Antivirus Tools Fool XP's Security Center

[! anonymous]

Antivirus Tools Fool XP's Security Center
http://www.msfn.org/comments.php?shownews=11726

Microsoft's Windows XP Service Pack 2 is supposed to improve security.
Its Windows Security Center should alert you when your antivirus
software is missing or out of date. But in our tests, both McAfee's
Internet Security Suite 2005 and Symantec's Norton Internet Security
2005 crippled SP2's ability to deliver accurate alerts immediately
after installation.

We installed each application on a PC running SP2, and both caused the
Windows Security Center to report erroneously that the products were
up-to-date. Any antivirus software must be updated immediately after
you install it to protect the computer against viruses discovered
since the software's initial release.

McAfee and Symantec acknowledge that their products intentionally
disable the Windows Security Center's messaging feature. Both
companies say the reason for doing so is to streamline customers'
experience; neither company plans to alter its practices.

Full story: PC World
http://www.pcworld.com/resource/article/0,aid,119376,pg,1,RSS,RSS,00.asp

 

[Harry Ohrn]

| Antivirus Tools Fool XP's Security Center
| http://www.msfn.org/comments.php?shownews=11726
|
| Microsoft's Windows XP Service Pack 2 is supposed to improve security.
| Its Windows Security Center should alert you when your antivirus
| software is missing or out of date. But in our tests, both McAfee's
| Internet Security Suite 2005 and Symantec's Norton Internet Security
| 2005 crippled SP2's ability to deliver accurate alerts immediately
| after installation.
|
| We installed each application on a PC running SP2, and both caused the
| Windows Security Center to report erroneously that the products were
| up-to-date. Any antivirus software must be updated immediately after
| you install it to protect the computer against viruses discovered
| since the software's initial release.
|
| McAfee and Symantec acknowledge that their products intentionally
| disable the Windows Security Center's messaging feature. Both
| companies say the reason for doing so is to streamline customers'
| experience; neither company plans to alter its practices.
|
| Full story: PC World
| http://www.pcworld.com/resource/article/0,aid,119376,pg,1,RSS,RSS,00.asp

So both McAfee and Symantec build software to run on Microsoft's platform.
They intentionally cripple the very platform they run on. Sounds like a
parasite. The parasite invades the host and then cripples it. Another good
reason to avoid purchasing McAfee and Symantec products.

 

[Leythos]

| Antivirus Tools Fool XP's Security Center
| http://www.msfn.org/comments.php?shownews=11726
|
| Microsoft's Windows XP Service Pack 2 is supposed to improve security.
| Its Windows Security Center should alert you when your antivirus
| software is missing or out of date. But in our tests, both McAfee's
| Internet Security Suite 2005 and Symantec's Norton Internet Security
| 2005 crippled SP2's ability to deliver accurate alerts immediately
| after installation.
|
| We installed each application on a PC running SP2, and both caused the
| Windows Security Center to report erroneously that the products were
| up-to-date. Any antivirus software must be updated immediately after
| you install it to protect the computer against viruses discovered
| since the software's initial release.
|
| McAfee and Symantec acknowledge that their products intentionally
| disable the Windows Security Center's messaging feature. Both
| companies say the reason for doing so is to streamline customers'
| experience; neither company plans to alter its practices.
|
| Full story: PC World
| http://www.pcworld.com/resource/article/0,aid,119376,pg,1,RSS,RSS,00.asp

So both McAfee and Symantec build software to run on Microsoft's platform.
They intentionally cripple the very platform they run on. Sounds like a
parasite. The parasite invades the host and then cripples it. Another good
reason to avoid purchasing McAfee and Symantec products.

If you read the article it was NIS (Norton Internet Security) which has
always been a bad thing to install on any computer. Symantec branded
products like Symantec Antivirus 9 work very nicely with XP SP2 and do not
exhibit this problem.

It would seem to me that a number of products designed as all-in-one
suites where you get a personal firewall, spam blocking, pop-up blocking,
and anti-virus, would cause problems with anything and should be avoided.

I've used Norton since they came out, and now Symantec Corp 9 on our
systems and clients systems and nothing has made it past them.

 

[Alias]

|
| If you read the article it was NIS (Norton Internet Security) which has
| always been a bad thing to install on any computer. Symantec branded
| products like Symantec Antivirus 9 work very nicely with XP SP2 and do not
| exhibit this problem.
|
| It would seem to me that a number of products designed as all-in-one
| suites where you get a personal firewall, spam blocking, pop-up blocking,
| and anti-virus, would cause problems with anything and should be avoided.

I use SystemSuite5 of V-COM and have never had a problem with it.
Originally, it was made by OnTrack and sports a TrendMicro AV and a Sygate
Firewall. Check it out at www.v-com.com That said, I only install and
recommend Power Desk and System Suite, not mailwasher and I forget what else
comes with it so I use the Custom Install.
--
Alias

N.B. I do not work for V-COM. I am just a happy customer.

Use the Reply to Sender feature of your news reader program to email me.
Utiliza Responder al Remitente para mandarme un mail.

 

[Guest]

Actually, there is a benign explanation for this, at least with the Norton
product with which I am familiar. As I recall it, Symantec has explained
that it is a security risk for the Security Center to be able to report
accurately the status of the Norton firewall and/or its antivirus program. I
suppose the rationale here is that if the system always reports that real
time scanning is enabled and the firewall is on, then hackers or unauthorized
users might be fooled into thinking that they are on when, in fact, they may
be off for some reason. If so, this explanation makes perfect sense to me.
This same explanation may also apply to software programs (not people), such
as malware, that may rely on Security Center to do its dirty work. If the
software is fooled into thinking that the system is secured, they won't do
their dirty work on a system that is, in fact, insecure.

In any event, at least upon installation Norton gives you the option to turn
this feature on or off, and it may well be (although I don't know) that it
can be disabled at any time thereafter so that Security Center will once
again accurately report the status of the antivirus and the firewall. I
cannot think of any good reason to turn this feature off. You can still
monitor your security from within the Norton program itself, which also gives
you much more detailed information than Security Center.

Ken

 

[Bill Drake]

Once again, we have braindead "computer experts" spouting
half-informed information about product operations.

Now for the actual how and why:

1. By default, Norton Internet Security will turn off the Security
Centre's automatic notification that tells the user if something
has impaired the effectiveness of either the Firewall or
AntiVirus application on the user's system.

2. The reason for the above is because the Norton Products *test*
their AntiVirus and Firewall rulesets for integrity at startup to
ensure the rulesets are up-to-date, functional and uncorrupted
by malware. This means the rulesets must be disconnected
for a very short time while the integrity tests are made.

3. As a result of Item 2, the automatic notification for "disabled"
Firewall or Virus applications shows up for a *short* period of
time at startup.

4. Because braindead users panic at this short display that actually
*verifies* their monitoring system is working *properly* -- the
marketdroids at Symantec and McAfee *also* go into braindead
panic mode -- and Symantec/McAfee's solution to the problem
is to disable one of the most important security monitoring
features that WXP-SP2 was specifically created to address.

5. Unfortunately, because there are *lots* of braindead users out
there -- and clueless panic amongst the braindead is an endemic
problem amongst the idiot-masses in North America -- the market
droids have a point. (See any news broadcast for indisputable
proof of idiot-panic-mode in the North American general public.)

6. Consequent to Item 5, it has been decided to "protect" the general
public from their idiocy by *masking* one of WXP-SP2's important
and useful features.


Now, if we could get the public to do some *rational* thinking instead
of blindly reacting to every piece of news as if the sky were falling,
then companies *might* be able to do the sensible thing rather than
the expedient thing. However, I won't hold my breath...


Best I can do for now. <tm>


Bill