Attention, small biz using Symantec AV: Smash up your PCs, it's the safest thing to do

Better Late than Never

Not!!

Switch now. Yellow boxes no longer equal "safety", just resource use.

Easy

Just market it as a pro-virus solution.

I ditched SBE last year when they split the suite up and the price doubled, however I continue to use SMSMSE, but for the AV I now use Avast business free. Between the two different companies I have not had any issues.

Symantec Sucks

Symantec's downfall, at least in the Norton Antivirus department, was documented in painful detail in one person's blog. It started around NAV '07.

symantec-sucks.blogspot.com

One feels that they still owe several thousands of dollars compensation each to those affected by their monumental incompetence; for all the wasted hours. And no, I don't mean thousands of dollars of free Symantec crappy software.

Symantec is garbage anyway

I say we take off and nuke 'em from orbit. It's the only way to be sure.

When I was young (back in the 90s), I used to love the early Norton utilities. Most weeks I'd run Speed disk to optimize my hard drive, and run the various other utilities to do other stuff. I also found that NU got me out of quite a few holes.

So, come the latter half of the decade, I had had enough of McAfee buggering up my Windows 95 (then 98) machine, and I started looking for an alternative AV. A few friends had Norton AV (probably free with their laptops then bought to stop it nagging), so I bought a copy of Norton AV. It slowed my machine, and I am not entirely convinced it protected it well either (although I realised that later, I was happy with the protection at the time), but I persevered. Eventually, I installed a demo of Norton Utilities to play around and suddenly my machine lost it's second HDD. Uninstalled NU, and saw no difference. Uninstalled NAV and the HDD came back.

I did not re-install NAV or NU. At that point I switched back to McAfee, then discovered Avast and haven't looked back really.

WS.Reputation.1 detection anyone?

As a software developer, don't even get me started on their idiotic WS.Reputation.1 detection idea.

Whoever came up with it should be fired with extreme prejudice! How Symantec hasn't been sued for loss of business yet is completely beyond me.

Basically their AV software will flag a file as dangerous - and *automatically quarantine or even delete it* - not because heuristics have detected something wrong or malicious with the code itself, but because their software hasn't yet seen that exact executable file around enough.

You can imagine what happens every time a developer releases an update to their software.

This is really bad because users may think that the software distributed by a particular developer includes malware, or they may decide to not install the program as it may not be worth the potential trouble.

The developer in turn can then either contact Symantec (yeah, imagine if we had to contact every AV software vendor before a new release) or wait for the issue to resolve itself: eventually enough Symantec users will have upgraded to the new version of your application and the file will stop being flagged as dangerous.

Until that happens... what you have is a potential loss of business, and your company's reputation tarnished because of a false positive generated by a completely stupid idea.

So no, I'm not sorry to see Symantec facing this. Serves them right, and their (lack of) response so far shows exactly what kind of company they are.

New Symantic Anti-virus v.23: 100% secure until you remove the shrinkwrap.

Vandals

SAV was the first product we dropped around 10 years ago, then they wrecked Backup Exec, and now MessageLabs is starting to show signs of rot.

Norton Internet Security's best security feature is that it effectively disables your operating system so you can no longer use it.

I haven't recommended Symantec or Mcafee in over a decade and wouldn't use them if someone gave it me for free.

What makes a Symantec product safe? leaving it in the unopened box, on the shelf of the company desperately trying to get rid of all the copies they purchased.

Use the Yellow and Black peril at your own risk!

Feh, I'm not at all surprised by this news!

The same company that ejects their best & brightest regularly (and I know from personal experience) has lost any ability to deliver anything I'd even consider running for my kids, let alone where I now work! The company has an ability to market a turd and make it look less like a turd and more like a shiny new object yet they continue to not serve their customers. Couple this with the CEO o'the year club and you're buying products from a company with no firm leadership.

Or, you turn your brain on, see their products as failed Darwinian experiments and move onto really useful, flexible products instead that aren't bloated nagware and delete them.

Case for the Defense

This thread seems to have become infected by bigots and bears of small brains. Stick to the facts guys, not gossip about a package you used to run years ago.

We run Endpoint Protection Suite on around 1000+ endpoints across Europe, and on email gateways. We also run McAfee and AVG at some locations. No issues with Symantec for years. Mythical performance load issues not seen (was briefly true in NAV a decade ago ...). Endpoint Management console works fine. Only risks we see are attachments with MS Office macro downloaders, which all the a/v vendors have trouble with, even famous-name cloud mail services.

Wow, Actually makes your OS -less- secure...

I didn't think it was possible for a piece of security-code could actually make a fresh, unpatched install of Windows -less- secure than running without AV...

So what I can tell from the technical details, they were running code in kernel space that also listened on a TCP port with no authentication. Privilege Separation is something that should be present in even the most basic of programs that accept data from any external source (the user, a server out on the internet, or even just a local storage device). Any piece of data should be validated any time it moves from one process to one running with different permissions.