JRF said in
Perhaps if everyone who's had this problem takes Symantec to small
claims court for breach of contract, they'll get the point.
Not buying any more of their products will hurt more. It's amazing how
much they'll spend on their legal deparment and lawyers and not bother
monitoring their customers disatisfaction. Symantec is a software
predator. They are not a software developer. I don't think any product
they have was ever originally developed by them. They bought it from
someone else. That is, they are a software publisher (i.e., predator)
that purchases profitable software and implements some support.
I continue to use NIS2003 only because:
- It can blocks ads. If I go with Sygate then I'll need to check into
an ad blocker, too.
- It has URL filtering although it isn't called that (you can block
under Parental Control by site URL). You can, for example, block
"doubleclick.com" without have to specify every possible host they use,
like "ads.doubleclick.com" (which is why I don't bother listing all
their hosts in my hosts file).
- I has additional settings to let you see when a program is trying to
launch another prior-authorized program. You let IE have Internet
access, but then any program that can launch IE can also have Internet
access. That's the falacy of outbound firewalling: you need to also
know what launched that permitted application. But it can get to be
quite nuisancesome to be checking every parent program that launches a
permitted program.
Defects that I do not like are:
- Although you have URL filtering (under Parental Control) to block
outbound connections to undesirable sites, you must include Parental
Control to have URL filtering. That incurs a big long wait while it
loads the site ratings. I have all ratings disabled (it's my computer
so obviously I'm not going to censor myself) yet these idiots want to
waste my time loading in this huge list, a list over which I have no
control nor can I find out what they block or the ratings for them.
- ccApp.exe (and sometimes ccPxySvc.exe) will go brain dead. It took a
lot of e-mails to get into from Symantec on how to write up a .bat file
to kill their processes, stop their services, and start them back up and
supposedly in the correct order. When the connection goes dead (which
may only be for some traffic, like HTTP fails but POP3 still works),
this .bat file sometimes will kick NIS in the butt. If not, logging off
doesn't work so you have to reboot.
- They won't let you export your rules. If you need to do a fresh
install or setup another host the same way (with another license of
their product), you can't export and import your user-defined
application and global rules. In NIS2002, you could export the registry
keys. In NIS2003, these registry keys are hashed so you can't tell
which ones you need (and importing them might not work, anyway).
- Their included SpamAlert worked for about 2 months when I first got
it. Since then I've not seen any spam marked as such by it. SpamPal
and its plugins (all free) work far better.
- They will not reveal the algorithms they use for intrusion signatures.
I go through YahooPOPs, a local HTTP-to-POP3 proxy, to get my Yahoo
e-mails. Occasionally I get a report from NIS regarding an Xmas scan
intrusion from Yahoo. Of course, Yahoo disavows any knowledge of such a
scan. I also get get NO information from Symantec as to what *is* a
Xmas scan intrusion or any info about any other of the intrusion
detections. Someone tried to intrude using XXXX method but that report
is worthless since there's no way for me to know what is Symantec's XXXX
definition of an intrusion.
- The concept of using User Accounts specifically within NIS is stupid.
It harks back to supporting Windows 9x/ME where security, permissions,
and accounts don't exist. When installed under NT/2K/XP, it should base
its security on the logged on user's permissions. I did need more
accounts to manage.
- When you perform an update, NIS will start popping up alerts telling
you the program wants to make a connection. That's because the updated
version has a different hash value than the old one so NIS handles it
like a completely different program. It never offers to migrate the
rules in the prompt, nor can you go in NIS and migrate them yourself.
Oh goody, I get to define them all over again.
- Symantec needs to get their developer groups coordinated regarding
dependencies in their updates. LiveUpdate will report a dozen updates
but only 1 or 2 will take because they are mutually exclusive of the
others, but LiveUpdate still downloads them all, fails on all the the 1
or 2, makes you reboot, and then you run LiveUpdate again to how many
reloads you have to do to get just a couple of those installed, and
continue repeating. After a fresh install of NIS, I think it was 6 runs
of LiveUpdate with the incumbent reboots before it finally shut up.
It's got a lot of nice stuff and handy features, many that I'd really
miss if I went with some other product. But it just keeps getting more
and more flaky. I have to use my .bat file to reset NIS (stop/kill all
of it and restart/reload it) about 3 times a week. It has also gotten
to be quite the pig for memory consumption. Right now it is eating up
142MB (with ccPxySvc.exe eating up the most at 115MB). My subscriptions
run out May 2005 and I suspect I'll replace NIS before that.
With the behaviors exhibited by Symantec as a software predator, I fear
for the survival and quality of PartitionMagic and DriveImage since they
bought out Powerquest.