It won't be missed
Along with every other futility Symantec has turned out in the last decade.
Symantec, a company that has made huge amounts of cash as the largest antivirus software vendor for the last quarter of a century, looks to be getting out of that business and into fixing hacking problems rather than stopping them. "We don't think of antivirus as a moneymaker in any way," Brian Dye, Symantec's senior vice …
"Whatever happened to them? I mean in the mid 90s they were to techos what sysinternals is today.
Speeddisk. Diskdoctor. Awesome batch file extensions. But now the best advice is to avoid their rubbish."
As usual, dumb corporate politics turning good tools into utter crap.
For those products not totally sabotaged technically (thinking of the ex Veritas suite, Veritas Cluster Suite, VxVM also), they've turned their pricing into such ridiculousness no-one could actually afford them. And this is even before the OS vendors actually and finally come with a solution (HPUX 11iV3 comes to mind, all previous versions being utter balls for storage mgmt ).
Well put. These days I spend almost as much time cleaning up after crashed copies of Norton as I do removing crudware infestations.
Ironically the most common problem I encounter is a frustrated customer telling me that their 'computer' is telling them it is low on resources. As you all will know, that's a classic Norton warning, and usually means fucking Norton is what has gobbled them all up. Ditch Norton for MSE or Avast and what do you know, suddenly no problem with resources!
Whatever happened to them? I mean in the mid 90s they were to techos what sysinternals is today.
Speeddisk. Diskdoctor. Awesome batch file extensions. But now the best advice is to avoid their rubbish.
If I had to guess, I'd guess that Sym-Can't-Tec has a corporate structure that is resistant to change. Losing two CEOs in two years, during which no significant changes have happened, means to me that either:
a) The CEOs wanted change and the corporate structure rebelled, or
b) They purposely hired "nice guy" CEOs that they thought could do magic without changing anything.
Sadly, they are also victims of their own poor history so people like me still refuse to buy their products. They did nothing to fix that.
Unfortunately for Symantec, PC owners are now divided into 3 camps:
- Those who still run Windows, but are savvy enough to realise that most anti-virus software does more short, medium and long term harm to their machines than the viruses themselves have ever managed.
- Those who refuse run anything by Microsoft. Macs and various Linux distros make this choice very, very easy now.
- And the people who are too dumb to install anything, and too dumb to update their subscriptions. They now think that a virus-riddled machine is the normal state of affairs. It isn't even worth the virus writers targeting these people any more.
None of these groups have any reason to give Symantec et al. any more money. Shame.
I found having a virtual machine (with free AV s/w) for internet usage pretty good for avoiding unwanted attention, that and staying away from certain areas of the internet. These days running a VM is insanely easy, free as well. No special knowledge needed, just download a prebuilt image.
I did try norton for a year, mostly to cover tablets and phones, especially those the kids have access to but putting it on the desktops & laptops had a huge impact on performance so I went back to avast.
Does anyone have any thoughts \ experience on andoid anti virus? Best programs etc?
"Does anyone have any thoughts \ experience on android anti virus? Best programs etc?"
Yes, friend, and you named it in your post: Avast. Install Avast AV, and while you're at it, they have a backup SW which is not shite, contrary to all the ones I've tried, and also a very nice anti-theft.
I normally install all 3, no perf impact, works well AND detects malwares.
Avast for Android was sending SSL encrypted links in the clear back to its servers for checking against its blacklists, including usernames, passwords, sensitive information etc. (Avast and AVG were the worst offenders)
Edit: Avast have allegedly started encrypting the URLs they are sending to their servers, but they still aren't stripping off the parameters with your sensitive data on them...
A friend of mine, seeing all the wonderful things being touted about Avast, installed it on his old, XP system. Rather quickly he contacted me to ask why his system had slowed almost to a halt and Google Chrome was offering him all sorts of salacious delights. (He got Avast from their web site apparently, never tried it myself so no Idea of the details).
I advised him to de-install it, and Chrome (and revert to Firefox). He did so and suddently got his machine back. He also reinstalled Chrome: performance still more or less all right, though return of salacious offers. He is very cautious with regard to spam, phishing and so on - apart from Avast and Chrome abberations.
He has now got an iMac and is rather happy with the revelatory experience, even while still in the process of installing Openoffice and his other favourite tools and relishes the reduction in wires and boxes.. I'm certainly getting fewer calls for help.
"- Those who refuse run anything by Microsoft. Macs and various Linux distros make this choice very, very easy now."
Sadly not entirely true. I am sitting writing this on our corporate Red Hat Linux platform which has... Symantec Antivirus bogging it down. What with the mandatory LUKS on the whole disk (and not just selected volumes containing data/swap) it makes for a mighty slow Linux environment.
So I'm sure Symantec still make plenty of money shipping their crap to very large companies that simply must run AV on *everything*, regardless of whether it is effective or necessary.
"Effective or necessary" depends on your point of view. Certain certified environments mandate that all systems have antivirus software installed and that the images are regularly updated (I never did get a real answer as to what they meant by "regularly" though).
In some ways AV software is like a biological immune system where you get a shitty cold and get protection only after the infection, but you are protected from a repeat of the same virus - the difference is that your protection can be shared with others. One serious problem with AV software virus detection is that it is retrospective - it takes time for a virus to be detected in the wild as the "best" viruses avoid detection for a while and then for an AV vendor to produce working detection rules and to check these in house against various permutations of the virus and known "safe" software that shouldn't come up with a false positive. The AV vendors are always behind, and end users always suffer as each detection rule added to AV software increases the number of checks that need to be made, necessarily slowing your system down to a crawl.
It's not a situation where the AV vendors can ever win, the only "fix" is to improve prevention and this requires careful operating system design. When the most common PC operating system has roots in a system that was designed specifically for single user, stand-alone use with everything else cobbled on top in a frequently changing direction with "new" products and platforms abandoned and left hanging regularly it's no wonder we're in the mess we are in. A more secure system is a more closed and controlled system, but how closed can it get before we start reacting to the loss of the freedom that enjoyed before?
NT was designed from the ground up to be multi-user. We have left Windows 9x behind us.
The problem there is that early software developers were lazy in writing / porting their code to NT and made the demand that software be run as root. Also in XP Home on, users didn't really understand admin / non-admin accounts, so MS left the first user as Admin, which is bad practice, but didn't help the kick the collective butts of the software developers to follow best practices. It has improved a lot, but there are still some nasty bits of non-admin-utility software out there that need admin rights.
In addition, when MS tried to make Windows more secure, the AV developers bellyached that it was unfair that they couldn't use all the bad practices they had enjoyed over the years any more - the same bad practices that made it easy for virus writers, so MS had to back off and make Vista less secure so that it didn't get into trouble with the FTC and EU.
"- And the people who are too dumb to install anything, and too dumb to update their subscriptions. They now think that a virus-riddled machine is the normal state of affairs. It isn't even worth the virus writers targeting these people any more."
I'm in a forth camp:
Those who have a company locked down laptop with Norton Antivirus 2014, bitlocker and other craps. On my 3year old Opensuse 13.1 host laptop cloning a 10GB vm took 25sec, on my shiny new laptop it takes 5minutes. It is the same .vmx file. faster drive better cpu.
"Unfortunately for Symantec, PC owners are now divided into 3 camps:" etc.
Which says more about El Reg's readers than it does the gen population.
Most ordinary people install AV software, but use poor, resource hogging stuff because that's what they get flogged by the PC World sales staff. And it gets updated if autoupdate is set up. Or else not at all. Especially when the subscription ends. Some don't update it at the end of their subscription because they don't get round to it, others don't want to spend the money. Or simply resent that a product they've bought has to be renewed every year.
A fair number buy Macs because they happen to see the shiny in those big stores.
A small group use free or lower cost A/V products such as Avast, AVG (even MSoft's own free stuff) because they or someone they know has the knowledge to avoid Symantec and installed it
And a very very small bunch of hobbyist techies use a Linux distro.
So protection is a loser, but detect and respond is a good start. Maybe add "fix" to that for the personal PC side. Telling Joe Blow he's got a virus is one thing, responding is a weasel word that can mean anything from "tell you", "go after the distributor", or tell you where to get the fix.. What Joe Blow wants is the software to catch it, get rid of it, and fix his PC without him having to sort through all the tech websites.. If they could do the fix part, I think they would have a winner.
I can't think of any reason why anyone would announce a big product shift in this manner. 'Hey guys, thanks for 25 years of paying for the whole 100% of our product. Too bad it only worked 45% of the time'. Who can possibly be the beneficiary of 'hey, our product sucks and doesn't make us any money'? It sure as hell isn't their investors, resellers or large accounts. He didn't even offer up a real alternative, other than Geek Squad v2.
Maybe he was drunk. Perhaps stoned. Maybe he's already taken a job elsewhere and wanted to depart with a big fuck you. It's quite strange. I saw a documentary once on parasitic worms that like to live in your brain and drive you insane. That there has got potential. Brain worms.
The target base is moving. Individual PCs are becoming less and less the target. As data is moving towards the cloud, so are attacks. That doesn't mean that the AV products aren't any good (although we are talking about Symantec here), just that, whilst the AV sales still make up 45% of its income, it is becoming less and less relevant and is already in the "race to the bottom" in terms of profit.
The growing market for security is traffic analysis and cloud protection from DDoS attacks, as well as malware and hackers.
I understand the reasons for the shift, but not the reasons for the announcement of the shift. It's Product Management 101 that you don't announce a the end of a product if you don't have something ready and waiting to move customers into. Nobody likes to buy obsolete software in the first place and they really don't like to buy obsolete software that's ~1/2 broken.
It's not a matter of profit, it's that revenue is always the #1 thing. As long as you can keep revenue up you've got money to develop new products and expand margins on other things. You can run insanely high losses indefinitely and still make lots of money (see Amazon for more information), bit without revenue you can't cover your payables, finance rates jump and everybody gets left staring at the hole where their jobs used to be. You can survive with no profit basically forever, but nobody lives long without revenue. They die even faster if revenue goes backwards instead of remaining stable or growing. This announcement was very poorly handled.
I read it a bit differently.
The people who currently use AV products aren't as much at risk as they were, but still need AV software, because the threat hasn't gone away completely. But it is the race to the bottom, there is little or no money to be made there.
The new area, where security companies need to be concentrating on is the cloud and networks in general. This is a new market segment that is growing and there is little cross-over to their old product. The buyers of traditional AV software won't get any benefit from investing 10s of thousands of pounds in network threat assessment kit and a large global cloud provider is going to buy the new kit in addition to their corporate AV licence.
It is a bit like Lenovo saying the PC market is slowing, so they are going to make tablets and smartphones as well. It doesn't mean that they are abandoning their PCs, just they are expanding their product categories to cover new areas.
True. Gone are the days of exchanging files via floppy where I tended to have to worry about and clean off other's PCs that got infected that way. More and more are exchanged via email which most email providers scan for viruses. ISPs also tend to offer free virus software that can be downloaded for personal use. And now some filesystems can tie into a scanner. ie: ZFS.
"The target base is moving. Individual PCs are becoming less and less the target. As data is moving towards the cloud, so are attacks. That doesn't mean that the "
Don't you believe it. Bot armies are still essential to large scale attacks not to mention "low hanging fruit."
That would be like saying just because people are now robbing banks, it's ok to leave the car unlocked.
I never understood why the big AV companies never took a leaf out of MS's book on AV.
Just release a decent product that does a single job quite well and without all the fuss, complexity and nagging.
MSE isnt perfect but it does the job without any hassle or constant nagging. The only issue is that as its so popular its the main target and its really only a baseline level of defence.
All we want is a lean efficient AV software that just installs, scans and updates in the background. A single notification icon bottom right is all that we need to know its there.
Dont need link scanning, email scanning, network lock downs, child monitoring, arbitrary trusted app levels, convoluted firewall blah blah blah...
"Dont need link scanning, email scanning, network lock downs, child monitoring, arbitrary trusted app levels, convoluted firewall blah blah blah..."
You need to tell that to pretty well everyone who's writing stuff these days. No-one seems happy any more with software that does what it needs and nothing more. If another feature is possible, then it needs to be added... and on and on... until it collapses under its own bloat. AV, unfortunately, is not alone in this by a long way.
That's not to say it doesn't deserve to die, though.
Microsoft did everyone a big favour with Security Essentials. For one it made the actual cost of Windows seem like much better value. I've been running it for what four years now and not had one virus not detected. I don't get many but there are odd times when something is detected. USB sticks are used extensively, and when I need to print I will go to the local internet cafe. More often than not it needs cleaning when I get back.
To say AV software is not needed for a Windows environment is complete nonsense. He would say that though since he is pushing his new business of catching the horse after it's over the hills and far away.
First thing when somebody brings me a laptop to fix is look for and kill Norton. That speeds it up about a million percent.
Finally, and the reason I am posting anonymously is that I had a meeting to pitch to a client last month. The client's laptop had chrome and I've never seen more malware in my life. There were ads down the right and left side. There was a little square covering the top right hand corner of the browser window, and there were constant popups in the bottom right corner, sometimes 5 on top of each other. It did not make showing my portfolio easy... And this guy seems to think AV is not needed. What planet is he from?
Been there, my friend. It takes an iron grip not to lose control with people like this. Incidentally I use MSE on my main, but often chuck Avast on customer machines as it's got a boot-time scanner which will save a lot of time when (inevitably) I get called back to de-infest. I put MSE on peoples' machines whom in my opinion are least likely to get shit-tons of malware (old folk mostly who tend not to go pr*n or freebie surfing).
How did they get away with robbing everyone blind for so long with those forced-bundle deals from online vendors and high-street retailers...
----- "modern antivirus software only stops around 45 per cent of attack on computer systems and lets the rest through. That's a bit embarrassing for the firm's Norton team, who are still advertising the software as "secure and reliable," rather than "works less than half the time".
My Dad was frequently getting getting popups all over the screen while running chrome. A lot of the time they were preventing him seeing the page he was after, and an up to date Norton installation was happily claiming his machine was totally protected and running perfectly. It turned out to be browserfox/linkswift that somehow installed itself. How that doesn't qualify as malware is beyond me.
As a sidenote it was Ad-aware that finally nailed the culprit. I've finally managed to convince him to ditch Norton and just go with MSE.
I had Norton Internet Security about 10 years ago on its one year licence it constantly asked me aggressively for renewal every time I started up the computer and during use and when I remove the software it deleted all MS Word Documents from the My Documents folder as well.
Evolution chooses the strongest, did any of their execs actually use this product?
"We don't think of antivirus as a moneymaker in any way," Brian Dye, Symantec's senior vice president for information security, told The Wall Street Journal
The reason AV will never be a moneymaker for you is because your product is a steaming pile of shit. I for one, shan't miss it one bit!
Norton - The only AV company where I've ran their own 'removal tool' more often than I've actually ran their installer.... :-D
Good, it always has been the most bloated piece of rubbish ever to be installed on a PC. They do so much analysis of virus software that hides on systems, you would think they would have been able to make their own software do the same, but no, it uses 50% of the CPU and throttles the speed you get things off the hard drive by about 80%, making it plainly obvious your running their software!
Symantec Anti-virus is a terrible product and compared the other offerings it doesn't detect 1/4 of what others can detect. It has bugs / security vulnerabilities, it's a resource hog and it doesn't like uninstalling itself.
A product i'm certainly not going to miss.
Bye Symantec don't come back too soon.
I love the introductory part:
"Symantec,..., looks to be getting out of that business and into fixing hacking problems rather than stopping them."
Since when the hell was an anitvirus going to stop "hacking"!? This is almost as hilarious as those security officers that were not worried about Heartbleed because they "had firewalls" :D
On a previous account I got over 1,000 thumbs down for suggesting you shouldn't run AV due to how ineffective it is, it actually makes you less safe by offering an insignificant amount of protection sold as being a huge amount of protection.
It's like having a bouncer that can only stop known criminals coming into the club, but will let in unknown people who are clearly violent. So much so that they outnumber the known criminals.
All we need are decent audit tools so people can see when rouge programs are exfiltrating data or changing system files, in 2014 this is not only possible and extremely easy to do, but a shocking omission from so-called modern operating systems.
And you should have gotten those 1,000 thumbs down.
Whilst AV is not perfect, it does have its use. I'd agree that you shouldn't use shite, like Symantec's or McAfee's offerings, but a good free individual solution like MSE is a necessary part of protecting a Windows PC.
Good AV doesn't waste time trying to protect against unknown threats because those are properly in the domain of firewalls, user restrictions, and system file protections.
The audit tools you described are worse than useless, because they don't prevent anything. "Hey, spyware.exe just replaced explorer.exe and sent your password wallet to somewhere in the Czech Republic. Have a nice day!" doesn't help the fact that your computer is now toast and your online accounts are soon to be.
He's correct in that it is a race to the bottom. I am forever reading interviews or articles in the IT press about companies that switched from AV Vendor X to Y because it reduced their TCO due to such and such a reason and Vendor Y demonstrated a commitment to your Information Security requirements, etc...
Actually, Vendor Y pretty much bought you out of your final year and tied you into a 3 year deal at such a rock-bottom price that it's a miracle the finance guys approved the P&L on the deal. In fact, you can probably guarantee that, unless they sign up for 5 years next time round, there's no way you'll be able to match the price and mid-way through the second year they'll be planning the move onto Vendor Z or maybe even back onto Vendor X. Unless, of course, your software is such a pain to remove and the customer is lazy that they decide to just stick with the higher price.
That, ladies and gentleman, is not a sustainable business model.
Symantec is run by morons, who are completely clueless about ethics, honesty, and owning up to mistakes. Instead of resolving errors and their libellous lies, they fling lawyers ate people. Every chance I get to move people off Symantec, I do... and I get quite a number of those opportunities.
Again, I encourage Symantec to climb down off their high horse, stop labelling legitimate websites as "hate" sites, and clean up their act generally. Their real problem is not their CEO(s) or their business model (although that could certainly use an upgrade), but rather the company's problem is an ethics deficit that they think they are big enough to ignore.
I didn't really get that they were on a high horse from this article. I think they're being very ethical by moving out of the AV market.
They basically admitted their software was crap and are moving onto something they might be able to do competently - emphasis on the "might"
Norton and McAfee were both really good products once. (I think Win 3.1 was still in use).
But then the technically lead products were taken over by the corporate suits. And they clearly saw the product as a kind of legal ransomwear - you had to pay whatever they asked for whatever they felt like serving - or you'd get a nasty virus.
Except that their products rapidly became piles of Sh*t because they only existed to harvest the public's cash - and quality was of no interest to the money men becasue they didn't need it.
Norton and McAfee were both really good products once. (I think Win 3.1 was still in use).
But then the technically driven products were taken over by the corporate suits. And they clearly saw the product as a kind of legal ransomwear - you had to pay whatever they asked for whatever they felt like serving - or you'd get a nasty virus.
Mcafee used to update the definitions for free in those days. You bought the software and they updated it ( though not as often as now). I think Norton did too. But then they got greedy and didn't just charge for updates ( fair enough) but saw themselves in the "selling razor blades" business. So the updates were almost as expensive as buying a new product. Unsurprisingly not many ordinary users bothered. So they went into punting the crap through bundled software and PCworld (or Comet) "offers".
Except that their products rapidly became piles of Sh*t because they only existed to harvest the public's cash - and providing vfm and quality was of no interest to the money men because thought they didn't need to.
The one thing they didn't want to do was sell a fair product for a fair price.
A Mac fanatic friend told me about this latest rant from Symantec. What did I reply to him? Oh yes:
PLEASE tell me this means Symantec is leaving the 'anti-virus' business. Good riddance. Symantec has had it in for Mac since day 1, has bought and killed a number of BETTER AV/Disk tool products for Mac, has infamously FUDed Mac security since 2005, has foisted worst in class AV on Mac users, and has sold then yanked off the market a number of programs, leaving victim customers in the lurch. All around, a VILE company, IMHO of course.
IOW: Shut up and go away Symantec.
Worse than the fact that client antivirus software fails half the time to solve a problem from 1999 is this: that CIOs use it as evidence that they're doing something about cyber security. My experience, even in tech firms, is that when you point out a client side security hole, you get told not to worry your pretty head, everything is okay because end point protection is installed.
We use McAfee. It doesn't seem to be installed properly, with most rules turned off. Maybe that explains the fact that performance is acceptable. Parts of it look like they literally date from the days when signature based virus checking was relevant : file exclusion types support only three letter filename extensions. Helpfully, it logs false positives, which serves mainly to give everyone a warm feeling. In particular, it flags Windows Defender updating itself as a 'file action blocked' event, even though the log also reports that the relevant rule is turned off.
This thing is just installed as an excuse.
Sounds like Norton is a pig, as well as being useless, so I guess it could be worse.
Maybe antivirus would still be a good money maker if Norton worked as well as the various free AV offerings you can get. Honestly how the likes of Norton and McAfee have stayed afloat while offering less dependable and more buggy offerings than the freebie antivirus that's floating around is something I've never understood. I'm not opposed to paying for AV (in fact, I do pay for AV for my wife's computer*), but it has to be better than what I can get for free and Norton just isn't.
*In case you're curious, the other computers in the house all run Linux. Mine has ClamAV because I've not seen a better AV for Linux. My kids' computer has a rather paranoid whitelist internet filter (the plan is to make it less paranoid as they get older and eventually loose the filter altogether and just monitor what they're doing, but right now at 3 and 6 I have them locked down to just a few trusted educational and games sites) so they don't have much chance to pick up the exceedingly rare Linux virus anyway.
Biting the hand that feeds IT © 1998–2020