5323397
story
Comments: 185 +- IT: AVG Update Breaks iTunes on Saturday July 25 2009, @07:20PM
Posted
by
kdawson
on Saturday July 25 2009, @07:20PM
from the one-man's-virus-is-another-man's-music dept.
from the one-man's-virus-is-another-man's-music dept.
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
background: url(//a.fsdn.com/sd/topics/topicmediaall.gif); width:73px; height:59px;
media
background: url(//a.fsdn.com/sd/topics/topicapmedia.gif); width:50px; height:61px;
applemedia
nate_in_ME writes "After getting a positive from the AVG virus detector while playing music on iTunes just a few minutes ago, I did a bit of research. It appears that AVG has recently pushed an update to the virus definitions that flags every iPod/iTunes related file as being infected with the 'Small.BOG' trojan. Interestingly enough, AVG does not have any information on this particular virus in their virus encyclopedia. Discussion on the Apple forum is up to 4 pages and climbing. One user there had an interesting thought: 'Maybe Palm has some shares in AVG...MUAHAAAA!!' (on page 3)."
Related Stories
One person's error is another person's data.
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.
AVG is doing its job (Score:4, Funny)
It spreads like wildfire and everyone has it.
Re:AVG is doing its job (Score:5, Funny)
My wife has New Kids on the Block CDs still. I'm terrified I'll catch something from her.
Parent
Re:AVG is doing its job (Score:5, Funny)
No, you're safe. I know from personal experience...I haven't caught anything from her yet.
Parent
Re: (Score:3, Funny)
No, you're safe. I know from personal experience...I haven't caught anything from her yet.
I take it your sudden taste in Celine Dion is unrelated?
Re: (Score:3, Informative)
More like "bad software is a virus" - have you looked at iTunes on a Windows system? Yeeech... >_<
np: Orbital - The Naked And The Dead (2Orbital (Disc 2))
Update (Score:5, Interesting)
Re: (Score:3, Funny)
iTunes - - - normal - - - iTunes - - - normal
I just don't get the connection.
Re:Update (Score:5, Informative)
Yeah, AVG had a false positive on friday, several users submitted false positive reports, and the updated virus definitions yesterday fixed the problem. Nothing to see here, move along.
Parent
Conspiracy! (Score:5, Interesting)
It's a conspiracy! Or... maybe it's just that the definition for the virus in question was rushed out the door without adequate testing. How many new viruses are reported each week again? They probably don't "beta test" their definitions, and just do it in a lab. Oops. The lab machines didn't have iTunes.
Re: (Score:2)
I wonder if lab machines are just like, fresh Windows/OSX installs or if they have real-world-use programs that many people have, like AIM, iTunes, etc.
Re: (Score:3, Interesting)
Perhaps. iTunes also uses a bunch of highly obfuscated code with anti-reverse engineering protections, which probably increases its odds of being detected as suspicious.
Re: (Score:2, Funny)
Re: (Score:2)
Fair enough, but rating should be weighted in a meaningful way.
A new app with 1 person rating it 1 or 5 stars shouldn't count as much as 1,000 ratings of 4 stars.
Re: (Score:3, Funny)
Well, and your post is completely Troll. But it's okay, this is /. so we learn to live with that sort of thing.
Had This Problem Myself (Score:5, Informative)
It does not appear to flag "every" file related to iTunes, it is just the iTunesMiniPlayer.dll.
The workaround is to disable the real-time scanner.
However their latest update had fixed it, and my real-time scanner is running again without problem.
Re:Had This Problem Myself (Score:5, Insightful)
"The workaround is to disable the real-time scanner."
Or switch to a better AV product. For a while I was satisfied with AVG, but gave up after other false positive problems with it. Avira does a better job (check out http://www.av-comparatives.org/ [av-comparatives.org]) and still has a free version.
Parent
Re: (Score:2, Interesting)
I tried Avira on two computers two months ago, and on one it was constantly trying to access the floppy drive, and that seems to be a known problem.
I'm not going to bother installing it on my other computers to see if it works, I'm going with NOD32.
Re:Had This Problem Myself (Score:4, Informative)
Or switch to a better AV product.
I loved AVG for a long time, but since 8, it has been a resource hog and has added a bunch of crap I don't want and keeps asking me if I'd like to pay and keeps throwing up false positives.
I just got rid of it the other day.
Parent
Re:Had This Problem Myself (Score:5, Insightful)
"The workaround is to disable the real-time scanner."
Or switch to a better AV product.
Or a better media player. iTunes on Windows is superior only to Quicktime on Windows. Both are (in terms of usability) inferior to... well, pretty much everything else.
Parent
Re:Had This Problem Myself (Score:5, Informative)
I like Avast quite a bit. It's generally fast, problem-free, and stays the hell out of the way.
Or at least, it stays out of the way once you do a few things to it:
Tell it to turn off all sounds and notifications of normalcy. And to automatically accept all new program and definition updates. And to never to bother to ask to reboot the computer (it's a Windows desktop -- it'll be rebooted soon enough for othe reasons, anyway).
After that, it just sits quietly on the taskbar unless things go awry somehow.
Parent
This is a problem with AV in general. (Score:5, Informative)
I work at a AV vendor (not one of the big ones), and false positives are a big problem. Essentially there are two issues. First, how severe is the threat? You might skimp on your validation process in order to get something out sooner. Second (and much harder to resolve), there is effectively an infinite amount of software out there; on top of that, there may also be many different versions (iTunes 6, 7, 8, point releases, etc). You try to do the best you can, but shit happens because you can only test against so much software.
Haha, good (Score:5, Insightful)
iTunes is about as useful as malware. If someone would only write a simple drag and drop app for the ipod touch that didn't require jailbreaking....
Seriously does anyone else have issues with how convoluted it really is to add mp3 files to an ipod touch? Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing. Hit sync a few times and agree to all your old settings being overwritten (when all it really does is update). A $10 mp3 player allows me to right click and say "Send to..." Fuck you apple.
Re:Haha, good (Score:5, Funny)
"iTunes is about as useful as malware."
The ghost of Steve Jobs rattles his chains at you. (oooooohhhh...)
Yes, he is dead. Apple built an animatronic replica to placate shareholders.
Parent
Re: (Score:3, Funny)
Re:Haha, good (Score:4, Informative)
I have too much music for simple drag and drop to be useful. I like iTunes' smart playlists, which effectively give me a query language into my music library. If you do just want to drag and drop, tell iTunes that you want to manage the music on your iPod manually. You'll still have to use iTunes, but you'll be able to drag stuff on and off the device.
Parent
Re: (Score:2)
I didn't say anything bad about any other music players. They could be great for all I know. I was simply pointing out that managing a music player's contents manually doesn't scale well with large music libraries.
Re: (Score:3, Informative)
I didn't say anything bad about any other music players. They could be great for all I know. I was simply pointing out that managing a music player's contents manually doesn't scale well with large music libraries.
But at least foobar2000 lets me fill my iPod without ever having to use the abomination that is iTunes... what's not to like?
np: Orbital - Sad But True (2Orbital (Disc 2))
Re: (Score:2)
Have you actually used iTunes? You don't need a "special playlist" if you're manually managing your music. The music doesn't become unsearchable on the iPod, either - you still get Genre/Artist/Album grouping. You can create a playlist and tell iTunes to sync only that playlist, but if you do this, the "special playlist" is your own creation. If you don't want to copy the music into iTunes, turn off "Keep iTunes Music folder organized" and "Copy files to iTunes Music folder when adding to library" - the
Re:Haha, good (Score:5, Informative)
Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing.
In iTunes Preferences: Go to "Advanced". Uncheck "Copy files to iTunes Music folder when adding to library". iTunes will leave your files where they are and just index them.
Personally I like the way iTunes organizes my music and keeps the actual files out of my way, but YMMV.
Parent
Re: (Score:2)
It's a checkbox in the Advanced preferences. And you can see why they start with it turned on -- people who don't understand the filesystem would get *seriously* confused when they deleted some Blankety-Blank folder that they didn't remember creating in their My Documents folder and suddenly music disappeared from iTunes. Plus, it's easier to keep metadata (covers, for example) in the same location as the music, since otherwise you coul
Why the heck is this news? (Score:5, Insightful)
Seriously.
Anti virus software has been breaking stuff for more than a decade. There will always be false positives, and there will always be stuff that hasn't been tested, thought about, and so forth.
Of course, now, after this incident, they'll add a unittest to make sure that this exact thing doesn't happen again, and maybe add some for other music services. But hey - this is NOT something that should be thought of as wrong, foolish or whatever. These things *happen*.
Anti-virus software has signatures, heuristics, and so forth. It'll be wrong from time to time. It's actually just business as usual.
So, why is this news?
Re:Why the heck is this news? (Score:5, Interesting)
So, while those of us here may know all about how common false positives, etc. are with AV software, reading through the now 20+ pages on Apple's site shows that the majority of iTunes users don't have the knowledge that we do.
Parent
Re: (Score:2)
It's news because it horribly breaks iTunes, and (last I heard) causes re-installation to fail.
Of course, that's only if you believe iTunes isn't horribly broken to start with ;-)
Nothing to do with shares (Score:2, Interesting)
No Surprise (Score:4, Funny)
That is the case for ~99% of the viruses in their "encyclopedia".
A false positive is front page news? (Score:2)
Anti-virus programs have false positives all the time over stupid shit.
1 - Inherently, an anti-virus can only scan against a database of known problems. New problems won't be detected.
2 - It has been demonstrated that it is VERY easy to spoof detection.
3 - AVG did far worse recently when the firewall portion of their full internet security suite installed drivers for each network connection you had. Said drivers would cause Windows to BSOD. The only solution was to uninstall AVG. I assume that would be a bi
Re: (Score:2)
Tell that to Mac users back in the System 6 and 7 days, who had access to a free antivirus program which detected suspicious behavior.
This is different from an anti-virus scanner.
What do you mean? Link?
Are you incapable of using Google? Heck, many virus scans can be fooled simply by padding an executable so it doesn't match a hash.
Nah, nobody runs that shit.
AVG must be out of business if no one runs their commercial product.
Way to contradict your point #1.
I'm discussing two different types of apps. Please attempt to follow the discussion.
I have about reached my limit of frustration with Linux, because I use a laptop.
My wife uses Linux exclusively on her laptop. She has done so on her past couple of laptops over the years with ATI and Nvidia graphics.
I've never needed to reboot to activate a second
Re: (Score:2)
I'm sure the grandparent is gonna really want to try your link when it says UNSTABLE right in the filename. ;)
Re: (Score:2)
It is a weekly snapshot build. That doesn't mean that it is actually really unstable. I run weekly snapshots of KDE 4.3, OpenOffice, Firefox, wine, etc. from openSUSE repositories.
Re: (Score:2)
This is a stupid thing to say, and you are stupid for having said it. Lots of software still requires that you be administrator.
In that case you have four choices.
1. You explictly trust it and run that specific application in admin mode.
2. You run it in a virtual machine.
3. You run it in a sandbox (I like sandboxie).
4. You don't run it and use something else.
In fact, I would go so far as to say that this applies to even non-admin mode. All applications should be run in a virtual machine or sandboxed unless they are explicitly trusted. These are things that any modern operating system should be able to handle (not that any do by defa
why is AVG still a major player? (Score:4, Informative)
AVG turned to fucking donkey shit after 7.5. it blows my mind people still use it. the company treats their end users like idiots, their software behaves like the malware it claims to rid your system of, and eats up a shitton of resources to boot
yet it still seems to be one of the most popular free scanners, if not the most. I don't get it
it's hard to find a decent free antivirus that doesn't nag or suck these days. iirc Avira had nag screens, and a ridiculous amount of false positives. the least crap one I've used seems to be avast!. it seems to detect a decent amount of viruses, keeps out of the way, and and doesn't eat up a lot of resources
McAffee/Norton Syndrome (Score:5, Insightful)
Parent
Re: (Score:3, Informative)
The problem is that there is momentum. Finding a trustworthy AV program on your own takes some savvy, because there are a lot of shady operators that spam the google index with shady products. They might look legitimate, but a tech savvy person, they might stumble across a trap.
Personally, I thought Avast was kind of annoying. Except for 8.0, I really haven't had much trouble with AVG. It was with 8.0 that I tried some others, AVG 8.5 seems to work just fine now.
Wise choice? (Score:2)
Maybe it rightfully flags DRM files. Maybe they also include a rootkit. At least it would make sense to me, if their heuristic would detect sneaky encrypted files looking like normal music files.
Avastly superior antivirus... (Score:3, Interesting)
Trust Issues? (Score:2, Informative)
False positive on a DLL? That is nothing ... (Score:5, Interesting)
False positive from a DLL? That is nothing ...
How about TrendMicro giving a false positive [baheyeldin.com] on a valid PHP plain text file that is part of Drupal [drupal.org]!
Damn! (Score:3, Funny)
Re: (Score:2)
Slashdot can be a lot of things (Score:3, Informative)
Not only is the joke topical (in the sense it's related to another recent story) but it's made clear that it's a joke by keeping it in context (...MUAHAAAA!!).
You sir, FAIL.