Linked by Thom Holwerda on Thu 26th Jan 2017 23:27 UTC
Privacy, Security, Encryption

I was just reading some Tweets and an associated Hackernews thread and it reminded me that, now that I've left Mozilla for a while, it's safe for me to say: antivirus software vendors are terrible; don't buy antivirus software, and uininstall it if you already have it (except, on Windows, for Microsoft's).

I've been saying the same thing here on OSNews for a decade now: antivirus software makers are terrible companies. Don't buy their crappy software only to let it infect your machine like a virus that slowly hollows out and kills your computer.

Stick to Windows' built-in Microsoft tool.

Thread beginning with comment 640210
To read all comments associated with this story, please click here.
Clean up
by jessesmith on Fri 27th Jan 2017 03:52 UTC
jessesmith
Member since:
2010-03-11

A while back I got called in to deal with an infected website that was triggering warnings from popular anti-virus software. After looking around a bit I concluded there was no virus on the web server. But the company had been getting dozens of complaints from vistors.

So we found out which anti-virus it was and confirmed it was reporting the site as infected, but not giving a reason. We eventually got ahold of someone at the AV company and asked for an explanation. They claimed the website was hosted on a network that was "known" to be notorious because it was free and hackers frequently used it.

There were two problems with that: the company I worked for was paying for their website and it was hosted by a different provider. The AV company was wrong on both accounts, but refused to listen to our objections.

I ended up playing with the DNS settings to make it "look" like the web server had been moved to a different network, told the AV company the issue was fixed. They confirmed it and took the website off their black list.

Sadly, this was one of the best experiences I have ever had with anti-virus software and the people who make it. The "cure" is definitely worse than the disease.

Reply Score: 7

RE: Clean up
by Alfman on Fri 27th Jan 2017 04:58 in reply to "Clean up"
Alfman Member since:
2011-01-28

jessesmith,

A while back I got called in to deal with an infected website that was triggering warnings from popular anti-virus software. After looking around a bit I concluded there was no virus on the web server. But the company had been getting dozens of complaints from vistors.
...
There were two problems with that: the company I worked for was paying for their website and it was hosted by a different provider. The AV company was wrong on both accounts, but refused to listen to our objections.


Yikes, and to think they don't know someone else's software is interfering until customers call to complain. I hate where the industry has gone, it would be nice if AV software stuck to the essentials and stopped the mission creep. They need to work together to improve coverage and accuracy, not going to happen though...

I've experienced similar scenarios with email blacklisting, what a mess that is. It's not unusual for blacklisting to punish the wrong parties. False positives and false negatives remain problematic.

Reply Parent Score: 3

RE[2]: Clean up
by Brendan on Fri 27th Jan 2017 10:45 in reply to "RE: Clean up"
Brendan Member since:
2005-11-16

Hi,

I hate where the industry has gone, it would be nice if AV software stuck to the essentials and stopped the mission creep. They need to work together to improve coverage and accuracy, not going to happen though...


As far as I'm concerned, AV is mostly attempting to cure the symptoms (and making it easier to avoid fixing the root cause, and making everything worse in the long term).

For Microsoft's AV; at least there's a theoretical possibility that maybe someone at Microsoft might tell someone else at Microsoft to fix a gaping security hole properly (instead of hacking/patching around it).

- Brendan

Reply Parent Score: 3

RE[2]: Clean up
by darknexus on Fri 27th Jan 2017 15:09 in reply to "RE: Clean up"
darknexus Member since:
2008-07-15

I've experienced similar scenarios with email blacklisting, what a mess that is. It's not unusual for blacklisting to punish the wrong parties. False positives and false negatives remain problematic.

Damned right about that. Dealing with a situation now involving that very thing, and the blacklist is at the ISP level! Ouch! Still trying to get information out of the ISP in question.

Reply Parent Score: 2