back to article Want to download free AV software? Don't have a Muslim name

Software export controls are being applied to blacklisted people as well as countries: and these controls apply to routine security packages such as freebie antivirus scanning software, as well as more sensitive technologies, El Reg has concluded. We've come to this way of thinking after investigating why Reg reader Hasan Ali …

  1. Anonymous Coward
    Anonymous Coward

    so now tha bad guys

    can easily find out if they are on the bad guys list...

    great :(

    1. Anonymous Coward
      Anonymous Coward

      Re: so now tha bad guys

      Well, they usually get on it because it they do bad things.. It probably doesn't come as a surprise.

      1. Anonymous Coward
        Anonymous Coward

        Re: so now tha bad guys

        You are right, it is only a problem if you have the same name as a bad guy, so just change your name....

      2. Anonymous Coward
        Anonymous Coward

        Re: so now tha bad guys

        >>> Well, they usually get on it because it they do bad things.. It probably doesn't come as a surprise.

        So one Anonymous Coward commits a crime, and all the others have to suffer?

    2. Vimes

      Re: so now tha bad guys

      What gets me is that providers are continually allowing themselves off the hook with the excuse 'not our fault guv' (much as ISPs do with the internet filtering whenever anything goes tits up there too).

      Enough of that bullshit. The service providers *chose* to use these lists, and they should be made to answer for any mistakes that result from that choice.

      Perhaps if that happened they would be putting more awkward questions to the list providers before using their products and these frequent 'false positives' - which in turn suggest sloppiness on the part of those providing the lists - might happen less frequently.

      1. Richard 51

        Re: so now tha bad guys

        Service providers don't "choose" to use these lists. The denied persons and denied entities lists are published by the US Government and are mandatory if you are a US company or use/sell US technology. Quite why Sophos believe they have an obligation for a basic AV program, only Sophos can say. These denied parties lists are notoriously poor quality with little to distinguish between names. So I can understand what Sophos are doing because it fulfills compliance rules issued by the US Government (similar rules apply to UK as well). But why ? Anybodies guess..

        1. Fonant

          Re: so now tha bad guys

          Agree: technically anyone dealing with "foreigners" has to check that their customer is not on any government-published sanctions lists. The lists, however, mainly consist of names and addresses, so that's all you have to go on. The potential for false positives is huge.

          USA list:

          http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx

          UK list:

          https://www.gov.uk/government/publications/financial-sanctions-consolidated-list-of-targets/consolidated-list-of-targets

          1. Allan George Dyer Silver badge
            Facepalm

            Re: so now tha bad guys

            @Fonant - Interesting lists.

            At least the UK version has some activity details, so they could use a follow-up question that doesn't require sensitive personal information... like,

            "In approximately 2005, did you run a 'basic training' camp for Al-Qaida in Pakistan?"

            "Um... No?"

            "We're all good, carry on with your download"

          2. Anonymous Coward
            Anonymous Coward

            Re: so now tha bad guys

            Using the US list, it returned the following counts of bad boys with these names:

            Mohammed 123

            Jesus 68

            Buddha 0

            Confucius 0

            Mine was not on the list Yet.

            1. Zot

              Re: so now tha bad guys

              "Anonymous Coward"

              ...Is the reason this list exists, unfortunately.

        2. Anonymous Coward
          Anonymous Coward

          Re: so now tha bad guys

          > Quite why Sophos believe they have an obligation for a basic AV program, only Sophos can say

          Because they maintain an encrypted communication channel between the AV client and the Sophos update server.

          There is (now) a generic exemption for medical data and for entertainment: The generic exemption doesn't cover the software I write, and it doesn't cover Sophos.

    3. Stuart 22

      Re: so now tha bad guys

      Has anybody tried as Barack Obama?

      And do ISIS have a 'good guys' list when seeking out free downloads? Or just a plane ticket?

      1. Grikath Silver badge
        Facepalm

        Re: so now tha bad guys

        ummm yeah.. and as a Bad Guy you would most certainly acquire anything for [Nefarious Plan X] under your registered name, because, you know... Nefarious Plan..

    4. Anonymous Coward
      Anonymous Coward

      What needs to happen next...

      The evil-doers need to start using aliases such as Smith, MacDonald, Jones, Cameron, etc.

      I've read that these sort of screening systems also use the prehistoric 'Soundex' algorithm, which was designed for English pronunciation rules, applying it gleefully even on foreign names.

    5. The Man Who Fell To Earth Silver badge
      FAIL

      Re: so now tha bad guys

      This "problem" exists because Sophos wants Mr. Ali's personal info like his name & email address. They could be in full compliance with export controls by not asking for any personal info and simple filtering by IP address of the downloader. That is what most companies do, which is why Mr. Ali never has this problem downloading from other places.

    6. Charles Manning

      Re: so now tha bad guys

      Well it's all pretty stupid. Names are hardly unique. There are multiple Charles Mannings in the small city I live in and that's hardly a common name.

      The name pool for Muslim names is far smaller than for English names.

      If you found John Smith on the list, which John Smith would it be? Now take that problem and multiply by a factor of 100 or so and you get the idea how hopeless a Muslim naughty-name list is.

  2. Voland's right hand Silver badge

    Why antimuslim

    I suspect trying to download something in the name of Petrov or Ivanov will yield the same result.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why antimuslim

      Because of Whattaboutery?

      Not only are they hating muslims, men, people with hands & internet connections, but they also apparently look like they are trying to commit identity theft..

      or at the very least how dare they try to comply with legislation relating to embargoed countries and persons.. don't they realise that they should let everyone get their products and take the massive fines from not having a suitable framework in place / breaking embargoes as a good-will gesture?

      I am shocked, shocked I tell you at this blatant disrespect of all that we rich running dogs in the glorious west hold holy.

      regards,

      Idi Amin

  3. This post has been deleted by its author

  4. AbelSoul
    Facepalm

    yeah, that'll stop thum pesky terr'ists

    Utterly absurd and almost as depressing.

    1. Roq D. Kasba

      Re: yeah, that'll stop thum pesky terr'ists

      As a Jihadi, are you going to use your real name to download a piece of free AV software but be foiled by this moronic move? FFS it is beyond stupid.

      1. Crisp Silver badge

        Re: yeah, that'll stop thum pesky terr'ists

        Don't be silly! People wouldn't just go on the internet and tell lies.

    2. JP19

      Re: yeah, that'll stop thum pesky terr'ists

      "Utterly absurd and almost as depressing"

      Yep almost as silly as providing a real name to someone on the internet for a free software download.

  5. John Styles

    To be fair

    One of my colleagues with a very WASP name (even without the double-barreled bit which he doesn't use) was taken into a small room on the way into the U.S. because someone with the same name was on 'the list'.

    1. david 12 Bronze badge

      Re: To be fair

      One of my relatives with a WASP name was taken into a small room on the way into the U.S. because someone with the same name was on the FBI wanted list. Never mind that criminals on the FBI wanted list are local criminals: it took them an hour to decide that my relative is "not black".

  6. Anonymous Coward
    Anonymous Coward

    Sophos? Curious choice for a "Reg reader"

    Perhaps he should be looking elsewhere anyway.

    http://www.kaspersky.com/security-mac

    1. Peter2 Silver badge

      Re: Sophos? Curious choice for a "Reg reader"

      Kasperky would be an absurd AV choice though, you might as well just go with Clam AV and have done with it. My experiance with V8 was that it had a much lower detection rate of threats than any other system I have used. It was also rather crap in other ways: especially in continually blocking connections to/from the print server and random devices for no reason, regardless of whitelists or even having the firewall/everything other than AV disabled.

      Unsurprisingly, we are now using another product.

    2. Dan 55 Silver badge
      Black Helicopters

      Re: Sophos? Curious choice for a "Reg reader"

      I'm rather disappointed that Sophos, being a UK company, didn't detect the name and silently offer an alternative download which Ccs everything to Cheltenham.

      1. Chloe Cresswell

        Re: Sophos? Curious choice for a "Reg reader"

        I'm a sophos reseller. I needed a copy of their software for a standalone machine. UK company, UK client, UK reseller, UK broadband connection.

        I had to go though the page dealing with US export regs to download it.

        Makes you realise it's very much back covering.

  7. leon clarke
    FAIL

    'against the law'

    What matters (from Sophos's point of view) is not whether or not it's legal to give antivirus software to someone called Hasan Ali. What matters is whether their lawyer says it's legal. Which is subtly different - the lawyer could get into a lot of trouble if they say something is legal when it isn't, but they're unlikely to get into any trouble for claiming something 'might be problematic' when it isn't. Hence everyone 'errs on the side of caution'. And everything gets made more general and vague a few times in the interests of 'simplicity', making the eventual rules even less connected to the original law.

    The same principle causes health and safety to go mad, and it needs to be better appreciated. A law should be considered faulty if it has consequences like this even if anyone reading the actual law can clearly see that, in this situation, it shouldn't apply.

    1. Dr Paul Taylor

      Re: 'against the law'

      I strongly suspect that filtering out Muslim names is against the law, especially if the company is based in the UK.

      And utterly pointless, since most of us on El Reg (and presumably any real Bad Guys) would give false names to such officious websites anyway.

      1. Anonymous Coward
        Anonymous Coward

        Re: 'against the law'

        I don't know if the following the the case at Sophos, but in a previous job I worked with setting up new customer relationships.. all new customers were run through checks to see if they were in massive debt / weren't paying their bills / had court injunctions against them, and yes, if they were based in a generally embargoed country (which we couldn't trade in/with without getting fined) or if they were an embargoed person (known terrorist / wanted by the ICC for war crimes, etc).

        It is more likely that he shares his name with an identified miscreant, rather than that Sophos now has a filter to catch brown people.

        1. This post has been deleted by its author

        2. This post has been deleted by its author

      2. gnasher729 Silver badge

        Re: 'against the law'

        "I strongly suspect that filtering out Muslim names is against the law, especially if the company is based in the UK."

        I would be really curious what percentage of British muslims have a name that is on the list. In this case, Mr. Hasan Ali's name wasn't just on the list, it was on the list several times, so most of those (and hopefully all of them) were false positives. If there are several people with that name on the "bad guys" list, then there are probably hundreds of perfectly nice and innocent people with that name in the UK.

        Especially when it seems to be very easy to get on the list and impossible to get off it (like if you know someone who has the same name as someone who knows someone who has the same name as a completely unrelated person who has been suspected of having done something wrong). And also considering that apparently there is less variation with muslim sounding names, so there are more people with same names.

    2. Eddy Ito Silver badge
      Black Helicopters

      Re: 'against the law'

      Then there's the whole problem of the silliness of the law. The only reason to make free AV unavailable to certain people is if the software is able to detect the government's own spywa

      Error 451

      1. Jaybus

        Re: 'against the law'

        "The only reason to make free AV unavailable to certain people is if the software is able to detect the government's own spywa"

        No, there are many reasons, the most obvious being Sopho's lawyer being lazy and simply advising them to blanket check the lists for every product, rather than investigating whether or not the law even requires it for the free AV.

        And the laws are not so much intended to keep terrorists from acquiring free AV software, but rather as a legal basis for busting companies that they catch selling high tech goodies like centrifuges (or real security software) to sanctioned entities.

        1. jonathanb Silver badge

          Re: 'against the law'

          But should one of these undesirables acquire a centrifuge, they would want to infect it with the Stuxnet virus or similar, and Sophos might stop that from happening.

  8. MJI Silver badge

    Gobsmackingly ridiculous

    Blocking antivirus installs due to a persons name.

    Just beyond belief

    1. Anonymous Coward
      Anonymous Coward

      Re: Gobsmackingly ridiculous

      Madness! what next? Blocking shipments of weaponised plutonium just because your name is Andrew Nonymous and you life just outisde of Theran?

      Racist doesn't even begin to describe the audacity of 'these people'(tm).

  9. Lee D Silver badge

    Up next - terrorists changing their names to avoid blacklists.

    Next week - terrorists changing their names to those of minor celebrities, journalists, aid workers, etc. to cause as much damn nuisance as possible.

    Until some idiot realises that a list of names is basically USELESS for this purpose.

    And, as several prominent American politicians have pointed out - an export ban on software is basically pointless as they can easily download in other ways (false names, etc.), get it from torrent sites, and there's literally NOTHING that you can do to ensure they don't get hold of it. And, pretty much, if they want to hide data they aren't going to be using off-the-shelf US software in order to do so (well, some might, but let's put those in the "Too stupid to be classed a real threat" box).

    Security theatre, all over again.

    1. Fonant

      The sanctions lists already try to keep up with terrorists using pseudonyms. The problem is that this merely makes false positives more likely.

      But, yes, it's simply security theatre so the politicians can be seen to be doing something, when in practice there is almost nothing they can do.

  10. wolfetone Silver badge

    We can send man to the moon.

    We can have instant video conversations with people over 5,000 miles away.

    But when a man with a foreign sounding name wants to download some anti-virus, people get all bitchy and say "You can't be having that"?

    No wonder alien life hasn't contacted us. How will we treat ET if we can't treat our neighbours with respect?

    1. AndrueC Silver badge
      Joke

      No wonder alien life hasn't contacted us.

      Maybe it has tried but the communication was blocked because the name sounded odd and 'Alpha Centauri' is clearly not a valid nationality. And imagine if they tried to visit in person. They'd do okay at an airport right up until they were asked for their passport..

      1. wolfetone Silver badge

        "Maybe it has tried but the communication was blocked because the name sounded odd and 'Alpha Centauri' is clearly not a valid nationality. And imagine if they tried to visit in person. They'd do okay at an airport right up until they were asked for their passport.."

        I just hope they didn't try to download any anti-virus software.

        1. Bit Brain
          Joke

          "I just hope they didn't try to download any anti-virus software."

          Good point. I wonder how well AV software copes with someone connecting a PowerBook to an alien wireless network and typing "upload virus".

          1. Mark 85 Silver badge
            Joke

            It would try to upload Windows????

      2. Mad Chaz
        Alien

        Intelligent life

        Naaa. They went into lunar orbit, looked at us for a few years and concluded "No intelligent life here"

    2. Captain DaFt

      a nit pick

      "We can send man to the moon."

      No, we can't. Forty years ago, we had the technology, then dumped it because treaties made it impossible to weaponise.

      These days, it's just possible to put people a bit above the atmosphere, but that's it.

  11. Graham Marsden
    Facepalm

    Hello, my name is John Smith...

    *cough* Allahu akhbar! *cough*

  12. Anonymous Coward
    Anonymous Coward

    Next time...

    Instead of typing in Ali Baba, type instead Albert Barber:/

  13. Danny 5

    I wonder

    What would happen here in the Netherlands. Requesting someone's ID is forbidden by law, unless the requestor has a legal right to do so (I can guarentee you that software vendors do not have that right).

    Their comments seem to be ambiguous at best and it feels like simple racism to me.

  14. Werner McGoole

    And the purpose is?

    I assume the reason AV software is sensitive is because it can potentially detect malware planted by law enforcement. So obviously you wouldn't want any old crim getting his hands on it (rolls eyes), especially not one with a foreign-sounding name (smacks head).

    Although this does pre-suppose that Sophos' AV software detects government-produced malware in the first place. Given that US and UK AV vendors don't seem to be targets for NSA/GCHQ hacking or reverse engineering, that's not so certain, of course.

    Or it could just be that if the powers that be don't like you they don't want you to have any software at all. But surely even they can see the futility of that?

  15. Unicornpiss Silver badge
    Flame

    Just... wow...

    I wonder how it would go over if Sophos cited some obscure research that said that (insert your favorite minority here) is more likely to commit a crime and banned everyone of that ethnicity from downloading. In the USA at least, there would be people lined up with pitchforks and torches. As soon as the sensationalist media got involved, you wouldn't be able to even mention the company's name in public without getting a dirty look.

    What makes this even more absurd is that in the IT community, there is a large proportion of Muslim developers and general IT workers compared to other general professions, probably second only to the medical sphere.

    1. Teiwaz Silver badge
      Terminator

      Re: Just... wow...

      > "I wonder how it would go over if Sophos cited some obscure research that said that (insert your favorite minority here) is more likely to commit a crime and banned everyone of that ethnicity from downloading. In the USA at least, there would be people lined up with pitchforks and torches."

      Unless the person who said it was (oh, I dunno, someone like Donald Trump, for example, just to pick a celeb/politician at random and not a company like Sophos).

      Then the pitchforks might get pointed the other way, and there'd be quite a few flags being waved too...

      1. MJI Silver badge

        Re: Just... wow...Trump

        Who is going to follow someone named after a fart?

  16. AndrueC Silver badge
    Thumb Down

    Big fail, by Sophos. Fail for even trying to block by name. Even bigger fail for then asking for personal details. Will they even provide a secure channel to get those details to them? Nah - they'll probably just ask you to email them.

  17. Cucumber C Face
    FAIL

    Great advert for Sophos anti-virus software

    Brilliant work on that terrorist detection algorithm guys. Can I take it we can expect no false positives from your heuristic detection either?

  18. Trollslayer Silver badge
    Flame

    Bollocks

    'nuff said.

  19. Ken 16 Silver badge
    Trollface

    OpenVMS

    A fundamentalist then?

  20. Trollslayer Silver badge

    Export control?

    I did a bit of export control when my role included lab management and there is nothing like this in it.

    By the way our products used encryption.

  21. This post has been deleted by a moderator

  22. Fonant

    The "Specially Designated Nationals" sanction lists are quite public, and are an interesting read, Download as a big PDF of names, or as a CSV file (warning: much duplicated data!).

    http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx

    Download a list of names, and psuedonyms, of people the USA don't like. If you are in the USA, you are not allowed to do business with any of these "people" or "organisations".

    Filtering on just the person's name is clearly a ludicrous idea, and yet that is what is done very often.

    In this particular case, "HASAN ALI" is not in the sanction list, but "ALI HASAN" is in the list as a pseudonym for a few entries.

  23. lukewarmdog

    foreign sounding name?

    Seen this said a couple of times.

    It's just a name. Computers can't hear how you say it and they can't identify from your typing what colour you are. This is very much a human failing.

  24. J.G.Harston Silver badge

    Ooo dear...

    Better not be called John Smith.

    or John Smith

    or John Smith.

  25. TheVogon Silver badge

    I'm sure Kaspersky will happily let him download their product instead...

  26. pstiles

    Denny Crane

    Similar but fictitious

    There was an episode of Boston Legal where Denny Crane found out he was on the US no-fly list and was blocked from, well, getting on a plane. He then took the government to court because the only detail on the no-fly list was the name, not the sex age or any other identifying figures - so he took thirty other Denny Cranes with him so when the judge said "Would Denny Crane please stand" the whole room got up.

  27. Amorous Cowherder
    Facepalm

    OK...

    So if some group of nutters blows up a building in some major city and the nutters are called Smith, Davis or Jones, Sophos are going to ban anyone with the name Smith, Davis or Jones? FFS!

  28. Anonymous Coward
    Anonymous Coward

    US export rules are enforced.

    Just look at this register article to see what happens if you don't comply:

    Intel fined $750,000 for software downloads

    http://www.theregister.co.uk/2014/10/17/intel_subsidiary_crypto_export_fine/

    It doesn't leave a company any choice in the matter - do it or get fined.

    1. jonathanb Silver badge

      Re: US export rules are enforced.

      I believe what you should do is print out the code and send it by post to another country, that's protected free speech. Then the local agent scans it in and compiles it for distribution outside the U.S. PGP used to be distributed that way.

  29. joshimitsu

    Username sharing gets around this

    Like on Bugmenot

  30. KitD

    Litigious society

    This is what happens when your society becomes more and more litigious. Concepts of law and national borders have absolutely no impact on connected bits and bytes. And yet it is the legislators & lawyers that hold sway. They legislate and litigate away and then wash their hands of the consequences. Everyone has to comply, but in an internet-connected world, the gaping holes are so obvious as to make the whole charade ridiculous.

    Sophos only care that they comply with some regulation (see comments about CNET and download.com). So long as they avoid litigation, all is well.

    1. Mark 85 Silver badge

      Re: Litigious society

      So, I assume that the only thing preventing you from breaking laws is...what???? Or maybe you do and just don't care?

  31. Harry the Bastard

    so, let me see...

    step one, download baddie list from convenient us government website

    step two, check list for name

    step three, use different name

    am i missing something, or did they not think this through?

    1. Anonymous Coward
      Anonymous Coward

      Re: so, let me see...

      Step 4 is when you have to prove that you are who you say you are by showing ID such as a passport, or some other method of authenticating that you are who you say you are.

      As an example, make up a name that isn't on those lists, buy a plan ticket with that name (+ a false passport number if necessary), then try to board the flight you booked without any valid ID. Bonus points if you act aggressively and try to force your way through security while shouting that your name isn't on any no-fly lists.

      Some things are more secure than others.. Signing up for a GMAIL account I can give pretty much any name I want. However, if I for instance wanted to import firearms I would need a fair bit more documentation and authorisations.. (and papers that said I wouldn't sell them on to nations hostile to the country I was buying them from etc)... telling them my name is James Earnest and that I am not on the embargoed persons list wouldn't cut it.

      In this case, someone has signed up for a product (antivirus, which may or may not be on the list of embargoed products, can't be bothered to check - I know encryption software used to be) using a name that he shares with an embargoed person, and as a result has been asked to prove that he is not the embargoed person before the product is released to him.

      1. Harry the Bastard

        Re: so, let me see...

        er, we're talking about downloading "free av software", not getting on a plane

        these are two different things

        if your name is not on the list, you are not going to be asked for your passport before you get the software

        you are simply going to get the software

        1. Anonymous Coward
          Anonymous Coward

          Re: so, let me see...

          Ah yes, the good old law of unintended consequences, lurking under the water, waiting for its unwary, clueless prey.........

          Crocodile icon needed, please...

  32. Ed Jackson

    Effective screening process.

    Every time I have to download something from Sophos I do so with a name of aergreg rgbbtgvr and email address of rgnrwofn@iygfuyefgwuy.com. I'm sure nobody on the denied persons list would think of doing that.

  33. Anonymous Coward
    Anonymous Coward

    Works 4 me

    How many Muslims terrorists have attacked the U.S. and other countries? Does not the Koran state to kill anyone who does not believe in the Islamic faith as they are an infadel? Perhaps no free AV software is the price one pays for being a Muslim?

    1. Yet Another Anonymous coward Silver badge

      Re: Works 4 me

      Biggest terrorist attack in the middle east was against Britain and perpetrated by .... go on, guess the religion.

      Hint they also don't eat pork and have a very unpleasant time as baby boys.

      1. Anonymous Coward
        Anonymous Coward

        Re: Works 4 me

        Muslims don't eat pork. Muslim boys have the end of their schlong hacked off as babies. But then again, so do many Americans regardless of what disguise their sky-fairy is wearing.

      2. jonathanb Silver badge

        Re: Works 4 me

        The biggest terrorist treats in the UK are Irish Republicans (Catholic), Northern Irish Unionists (Protestants), Animal Rights extremists, Environmental extremists and Pro Life (anti-abortion) extremists. Islamists are way down the list and practically no threat at all.

    2. Anonymous Coward
      Anonymous Coward

      Re: Works 4 me

      No, the Koran does not.

      It does suggest killing the idolators, if they do not repent and pay the Zaggat, which when taken in context of the rest of the chapter still does not mean infidels, no matter how much US right wing Christian crazies wish it did.

      If you're going to argue against anything, it helps if you make some effort to understand it first.

    3. Allan George Dyer Silver badge
      Facepalm

      Re: Works 4 me

      And James Holmes was convicted today... how many gun nuts have attacked unarmed innocents? Perhaps no free AV software is the price one pays for being an NRA member?

      Personally, I prefer controls that i) are easy to apply, ii) address the actual problem iii) are effective and avoid unintended consequences.

  34. Anonymous Coward
    Anonymous Coward

    Totally useless form

    (Anon coward because…)

    I recently manually downloaded an update for our Sophos installation, and was presented with a form asking for lots of details (name, address, business type, etc). I completed it not just with false information, but with information that couldn't possibly have passed even the most cursory validation. It let me through to download it just fine.

    Useless waste of time for everyone.

  35. Anonymous Coward
    Anonymous Coward

    Why?

    Why shouldn't alleged terrorists download a free anti virus software?

  36. BongoJoe
    Holmes

    Muslim name?

    What exactly is a Muslim name? Is it a name that some Muslims have?

  37. Camilla Smythe Silver badge

    Wuh!!

    So Apple sold this bloke a Mac, with an operating system and access to iTunes along with other software including Virtualisation Technology so that he could run a copy of Windows 10 on it... And Microsoft let him download a 'free' version of Windows 10 so he could run it under the Virtualisation Technology provided by Oracle[?] having previously bought a copy of Windows 7 or similar from Microsoft which he was running under the Virtualisation Technology given to him by Oracle so he could upgrade it.

    Then it takes Sophos to flag him as being 'suspect'. FFS.. Are Apple, Microsoft and Oracle asleep at the wheel?

    Sincerely

    Camilla Farquhar Farthington Smythe

    1. Unicornpiss Silver badge

      Re: Wuh!!

      Inflicting iTunes upon enemy combatants is just Apple doing their part to help war efforts.

  38. Anonymous Coward
    Anonymous Coward

    Brother in law

    1. My brother in law has a 'Muslim' last name. Yes, totally arabic sounding.

    2. He travels through airports a lot on his business as tv editor, but a bit scruffy, sporty casual.

    3. One-day beard.

    He gets all kinds of look-once-over in customs. Takes 2 hours.

    1. He still has a Muslim last name.

    2. He is now dressed in suit

    3. Beard neatly shaved.

    He gets in right away. Barely bat an eye on him.

    My sister suggestions paid off. PREJUDICE MUCH? This is not hearsay, she actually timed 2 different travels returning home. Same flight, same day of week, through Heathrow.

    Presentation is everything!

  39. Anonymous Coward
    Anonymous Coward

    Meaningless tosh.

    Sophos are not *trying* to do anything. No, they're almost going out of their way to *not* do it. They clearly don't give a damn about this check. It is so trivially sidestepped that even a mollusc could do it. It doesn't even represent a token attempt to comply with anything. It feels a lot more like they're sticking two fingers up at whoever is making them do this.

    I tried a series of names, like Saddam Hussein, Nonny Mouse, and Sleeping Beauty, all using fake e-mail addresses from non-existent, unregistered domains. A whole batch even used the same address multiple times with different names. Every one of them let me successfully download the package (except Hasan Ali, obviously).

    So who is making them do it?

    Besides, who, in possession of more than two brain cells, ever puts their real name or address on a web form anyway?

  40. Spaceman Spiff

    This is just so bogus I hope that Sophos goes out of business PDQ! Need AV? Try ClamAV. Open source, and I don't think they will apply these ridiculous demands for irrelevant information to install an anti-virus filter! Yeah, like it's rocket science...

  41. Frank N. Stein

    That watch list wouldn't happen to have pseudonyms on it, would it? Because if not and this bloke didn't type in his actual name, he'd have easily downloaded the software with no problem, so long as his pseudonym wasn't on that watch list. ^_^

  42. Kev99 Bronze badge

    So, why don't we all download the file he needs and send it to him?

    1. Anonymous Coward
      Anonymous Coward

      re: Why don't we download it.

      I just did download it with username Idi Amin and email eccles@eccles.com. Sophos has no problem with this at all

  43. John Tserkezis

    We are Sophos, we are a security company, just trust us.

    Just give us your date of birth, and ID number, and your passport number, and your drivers licence number, and while you're at it, your bank details would be nice too.

    Don't worry, this is not a scam, we are Sophos, just trust us, we know what we're doing.

  44. virhunter

    Did they stop filtering?

    After reading this article, I went to the Sophos website and signed up for a trial under the name "Osama Hussein" from Egypt who works for the Muslim Brotherhood. I got the download in spite of the fact that it's not just names, but apparently organisations and countries that can be denied Sophos software.

  45. Cameron Colley

    This would have been interesting a few years back.

    I wonder whether the whole of Iceland (country not shop) was banned from downloading their products after Iceland was declared a terrorist organisation?

    To be fair to Sophos I have seen these lists passed around by email at a previous place of work (hence knowing about Iceland) and the warnings accompanying them suggest that dealing with anybody on the list without proving they are not a terrorist can end up with jail time for the employee and the CEO (or equivalent) so I tend to blame the morons in government for thinking that a name used on the internet is any kind of a way of identifying anyone.

    Anyhow, back to writing articles and shagging Yvonne... ;)

    1. Francis Boyle Silver badge

      Re: This would have been interesting a few years back.

      Iceland was declared a terrorist organisation? Hell, I know Bjork's voice gets on some people nerves but it's hardly a WMD.

  46. JEDIDIAH
    Devil

    Sting like a butterfly...

    Mr Ali just needs to start using the alias Cassius Clay.

  47. Stephen Leslie

    Y A W N

    I'm sure it's an easy fix.

  48. F0rdPrefect
    WTF?

    Is it just me ...

    ... who finds it odd that free software wants your name in the first place?

    And that if one is asked for any Reg reader would give one other than Donald Duck?

  49. Tcat

    A Rose by any other name

    I feel for the guy. I'm US (Army) vet with the first name of Tcat. (T CAT).

    Every couple years Quora bounces me for not using my Real Name

    However I will say the double edge has helped me nip in the bud, trouble.

    Anytime I hear "What's your real name?" I walk. Really borkes a class when your the instructor.

    And yes, the outcome is not pretty. Worse is trying to run a class with an openly hostile student.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019