funsec mailing list archives
RE: Spybot v. Symantec
From: Larry Seltzer <Larry () larryseltzer com>
Date: Mon, 2 Oct 2006 23:42:22 -0400
Based on the screen shot it looks like they are not blocking installation, just recommending that you remove the products. There is a Next button there; is someone saying that you can't just ignore the recommendation and proceed? The real issue here is the on-access scanners (and there's probably an IPS component at issue too), right? At install time is there a practical way for these products to determine that these live components are running as opposed to just a static scanner? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer () ziffdavis com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of StyleWar Sent: Monday, October 02, 2006 11:22 PM To: 'Dude VanWinkle'; 'Richard M. Smith' Cc: funsec () linuxbox org Subject: RE: [funsec] Spybot v. Symantec The suggestion that the two program development teams are intimately aware of the functions of the latest malware, and yet somehow completely ignorant of each other's existence and practices seems ludicrous to me. Personally - I don't see it as a compatibility issue... - StyleWar "If everyone' thinking alike, then somebody isn't thinking."
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Dude VanWinkle Sent: Monday, October 02, 2006 12:04 PM To: Richard M. Smith Cc: funsec () linuxbox org Subject: Re: [funsec] Spybot v. Symantec On 10/1/06, Richard M. Smith <rms () bsf-llc com> wrote:Security Smackdown: Spybot vs. Symantec http://blogs.pcworld.com/staffblog/archives/002874.html While installing my review copy of Norton Internet Security 2007, I found that Symantec's software recommended that Iuninstall not onlySpybot but also Webroot Spy Sweeper antispyware software. (See the screenshot below.)Its kinda hard to run two continual scanning apps; anti(spy/mal/ad)ware, or anti virus software unless you can configure the two to not scan each others binaries or protected files. Also, I dont know what would happen if they both tried to watch port 80 or some such for those that do scan memory. I didnt know this was a proprietary practice, but rather an OS limitation and also to protect your app from being altered by malware: "you scan my files and i'll kill your process" kinda thing. am i mistaken? -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Spybot v. Symantec Richard M. Smith (Oct 01)
- Re: Spybot v. Symantec Nick FitzGerald (Oct 01)
- Re: Spybot v. Symantec Dude VanWinkle (Oct 02)
- RE: Spybot v. Symantec StyleWar (Oct 02)
- RE: Spybot v. Symantec Larry Seltzer (Oct 02)
- RE: Spybot v. Symantec StyleWar (Oct 02)
- <Possible follow-ups>
- RE: Spybot v. Symantec Alex Eckelberry (Oct 02)