Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
IT

Unsticking Yourself From Your Security Application 97

Ant writes "In Scott Dunn's Windows Secrets, he describes his informal tests of well-known computer security vendors when it comes to subscriptions and renewals. These days, most antivirus and other security products come with a subscription to update your virus definitions. He also explains ways to opt-out, users' comments, etc. Seen in EGeezer's Broadband/DSL Reports security forum thread. Always read those end user license agreements (EULAs)."
This discussion has been archived. No new comments can be posted.

Unsticking Yourself From Your Security Application

Comments Filter:
  • by StonyCreekBare ( 540804 ) on Sunday May 20, 2007 @09:33AM (#19198111) Homepage
    Maybe I'm an old stick in the mud. But I've had far, far more trouble CAUSED by most of these applications than I've seen prevented.

    When I get a new computer, the first thing I do is Nuke ALL of these things from the hard drive. I also tell Windows not to auto update. Never had a virus or infection.

    I do keep my machines behind a double firewall, and I do use the default Windows firewall in XP, or the free ZoneAlarm on my older machines.. And I do frequently scan using one of the many free adware and virus checkers just to be safe. But perhaps most importantly, I'm really, really careful about opening email attachments and what web sites I go to. As for the updates, occasionally I go to Windows update and review the "fixes" and install those that look interesting or benign.

    But Symantec, Norton, McAfee and the like I do not allow anywhere near any machine of mine, and I heavily discourage friends and family from using them.

    Safe computing is NOT blindly installing some "security package" and going to sleep.

    Stony
    • Re: (Score:2, Insightful)

      Nice work staying consistent by installing ZoneAlarm!
    • Re: (Score:3, Funny)

      Windows Firewall? never had a virus? you're obviously not a fan of pr0n.
    • Re: (Score:3, Insightful)

      It's a fine policy, but let's just say I wouldn't recommend it to my parents...
      • Re: (Score:3, Interesting)

        by Aladrin ( 926209 )
        Exactly. This software isn't for the tech-savvy. It's for all those people that don't even understand what a firewall does. Those people need an automated click-n-go solution for their security. Unless they've got tech-savvy family, and then it's handled for them anyhow.

        For the record, I use AVG and a properly configured firewall, and I haven't had a virus or spyware on my Windows system for years.
      • by StonyCreekBare ( 540804 ) on Sunday May 20, 2007 @10:05AM (#19198317) Homepage
        Well, I have agonized over this point.

        Last year I set up a system for a newbie, a retired history teacher who didn't know a browser from a word processor. He had used the web a little under the school IT umbrella, but was mostly clueless. Not exactly my parents, but close.

        After spending several hours explaining malware, adware and the like to him, and cautioning him about what to avoid, I nuked Symmantic and it's relatives.

        A year later, he is computing along nicely, no viruses, no problems.

        Shortly after, I set up a computer for my daughter, a 30-something who is fairly computer literate, but not exactly an engineer, if you get my drift. She insisted on installing the full suite of security protection. When I tried to give her some pointers about safe computing, I got that glazed look and a "yes dad I know how to use computers"

        Three times in the last year, I have had to "fix" her machine. Two other occasions I had to fiddle with her firewall as it was blocking something it shouldn't for no reason.

        Give me a clueless newbie who will listen and nor Norton every time!!!

        Stony
        • Re: (Score:3, Insightful)

          by Mistlefoot ( 636417 )
          I bought my parents a pair of mountain bikes. They ride the paved trails in my town and have never had any problems. Not even a flat tire. No bent rims, skinned knees at all. The bikes I got them were low end $300 models with no shocks or anything. They do, after encouragement, wear there helmets.

          My nephew, on the hand, spent $2200 on his fully loaded rider complete with front and rear shocks. He also invested in a high end helment, gloves and other top notch equipment. He has bent at least 3 rims an
          • Re: (Score:3, Funny)

            by iminplaya ( 723125 )
            Abusing yourself with a mountain bike is much more fun than abusing yourself with Nortons. There's just no adrenalin rush in watching a computer slowly sink into the morass. On the other hand your nephew will pay the price by the time he turns 60 and all those old injuries come back to haunt him. Hehehe.
          • by aedan ( 196243 )
            Helmets are about as useful as Norton for road cycling:

            http://www.cyclecraft.co.uk/helmets.html [cyclecraft.co.uk]
        • You have the patience to spend several hours to explaining malware? I'm surprised you found someone that's willing to sit there that long and listen to someone drone on about it.

          I don't have a problem with firewalls, Norton & McAffee are the problem ones. There are a few good free ones that have done me pretty well. I don't understand why Windows firewall is somehow good enough.
          • I didn't say Windows firewall is good enough. I said I put any machine of mine behind a HARDWARE firewall, or in my personal case, two of them with a DMZ between them. Then I use Windows Firewall as "belt and suspenders" additional security. Or Zonealarm if an NT (yes I still have NT) or other old machine.

            When I set up systems for friends I always use a HARDWARE firewall as well.

            NEVER, NEVER connect a naked machine directly to the net. NEVER!

            I do keep a couple of old disposable laptops around for when a
            • NEVER, NEVER connect a naked machine directly to the net. NEVER!

              That only applies to cheap commodity hardware and software. The only absolute thing to say about that is that commodity equipment has no business in critical applications, such as banks, hospitals, air traffic control, medicine, etc. to the point where it probably should be outlawed. It is just too fragile, and the kludges used to beef it up aren't worth the costs...unless one places a very low price on human life, which is what a company does
          • by Andrew Kismet ( 955764 ) on Sunday May 20, 2007 @11:19AM (#19198807)
            Parent: I'm surprised you found someone that's willing to sit there that long and listen to someone drone on about it...

            GP: ...a retired history teacher...
            • I have a very nice and entertaining class I put together years ago. They are not bored, and when they're done, they've actually learned something.

              I've given it countless times in the corporate setting and found it very effective. Been doing it in one form or another since the 1980's. Yes, before the web. Ever read Cuckoo's Egg? I was there.

              Stony
              • Would you be willing to share this class that you've created?

                I'm an officer in the CS club at the university I attend, and part of what we do is education about safe computing practices. It's a pretty small part right now, but I'd like to expand our efforts in this area, and I'd love to use/adapt something that's known to work well.
    • Re: (Score:2, Informative)

      by Flibberdy ( 780254 )
      I agree with you on the front of not downloading useless 3rd party applications (User education is paramount to stopping malware) but not installing Windows updates is completely ridiculous. Sure, waiting for bugs to be ironed out is one thing, but leaving your already flaky copy of Windows with unpatched vulns is ridiculous.
      • Re: (Score:3, Informative)

        I didn't say I leave it unpatched. I just don't allow Microsoft to decide what patches I need or when I need them.
      • Unfortunately, not EVERYONE is on broadband, and for dial up users, the bandwidth taken up by Windows Update can deeply irritate browsing habits. Also, I find that when on a dial up connection, you end up many months behind the current updates, with the lag getting greater as time goes on, as the updates are downloaded so very slowly. Then there are those glitches which need to be fixed by six other updates, all a long time time to wait on dial up, especially if your PC starts to crash because of the prob
    • Re: (Score:1, Insightful)

      by Anonymous Coward
      But perhaps most importantly, I'm really, really careful about opening email attachments and what web sites I go to.

      So abstinence works for you. But that's certainly not for everyone. If you fuck around, you better use rubbers and do regular health checks.
      • I didn't say anything about abstinence. I have a ton of stuff that's not exactly appropriate for Sunday School. But I don't go to sites known for pushing malware. And when I've been to a site that I might suspect, I immediately check my system for anything untoward.

        Only nasty that got to me in the last ten years was the damn X10 adware and I quickly nuked that and refuse to visit their site again, ever. I put them in my hosts file with a redirect to the localhost.

    • by Creepy Crawler ( 680178 ) on Sunday May 20, 2007 @10:04AM (#19198301)
      I'd say that is inadequate.

      Ive got mod points, but comments are more important than mods.

      1. First thing I do is disable all call-home nags from Windows, along with setting my timeserver to something local. As a default configuration, my machine has no need to go to the net. I also free up unused services that gobble ram (desktop switching gunk).

      2. I then install any sort of device drivers that I might need. These include for me are: VNC video driver, Daemon Tools (for mounting isos and other images).

      3. Then I install AVG and run it as non-resident. I know what to scan and what not to scan, so I target objects that are questionable. I also might download a decent firewall, but I'd like something with the rulesets like ipfw or iptables. I will also get AdAware for busting the few things I might get.

      4. Lastly, I then install the utility apps. Thats my biggest time right there. Ill give a list.

      a. Open Office
      b. Firefox, Thunderbird, necessary plugins
      c. Abiword (much quicker version of "open office")
      d. portaputty
      e. XMing
      f. VNCserver (if I hadn't already installed it)
      g. Winamp Pre-AOL version
      h. VideoLAN
      i. TOR
      j. Bunch of emulators with plenty-o-roms. NES/SNES/N64/MAME/PSX sure beats 'web games'.
      k. Azureus/BitTyrant (both really good bittorrent clients and servers)
      l. Video Codecs and a hacked version of VirtualDub (watching corrupt vids)
      m. DVD shrink (for sneakernet of a vid I like)
      n. Possibly Cygwin (mainly for RSYNC and DD for tough to deal with problems). Scripting in a GUI environment doesnt work well. Instead, use VBscript.
      o. Something to read PDF's. I prefer Ghostscript.

      Thats it in a nutshell.
      • I hate to post to myself, but as Flibberdy said [slashdot.org] in a close post, I do not agree we should use Auto updates from MS.

        Well, what does MS patches do? They patch MS software. I look through my collection and most is GPL'ed and only a few are closed source. The only things MS would patch is Windows itself. Fine, I can accept that... or can I?

        What else are the patches doing? I really dont know. in Linux or other unix based systems, I know what's happening or can figure out rather fast. Also, MS has a long history
      • Re: (Score:2, Insightful)

        I use Ubuntu. Most of that stuff (or equivalent) is installed by default or a quick apt-get install (I actually use Synaptic, but whatever) away.

        I also don't have to worry about a virus scanner or anti-adware stuff (well, I do get Adblock Plus and NoScript). Thus, I don't have to worry about subscriptions or similar.

        Even if I do sometimes have problems, it still takes less time then downloading and installing all those individual components and getting them in the correct place, and fixing the "Start" me
      • For many years, all I had running in terms of security was Sygate Personal Firewall Home Edition and an up to date Windows XP. This was sitting behind a cheap Netgear Router. I only ever had one virus - and this was due to my own stupidity (With a software crack, I downloaded a file named pr0n.exe which I knew was a virus, but just couldn't help myself. =P) - the result was it destroying my network connection and I was in need of a reinstall (which I had planned to do soon anyway).

        Now I run Sygate and Av
      • Why not just install Ubuntu?

        As far as I can tell, the only thing you don't get is VirtualDub and DVD shrink. Mplayer/mencoder do a pretty good job for me...

        Oh, and winamp. But there are plenty of fine mp3 players available.

        I probably should have read the replies to your message first since this has probably been stated ad infinitum. And you probably have a fine rebuttal, but still, I don't see the point (but I'm not you I guess).

        • ---Why not just install Ubuntu?

          Good point. I have ;) Just not on my laptop.

          ---As far as I can tell, the only thing you don't get is VirtualDub and DVD shrink. Mplayer/mencoder do a pretty good job for me...

          Thats where the problems start. M* is really nice.. I mean REALLY NICE in converting and ripping any format I can watch. I love that ;) My problems start at the emulators. ePSXe and its plugins are rather old, and they dont release source. N64 emulators dont work terribly well either for roughly the same
    • Re: (Score:2, Insightful)

      by Xiph1980 ( 944189 )
      That might work for you, but you're a minority in that.

      The majority of people aren't that tech-savvy, and just click on every button, link, and attachment they can get their hands on. Installing a system like that for my folks would get them infected before they can say "wha?". The last time I reinstalled their pc, they had been infected with about 20 virusses, on 1000+ files, with updated symantec virusscanner and firewall installed.
      Never underestimate the ingenuity of human stupidity. Most of the peopl
      • Re: (Score:2, Interesting)

        And we're NOT already? And exactly how are these bloatware apps stopping it?

        Virtually every infected machine I've seen has Symantec or similar running. Improperly, true, but my point is that clueless people putting their trust in some "security suite" they don't understand and ignoring the issue is exactly the wrong prescription.

        I would be all for a "security suite" that actually worked. But in my experience, they work poorly or not at all, give a false sense of security to the uneducated, and drain your
        • This has brought up the memory of when I installed AVG on my in-law's laptop a couple of years ago (after removing the Norton crap that came preinstalled on their Vaio). A few days later, she was visiting, and was pissed off about how she kept getting pop-ups from AVG, and wanted to know how to stop them.

          I had to inform her that those pop-ups were AVG notifying her of malicious files that Norton never found. She was very upset to find out how infested her laptop was, but then she realized what was causing h
    • by Wicko ( 977078 )
      I can't count the number of people I know who are paying or have paid for anti-spyware and anti-virus software. It's truly become a market for the uninformed. Then again, if they didn't pay for some services, we wouldn't get any of them free, eg. AVG. I'm glad some people pay for their software, if they didn't, would it still be around?

      The last time I had a virus was a year and a half ago. That smitFraud virus I believe. But that was before I knew about NoScript. I haven't had a problem since, other than a
    • by doodleboy ( 263186 ) on Sunday May 20, 2007 @10:48AM (#19198617)

      Maybe I'm an old stick in the mud. But I've had far, far more trouble CAUSED by most of these applications than I've seen prevented.

      Ain't that the truth.

      I bought a couple of Dulls last year, a desktop for me and a laptop for the wife. I turned mine on long enough to ensure that it worked, then wiped the drive and installed Ubuntu. The wife wanted XP, so the first thing I installed was the Dell De-crapifier, an earlier version of the PC De-crapifier [pcdecrapifier.com]. Off came gigabytes worth of crapware, including the McAfee internet security suite, as bloated a POS as you will ever find. (Except for maybe the Norton internet security suite.)

      Then I installed the free versions of AVG Antivirus [grisoft.com], Ad-Aware [lavasoftusa.com] and Spybot [safer-networking.org]. AVG works well and is much less bloated than McAfee and Norton. Other than all the screwing around to make it stable and secure, we have never had a problem with the laptop.

      However it is annoying to have to delete tons of garbage no sane person would ever want. It is annoying that Windows is so insecure. It is annoying to have to depend on Windows Update when Microsoft uses it frogmarch their users onto new software (e.g. IE 7, WGA) that has nothing to do with security. It is annoying having to go to so many different websites for software updates.

      I have three linux boxes, 2 Ubuntu [ubuntu.com] and one Ipcop [ipcop.org] firewall. That one Windows laptop requires more babysitting than all the linux boxes put together.

      People complain about computer viruses, computer worms, computer trojans, computer instability, computer insecurity, computer crapware, computer bloatware. Et cetera.

      To that I say :%s/computer/Windows/g
      • However it is annoying to have to delete tons of garbage no sane person would ever want.


        That's why those machines are so cheap though. Dell and the like are paid by those software companies to install the "trials" and subscription based packages. I have no problems in them subsidizing my purchase. I am happy to wipe the drives as soon as I get them.
      • Why not just install the OS from scratch instead of using Dell's OEM and go from there? This is assuming you have the OS CD/DVD. I know it takes longer to find drivers, etc. I know Dell provides CDs with XP and 2K drivers a few years ago when I got a Dimension 8250 machine. I have friends who do this too.
      • "%s/computer/Windows/g"

        I'm guessing people look at you strangely after trying to pronounce that.

    • Comment removed based on user account deletion
    • I have been using McAfee since 1989, but have about had it with them. For a while, I had total confusion partially due to the fact that, in the past, at various times, I had registered two separate copies of McAfee from my one email address. They were for two separate Windows computers. Eventually, I started receiving various emails messages about needing to renew my McAfee subscription, but did not know which computer they were referring to.

      I decided to simplify the situation by switching by using only

  • Yes! (Score:2, Interesting)

    by nlitement ( 1098451 )
    Yes, better read them EULAs - you never know when you'll end up getting a $1000 reward! [yarbroughs.org]
    • I actually tried to read one of those endless scrolling EULAs.

      After about 30 minutes reading through the excessive EULA, and clicking Accept, the application timed me out and wouldn't let me "Accept", so I gave up.

      That way, you may not sign up on so many things after trying to ready the EULAs.
    • Whenever I skip past most portions of a EULA, I always fell like I might have just overlooked a terrible hidden clause such as selling my soul to the devil or something. I don't get that same feeling when I am reading the GPL license that comes with most free open-source programs. It is much simpler and more friendly sounding and comes from people that I trust. I use mostly free GPL licensed software on both my Linux computer and my Windows computer and only use a few commercial software packages.

  • Wow (Score:3, Insightful)

    by suv4x4 ( 956391 ) on Sunday May 20, 2007 @09:45AM (#19198187)
    He also explains ways to opt-out

    This is quite sad if he has to explain it. And those are the same companies that wine that Vista may make their products unnecessary, so how about leaving a hole here and there.
    • I don't think it was ever a case of them whining about vista not requiring anti-virus or firewall software, it was them whining about vista not allowing them to implement their software in the manner they chose. As for whether caving to their pressure was a good idea or not is up for grabs though. While making your product difficult to opt-out of is a bad plan in the long run (see AOL), it does appear to be an effective way to generate more revenue. Morally objectionable, but effective.
  • to opt out: (Score:5, Interesting)

    by Lehk228 ( 705449 ) on Sunday May 20, 2007 @09:58AM (#19198271) Journal
    to opt out, call and ask to be transferred to billing. tell them you revoke authorization for recurring charges. if they continue billing you call Visa and they will take care of it.
  • by Anonymous Coward
    * Can you feel free to download and run any EXE file from the net just because you have antivirus software?
    * Without antivirus software, you can still get a very very high security level by running those suspicious EXEs in a virtual machine.

    Therefore, antivirus software is one of the biggest lies in computer history, and it's sole purpose is to slow down your computer and charge you subscription fees...
    • Abso-damn-lutely!!
    • Re: (Score:2, Insightful)

      by tilde_e ( 943106 )
      Of course antivirus software keeps us safe. You must be one of those conspiracy theorists that doesn't understand how the current incumbent keeps us safe from terrorism.
    • by maxume ( 22995 )
      My antivirus software is free and has consumed about 1 minute of cpu time(on a modest, fall 2006 laptop), whereas there are over 200 hours of idle time recorded. Firefox has managed to gobble up 1.5 hours in that same period of time.

      When you are having computer problems, always remember that it does exactly what you tell it to do(I hereby resolve the 'Windows' responses to this statement by pointing out that it only runs Windows if you tell it to).
  • by mrsam ( 12205 ) on Sunday May 20, 2007 @10:08AM (#19198335) Homepage
    I have a trick I use every time I buy a limited-term subscription, or a service, if I suspect the company will try to stick me with an unwanted renewal. I just pay with whichever card I have that expires before the subscription term. I find that to be the path of least resistance. Usually I have one or two cards whose expiration dates are coming up.

    Many US credit card companies also offer a service where they give you a separate credit card number that goes to your account, but that automatically deactivates as you as you put one charge through, after which it is no longer valid. That's also one way to beat this racket.

    Then there are always a small number of obnoxious companies that supposedly renew you, bill you, and then go after you with dunning letters. I suspect that once a lot of people are on to the trick of giving them single-use charge numbers, that'll be the next popular tactic. Still, it's easier to handle that, then once your card is already dinged.
    • Re: (Score:3, Interesting)

      Actually, if the companies doing this are subscribers to credit reporting agencies (e.g. Equifax), they can cause you lots of grief in that situation. If you "agreed" to a EULA that allowed automatic rebilling and gave them a card number that wasn't good at renewal time, they have a nice hammer in the form of credit reporting: you'll need that $39.95 AV renewal collection trade line on your credit report cleared up before you buy your next car or refinance your home.

      I think the next line of defense in t

      • Actually, most of the companies simply don't renew if the card fails to authorize. Unfortunately for the GP, you usually get the same CC# on your new card, just a new expiration date, and banks will often authorize charges on the expired card. A more reliable, though onerous method would be to report the card lost/stolen, once a year or so. Although personally, I like auto-renewing, and if I forget to cancel, it's my own fault.

        A caveat for Microsoft services though. I had a MS "radio" subscription at on
      • you'll need that $39.95 AV renewal collection trade line on your credit report cleared up before you buy your next car or refinance your home.

        Why?

        At risk of sounding trollish (which I am not, really) why not buy what you can afford, when you can afford to buy it, pay for it and take it home?

        What's this rush for everyone to buy on credit and make payments forever and ever afterward? Some people are still paying for their dishwasher (or whatever) long after that appliance has died a
        • (Didn't seem trollish to me, but then, my threshold is pretty high :).)

          You make a valid point in the case of cars, but given the tax advantages and the fact that in some parts of the country, mortgage payments plus an allowance for property maintenance are about the same as rent for an equivalent property, writing off home mortgages and their associated tax and equity advantages as foolish isn't such an easy conclusion.

          In any case, I was just pointing out a hazard to one's credit file that could ensue f

        • why not buy what you can afford, when you can afford to buy it, pay for it and take it home?
          Are you referring to buying a house or car on credit, or a dishwasher?

          In the case of a dishwasher, I agree with you. But in the case of a car or (especially) a house, I disagree.

          I won't waste time explaining why if I'm preaching to the choir, but if you don't understand why, let me know and I'll explain.
  • by cicho ( 45472 ) on Sunday May 20, 2007 @10:13AM (#19198359) Homepage
    A way to stay relatively safe is to use a dedicated card. Here in Poland banks with online presence will supply you with what some call an "e-card". It looks like a Visa and is recognized as a Visa when you buy stuff online, but:
    a) it can ONLY be used for online transactions (it does not double as an ATM card)
    b) the card has its own virtual account with the issuing bank. You need to transfer money from your main account to the card before you make a purchase. Doing go takes authentication and a couple of clicks.

    Yes, it takes a minute or two more, but no-one will be able to charge you repeatedly, and any loss due to fraud is limited to the amount you charged the card with. If you suspect anything untowards, you can clear the card with a single click. As a side effect, it helps prevent impulse buying, since it adds that additional step.

    You could, of course, charge the card with a hefty sum and keep it over a long period, which would cancel much of the protection, but that's like installing a virus scanner and then running it disabled. In addition, if you charge the card in excess of about $1000 (depending on the bank), the transaction must occur within three days, otherwise the amount automatically reverts to your main account and the e-card is cleared.

    There is a chance that a seller will coincidentally attempt a repeat charge just when you have charged the card for an unrelated purpose, but the likelihood of that is small, reduced further by the fact that an e-card is valid only for a year. It is re-issued annually (at no cost or at a minimal charge) with the same number but different expiration date. So a vendor from whom I am buying today will not be able to charge the same card next year. (If I do want to give them that option, I can always use my regular Visa - but I've never had to in six years.)

    I don't know if US banks provide this kind of service as a rule; if they don't, you guys should raise bloody hell. It goes a long, long way to keep you safe, and will prevent any underhanded attempts like these.
    • Some US Banks offer a temp number - but I think it depends on what debit card company the bank uses, and what services they opt into. My bank doesn't - but they also don't nickel and dime me on every transaction, so it's a good trade off. I did find an alternative though:

      PayPal offers a Mastercard "debit" card. I only put money in the paypal account when I plan on buying something online that don't specifically take PayPal. It's a credit card to the company accepting it, it's a debit card without ties to a
    • by gaggle ( 206502 )
      So they make it more difficult for everyone because a few people have to be prevented from doing stupid shit? Is that about the gist of it?

      How about you let me have my VISA compatible, online purchase compatible, "I get all the money back if I get hit by fraud", "charges straight into my main account so there's no hassle" card, and I'll let you use your wonderful card that injects several steps between you and whatever boogie men you're so afraid of. Sounds like a deal?
    • Re: (Score:3, Interesting)

      by DrXym ( 126579 )
      A way to stay relatively safe is to use a dedicated card. Here in Poland banks with online presence will supply you with what some call an "e-card". It looks like a Visa and is recognized as a Visa when you buy stuff online, but:

      Ireland has something similar called 3V which is supposed to be an online-only Visa card that you top up. So in theory you can use it without fear that someone will run up huge bills or cause you hassle trying to get a card reissued. The only problem (and this is a massive problem

    • by nateb ( 59324 )
      ... an e-card is valid only for a year. It is re-issued annually (at no cost or at a minimal charge) with the same number but different expiration date.

      Take it from a retailer (me), correct expiration dates are not required to authorize a credit card.

  • MMPORGs do this too (Score:3, Interesting)

    by DrXym ( 126579 ) on Sunday May 20, 2007 @10:35AM (#19198509)
    I bought The Lord of the Rings Online. A good game, but has the same extremely irritating automatic subscription behaviour. The very first thing that happens after you activate your game is that it asks you for your credit card and what plan (monthly, three monthly etc.) you wish to subscribe to. At no point did I see an option such as "No thanks, I just want to use the 30 days I got with my purchase", at no point did I see a checkbox that says "I will manually renew each month". Once you activate you're set up with automatic renewals whether you like it or not.

    I normally cancel my sub as soon as I've gone through all the bother of signing up for it. But it's still extremely annoying and insulting that any company does this. Codemasters are not alone here. All it does is make me less inclined to renew than if they just let me choose myself.

  • by Anonymous Coward
    That's how I handle subscription services when I want to try them out. I just generate a temporary credit card number for x months, good for the amount I need to cover that timeframe, and use that. Once the time is up, no more autorenewals, no cancellation hassles, no fuss, no muss. They can't bill me anymore, so they ax the subscription. If I find something I want to stick with, I change my billing to a permanent card before the temporary card dies.

    I imagine you could also do the opposite if you become dis
  • by rueger ( 210566 ) on Sunday May 20, 2007 @10:47AM (#19198605) Homepage
    Having actually read TFA, none of these companies make it that hard to know that your credit card charge is recurring, although two place that information in the EULA.

    I wouldn't consider myself mis-led by any of these products, and actually would have assumed that when I purchase a "subscription" it will be renewed annually using my credit card information.

    Most absurd though was the author's complaint that he wasn't immediately offered an option to suspend the use of his credit card info for renewals, but still have the service remain live.

    After your purchase, you can go to Microsoft's Billing and account management page and sign in with your Windows Live e-mail and password. There, you can click on the service you purchased (Windows Live OneCare) and see links for complete cancellation of the service itself. But nowhere is there information on simply canceling recurring credit-card charges.
    Lord folks, do we really need to go this far to find something to complain about?
    • Most absurd though was the author's complaint that he wasn't immediately offered an option to suspend the use of his credit card info for renewals, but still have the service remain live.

      I've run into this multiple times, and it pisses me off every time.

      If I buy six months worth of a service, I've already paid for ALL SIX MONTHS. If I decide that I don't want MORE THAN six months, that doesn't mean I want you to rip me off for the remaining three months I've paid for.

      This is not just annoying, it's a scam.
      • by rueger ( 210566 )
        What's wrong with adding a note in your calendar to log back in at 5 months and 29 days to cancel? Jeez, how helpless are people these days?
        • What's wrong with adding a note in your calendar to log back in at 5 months and 29 days to cancel? Jeez, how helpless are people these days?

          How sleazy and dishonest do you have to be to not provide such a simple and basic form of customer-service as "Do not renew" feature without terminating the service? I realize that "customer-service" has been dead for about 10 years now, and is a foreign concept for most software/hardware users these days, but it is sad that you're apologizing for it. Your computer is

        • What's wrong with adding a note in your calendar to log back in at 5 months and 29 days to cancel?

          What's wrong with NOT STEALING?

          If I've paid for six months of service, I've paid for six months of service. The fact that I can come up with a workaround that should keep from getting ripped off for the remaining three months, albeit with a risk of getting charged for another six months, doesn't justify ripping me off.

          You might as well say it's OK to steal my car if you can get away with it.

          (and before you get
    • As somebody who has both bought and dropped OneCare (bought because I beta tested it and got a good deal on a subscription, dropped because when they wanted to charge me the full rate the next year I said no) I can definitely say the only downside of the service is that you need to call the 800 number - you can't unsubscribe online. Having said that, the service was very prompt, the closest to no-questions-asked that I've ever seen, took almost no time, and while I had already uninstalled the application by
  • "Problem is there isn't enough backlash from consumers to change this rotten practice."

    Darn tootin'!! Subject closed.
  • by Anonymous Coward
    I mostly use software licensed under the GNU General Public License, so I don't have to read EULA's and stuff.
  • I use Avast [avast.com] for my anti-virus/spyware needs and, for home use, it is absolutely free. Not only is Avast free, but it has a lower memory footprint than McAfee, Symantec, Panda, and others. Unlike the aforementioned, I do not notice any appreciable performance changes. I remember trying McAfee and my system became less responsive. Thus far, Avast has stopped everything thrown at it.
    • by k3vlar ( 979024 )
      Avast! has the most god-awful user interface imaginable, and their alerts are terrible. I can't rate it on it's ability to catch viruses, since I haven't been able to use it for more than 10 minutes without un-installing it. I'd rather stick with AVG Free [slashdot.org]. At least that app doesn't insult your intelligence with garbage UIs and terribly compressed generic female voice clips.
  • by jimicus ( 737525 ) on Sunday May 20, 2007 @12:30PM (#19199199)
    It is 2007.

    Virtually every company out there has a website, some means of emailing its staff, and where they provide a service to the general public, a published telephone number to contact them. These "automatic subscription" security services are a prime example.

    Why, then, is it quicker and easier to write a letter to the head office to get something done?

    I can dash out a letter saying "thanks for the service, now please cancel it" in 10 minutes. I can get it stamped and posted in another 10-15 minutes. That's 25 minutes, after which I don't have to worry any more. If I really think the company I'm sending the letter to is going to try and screw me, I send it recorded delivery and I then have proof of receipt once they get it.

    Compare this with spending 20 minutes on hold being told that "my call is important", 10 minutes explaining that I want to cancel to some call centre drone who's not allowed to deviate from their script (and whose script doesn't include a "Customer wishes to cancel" section), another 10 minutes on hold after my call is transferred to the "right department", the line being cut off as soon as it's answered, then calling up again to spend another 20 minutes on hold before finally giving up.

    Alternatively, email them (or use the form on the website). Of course, the form offers a drop-down to select which department to send the message to, but it's not clear which department you need to cancel so you send it and hope for the best - much the same as you did when you pressed 3 for customer services with the call centre. Only instead of waiting on hold for 20 minutes you wait for 3 days only to get a reply saying "you've emailed the wrong department". If you're lucky, they have the good grace to forward your email to the right department, which then completely ignores your email. You're pretty certain the right person's got it, but you've got no hard receipt and blaming the technology is so easy these days that nobody will bat an eyelid if someone claims "not to have received" your email. Certainly pointing out that emails seldom just disappear into computer land never to be seen again won't help you.
    • by rueger ( 210566 )
      I can dash out a letter saying "thanks for the service, now please cancel it" in 10 minutes. I can get it stamped and posted in another 10-15 minutes.

      You forgot to add a half hour to go and buy stamps because you haven't actually mailed anything in an envelope for the last eleven months.

      Here's a poll idea: How many Slashdot users actually know what the current first class postage rate is for their country? I don't.
      • by jimicus ( 737525 )
        Not really, I can buy a single first-class stamp from my local shop which is only a couple of hundred yards from where I live.

        Perhaps I'm lucky, living in the UK rather than certain parts of the US where you seem to get funny looks if you cross the street on foot rather than driving.
      • Eh? I pay for very nearly everything "significant" by cheque, and in at least 50% of those cases, I mail that cheque. Power, natural gas, phone bill, all of that -- I get a bill in the mail, I put a cheque in the mail.
         
        Am I really a dinosaur?
      • You forgot to add a half hour to go and buy stamps because you haven't actually mailed anything in an envelope for the last eleven months.
        How hard is it to walk down to the servo or a post office to buy a stamp? You're already walking down to the letterbox, so it's not that much longer anyway (or at all if you go to the post office).
  • Tell me about it! (Score:3, Interesting)

    by Karl Cocknozzle ( 514413 ) <kcocknozzle@hotm ... inus threevowels> on Sunday May 20, 2007 @01:52PM (#19199767) Homepage
    From my perspective, the biggest problem with security applications is the licensing... The contracts are rigid, inflexible things. You buy in increments the vendor dictates--no more, no less. You are steered to the suites as a way to "maximize the value of your investment"... true, the software is sold a la carte, but the prices... They're so high you could buy the whole suite for "not that much more."

    And the "premium support" that we've gotten hasn't really been great... Yet it is usually touted as the chief reason to buy a suite by anybody touting the monolith of security applications from Vendor X.

    I had a specific incident with a security vendor's SMTP Gateway/AV/Antispam software earlier this year where we tried to get the "new and improved upgrade" version up and running and after troubleshooting our test server for about 2-hours with their support staff we told them in-passing that the 2nd NIC hadn't been installed when we setup the server, we had added it and then installed drivers after the fact to support the funky way it handles send/receive and reconfigured thinking it would be no big deal. The manual does not specify that its a problem, so we just installed it and moved forward. When it still couldn't send mail with the new NIC in place, we took extensive troubleshooting steps, then uninstalled/reinstalled the software to try and get it to recognize it. This didn't work either, and led to the support call after a few more things were tried...

    "Oh," says the support guy. "Then you'll have to reinstall the whole OS and start over with both NICs already in place."

    Not just the software... the whole OS--he says that "our uninstall sometimes fails... It is just safer to redo the OS." SO I ask him--what happens if a NIC fails in a server? If the vendor sends the same hardware to me and installs it, will the software function? "Probably not"--I'm told. Effectively, they've released a bunch of OSS tools but they've failed to do anything besides kludge them together in one web-interface. "Any" change to the hardware will require you to reinstall the software... possibly the OS if it doesn't work after re-install.

    This is a part of the solution that we've paid about $30k for... It's the worst value I've ever seen... Other parts of this "enterprise suite" are just as wonderful, if not more so. So I've finally gotten support to go a la carte for better spam control... I'm buying a Barracuda ASAP to replace this clunker...everybody I know who uses one says after it learns your white-list it just sits there and sifts mail quietly with very-few false-positives and no problems. We finally got this anonymous security vendors "product" into a state I would call "operational," but the spam protection is not as good as the "older" version that it replaced. We now hear complaints every day about how much more spam is getting through...

Your own mileage may vary.

Working...