Re: Security Problems Plague XP SP2 via Symantec/McAfee

From: kurttrail (dontemailme_at_anywhereintheknowuniverse.org)
Date: 02/15/05 

Date: Tue, 15 Feb 2005 08:45:09 -0500

Gary S. Terhune wrote:
> http://story.news.yahoo.com/news?tmpl=story&u=/ttpcworld/20050210/tc_techtues_pcworld/119627&cid=1740&ncid=1729
>
> If the above link doesn't work for you, try this:
> http://tinyurl.com/7ybuc
>
> That is the "more" you're asking for. More than this, Dan doesn't
> know, I'm sure. My take on the subject is a bit different. While
> acknowledging that I am not a fan of either product, and I've not
> hesitated to say so on innumerable occasions, what is described by
> the article isn't a real security risk, per se.
>
> The way I read the article is this:
>
> One of the new features in Windows XP Service Pack 2 is the "Windows
> Security Center". It keeps track of what, if any, antivirus and
> firewall apps are installed, and whether they are up to date. If you
> are lacking in a firewall or antivirus, or if they are simply not
> running, the WSC advises you of the situation. However, as anyone who
> pays attention will know, when you first install such applications,
> they are *never* up to date and should be updated immediately. One
> result of this combination of affairs is that while installing such
> apps, the new Windows Security Center may warn, repeatedly, that the
> programs are not up to date. Symantec and McAfee consider this
> detrimental to the "user experience"--and in a way, I can't blame
> them. It *is* disconcerting to get repeated warnings that you aren't
> protected while you are in the very act of installing protection.
>
> Norton solves this by deliberately disabling Windows Security Center
> during installation (which makes one wonder about the architecture of
> Windows Security Center, doesn't it?) McAfee changes the dates of
> certain files to "now" as they are copied into the system. This
> convinces Windows Security Center that there is now up-to-date
> protection installed and it keeps quiet. However, apparently, the
> antivirus app now thinks it's up to date, also, and may not initiate
> an update, leaving the user with a very out of date antivirus until
> sufficient time has passed and it then updates. Or perhaps it still
> initiates an update during the normal course of installation, but in
> many cases this isn't feasible due to the system not being able to
> connect to the internet. I don't know the particulars.
>
> For myself, the most alarming thing about this whole affair is that
> the Windows Security Center *can* be disabled by any means other than
> user intervention. Makes it rather useless, don't you think? Plus,
> McAfee's methods would tend to leave a user with a false sense of
> security between the time of installation and the first actual
> update. Judging by the usual amount of time that such apps consider
> reasonable between updates (a horribly long time in my opinion), a
> person could be running several days without real antivirus
> protection and not realize it.
>
> Of course, this has always been the case--automatic updaters are
> famous for failing in their duties, especially where the systems
> aren't connected to an always-on internet connection, or are used
> sporadically for relatively short periods of time, or simply being
> inadvertently disabled. This is why Windows Security Center was
> developed. And this is why I always admonish users to *check* that AV
> and Firewall is running when they startup and periodically throughout
> the day, and that they run the updater(s) manually, on an at *least*
> daily basis. These are habits that should be as deeply ingrained as
> checking your rear-view mirrors regularly while driving.
>

Great Post Gary!

The best computer security is like safe sex, only you can protect
yourself and your computer through your own vigilance. 

-- 
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

Relevant Pages

  • Re: How well does the Windows Vista Firewall work?
    ... installed the free version of AVG Antivirus for virus protection in McAfee's ... I was going to look for a firewall program too, but saw that the Vista ... Disable the e-mail scanning function during installation (Custom ...
    (microsoft.public.windows.vista.general)
  • Re: Security Problems Plague XP SP2 via Symantec/McAfee
    ... Norton solves this by deliberately disabling Windows Security Center ... during installation (which makes one wonder about the architecture of ... protection installed and it keeps quiet. ... >>> products can disable advanced security features of XP SP2. ...
    (microsoft.public.windowsxp.general)
  • Re: Unwanted Security Toolbar
    ... Disable the e-mail scanning function during installation (Custom ... It includes ANTI-SPYWARE protection, certified by the West Coast Labs ... (add it to your arsenal and use it as a "second opinion" av scanner). ... WD monitors the start-registry and hooks registers/files to prevent spyware ...
    (microsoft.public.security.virus)
  • Re: Questions Regarding Workable SOHO Windows Installation / Configuration, Diagnostics, & Secur
    ... >configuration, diagnostics, and security in a Windows environment that are ... these computers and I do not spend a lot of time on warranty work. ... >turn the antivirus software off when you need it most to prevent conflicts ... >ENOUGH TROUBLE WITHOUT As far as memory resident, real time installation ...
    (comp.security.misc)
  • Re: IIS permissions
    ... the antivirus installation program itself. ... When authentication is required, the ... > I am looking for an advice for Security betwen DC W2K3 and IIS installed ...
    (microsoft.public.windows.server.security)