Security

Symantec offers compensation for update fiasco


It appears that Symantec is ready to offer compensation -- five whole weeks after knocking out 50,000 Chinese PCs in error. But Chinese users eligible for the offer have to act fast, as it's only good for a couple of weeks.

In case you missed the news, a bad software update on May 18 resulted in its flagship Norton anti-virus software to wrongly identify two system files in the Simplified Chinese version of Windows XP as malware. This caused the software to quarantine them, with far-reaching and disastrous consequences.

Initially criticized as being slow to respond, Symantec is offering amends, according to PC World:

The company is offering affected Chinese consumers a 12-month Norton license extension and a copy of Norton Save & Restore 2.0. Corporate customers are being offered Symantec Ghost Solution Suite licenses, depending on the number of PCs affected. Symantec is not offering to extend Norton licenses for corporate customers affected by the bad update.

However, the uproar is far from over yet. In fact, it has quickly spilled over into the mainstream news coverage, in which criticism is aplenty over Symantec's deliberate avoiding of the word "compensation."

Says Alamus, the deputy director of the China Electronic Commerce Association's committee on legal and policy issues:

"Symantec's response to its Chinese consumers lacks seriousness and sincerity. It's obvious that Symantec is trying to avoid mentioning compensation. They are watching the reaction from users. They are attempting to get away from their responsibility."

The Register puts it across best when it wrote:

"Cockroach in your salad, sir? Have some free salad."

So what do you think? What kind of compensation should Symantec be paying out? Join the discussion.

--------------------------------------------------------------------------------

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

67 comments
crodriguez1966
crodriguez1966

With all the malicious code that comes out of China, don't you think it's ironic? I think so. China has been way too active in trying to gain access to machines in the U.S. Spam email being one of the attack vectors of choice. Why not a little peotic justice. Ha. I thought it was great...a shot in the arm to communism. Yeah!!

Mr. Tinker
Mr. Tinker

I replace Symantec products where-ever I can. While the web-site is in-depth regarding exploits and vulnerabilities, their end user products are fraught and plagued with holes. They haven't delivered on their anti-everything suites for years now, what would make anyone think an "extension to a garbage can" would make ANYONE happy?? It would just make the garbage can heavier to move.

Absolutely
Absolutely

But since you mentioned the weakness of the Symantec brand generally, I'll comment on that: I think that their product line is too much geared toward being the only brand used by all their customers, for my liking. I simply distrust package-dealing, and when I see *enormous* price differences in buying bundles versus buying the same products separately, I tend to walk away.

Dumphrey
Dumphrey

agree with you on bundles. But I avoid them on best practice...why put all my eggs in one vendor basket? Exploit one, exploit all. Also, best of breed stand alone products may cost more, but they will be more effective and should be less resource intensive.

clintonspicer
clintonspicer

I have had so many bad experiences with the symantec product I do not know where to start. a couple of years ago HP were shipping XP Media Centre with Symantec VS, an instant error in the way MC operates arose, straight patch up there. We have 400 HP machines on site, most of which came out with Symantec Virus Scans pre-loaded, straight away we use the only reliable Symantec product (GHOST) to dump a pre-loaded image with McCaffee onto the systems. I have noticed over my few years in IT slowing of systems, bugs, crashes and blue screens caused by these products. My boss in his wisdom orderded live state recovery for our servers and other critical machines, yeah great idea but this sucks the guts out ofthe performance of these machines. I'm not biased or anything and willing to give all products a trial but at the moment Symatec is a no go for me!

DanKe
DanKe

Sophos is the new way to go. They are continually acquiring HUGE bids overseas, and their QOS is top notch. They will eventually win the hearts of corporations in America as well. Also look out for NOD32, I've been hearing Admins swearing by it.

Big Ole Jack
Big Ole Jack

I've heard mixed opinions, but I am not that knowledgeable about Linux or Kaspersky to comment.

normhaga
normhaga

I use Kaspersky 7 on an XP box. The reason that I use it is that Zonelabs does not have a Visa x64 scanner available. Since then I have upgraded from Vista x64 to XP. I kept the Kaspersky because it is an effective solution. Prior to this I was using Zonelabs. JCitizen reports Kaspersky does not have a privacy feature. It does. My only complaint with Kaspersky is that it is slow to complete a full system scan. Kaspersky is much slower in a full system scan than Zonelabs and Zonelabs is based on the Kaspersky engine. I will qualify this statement as perhaps being more imagination than fact; I believe that Kaspersky is more effective of a solution than Zonelabs. Kaspersky has picked up two or three things that Zonelabs missed but I can not really determine why.

JCitizen
JCitizen

Thank you normhaga for pointing out my error; I thought I had done a thorough investigation of all Kaspersky products. Perhaps this is a new feature of the Internet Security Suite 7.0? If I get desperate, I may do a trial on that product but my military training ingrained a mistrust of all things Russian. It is very difficult to get over that kind of suspicious prejudice. I am not surprised that ZoneAlarm let a few bugs through; although I like the firewall, I had the same experience. Is that just a rumor that ZoneLabs used the Kaspersky scan engine for their AV ware?

JCitizen
JCitizen

Can't comment on Kaspersky - the only reason I haven't tried it and NOD32 is that there is no privacy protection feature. This feature may not impress most technicians, but I just personally like it, and it gives me a limited sense of extra security. ZoneAlarm Pro and TrendMicro IS2007 both have this feature. I'm still not sure I trust a Russian company yet either (sorry the cold war prejudiced me) My previous employer used Trend Micro Scan as an enterprise solution combined with good Cisco administration, Microsoft Server 2003 with Exchange; we met HIPPA regulations very well. Had very few breaches and they were very minor problems. I've heard a lot of complaints that all the new bloated personal computer suits slow even the new computers down greatly - gobble huge amounts of RAM - and this has been my experience also. I have old computers in my little organization, so I went to a gateway solution to put the burden on that device instead of the individual PC - then installed Trend Micro's Internet Security 2006 - outdated maybe - but it works well with a defense-in-depth and cooperates with other fast products to do the job exceedingly well.[And still uses very little RAM] Carefull observation and maintenance and the occasional trial install of competing products have proven that I haven't been compomised yet. The gateway device did a good job of filtering most bugs before they even entered the network; but the services can be a little pricey. There is a more competition now and shopping around should snag a reasonable deal.

dmurphy
dmurphy

I've already sworn off all Symantec products wherever I can, and whenever my clients will let me switch them to something else. When they buy a company, they turn the product into s**t - see Norton, see Veritas, etc. I've had an easy time switching people off the antivirus/security products: anyone got a good recommendation to switch to from their Backup Ex Drek?

Dumphrey
Dumphrey

We use EMC Retrospect. Interface tooka little geting use to, but its much easier to manage if you are not using a 20 tape carousel.

Big Ole Jack
Big Ole Jack

as a substitute. I've had too many issues with CA and their crap products to consider ArcServe as a suitable replacement. What many companies have done, and I recommend this myself, is to employ NAS devices, such as NetApp Filers, to perform SnapMirror replication of the data to another appliance that can be considered as a nearline storage device. No tapes to worry about, because the data is repiicated at the block level and easily accessed using simple CIFS shares.

NOW LEFT TR
NOW LEFT TR

The make a really good backup and DR suite!

bobzoom
bobzoom

Frown lines appeared on my forehead when Symantec took over Veritas. So far they haven't screwed up the product. But the licensing...they've botched that up really well in typical Symantec style. And they're the most arrogant lot to have to deal with...

Big Ole Jack
Big Ole Jack

If you can't license the product, it's as good as useless.

Big Ole Jack
Big Ole Jack

They've screwed up Norton AV, Veritas BackupExec, and Veritas Volume Manager just to name a few. The only product that still seems to work right after acquisition (most of the time) is Winfax that was formerly owned by Delrina. Symantec is like a corporate raider when it comes to software acquisition. As soon as they get their hands on a product from a company they buy out, they perform a complete FUBAR job on it.

Dumphrey
Dumphrey

is Sygate firewall. Both personal and corporate were good. They got swallowed whole and "became" Norton Personal Firewall. Another good program ruined.

JCitizen
JCitizen

Dumphrey wrote: "People were complaining about out bound acls being missing? Did they even look at the product? Sheesh...its exactly the same mechanism as the inbound rules." Maybe that was old information; the new version looks golden as far as I can tell. I will be testing it as soon as I get the time. Thanks again!

Dumphrey
Dumphrey

People were complaining about out bound acls being missing? Did they even look at the product? Sheesh...its exactly the same mechanism as the inbound rules.

JCitizen
JCitizen

It seems curious that people complain that there is no outbound filtering on this product; when I look at the site it looks like outbound rules are easy to configure?! Thanks again for the extra information. I had heard of this solution a while back and it slipped my mind when I was doing my online research.

Dumphrey
Dumphrey

are comfortable with protocol based rules, I would recommend Ghostwall. Tiny, effective, very low resource usage. You have to spend some time cleaning out the default rules and or customizing them to fit your needs, but I have mine down to 9 rules. http://www.ghostsecurity.com/ghostwall/ And its free for home use. I would be interested in other opinion of it, so far its done me right.

JCitizen
JCitizen

Thanks for your input Dumphrey, I will definitely test Sygate at my earliest opportunity. Also, perhaps it will reduce my RAM load even further !

Dumphrey
Dumphrey

Any half way decent firewall is better then no firewall at all. Better that your firewall work, and collect some info for a parent company, then a firewall that doesnt work and every script kid is collecting your private info and habits.

JCitizen
JCitizen

Dumphrey wrote: "My problem with zone alarm is the way it phones home with out asking, its monsterous resource usage, and cludgy rules system." I also detected this nefarious activity when I evaluated the full suite. The comical aspect of this is, that the Check Point Safe@Office appliance, that I use as my gateway, blocked the activity. And that is the parent company of Zone Alarm! Your review of the ZoneAlarm suite is accurate and precisely why I didn't select it. Besides it had vulnerabilities and let a lot of bugs through without patching them later! But I still like the free firewall because it covers me when I activate a dialup connection and pops up unexpectedly when other suspect activity occurs. I think it teaches novices a lot about what is going on in their networking. Back when Norton had the Alert tracker - it was a real eye opener for newbies on real time data monitoring. I understand that feature was insecure and annoying to people, so they dropped it in 2003. I know - I'm probably getting of topic.

Dumphrey
Dumphrey

with zone alarm is the way it phones home with out asking, its monsterous resource usage, and cludgy rules system. I do realize its effective and easy to use, but that may be jsut why I do not like it. It does not actually allow me any real control. http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html wortha casual glance through...thats a pretty damn serious "bug" for a firewall. I find it really dern amusing that each article about this bug refutes the rumor that the government was using this bug to spy on US citizens, call be suspecious, but I would be more inclined to think of ZoneLabs gatering marketing data to sell.

Dumphrey
Dumphrey

is the last version (if I remember right) befor Symantec closed them down. Its a good little firewall. The pro version had driver and dll level protection, and allowed ip based or application based rules. Well worth checking out...

JCitizen
JCitizen

I know your not supposed to expect support from a free utility; but the best freeware has it. If the one File Hippo has on its download list is a lighter weight install than ZoneAlarm; without all the registry changes and bloat - it may be a worthwhile try. I don't actually know if this one is pre-Symantec; but the version number is given on that site. CNET user reviews imply that it is hard to configure but I haven't tried it. I like ZoneAlarm as an internal PC based software firewall; but I can understand it when people hesitate to install anything that doesn't completely UNINSTALL very well. Not many of the solutions I have used in the past three years actually uninstall. Most have half baked cleanup utilities; CCleaner helps get rid of some of the mess. (EDITED) here's a better link - http://www.oldversion.com/program.php?n=sygate

JCitizen
JCitizen

I don't read the best reviews on effectiveness. I keep hearing horror stories from peers in this area, about major breaches happening to customers who probably should have been using security consultants and hardware based solutions anyway.

Dumphrey
Dumphrey

to use, and mostly secure. I did use it for a year or so...I thought it was still arround. Has their quality droped over the years?

Big Ole Jack
Big Ole Jack

That was a kickass product before Symantec flooded the market with their junk.

Dumphrey
Dumphrey

Sygate, its a good PFW. I have not tried their corporate client, so I can only guess it follows a similar pattern.

JCitizen
JCitizen

I will avoid it like the plague!

Locrian_Lyric
Locrian_Lyric

Yet more evidence that Symantec is going downhill fast.

Big Ole Jack
Big Ole Jack

They'd be lucky if they still have any customers left in China after such a snafu. If my automobile dealer messed up my luxury car in the course of a simple service maintenance routine, do you think I'd give a crap about wanting free service or tuneups in the future? I'd be taking my business elsewhere and giving the dealer the old middle finger salute and slapping them with a lawsuit on the grounds of negligence. At this point, Symantec can't really salvage the damage they have caused and should be prepared to lose an entire market in China over their careless messups. To add insult to injury, it's not the first time Symantec has released a set of botched signature files that affected both home users and corporate users.

Locrian_Lyric
Locrian_Lyric

BUT! We will give you free oil changes in the future. CHYEAH, right!

Big Ole Jack
Big Ole Jack

when they left the vehicle in their garage overnight. Symantec is using the same lame excuse.

Locrian_Lyric
Locrian_Lyric

we will however give you free oil changes... Yeah, that's how I feel about symantec right about now.

Big Ole Jack
Big Ole Jack

If not, then they can take their oil change and stick it where the sun don't shine.

TechRep
TechRep

Norton products-services have been getting progressively worse over the years since Symantec bought them. "Norton" on products used to mean quality now it just means trouble. For anti-virus I suggest McAfee or CA. Compensatin from Symantec? I don't think they have any sense of responsibility to their customers.

JCitizen
JCitizen

McAfee is also owned by Symantec...Last I heard anyway. (EDITED) [Apparently the old article I read several years ago confused the two corporations because of Symantec's competition with McAfee to acquire Site Advisor. It was bogus information and I appologize.] If nothing else Symantec's corporate personality has creeped into their QOS. My customers have had just as many crashes and disasters as those who have Norton installed.

Absolutely
Absolutely

[i]If nothing else Symantec's corporate personality has creeped into their QOS.[/i] Maybe so but one doesn't own the other. They are totally separate entities. I've noticed that customers of both post similar complaints on many Internet forums, but they are not part of the same corporation.

Absolutely
Absolutely

But I don't know one way or the other what you might have read about Site Advisor, only that I didn't read that.

JCitizen
JCitizen

Apparently I was the victim of the same FUD that comes up on those forums. I think I read that on an article in PC Magazine a few years ago but was probably reported over some competition\cooperation over Site Advisor. Symantec gave up and introduced Deep Site as a competitive product I believe; please correct me again if I am wrong.

TechRep
TechRep

I hadn't heard of that. Neither Symantec nor McAfee websites are admitting to any relationship. If you're right on the first count (ownership), then you will definitely be right on the second (QOS). Any opinion or thoughts on CA?

JCitizen
JCitizen

I believe my yellow box has proxy capability, but since I don't use it I haven't set it up. Using a proxy is best, but I just won't make the time. Here is a link to a new device Check Point has offered on the market[for example]: http://www.zonealarm.com/store/content/catalog/products/z100g/index.jsp I believe IDT may have devices that use Linux based software for configuration. The choices are becoming endless now as I think the market is responding to the popularity of this kind of solution for SOHO's. I was looking seriously at the DrayTek Vigor 2800 series also. All the major small hardware router makers have entered this arena - I would do some serious research to see who has the best product. This market is changing rapidly.

Dumphrey
Dumphrey

is that a web proxy as well? I have been playing with Squid, SquidGuard, and clamav on a debian platform lately as a caching web proxy and av scan/block and content filtering system. I tried using DansGuardian, and it was easy to set up, but for some reason I jsut didnt like it. Smoothwall and Astaro both make commercial versions of my set up, but hay, mine was free except for time.

JCitizen
JCitizen

If you NEVER input sensitive data through the keyboard or other input device, and have no information on the hard drive or in the open session; then the data block feature is worthless, I suppose. Unfortunately for me I do not share a VPN connection to some of the companies I contract with, so I have to communicate with them using personal data quite often.

JCitizen
JCitizen

Dumphrey wrote: "The only problem with trend has been a tendency for a weak firewall (as per leak testing)." Yes and this is why I use the free ZoneAlarm as a software firewall. I know it probably sounds like a cluster f**k to do security this way but; I play with fire a lot on the internet, testing my security measures and this defense in depth configuration has been the only one that works for my individual needs (so far). Thanks for the Sygate links I think a switch is imminent! Trend Suites can be installed without their crappy firewall; too bad I can't install al-a-cart. Otherwise I would just pick the privacy data feature by itself, and use NOD32 for everything else. Depending on RAM and CPU speed I might use a different mix altogether for my other machines. To clarify I will list my utilites and hardware based on my desktop. There are now better solutions out there for SOHO gateways. Safe@Office 500W (gateway/firewall appliance) Kiwi Syslog Daemon(installed as service) ZoneAlarm (free) Trend Micro IS 2006 Snoopfree Privacy Shield(keylogger firewall) PC Tools Spyware Doctor(disabled-just for scanning) Spybot-Search & Destroy(w/Tea Timer) LavaSoft AdAware(free) Spyblaster(Active X firewall)

Dumphrey
Dumphrey

clarification. I try to avoid having any personal info on my computer. So I guess I have never worried about theft of said info. I am not saying it couldn't happen, but I have always tried to be carful and keep by system clean. But, that being said, I can see the use for such software. I will have to look for Trend 2006, I like trends products, and used trend IS 2005, untill I found NOD32. The only problem with trend has been a tendency for a weak firewall (as per leak testing).

JCitizen
JCitizen

Good one Dumphrey - and boy is that the truth! Curses to Symantec/McAfee; I steer all my customers away from those. Although McAfee may improve with updates and patches for 2007. I was using a trial version of NOD32 and yes I had it scan everything. Once again as I said elsewhere in this discussion NOD32 is probably THE best most secure desktop AV solution out there. It is also true, when shopping from the competitors, you have to buy the bloated suite to get the data protection; and this vexes me no end. Perhaps someone will explain to me that this feature has no merit; but I would probably stick with it anyway, as it has saved my bacon on several occasions The feature keeps you from transmitting private data, that you set yourself in the security console, and sending it over a non SSL connection - This covers HTTP, Internet Messenger, and email. I have been in chat sessions where someone tried to lift my Social Security Number, and I have a bad habit of not double checking whether I am using an https connection when I am logging in to a sensitive site, ect. It keeps me from making a mistake, and it also keeps the spyware at bay; in real time, until you scan it and remove it. I wish someone would make a secure standalone product, with just this feature, so I could feel better about switching to NOD 32! Once again I feel ZoneAlarm Pro may be adequate and Trend Micro Internet Security 2006 uses very little RAM (if you can find it for sale)! Trend Micro IS2007 is way bloated and very intolerant of cooperating with other antispyware. It only gets along with Spyware Doctor on my laptop and they use more that 600 mb of RAM total. I just don't feel comfortable using only two solutions. I like a defense in depth posture.

Dumphrey
Dumphrey

"The scans are agonizingly, slow but thorough" I have used NOD32 for several years now, and am sold. But, I would not say it scans agonizingly slow, its on par or faster then the Norton/Symantec products. It really depends on how you set up your scan profile. If it was taking that long, its because you chose to scan every file, in every archive, on all disks in your computer, with heuristics on. Antivir is almost as effective a product as NOD32, and scans much faster. But you seem to want a "an egress private data blocking feature", which neither have. What information is this componant supposed to protect? Is their a stand alone product that does the job without having to risk your data with symantec/macafee/ca (hereafter refered to as the Axis of Bloat)?

JCitizen
JCitizen

Apparently the old article I read several years ago confused the two corporations because of Symantec's competition with McAfee to acquire Site Advisor. It was bogus information and I appologize. I don't know if this product is being used by both companies - I seem to remember Norton offering this to customers. I never used it because I find other free tools to be sufficient. Sorry I haven't tried CA - They use similar marketing techniques to get their software out on OEM distribution. They have never been rated in any top category by any of the believable review services I use. But the landscape is changing so rapidly right now I will definitely be considering a trial of their products if a download is available. There again if it doesn't have an egress private data blocking feature it will probabley not pass my test; but NOD32 doesn't have this feature either and it is probabley one of the most effective AV solutions out there. Providing you don't mind a lot of customization legwork. The scans are agonizingly, slow but thorough.

Editor's Picks