A little opinion post where after Xmas and the rise of non-desktop form factor’s and platforms, I look at recent allegations made towards Symantec and ask, is this to be expected?
Over on ZDnet it’s being reported that Symantec is coming under fire after a series of incidents which are alleged to be misleading to consumers. ZDnet reports:
Security firm Symantec is being taken to court over claims that the company’s flagship anti-malware and performance software suites mislead consumers into buying full versions of its products.
The suit, which seeks class action status, was brought by Washington state resident. It was filed in the District Court of San Jose, California on Tuesday on behalf of his lawyers, according to Reuters.
The complaint alleges that misleading ’scare’ tactics are being used by Symantec in its Norton Utilities, PC Tools Registry Mechanic, and PC Tools Performance Toolkit products. The claims also suggest the software range always report harmful errors, privacy risks and other issues that exist, regardless of whether they actually exist.
Now whilst this in itself is not breaking news, I bring it up at a time when coincidently I recieved an email along similar lines.
Those who follow my dulcet tones on TechBytes or read my musings on the various social networks I maintain will know that recently (after years of being let down) I changed my ISP. With this change brought the expected, a shiny new router, a nice welcome letter and, shovelled into the box was also a free trial of McAfee Anti virus. Of course there was no way of them knowing that the troubles Windows users may get with malware, virus’s and spyware don’t really have any relevance to a Linux user, but nevertheless their “kind” and “free” trial was put in the same place as probably many a Windows machine when it had been brought to a halt by malicious code and the user (through their own lack of knowledge) merely thought the machine itself was broken.
Ironically in the last few days I was spammed by unwanted email from Mcaffee, presumably because my ISP had given them my details and Mcaffee were at a loss to explain why anyone would turn down their “great” offer. Here’s the contents of the email (details personal to me have been omitted):
As a part of your Broadband package, you’re entitled to a free 12 month trial of McAfee anti-virus software – and we’re contacting you because yours does not appear to have been activated. Without anti-virus protection in place, you run the risk of being the victim of identity theft, phishing attacks or suffering serious damage to your computer. You could lose digital content, such as files, photos, or music in the process. So please, if you do not already have anti-virus protection in place, take a few moments to download and install your FREE trial of McAfee Internet Security Suite. Then you can get back to surfing the Internet, with a little more peace of mind.
It did make me remember that as a Windows user at home in the distant past, peace of mind was something rather lacking when surfing the net. Whilst all these issues which Mcaffe suggest can be experienced by Windows users, to have the nerve to send this to a user who may already be adequately protected (or not even a Windows user at all) looks a little bad. Notice the way it targets your personal documents/files as its method of sale? See how it mentions identity theft and other subjects which I assume Windows users will worry about and are certainly “hot potatoes” in the news?
Linux doesn’t have such issues. I challenge you to find a home user of Linux who’s had that annoying malware that requires your PC to return to the shop. I don’t have a firewall, I don’t have anti-virus. My Linux desktop runs as quickly now as it did the day I installed it. Run a Windows PC on the net for a day without protection and see what happens.
So what could this show?
I digress. That email was thrown in more out of coincidence. Moving back to the rest of the ZDnet article, I would like to suggest that maybe more aggressive marketing of anti-virus products is because of the dwindling revenue in them. After all, the sales figures for Xmas seem to back up what I said around November 2011 which was that the mainstream consumer is moving to smaller form factors and away from the desktop – worse still (as far as Mcaffe et al are concerned) these form factors are not running Windows.
Maybe more aggressive marketing is going to be seen now where these companies fight for your custom in a market dwindling in the home due to other more popular (and non-Windows) products coming to the fore? Examples from complainants reported on ZDnet say things like:
The software is falsely informing the consumer that errors are high priority and in addition it is falsely informing the consumer that their overall system health and privacy health is low… The truth, however, is that the scareware does not actually perform any meaningful evaluation of the user’s computer system, or of the supposed ‘errors’ detected by the software
I can’t exactly call McAfee “aggressive” and since its the first time in many years I’ve changed ISP I cannot say if this practice has always been common-place, but maybe the actions which Symantec are accused of are a sign the Windows platform (which is a cashcow to many indirectly) is slowly eroding forcing companies to fight more for your custom?
Maybe this article is one about nothing, but consider for a moment that as we see Microsoft’s stranglehold on tech diminish in multiple area’s, there’s many 3rd parties who have a great deal at stake in keeping them alive.
If you are new to this blog (or have not yet read it) please take time to view the OpenBytes statement, here.
The summer provides many of us with a nice holiday or two and whilst the IT scene seems to dry up a little (in respect of the subjects I like to write about) Microsoft has had its fair share of woes over the last week. Lets cover one now, another vulnerability of Windows.
Microsoft is issuing a patch on Monday the 2nd of August for a vulnerability found in all versions of Windows (shock, horror, a vulnerability in Windows? Never!)
This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on August 2, 2010. The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is currently being exploited in malware attack
You can find that release here: https://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx
Krebs on security reported it as:
a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages what appears to be a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files.
How much longer are people going to suffer these repeated attacks? Remember what Dell had to say about Linux? (before the comments were taken down) According to the Microsoft faithful, we should take heart in the fact that it’s because Windows is so well deployed. I’m sure that’s consolation to the many Windows victims around the world. Maybe the best way to defend a Windows PC against exploits is to become a Microsoft MVP. ;) According to one their “finest” he’s never been a victim. I can’t recall any other MVP’s complaining, according to the them everything is just great. (except if you mention the Windows 7 Phone freebie, but we will cover that in another article)
Why do I look repeatedly at the MVP program? Because I think it is damaging to independent opinion. Ever seen an MVP champion OO? Or what about FF over IE? Lets not forget this MVP, which after complaining to Microsoft directly, they seem happy to let that individual retain the MVP status. I think that says it all. As Ive said many times before, I have no problem with Windows advocates. I have a problem with underhanded tactics and rather dubious (to me) scheme which retain people’s loyalty. One such scheme in my opinion is the MVP program. So take a look at my previous link and see an example of what Microsoft calls “Most Valuable”.
Lets end on part of the closing statement from http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ (in relation to this new vulnerability)
it could soon become a popular method for spreading malware.
Happy times are here again. Now Windows malware is not only on your desktop, it’s on that innocent looking USB stick in your pocket.
Goblin – firstname.lastname@example.org
If you are new to this blog (or have not yet read it) please take time to view the OpenBytes statement, here.
Readers to this site may remember that recently we covered the issue of Bitdefender identifying Window system critical file as being malicious code. Personally I thought the original diagnosis was correct and the software identifying Windows as a virus was a testament to the “intelligence” of its coding.
I am sure that McAfee also had a few words to say to their coders when the same thing happened to them, with reports today stating that McAfee antivirus software is identifying and “fixing” what it believes to be malicious.
The serious issue here is that with the latest .dat update (5958) is being reported to cause SP3 of XP to go into endless reboot. Whats more worrying though is whilst the issue allegedly is predominantly XP SP3, McAfee have said:
We have individual reports of other versions of Windows being affected as well
So we have another incident here where Windows is crippled not by malicious code, but by the very software designed to protect it. Of course Microsoft will be quick to point out that the fault wasn’t theirs and a third party – which of course is correct, however you could also argue that if Windows was better secured in the first place there would not need to be so many updates of virus software in order to protect it. Maybe if Microsoft had better taken the “baton” in the first place, people would not have to look to third parties for a sense of security.
It gets worse?
So thats the end of the story? – Well no. As if Windows users didn’t have enough problems with the code created to protect them rebooting their systems, the criminal element is also at it. Taking advantage of unfortunates by playing on their desperation to get Windows working again Grahame Cluley said in his blog today:
By using blackhat SEO techniques, cybercriminals have managed to get poisoned webpages high in the search rankings if you hunt for information on the McAfee false positive. If you click on a dangerous link like this then you risk the chance of your computer being hit by a fake anti-virus attack (also known as scareware) which may attempt to con you out of your credit card details or trick you into install malicious code onto your computer.
Poor Windows users, falling foul of both cyber-criminals and also the software designed to protect them. How many more issues will users put up with? Regardless of who is to blame, is it of any consequence to the user who merely wants their computer to function and have a safe experience?
These are answers only a Windows user can give, I left it years ago and have never looked back.
Goblin – email@example.com
If you are new to this blog (or have not yet read it) please take time to view the Openbytes statement, here.
Its being reported that users of the virus software Bitdefender have had a surprise with their latest update.
Allegedly Bitdefender has identified several parts of Windows as a trojan, fixed them and subsequently brought down Windows.
Being flippant, one could argue that Bitdefender was merely doing its job and identifying Windows as a trojan was correct, another camp could list it as yet another issue Microsoft’s OS has stumbled into.
Now even years on from the first BSOD in Windows, crippling problems can still be a part of daily Windows life. Maybe its these regular experiences that explain the apathy a Windows user might have to the problems they encounter whilst doing even the most simplest of tasks?
I very rarely say this, but this time the fault is not Microsoft’s although I think the cause of yet another Windows issue is of little concern to the end-user, rather the fact that Windows yet again is not working correctly.
Bitdefender had this to say:
Due to a recent update it is possible that BitDefender detects several Windows and BitDefender files as infected with Trojan.FakeAlert.5…
The problem seems to hit 7,Vista and XP users, there is a fix for this and a comment from BitDefender. But to me Bitdefender’s original diagnosis is spot on. ;)
Goblin – firstname.lastname@example.org
Its being reported here: http://news.cnet.com/8301-17852_3-10159186-71.html that the French military are now victims of a Windows vulnerability, which follows on nicely from my article of the UKs armed serviced being “Terminated” That article can be found HERE.
As pro-Microsoft posters like to say, Windows is secure, so it comes as quite a “shock”!? that another critical service has come under attack from a virus exploiting Windows vulnerabilities.
Whilst this is not going to get the military running for an alternative just yet, (IMO) it highlights a trend of vulnerabilities being brought into the mainstream of late. It is reported on the site that civil aviation is not affected….so thats ok then?!?. If this is Windows being secure lets hope it never really does get exploited!?!
For those people with worries about security of their systems, as many pro-MS commenters have implied on MS-Watch before, its easy to avoid and just lazyness or ignorance if you dont. Keep in mind if you fall victim: Its your fault not Microsofts.
This article is meant more as “food for thought” than as any sort of definative word on what MS’s policy and or implementation is of DRM when Windows 7 is finally released (this post was inspired by a strange claim on MSwatch that implied Windows 7 users would be reported on if they were believed to be pirates). We have already seen the allegations of China’s computer users getting targetted by MS software because they were believed to be running a pirate copy of Windows. Rightly or wrongly that matter is in the past, but where are Microsoft heading with their software? What lengths is Microsoft prepared to go to “safegaurd its investment” (which according to MS, their products are doing very well, so I fail to see why they would be considering any DRM or copy protection methods)
In the UK there exists a policy. Its called RIPA and stands for Regulation of Investigatory Powers Act (2000) this policy governs the use of covert observation on individual(s) and makes them comply with a set of procedures and best practice. Whilst breaches of this are not an offense in itself, its argued that failure to comply, may “prejudice” an investigation and also leave a body open to an allegation of breaches of the Human Rights Act.
So why do I mention this in the same post as Microsoft? Well, we are not sure what/if Microsoft montiors peoples activities on their platforms. There are plenty of allegations and IF they were true, AND no permission by the end user was given, wouldnt Microsoft be atleast going against RIPA guidelines, if not breaching Human rights?
In the UK even traffic enforcement “play by the rules” by having signs clearing indicating speed cameras. Highstreets have signs indicating the use of CCTV and even shops have the sign on the door, alerting customers to the use of CCTV, effectively entering the customer into an agreement that they will be recorded as part of a “condition of entry”. Football matches are another example. A steward has the ability to search a fan prior to entry, as its a condition of entry into the football ground. If a fan doesnt like that then they dont enter.
Now before all the Microsoft supporters jump on and say MS can make you aware, I understand that a MS product EULA can inform you of these methods and effectively make it a “condition of entry”, but am I the only one who would like to know exactly what and how Microsoft monitors its users? I believe whilst ignorance is no excuse, I also believe Microsoft will not be exactly “clear and open” when it comes to any software/policy/technique it employs to monitor your computer use.
Let me quote a little of RIPA which is from a PDF from ELMBRIDGE BOROUGH COUNCIL:
“The purpose of the Regulation Of Investigatory Powers act 2000 (RIPA) is to
provide a comprehensive regulatory structure governing interception of
communications, surveillance and associated activities. Whilst non-compliance
with the legislation is not in itself an offence failure to comply with it may
prejudice the success of any investigation and might provide the basis for a
challenge under Human Rights legislation. It is, in any case, good practice to
comply with this legislation and any codes of practice.”
and it goes on to say:
“The policy does not refer to Intrusive Surveillance, which the Borough Council is
not authorised to use. The definitions of each term used may be found at section
7. and guidance to assist in determining the need for authorisation together with
examples may be found at section 8.”
So when a commercial firm can monitor your activities remotely and record what packages you are using and/or installing, is that not intrusive, regardless of what has been put on a EULA which a company knows alot of people wont read, let alone understand?
On the other side of the coin, I am very supportive of online observation by Government bodies. There are many evils on the net, and I believe monitoring by government agencies is required, until we reach a time when people can be trusted to behave correctly. I am not saying for one minute that Government bodies do not make mistakes or are sometimes “too enthusiastic” but in light of no viable alternatives, its the best we have got.
I dont particularly want this article to get into a debate regarding the rights and wrongs of observation, but IF Microsoft does monitor its users, what gives it the right to be “gaurdian of our morals” when Microsoft themselves are at the recieving end of some very serious allegations concerning integrity and behaviour?
Now lets move on to look at the section 7 and 8 of the PDF, mentioned above. Section 7 explains the definition:
“Surveillance is covert if it is carried out in a manner calculated to ensure that the subject
of the surveillance is unaware that it is or may be taking place. Covert surveillance can
be either Directed or Intrusive.”
7.1.3 Directed Surveillance:
“Covert but not intrusive
Carried out for the purposes of a specific investigation
Likely to produce private information about a person
NOT an immediate response to events or circumstances the nature of which
means it would not be reasonably practicable to get an authorisation under
the Act for carrying out the surveillance”
7.1.4 Intrusive Surveillance:
Relates to anything that is taking place on residential premises (including
hotel rooms and prison cells) or in any private vehicle;
AND which involves the presence of a person on the premises or in the
vehicle or is carried out by means of a surveillance device (e.g. potentially a
sound level meter, tape recorder).”
I would like to see some clarification by Microsoft and any author of software as to what (if anything) they are using to monitor users. I would like to see a more comprehensive and accessable EULA for users who simply want to have an unfudged text on what exactly is the policy.
As always, my opinions. Id love to hear yours.
If you are interested to read the PDF in context from the Council site in question please click here!
It seems our Lord of the Shills this week couldnt have made a more poorly timed comment of:
“Vista introduced huge improvements to how users kept their personal data secure.” Andre Da Costa 25/11/08 Andre’s Blog
as it is being reported that there is a new exploit being aimed at Facebook users, more specifically Windows Facebook users, (Linux/Mac need not worry, just sit smugly and read!)
Named Koobface the worm will infect their machine as they click on a link on their profile. Once the infection has taken hold of the victims PC it then posts comments on friends profiles on the infected machine, encouraging them to look at a fake youtube site which tries to convince them to download an “adobe upgrade” once this has occurred the worm will try to redirect traffic in order to recieve money from the redirects.
Facebook are actively fixing this issue now. Another example to consider how secure are you in reality when using Windows?
The following networking sites are reported to be the targets: Facebook, Bebo, MySpace, Friendster, Myyearbook and Blackplanet.
A more complete article can be found on the Guardian website, by clicking here