Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Censorship Your Rights Online

Symantec Anti-Virus Supresses Privacy Tool 46

salimfadhley writes "Symantec's 'Norton Antivirus' now attempts to remove Freegate, a program designed to help Chinese internet users view websites blocked by the government firewalls. Symantec offered no reason why the program (which is not spyware) was marked as a 'trojan' in Chinese versions of the software, however even an unattuned conspiracy theorist will guess that this was done at the request of the Chinese government. "
This discussion has been archived. No new comments can be posted.

Symantec Anti-Virus Supresses Privacy Tool

Comments Filter:
  • by macz ( 797860 ) on Tuesday September 14, 2004 @09:33PM (#10252419)
    The thing about Chinese Virus Scanners. After an hour you are still infected and need to scan again.
    • Looks like the moderator forgot to take his humor pill this morning :)
      • In so much as having no sense of humor. That and the blatant censorship is starting to happen. I've actually noticed "politically incorrect" posts disappearing completley. I got my first warning about posting as an AC today. That's kinda the point of posting as an AC. So everyone else can ignore it. If things keep up, it will be just like Fark where everyone is scared to death to speak their mind for fear of bans and censorship.
  • by Wanderer1 ( 47145 ) <wanderer1&pobox,com> on Tuesday September 14, 2004 @09:42PM (#10252484)
    I'd certainly like to see the official line on this one. Probably a bit like Cisco - "Hey, anything to make a buck, right? We don't have no scruples." Similar issues appeared with web censorware which were illuminated by the organization, PeaceFire [peacefire.org] a few years back. Not only were the censorware lists blocking "legitimate" websites but also blocked sites that could (without imagination) be construed as agendas beyond the scope of "protecting children" against sex. Outsourcing your software increases the risk of being subjugated by others. It is unfortunate that we need so dearly the protection that antivirus software provides - but we're putting our trust in corporations that do not hold honor over profit (few do, nothing special about this one.) The same struggle with subjugation appears in the Digital Rights Manglement issues, where Microsoft chooses what you do with your computer. Fortunately as we've seen with the adware war, Freegate and friends will continue to evolve. Let us hope that the antivirus vendors have as much trouble blocking Freegate as they do catching legitimate malware! Bill
    • by gl4ss ( 559668 ) on Tuesday September 14, 2004 @10:01PM (#10252605) Homepage Journal
      ... and it's all the more suckier when basically you're paying symantec to prevent others messing around with your computer like this!

      since they now evidently can be convinced to remove package x from customer system z with y number of dollars at stake, it's up for questioning if you can as a customer trust them enough to actually PAY them to do a JOB and except they get it done, and not the total opposite. indeed though even more puzzling is that is chinese goverment using this software? and how do they dare to do so when evidently symantec can not be trusted to not have tampered with the software to spy/otherwise affect what they're doing.

      in all fairness it could have probably been about being the only feasible option the chinese goverment gave(hey could you add feature x, OR you'll loose us as a customer and the business permit in china) them but security isn't about taking the easy way out every time.

      it could be also intresting that if some malware scanners flagged symantecs china offering as malware... because that's what it is, now.
    • Norton Antivirus, like some other AV systems, tries to detect unknown viruses using common patterns. This results in it occasionally coming up with false positives, especially of programs which share common characteristics with viruses and trojans. For example, it used to spot pretty much any keygen as a virus, though it no longer does.

      With all due respect to conspiracy theorists, this may be all that's happening here. What's the first task of a really good virus or trojan? Bypassing defenses, both of

    • Comment removed based on user account deletion
    • >I'd certainly like to see the official line on this one.

      RTFA

      >A Symantec official in Beijing confirmed that Norton's
      >software had designated Freegate a "Trojan horse",
      >but would not give details of why it had done so.
  • AVG Antivirus [grisoft.com] is a great alternative to Symantec's Norton AntiVirus.

    It's free for home users, has a memory-resident scanner, scheduled updates, limited scheduled scans and doesn't bog down your system with unnecessary crap like the Norton or Mcafee anti-virus programs.
  • Norton is a No-No (Score:2, Interesting)

    by BinaryOpty ( 736955 )
    No one should be using Norton anyway. I jumped Norton's ship (after using it for free for a month) after discovering you need to pay for updates past that point and it annoys you daily about it (and even offers a "remind me after..." prompt where the only choice is 1 day). The only way to stop the annoyance is to uninstall the program or buy a year subscription. I did what they didn't want me to do. Take that Symantec. Hello Grisoft.
    • All non-free virus scanners nowdays require subscriptions.
      • Re:Um... (Score:2, Insightful)

        by BinaryOpty ( 736955 )
        But do all bug you daily with a pop-up box that disrupts any full-screen program currently running (and crashes a few), pointing out your subscription is up, or not allowing you to turn the box off or extend the amount of time it appears by? No, really, do they? I've only used Norton, so tell me if McAfee or Panda does that.
        • Re:Um... (Score:3, Informative)

          by oldosadmin ( 759103 )
          Pretty well... yeah

          All of them are obnoxious.

          McAfee being the most so... it has one of those tray popups which will kill your fullscreen game.

          PC-Cillin I don't think does anything obnoxious, but I haven't used it for a few years.

          EZ-Trust Antivirus will popup a web browser directed to their site.

          I think that's about it. I've never used Panda. I don't use a virus scanner, personally. I have a firewall and I'm the only one with access to my computer, and I only run trusted executables.
        • This is why I unsinstalled Trendmicro's offering, plus all I wanted was an anti-virus program, not a whole security suite. It finally pissed me off while I was playing Thief 3, it would pop up its reminder to update, and crash Thief 3 (granted, any switching to the desktop would crash Thief 3). So, I uninstalled it and have been running without any sort of AV for a few weeks. I'm now downloading AVG to give it a try and see if I like it.

  • If they block this at the request of the Chinese government, one wonders how long it will take before the US government makes similar requests...

    I hope that the government won't do this. I doubt they will, any time soon. But with the way government regulation of IT is going, I wouldn't be surprised at legislation like this...
  • False positive? (Score:4, Insightful)

    by Spoing ( 152917 ) on Tuesday September 14, 2004 @11:23PM (#10253070) Homepage
    Virus/trojan detectors give false positives all the time.

    Yanking a program you know about out just because one of these programs says it is bad isn't smart...though I've felt like choking a few admins who took any report as 100% valid.

    That said, is this stupidity or malace?

    • Malice:

      >A Symantec official in Beijing confirmed that Norton's
      >software had designated Freegate a "Trojan horse",
      >but would not give details of why it had done so.
  • Even I can't come up with something that stupid.

    Either that, or something truly bizarre went on. I mean, I doubt the combination of a weird antenna and aliens even can produce unexplaned, defective pregnancies.

    But if it indeed does... "Truth is stranger than fiction."
  • by tod_miller ( 792541 ) on Wednesday September 15, 2004 @02:26AM (#10254038) Journal
    I personally believe anti-virus it a waste of time.

    1: Trusted sites should be trusted.
    2: It is new viruses that are more prevalent, and the ones you are less likely to be protected against.
    3: Behavioural systems (i.e. secure systems) shoudl be in place to stop NEW code doing things, like an internal firewall - would you like xyz.exe whihc has been on your system for 30 minutes / 3 days or whatever to acces ABC resource / network, reg setting etc.
    4: Signed content can lead to more trust.
    5: this would stop dialers, toolbars, spyware, fuckware, malware, shitware, pancreasware and all other forms of binary information that belongs in /dev/null

    I think anti-virus has gone far enough. I use google when I download a funny file, I google the filename, I google the filesize. If I am still not happy, I don't run it.

    I mean who would run whoah_funny_check_this_shit_out.exe ??

    setup.exe's - again, d/l from a trusted source. Run as a low priv user if need be, test it on a sandbox to be sure... but don't fsskin virus scan it - and then run it on your prized system, because anyone can right a rm -rf ~ and cause simple havoc, and this file will not be picked up by any antivirus software.

    Don't reply on virus software, I'd say it gives a false sense of security at the best of times.

    Educate users is important, and I would love to see an 'untrusted file' idea, where a custom made trojan would find itself in a pretty lame sandbox if someone runs it the first time, this behaviour gets recorded, then judged if it may be harmful, and above certain levels (tried to access a network resource, tried to remove a file, tried to access existing registry tree, tries to send emails to your entire address book) it quarantines, and alerts an admin.

    Any linux developers like that idea? temporal / quantitative security measures for automated sandbox maintenance and binary acceptance program.

    or gnutqsmasmbap.
    • Apologies for abhorrent spelling in my posts. THey are typos, honest gov.

      Using VMWare with virtual networking and memory and file system woudl be great to sandbox exe's. This could be done on the fly - or even as you run it, the executions get fed through a filter, that would allow any program to run normally until it hit an alarm in the FS, net, reg, or mem allocation.

      even internal hackers would have to get thier code past this system, and therefore alert an admin.

      internal firewall every resource, but a
    • by Kris_J ( 10111 ) * on Wednesday September 15, 2004 @03:35AM (#10254253) Homepage Journal
      I personally believe anti-virus it a waste of time.
      Not true. Our email attachment rules (ie; no .scr, .pif, .exe files, etc) are pretty good at blocking malicious content while letting the legit stuff through, but being able to detect a known virus makes things a lot cleaner. If it's just whatever.scr, we bounce it, but if it's whatever.scr with a known virus we blackhole it.
      • I have to say I half agree with you.

        Our email attachment rules - block all that content. f course people zip up some of that content, so maybe unzip and block, this is email attachment filtering.

        Checking for knwon virus signatures, yes this is an application of virus detection that is not used as a security measure, but as a decision maker, or audit trail.

        Outlook is causes 99.99999* of virus problems, allowing someone to send email as you, with viruses in it - embarrassing!

        I still cannot believe people
        • by kalidasa ( 577403 ) * on Wednesday September 15, 2004 @06:25AM (#10254750) Journal

          There were viruses a long time before Outlook. There will be viruses a long time after Outlook. As far as "allowing someone to send email as you" - that's not Outlook's fault, that's SMTP's fault: the From: header is never authenticated. Yes, Outlook's security model sucks, but security issues are a lot more subtle than you're allowing.

          For instance: what antivirus software is really designed to do is not to stop 0 day infections, but to put a limit on how long a virus can be effective. When was the last time you heard about someone who had the Michelangelo virus? Can't remember? That's because antivirus software is doing its job: preventing viruses from sticking. How about RedAlert or MSBlast (gee, Outlook had nothing to do with those, did it? Yes, we can all blame MS's sloppy approach to security, with full justice, but we have to remember that MS is a product of its niche - if IBM had ended up in the monopoly role of the monoculture, it is entirely possible that their products would have introduced "user friendly" features that undercut security, too.)

          Your approach frankly isn't going to work with the majority of users. You're never gonig to be able to prevent things like "Here is the report you asked for / report.doc.vbs" showing up in a user's mailbox when that user really was expecting a report from the putative sender (I've seen this happen - precisely what the virus writer is shooting for - and in that situation, a manager waiting for an important time-sensitive report from a subordinate, it's all too easy for the recipient to fail to notice that the icon is wrong, that there's an extra extension, etc.). Some users email exes for legitimate reasons. Some users are too busy to run an MD5 check on every attachment they get (and have you ever tried to explain how MD5 works to a secretary?). If viruses can be blamed 99% of the time on anything, they can be blamed on social engineering: the same impulses that make people give out their credit card numbers to total strangers who "call from the bank" will make viruses continue to spread.

          • no no no, I meant as you as in from your outbox, to your recipients. Even picking up replies from you.

            Not the simple

            EHLO form.me
            RCPT foo@barney-bignutts.com
            FROM whoever@Iwanttobe.com
            DATA

            from the top of my head.

            As far as I am concerned, 0 day threats are the most threatening, and the most damaging, and since they still happen Virus software ISN'T doing it's job.

            SO what, it stops old viruses. I am more worried about newer ones.

            How will the approach of filtering, and application sandboxing and education
  • Don't use Norton if you wanna use Freegate?
  • One only needs to realize that Symantec, like most American corporations, has dollar signs in its eyes at the prospect of selling its product to three billion or so Chinese consumers. Trouble is, China is a police state. Faced with the prospect of losing out, Symantec, as so often happens with American corporations, sold out and sold its customers down the river.

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...