back to article Attention, small biz using Symantec AV: Smash up your PCs, it's the safest thing to do

If you're using Symantec's Endpoint Protection Small Business Edition (SEP SBE) then you can forget about security for a week or so, as the company won't be patching the "as bad as it gets" security holes in its software for a while. A Register reader who wishes to remain anonymous received an email from Symantec confirming …

  1. Anonymous Coward
    Anonymous Coward

    Right, that does it

    I will recommend dropping "Symantec Endpoint Protection Small Business Edition" software ASAP on the next IT meeting. The "cloud interface" has been a right PITA, the error messages are more terse than a guarantee by Grand Guru Mbeke Bongo to heal your soul as found in your snailmailbox and then this?

    Clowns!

    1. Kurt Meyer

      Re: Right, that does it

      @ AC

      I might go a step farther, my anonymous friend, and recommend dropping Symantec products altogether. I used and recommended their products extensively in the '90s and early years of this century, but have not done so for the last decade.

      The bloated mass mess of today bears little resemblance to the "lean, mean, virus-fightin' machine" of yester year. Symantec has lost my business, and my recommendation.

      1. Captain Scarlet

        Re: Right, that does it

        The beanies like the fact it dirt cheap for large companies :(

        1. Sebastian A

          Re: Right, that does it

          Dirt cheap, and about as effective as dirt.

      2. BillG
        Thumb Up

        Re: Right, that does it

        Symantec was one of the biggest security firms of the 1990s,

        We miss you, Peter Norton.

  2. redpawn

    Better Late than Never

    Not!!

    Switch now. Yellow boxes no longer equal "safety", just resource use.

  3. Uplink

    Easy

    Just market it as a pro-virus solution.

  4. Tezfair

    I ditched SBE last year when they split the suite up and the price doubled, however I continue to use SMSMSE, but for the AV I now use Avast business free. Between the two different companies I have not had any issues.

    1. TonyJ

      "...Between the two different companies I have not had any issues....

      That you know about...

      And then, I'd put it down more to Avast than to anything Symantec

  5. Unicornpiss
    Meh

    @Right, that does it

    Look on the bright side, at least you don't use Altiris too..

  6. Anonymous Coward
    Anonymous Coward

    Symantec Sucks

    Symantec's downfall, at least in the Norton Antivirus department, was documented in painful detail in one person's blog. It started around NAV '07.

    symantec-sucks.blogspot.com

    One feels that they still owe several thousands of dollars compensation each to those affected by their monumental incompetence; for all the wasted hours. And no, I don't mean thousands of dollars of free Symantec crappy software.

    1. Anonymous Coward
      Anonymous Coward

      Re: Symantec Sucks

      Oddly enough 2006/2007 is around the same time they started getting serious about offshoring their US coding jobs to India. If they wanted to save their product but had not much money they could have gone to Eastern Europe but that would involve thinking.

  7. Winkypop Silver badge
    Alert

    Symantec Anti-Virus?

    Them's fighting words around here buster!

    Many years ago my PC was borked one last time by Symantec.

    I dropped them and threw away the rest of my subscription.

  8. Jeffrey Nonken

    Symantec is garbage anyway

    I say we take off and nuke 'em from orbit. It's the only way to be sure.

    1. Charles 9

      Re: Symantec is garbage anyway

      Nah, Symantec's more like roaches. They'd SURVIVE a nuke.

  9. Stuart Castle Silver badge

    When I was young (back in the 90s), I used to love the early Norton utilities. Most weeks I'd run Speed disk to optimize my hard drive, and run the various other utilities to do other stuff. I also found that NU got me out of quite a few holes.

    So, come the latter half of the decade, I had had enough of McAfee buggering up my Windows 95 (then 98) machine, and I started looking for an alternative AV. A few friends had Norton AV (probably free with their laptops then bought to stop it nagging), so I bought a copy of Norton AV. It slowed my machine, and I am not entirely convinced it protected it well either (although I realised that later, I was happy with the protection at the time), but I persevered. Eventually, I installed a demo of Norton Utilities to play around and suddenly my machine lost it's second HDD. Uninstalled NU, and saw no difference. Uninstalled NAV and the HDD came back.

    I did not re-install NAV or NU. At that point I switched back to McAfee, then discovered Avast and haven't looked back really.

  10. JcRabbit

    WS.Reputation.1 detection anyone?

    As a software developer, don't even get me started on their idiotic WS.Reputation.1 detection idea.

    Whoever came up with it should be fired with extreme prejudice! How Symantec hasn't been sued for loss of business yet is completely beyond me.

    Basically their AV software will flag a file as dangerous - and *automatically quarantine or even delete it* - not because heuristics have detected something wrong or malicious with the code itself, but because their software hasn't yet seen that exact executable file around enough.

    You can imagine what happens every time a developer releases an update to their software.

    This is really bad because users may think that the software distributed by a particular developer includes malware, or they may decide to not install the program as it may not be worth the potential trouble.

    The developer in turn can then either contact Symantec (yeah, imagine if we had to contact every AV software vendor before a new release) or wait for the issue to resolve itself: eventually enough Symantec users will have upgraded to the new version of your application and the file will stop being flagged as dangerous.

    Until that happens... what you have is a potential loss of business, and your company's reputation tarnished because of a false positive generated by a completely stupid idea.

    So no, I'm not sorry to see Symantec facing this. Serves them right, and their (lack of) response so far shows exactly what kind of company they are.

    1. maxxcool7421

      Re: WS.Reputation.1 detection anyone?

      Dumbass. If you don't sign your code AND run it out of %temp% and or run the binary out of the IE\FF\Cm temp folder you are the reason people still get infected.

      shitty coders like you get detected by that SIG because that's what virus authors do. sing your fucking code and run your custom IT tools somewhere else besides the temp folder and it will execute fine.

      1. JcRabbit

        Re: WS.Reputation.1 detection anyone?

        You have absolutely *no idea* what you are talking about, do you? Grow up, do some software development in the real world, get at least *some* experience making and selling your own software and then come back and talk to me. :-P

  11. davidp231

    New Symantic Anti-virus v.23: 100% secure until you remove the shrinkwrap.

  12. vonRat

    Vandals

    SAV was the first product we dropped around 10 years ago, then they wrecked Backup Exec, and now MessageLabs is starting to show signs of rot.

    Norton Internet Security's best security feature is that it effectively disables your operating system so you can no longer use it.

    1. This post has been deleted by its author

  13. adam payne

    I haven't recommended Symantec or Mcafee in over a decade and wouldn't use them if someone gave it me for free.

    What makes a Symantec product safe? leaving it in the unopened box, on the shelf of the company desperately trying to get rid of all the copies they purchased.

  14. Anonymous Coward
    Anonymous Coward

    Use the Yellow and Black peril at your own risk!

    Feh, I'm not at all surprised by this news!

    The same company that ejects their best & brightest regularly (and I know from personal experience) has lost any ability to deliver anything I'd even consider running for my kids, let alone where I now work! The company has an ability to market a turd and make it look less like a turd and more like a shiny new object yet they continue to not serve their customers. Couple this with the CEO o'the year club and you're buying products from a company with no firm leadership.

    Or, you turn your brain on, see their products as failed Darwinian experiments and move onto really useful, flexible products instead that aren't bloated nagware and delete them.

    1. Anonymous Coward
      Anonymous Coward

      Re: Use the Yellow and Black peril at your own risk!

      "Or, you turn your brain on, see their products as failed Darwinian experiments and move onto really useful, flexible products instead that aren't bloated nagware and delete them."

      Until you realize there's NONE available fitting your specifications. Don't want a subscription, and most all the free ones nag too much (the ones that don't don't integrate too well). Does that basically mean I'm doomed?

      And what about all those out there that don't have brains but still have computers? It's not like we can force people into classes before they're allowed to use one; genie's already out of the bottle.

  15. jonathan.stuart@paragon-europe.com

    Case for the Defense

    This thread seems to have become infected by bigots and bears of small brains. Stick to the facts guys, not gossip about a package you used to run years ago.

    We run Endpoint Protection Suite on around 1000+ endpoints across Europe, and on email gateways. We also run McAfee and AVG at some locations. No issues with Symantec for years. Mythical performance load issues not seen (was briefly true in NAV a decade ago ...). Endpoint Management console works fine. Only risks we see are attachments with MS Office macro downloaders, which all the a/v vendors have trouble with, even famous-name cloud mail services.

  16. Crazy Operations Guy

    Wow, Actually makes your OS -less- secure...

    I didn't think it was possible for a piece of security-code could actually make a fresh, unpatched install of Windows -less- secure than running without AV...

    So what I can tell from the technical details, they were running code in kernel space that also listened on a TCP port with no authentication. Privilege Separation is something that should be present in even the most basic of programs that accept data from any external source (the user, a server out on the internet, or even just a local storage device). Any piece of data should be validated any time it moves from one process to one running with different permissions.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like