Pandemonium as Microsoft AV nukes Chrome browser Users of Google's Chrome browser are in an uproar after antivirus software from Microsoft classified it as virulent piece of malware that should be deleted immediately. On Friday, a faulty signature update for both Microsoft Security Essentials and Microsoft Forefront incorrectly detected the Chrome executable file for Windows …
.....most users will install using web-based installer (that <1MB one), which put the Chrome application directory in .\Documents & Settings\<username>\ (XP) or .\AppData\<username> (Vista & above). This will make sure non-Administrator accounts could install Chrome without the need for privilege escalation (even Guest account can do it!). The downside is there will be a separate copy of Chrome application folder for each user (that installed/use Chrome) on that system . Try for it yourself.
Regards.
Howcome users in my office on XP SP3 can install Chrome on their desktops? They don't have admin rights. They can't write back to the "Program Files" folder or to the HKEY_LOCALMACHINE registry key. But Chrome goes on regardless.
That's the sort of behaviour a virus shows. And it pisses me off.
Ordinarily Id be pretty ambivalent towards Chrome, but the simple fact that unauthorised users can install it makes me hate it.
And I'm sure that enough people on here will recognise that for what it is; not IT-department control-freakery, and a fascist attitude to user freedom, but a sensible way of trying to keep unknowns to a minimum to reduce user-issues.
A virus would clearly try to modify the OS in order to evade detection and eradication.
Users are writing files on an area of the C: drive where even Microsoft default policies allow, they are not messing with the Program Files directory or the registry so what is your beef ? The fact that they still have some freedoms left ? Heck, make the whole computer read-only or take it from their desks and replace it with a TV where they can safely sit and watch documents all day long.
YOUR Office ? I'd rather guess you consider it your own privately run plantation.
My office = my employer's office. I didn't think I'd need to be quite so verbose on that one. Similarly, my employer's users/staff who should be doing work on my employer's computers. They need no freedoms over and above what is required to do their jobs. On the other hand, it's the real world and they're given plenty of leeway to do stuff (particularly web browsing) on their downtime.
My beef is when someone calls me and says "X doesn't work on my computer", and I find out that they're using Chrome. And that "X" works just great in Internet Explorer, because I know that a number of the companies that we deal with have ActiveX controls on their "extranets" (or whatever the word is these days), and these only work in Internet Explorer. And I'm wasting my time, at my employer's expense, chasing people for installing Chrome on "their" machines.
They seem to think it's their god-given right to install what they want on "their" computers, and don't for one moment stop to consider the security and administrative nightmare that would cause; Google Chrome not only panders to their delusion, but reinforces it, especially with the attitude that "it's from Google, so it's fine". The office computers are tools to do jobs, not toys. They're the company's, not the user's. Personal internet access at work is a privilege, not a right. Many people seem to forget that.
Presumably you would like all of "your" users in "your" office to run whatever they damn well please? Where does that end then? When someone calls because they're having trouble with Outlook under WINE running on UbuntuCE? Good luck with that, by the way...
"They seem to think it's their god-given right to install what they want on "their" computers"
I agree and we come down hard on people like that, except...
...when they are senior managers.
...when they are senior managers PAs.
...when they bend the ear of a senior manager. For some reason senior managers always believe people who say "but I need Chrome/Google Earth/Whatever to do my job".
As soon as the request comes from a senior manager then our manager rolls over and dies. No matter how much the request contravenes corporate policy or indeed policies to which we must comply.
"Howcome users in my office on XP SP3 can install Chrome on their desktops? They don't have admin rights. They can't write back to the "Program Files" folder or to the HKEY_LOCALMACHINE registry key. But Chrome goes on regardless."
Because the installer just copies the executable to the users own Documents and Settings folders. Google did it this way to make it easy for people to install their software when they didn't have admin rights. Of course they claim it was just to make things more user friendly, but I can't believe that they are so niaive. I'm pretty sure it was a way to allow people to install on corporate machines as a way of increasing their user base.
However smart sysadmins will have implemented some way of banning this sort of install. You can be specific and ban chrome.exe. You can be really draconian and have a whitelist of allowed executables, but this can be a major administrative headaches. The best way, however is to prevent ordinary users from creating any executable files. This is a good idea since there are quite a few poxy little toys out there that install in that way. And while you're at it make sure your Windows firewall GPOs don't allow Chrome to access the internet.
I assume you do have a single approved browser on your network?
Maybe not virus-like, but definitely sly-ware. The number of software installers that try to install Chrome (seems to have replaced the similarly sly Google Toolbar) is beyond me. It asks you, sure, but how many average Joes will just click through the installer, assuming it's only going to install what they wanted. Roxio springs to mind as an example.
The amount of times I've turned up to my parents' PC to discover they've installed Chrome again and don't have a clue what it is or how it got there is enough of a reason that I won't use it.
So did the AV delete chrome.exe? Or did it really uninstall the whole product and then delete the %AppData%\Google\Chrome folders which hold those bookmarks?
Reading between the lines, I would assume all the user data is still sitting on the computer ready for Chrome to be reinstalled and pickup that data again.
Personally I think it is bonkers that companies are using that spyware based Google browser. I keep finding it on my client's PCs and they never remember how it got there. Installed in some stealth manner or sneaked in as part of an update to some other product. Ts&Cs then hide the Phone Home nature of Google.
Microsoft identifying it as malware sounds about right to me....
And has anybody proved that it is not?
Google these days does nothing except with the specific intention of collecting unnecessary personal information. It is extremely unlikely that chrome isn't collecting personal information which its users are not fully aware of.
Sadly, far too many companies are collecting unnecessary personal information and making it pretty well impossible to do anything about it.
This afternoon I had an appointment with a new dentist who will eventually be doing the crown for an implant. Had to fill out three pages of personal and medical information, which even included "Have you ever seen a psychiatrist?" I told the receptionist that there were questions answered "no" that were either not applicable, not answerable by a yes or no, or none of their f**king business.
It isn't just companies on the internet doing it.
Since the medication that psychiatrists prescribe to you is protected knowledge, bu the fact that you saw one isn't. Asking that is a round-a-bout way of trying to figure out if you are taking medication that might interact with something they give you (Novocaine has a lot of drug interactions)
Dealing with someone that will literally have your life in their hands is definitely not one of those times to be overly-cautious with personal information. And besides, they are legally obligated to never share that information with anyone or use it for any other purpose than to treat you. That is why you probably had a separate form with your contact information that you had to fill out, so they can use it to contact you.
Er, no it isn't as the answer should invariably be "Yes", unless the patient's lying.
Are you absolutely *sure* that *none* of the people you saw on the way to work this morning was a psychiatrist? How about all the people you've seen so far this year?
I'd be ticking the "yes" box and I have the icon to prove it!
"Have you ever consulted a psychiatrist?" might be a valid question to ask.
I would hope that they would keep anything they know about you confidential, in the same way your GP would. With that in mind I don't think it odd that they'd want to know if you were likely to flip out in the chair due to anxiety or have bad reaction to gas due to a mental illness.
About 4 to 6 years ago, some AV program classified the GNU public license as Malware. It was pretty damned funny really. It was easy to fix as I recall too. I dont remember what program it was but I think it may have been Panda.
And I use MS Security Essentials with a non-MS browser. I dont have much use for antivirus software, nothing's getting on my network really, but it was the fastest way to shut up windows 7's nagging about needing antivirus software for free and without McAfee's plague infecting my laptop.
But hell, Ive always said Chrome was a shit browser (lowest quality for the lowest common denominator, like most Google products) and apparently MS agrees with me. And I am not used to MS agreeing with me whatsoever.
I notice Security Essentials has never deleted Firefox or Opera. Or even Konqueror for that matter and its pretty unstable on Windows still.
I have heard that so many times, and usually a few days before I get spam from their address or they complain about their bank account getting drained. Installing AV should be done on every system, including phones. I have even AV installed on my OpenBSD boxes, AV software is free, takes up very few resources and it is always better to have and not need than get royally screwed when you do need it.
Sorry, mate, you clearly don't know what OpenBSD is and does.
A personal question for you, since you're so paranoid, do you wear a seat belt in bed while you're sleeping ? It is always better to have and not need one than getting royally... Nah, I can't go on arguing with you.
Just read around a bit on various tests plus users reviews, it is a surprisingly good AV and it also has an excellent reputation for not seeing valid software as malicious, so clearly something is amiss with Chrome leaking user info and I reckon MS were right, and Google need to be in the dock not MS on this point.
3,000 SITES, which may have 10 named users all the way up to 50,000 employees, of which maybe some 1/2 may be named/disclosed/etc, depending on the licensing strategy the customer was angling for, and assuming ms didn' trojan the servers to report distint accounts and concurrent/disparate logins doing different tasks.
So, hundreds of thousands could theoretically be affected, or maybe just 5,000. MS won't want to admit that in "its" client base, a high percentage adopted or condone use of Chrome, and yet, if it is small, they still can hope that 3,000 SEEMS like a scary number to wary IT departments.
However, I suspect that many large corporations were using MS Forefront - we certainly are.
The reasoning is quite simple - what else would you use? We have previously used both McAfee and Symantec and both were responsible for a lot of unscheduled downtime.
MSE and Forefront are actually pretty good - like a lot of commentards I switched to MSE because AVG and Avast have become annoying, slow and bloated blobs, with very little sign of what originally made them great.
No doubt MSE/Forefront will eventually become an annoying bloated mess, however for the time being it's good.
"Companies with 50000 users don't use chrome as a web browser."
You'd be correct there. I do adjunct instructing for a local community college and it has well over 50,000 students... and has Firefox and MSIE as standard browsers. Chrome is not visible. (The office has considerably fewer than 50,000 employees, but we don't have Chrome either.)
"I'd also wager they are unlikely to be using forefront security."
Ah... no. The community college uses Forefront. It works quite well, actually.
as they spent all these years developing a browser and improving the overall web usability and user experience for Windows users. "DOS Ain't Done 'til Lotus Won't Run" is a myth for sure but those who don't take this seriously will have a nasty surprise down the road because Microsoft can and will pull the rug from under the feet of Google and Mozilla.
Don't take my word for it, just read some enlightening documents surfacing as exhibits in the US courts of justice where Microsoft is being dragged. Not to mention that they have been tagged as monopolists in major courts of justice on at least three continents.
If it hit home users I could understand, but which companies is using Security Essentials (which AFAIK has a free license which should now allow commercial use, as most other "free" AV) without a WSUS server to take control of patch/updates before releasing?
Pretty much what i'd expect when Google kick out Windows from their offices while Microsoft won't run Chrome in theirs. Neither camp wants to live in the real world, just like when warring parents don't cooperate for the sake of their children i guess (Gosh now i'm hurt). Microsoft and Google need to settle their differences and test their stuff with other stuff, period. Each must accept their respective contributions and i don't particularly care if Google think they might have the moral high ground on this issue, before one single Google customer has to suffer then they need to go camp in Microsoft's front office. Or am i just an over reacting Chrome kiddy.
It is not in the interests of the OS maker to deliberately sabotage their competitor's software. The net effect of this example is that MS antivirus and Chrome users will migrate to other programs due to a lack of trust.
(I don't use either, FF and Avast here)
I agree that in the earlier days of MS programs like Word, Excell and IE were reputedly given a leg up from undocumented OS calls. This was not sabotage but "internal favouritism". Since the IE/MS monopoly trials MS has had to open up the APIs to developers. The result has been better software all round.
No doubt Win 8 will break some software - (every release of Windows does, hopefully the developers will use the beta release time to update any affected software) - but this is not necessarily a deliberate attempt to damage a competitor.
False positives do happen. No software is ever perfect. The scandal here isn't that a particular piece of software was incorrectly identified as a carrier of virulent code. MS' AV-tools should be able to fully restore any application, its data and configurations for every user when the problem has been solved, or as in this case a false positive has been confirmed. The inability to execute the restore-operation is the real problem.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
