The Only Thing Worse Than Viruses…
Our CTO once said:
“The only thing worse than viruses — is virus protection software. And the only thing worse than virus protection software — is free virus protection software.”
So true. The most frustrating bug reports we get at Newsvine are the seemingly random ones. We’ll get a cluster of reports from people who all of a sudden can’t vote, can’t comment, or can’t perform some other necessary function. And none of the bug reporters seem to share common characteristics like what browser they are using, what proxy they are behind, or anything else. On more than one occasion, the common thread has turned out to be that they had a certain anti-virus or “internet security” product installed on their machine. The havoc that some of these programs wreak on HTML, javascript, and general HTTP connections is astounding to me sometimes.
I remember one instance where one of our image calls was to a file called “poke.gif?ad=whatever”. The image was not a decorative element but a functional element which was necessary for dealing with our transactional logs. It took days to figure out that the mere use of the word “ad” caused Norton to block the request completely. If we changed the word “ad” to “glad” the problem was solved. And even more paradoxically, if you just put an ampersand in front of the word “ad”, that also solved the problem. Simply maddening, although it was a frustrating enough episode to at least plant a little bug in all of our heads about virus “protection” software: if you’re trying to squash a bug that seems illogical or isn’t easily reproducible, always consider that it could be because of a user’s security software.
Last night, I was trying to debug a problem with Newsvine’s new commenting system with a user who was having issues, and it turns out he is using “CA Internet Security Suite” which came free with his RoadRunner broadband service. I downloaded this thing and installed it into my Windows XP instance running inside of VMWare Fusion.
Oh my god is this software bad. The first thing it does after it installs itself is to run a scan on my system. It then gives me an extremely alarmist dialog box telling me my system has been “infected with 36 instances of spyware”. It lists the spyware inside the dialog box. All 36 pieces of “spyware” are actually just harmless (and functional) cookies from places like Newsvine and AT&T. Just for kicks, I hit “Remove” and of course it prompts me to spend $70 for the full version just so it can clear my cookies. Brilliant.
So then I open up a web browser and I notice that the CA software is now checking every single server call the browser makes against its database of “safe” and “unsafe” sites, slowing the browsing experience down to a crawl.
And then, just for kicks, I try to visit my Newsvine page at http://mike.newsvine.com, and here’s the dialog box I get:
Blocked from my own site! Because it’s a “dating site”! Ridiculous.
We haven’t resolved our problem yet with the commenting system, but something tells me it has something to do with this stuff.
Having used a Mac for the last 24 years, I’ve just never really had to use anti-virus software. It’s a rude awakening seeing how the other half lives, in this case. If I used Windows on a daily basis, I think I’d opt not to use anti-virus software at all and instead set up automatic restore points once or twice a week. VMWare Fusion lets you do restore points automatically which is really nice. If I happen to contract a virus one day, I can just roll my machine back a few days and get rid of it.
Much better than having the Norton/CA gestapo stomping on my face every time I try to make a simple HTTP call.
Excellent, excellent quote :) Definitely true in every possible sense.
I agree that antivirus software is a mess. However in my experience the worst offenders are the big commercial packages. I put the free version of AVG on every windows computer I build, and I’ve never had any trouble with it. It’s light, unobtrusive and I haven’t had any infections that the user didn’t bring directly on themselves.
Norton/Symantec, McAfee, CA, whatever… I’ve never had any good experience with the big name stuff.
Anti-virus software certainly seems to have made developing Windows client software somewhat more frustrating over recent years. You can never trust that any files you create will either still be there in a minute or won’t be locked for an eternity. One pet peeve I have is when perfectly legitimate installers (or exes that the installer deploys) – even digitally signed – are marked as containing trojans simply because they happen to have a particular sequence of characters buried inside that just so happens to match a trojan (presumably). Grrrr!
My personal favourite was when a virus scanner that shall remain nameless decided that some temporary xml files SQL Server was creating in a temporary folder contained URLs in them (namespaces) which it decided meant they were SQL injection attacks – so it deleted them, much to the consternation of SQL Server!
I will second a nomination for AVG Free as a great product. It seems to protect everything without invading your system. I switched to a Mac just over a year ago for my main computer, but the PCs I have around all run AVG Free.
So, what’s the alternative?
I have to teach my grandmother to use a disassembler and so she can verify every last Flash application that gets used is entirely free of malware? Or just teach her not to click on anything at all because a trojan looks exactly like the YouTube movie player if a website happens to get hacked?
When even your precious web host running the great and powerful Linux(Hackproof Edition) can get hacked, what are the end users supposed to do? Just accept that restoring to a backup point from 6 months ago which is when the keylogger got onto their system is just a part of owning a computer?
If I happen to contract a virus one day, I don’t usually find out about it until it causes a problem and unless the virus is buggy (which happens) that’s more than “just a few days”.
Or I could use an OS which barely registers as having market share, and rely on virus writers to not care enough about it. I hear that Stallman doesn’t use a web browser, and uses an email-to-web gateway for offline browsing. Maybe if we restrict the net to email (and maybe gopher) we’ll be safe again?
Funny, I’ve used Windows since as long as I can remember, and I’ve never needed anti-virus software either. Must be that third other half you’re talking about..
The best Windows AV I’ve found is ESET’s NOD32 — no noticeable system impact.
http://www.eset.eu/products/nod32-for-windows
I’ll have to vote against AVG as it was a complete bust on my system — slowed things to a crawl.
John
A Windows PC doesn’t need antivirus software so long as it’s not conected to the internet and doesn’t use email, which covers at a guess 2% of the population at best. Otherwise, don’t expect to last more than two weeks without an infection.
If you use online banking, an otherwise unnoticeable backdoor may be quietly stealing your account numbers, passwords, etc.
Ah, CA, where good code goes to die….
Yea, you could roll back to a restore point to not worry about virii, but the virii can still infect the backups.
That’s when you use a pen drive or ext HD to store your backup.
AVG all the way. Consumer Reports rate these and Norton is near the bottom of the list. They have excellent article, it will save you a lot of grief.
I prefer the smaller AV companies like eEye and their Blink software. Excellent customer support and a pretty solid program overall. Their personal edition lets you install and use for free for a year, and then you can decide to purchase for $25. That, in my opinion, is the best of both worlds.
I was a long time user of AVG until they released version 8, which slowed my WinXP system to a crawl.
Switched to the free version of Avast! and have had no problems with it at all. My desktop is working much better, and I don’t get any false reports on websites I visit.
It seems some free AV programs are better (and less sleazy) than others.
A family member complained to me bitterly for weeks about an Outlook problem. Her outbound emails sometimes arrived hours late, and she had to babysit her laptop to make sure that emails went through. Finally she was able to give me an error message from Outlook. It turns out that the Norton AV was somehow delaying outbound messages to the point that SMTP was timing out. Worse, this seems to be intentional! I don’t recall the error message exactly but in effect it said, “upgrade your Norton AV to make this stop.” I uninstalled Norton and of course the problem never reoccurred.
Norton has devolved into something odious.
Put me down in the “pro” column for AVG Free. I switched to a Mac last year, but AVG served me extremely well in Windows. Unobtrusive, not annoying, low memory use, and no noticeable impact on my browsing.
Norton is a Mafia protection scheme in comparison.
My experience with AVG, on both XP and Vista machines, has been generally good. I’ve had nothing but problems with the ‘home’ versions of Symantec, CA and McAfee products, which always seem to slow down otherwise zippy systems. Surprisingly, my experience with Symantec Enterprise has been good (knock on wood).
Using a restore point as a substitute for anti-virus software is a bit risky for many reasons: 1) not all viruses are removed by a system restore. 2) not all viruses cause their host machine to show obvious signs of infection and it may be difficult for the user to know they have a virus. 3) shared/multi-user machines – it isn’t wise to trust the habits of another computer user. And so on…
As someone who uses Mac at home and Windows at work, I’m curious to see how Mac viruses/threats evolve as Mac market share increases. Hopefully, Apple stays ahead of the game – as much as possible.
I ran into this “ad” business about four years ago. Images or server calls with “banner” in them were also affected. I long ago stopped using any terms related to advertising or anything that makes me think spam. Yes, very maddening. Glad somebody else with a larger reach is getting the word out there.
Also, over the last three years, I’ve tried all the “pay for” anti-virus apps and internet security suites. I’m now using AVG Free and Microsoft’s own firewall, my computer has never run as well!
What bothers me nowadays is all of the apps constantly calling home. My hard drive is always spinning. Just as bad are the websites that never ever stop loading a page. Right now, mikeindustries.com is still transferring data on my machine and my hard drive is spinning… it’s been five minutes. WTH is this?! Crap like that infuriates me. The ISS programs never stopped this either.
Um, oops. I forgot AVG was running a deep scan and may have affected data transfer, so maybe mikeindustries.com isn’t one of the offenders that bugs me so. Certainly wasn’t trying to convey that attitude but reading my post above? Boy, it’s time to chill. No wonder I recently set AVG to start deep scans at 6 pm. Makes me get up after a 12-hour day and exercise.
Great post! I personally dumped all anti virus software on my PC for the last 6 yrs! I used to have to format and re-install every 3-6 mths, regular crashes, slow as a dog. After my computer science degree I had a dig to see what these anti virus (like norton) was actually doing, my findings were disturbing, in that they still use a basic signature hash to scan files by, any single byte change will throw off the scanner. All viruses (which actually wernt) it did not fix, it actually did nothing! oh i have a virus, i wont tell you where it is or how to fix it, ill just ‘quantine’ it and leave it sitting there. There were alot of issues I found with them, least the fact norton root kits! your bloody install, apparently to do a boot sector virus check, my ass. Since doing a clean instal without any anti virus I have never had a single crash, blue screen, I havnt formatted in over 4yrs! If you know what your doing, dont open stupid attachments, use firefox, destroy IE and outlook/express, and your free! Anti virus is simply playing with peoples fear, and they make alot of subscription $$ from doing absolutely nothing, people fear what they dont understand.
My computer also slowed down to a crawl. I added ram and began eliminating any useless program/file I could find. I have never had a virus so I got rid of my original Mcaffee. My computer is 10 years old and still running ion the original W98 install. It runs pretty fast now.
Can a small/medium/large business be run totally with Macs, or are pcs an necessary evil, Mike?
Bulbboy: The former.