered that you can use the Internet for lots of military and economic gain. You can pull out sensitive data. You can set up systems so that if you ever need or want to, you can cripple infrastructure. You can wreck economic havoc. The USA especially uses the Internet for lots of things. Imagine the chaos that would come if you could shut it down with a single command. Trust me - they have.

Countries like Russia and China can go lean on companies to put in whatever hooks they want. I'm not saying they are in Kaspersky's software but I would not ever bet against it.

Problem with WIndows

[cdrguru]

The problem with Windows is the ease-of-use. Let's see... I can email a link to an executable file to someone and when the click the link it runs the program. I can also email the executable itself and upon opening the attachment it will run the program.

This is very helpful in a corporate environment. When there are malicious people on the Internet this is a disaster. Which is the "right" way?

Sure, Windows could be made more secure. Unfortunately, all the security in the world will not prevent a machine from being compromised if the user runs a program. This is the "hole" in Vista - if you run a program and authorize it to run it will run and can affect the operation of the machine. Period.

Would a secure root/user logon environment make Windows secure? No. That is what Vista has implemented and it does not prevent the machine from being compromised.

Re:It Could Be Rising Tech Really Is Malicious

[Ravon Rodriguez]

Like it or not, people have to use Windows. You may get away with open source substitutes for a lot of applications, but the fact is that it's extremely hard (or even impossible in a lot of cases) to run most games using something like Wine or Cedega. Not to mention that even Ubuntu, hailed as the easiest used implementation of Linux to date, is not quite ready for the grandmother test. So, while it may not be ideal to use a Windows system, it's necessary. That being the case, it also becomes important to keep a good virus database to thwart the fucktards who like to make life miserable for the rest of us.

Did you read it?

[www.sorehands.com]

It refers to the lawsuit [interfax.cn] that was filed on May 19th.

lso, anti-virus software on Windows is so invasive that running two different scanners at the same time is just plain crazy. I imagine root kits and virus scanners do a lot of the same things. They all make a total mess of your OS. And not being a monopoly, I can't see how Kaspersky has an obligation to play nice with others.

I agree, mostly. To have multiple anti-virus or spyware packages running resident is nuts. Running Norton is nuts too.
But running multiple scanners (different times) is not nuts.

Anti-virus software has to have information regarding virii and a package may pick up on it. There are some virii and trojans that use a modified version of Kaspersky to prevent competitors from infecting the same machine.

Re:Why only Kaspersky?

[thegnu]

I've seen Spybot take years to fix false positives that have been brought to their attention.
By "Spybot," do you mean "Patrick Kolla?" I know now he's got help, but how many years ago did these "years" occur?

Plus, it's still part of THE best passive/manual protection you can get:

1. Spybot w. Hosts list & immunize
2. Spywareblaster
3. IESPYADS
4. Firefox
5. WRT54G
6. Merijn's BugOff

I know a router probably isn't really passive, but to the PC it is. Oh, and besides the router, this is all free. My 2 cents.