funsec mailing list archives
Re: Via Slashdot: Antivirus Vendors Head to Court
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Mon, 9 Jul 2007 01:30:46 -0400
On 7/8/07, David Harley <david.a.harley () gmail com> wrote:
> This is very confusing... The install instructions for SAVCE > 10.x are "remove any and all other antivirus or antispyware > applications before beginning installation". I'm not sure they'd dare put that into the EULA. If they did, they'd probably argue that they meant that you shouldn't have AV or antispyware running during the install, not that your license is invalid if you run other security software concurrently. That said, Symantec do tend to expect to have the whole playing field to themselves, and some other products won't load into memory if they think they may have to co-exist with a Symantec product.
If Symantec goes ring0 then I would load in ring-1. Kinda beat 'em to the catch ;-)
> Seems to me if Kaspersky or Rising Tech put this kind of > disclaimer in their EULA, they wouldnt have to go to court > (or would win if they did). If its not unfair business > practice for Symantec, then lesser > (sized) companies should have no fear. Who says it isn't unfair business practice, if it's intended to make the user totally reliant on one vendor?
I do. The user always has the option to uninstall the offending app and switch to a competitor.
> Even if they dont, its common knowledge that if you are dumb > enough to pay for and run two AV apps on the same box, that > you include the respective app files and folders in the > exclusion list of the other. Whoa there. I run more than one AV/anti-malware app on some boxes, and I'm not dumb. What I -don't- do (normally) is have competing on-access scanners running at the same time, essentially for performance reasons. And common knowledge isn't always common sense. AV apps aren't immune to compromise, and shouldn't store virus definitions in a form that might yank another scanner's chain. If one scanner identifies another as compromised or infected, that shows a problem with one or both scanners: it ain't necessarily my fault!
I didnt mean any offence, its just that AV scanners will take up more cycles and memory than most other applications on a standard desktop. Why would you want to add that much overhead for a product that is so crappy, you feel have to run two of them just to stay safe? If you are having that many issues with AV, try switching to a whitelisting programme.
> Like I said, a very wasteful and confusing lawsuit. Not necessarily. If Kaspersky really think it's a dirty marketing campaign, you can't blame them for taking action. If Rising really think Kaspersky are targeting their product in some way, you can't blame them, either. Without knowing the facts behind the article, how can you be sure?
There are plenty of apps that you cant run in conjunction with competing products (ever see an SAP system running MAS200?), I dont see where this would become a legal issue unless the operating system was doing the removal.
> Nothing > good will come of this.. You may well be right about that... > Maybe a law preventing AV apps from > behaving as they should.. What, a law against FPs? Not very practical, I agree, but it's not as though AV is -supposed- to get it wrong... -- David Harley CISSP, Small Blue-Green World Security Author/Editor/Consultant/Researcher AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html
-JP<who wishes his signature was that long.. hmmm> Dude VanWinkle A+, AKA Rufus Homeless Bum/4mm Dat Tape Changing Junior Technician SelfStarters Guide to Stunt Bumming: http://tinyurl.com/38f4bh
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Via Slashdot: Antivirus Vendors Head to Court Richard M. Smith (Jul 08)
- Re: Via Slashdot: Antivirus Vendors Head to Court Dude VanWinkle (Jul 08)
- RE: Via Slashdot: Antivirus Vendors Head to Court David Harley (Jul 08)
- Re: Via Slashdot: Antivirus Vendors Head to Court Dude VanWinkle (Jul 08)
- RE: Via Slashdot: Antivirus Vendors Head to Court David Harley (Jul 09)
- Re: Via Slashdot: Antivirus Vendors Head to Court der Mouse (Jul 09)
- RE: Via Slashdot: Antivirus Vendors Head to Court David Harley (Jul 10)
- Re: Via Slashdot: Antivirus Vendors Head to Court Dude VanWinkle (Jul 09)
- RE: Via Slashdot: Antivirus Vendors Head to Court David Harley (Jul 08)
- Re: Via Slashdot: Antivirus Vendors Head to Court Dude VanWinkle (Jul 08)