NAV - what a load of rubbish

[kurt wismer]

You're not listening. I'm not saying that debugging is a process by
which a piece of code can be made to work perfectly, I'm saying that
you put debugging code into the release version so that errors produce
warnings.

and you're not listening... error handling (including the warning
messages) are part of the software and are therefore imperfect...

A personal insult, congratulations, you're distinguishing yourself.

it happens when i'm forced to repeat myself...

Pre-release testing should eliminate most errors.

and it does... that's why the software doesn't crash every 5 minutes...

Post-release
debugging should flag most of the errors that make it through the
previous process. If this is properly implemented, there should be
very few errors which escape unnoticed or unexplained. There is a
(subjective) probability threshold for an acceptable number of errors
in a piece of software, and NAV falls below my threshold.

then choose a different product...

If you'd rather make excuses for what is undeniably a vulnerable and
dangerous piece of software, go ahead.

look, i've already made it abundantly clear i'm talking about av
software in general... i was responding to the very wrong-headed notion
that av software should be plug-n-play... i also made it abundantly
clear that i thought your criticisms of nav were probably warranted...
please re-read my initial response to you if you don't believe me...

is it possible for you to see past the end of your own dissatisfaction
with one particular av tool?

Why should your apology be relevant? Unless you are responsible in
whole or in part for NAV, in which case I may have a few choice words
for you and your organisation.

i feel responsible because i haven't yet personally killed the shyster
practice of selling av software as a 'solution'... it's my windmill and
i'll tilt at it if i want to...

If something describes itself as "automated", I expect that the
chances of me having to manually direct the process are low. I didn't
expect NAV to be perfect, but I didn't expect to have to intervene to
correct serious errors.

you probably don't expect to have to intervene with your toaster,
either... and yet your toaster may well start an electrical fire that
winds up burning down your home... this is the problem with taking
things for granted...

How exactly do a user's actions determine how a product defines
itself? A spade is a spade, even if you choose to serve dinner on it.

av software is a tool... how well it works depends on how the user uses
it...

 

[Chris Jones]

and you're not listening... error handling (including the warning
messages) are part of the software and are therefore imperfect...

And you're conveniently assuming that when I say "plug and play", that
I mean perfect, when I don't. An odd fight to pick, but let's go.

it happens when i'm forced to repeat myself...

Who's holding a gun to your head and making you post? You're choosing
to repeat yourself, any compulsion is your own.

then choose a different product...

Or no product at all - but this was my stated intention from the
beginning.

look, i've already made it abundantly clear i'm talking about av
software in general... i was responding to the very wrong-headed notion
that av software should be plug-n-play...

Plug and play doesn't imply perfection. It means that the software
will set itself up in a working and generally sensible way. It is not
unreasonable to expect the default configuration to be the safest.

is it possible for you to see past the end of your own dissatisfaction
with one particular av tool?

That depends on whether other AV tools have similar shortcomings.

you probably don't expect to have to intervene with your toaster,
either... and yet your toaster may well start an electrical fire that
winds up burning down your home... this is the problem with taking
things for granted...

And yet if the toaster is within warranty (and sometimes outside it),
the manufacturer can be held liable for damage caused due to any
defects. The same is not true for AV software - if I had lost any data
due to NAV's failure, I would have had no recourse.

 

[Epfrenal]

Why NAV is rubbish:

It has been failing to download updates using the LiveUpdate service
for months, because of an incorrect version of oleaut32.dll on my
machine, but at no point did it ever warn me that updates were
failing. What exactly have I been paying Symantec for? How much use is
a piece of antivirus software which stays silent and inactive when one
file is changed, which presumably could be done by a virus?

Even after fixing the above problem and updating to the latest
definitions, it still won't detect this new "MS update" email virus,
even when I scan the attached files manually, despite the Symantec
website saying it will. Again, if I'm paying for a service, I expect
to receive it, and I'm not.

My software version (2001), is now "unsupported", meaning I can't use
most of the online support options. 2 years old, and they won't allow
me to email them when their software doesn't work! Not only is this
ridiculous, but I notice they didn't mention any of this when taking
my money for extended service.

After this experience, I will never buy another Symantec product
again, and I recommend that you don't either.

If anyone has any recommendations for AV software which works properly
and provides full support for as long as you're a paying customer, I'd
like to hear them.

Does the virus definitions date update when you used "LiveUpdate"? Are you
aware that you would of probably not been protected from Gibe.F / Swen.A if
all you did use "LiveUpdate" anyway?

I beleive the latest virus definition for upload is dated the 18th and I
don't think Swen is there. YOu would uf needed to use the Intelligent
Updater" to pickup the latest defintions that were released on the 19th.
Automatic is a thing that dreams are based on. Have you never looked at
the virus list to see if the new one you are concerned about is there?

If you put a rubber on before sex do you use blind faith the rubber is OK?

 

[Epfrenal]

Why NAV is rubbish:

It has been failing to download updates using the LiveUpdate service
for months, because of an incorrect version of oleaut32.dll on my
machine, but at no point did it ever warn me that updates were
failing. What exactly have I been paying Symantec for? How much use is
a piece of antivirus software which stays silent and inactive when one
file is changed, which presumably could be done by a virus?

Even after fixing the above problem and updating to the latest
definitions, it still won't detect this new "MS update" email virus,
even when I scan the attached files manually, despite the Symantec
website saying it will. Again, if I'm paying for a service, I expect
to receive it, and I'm not.

My software version (2001), is now "unsupported", meaning I can't use
most of the online support options. 2 years old, and they won't allow
me to email them when their software doesn't work! Not only is this
ridiculous, but I notice they didn't mention any of this when taking
my money for extended service.

After this experience, I will never buy another Symantec product
again, and I recommend that you don't either.

If anyone has any recommendations for AV software which works properly
and provides full support for as long as you're a paying customer, I'd
like to hear them.

Does the virus definitions date update when you used "LiveUpdate"? Are you
aware that you would of probably not been protected from Gibe.F / Swen.A if
all you did use "LiveUpdate" anyway?

I beleive the latest virus definition for upload is dated the 18th and I
don't think Swen is there. YOu would uf needed to use the Intelligent
Updater" to pickup the latest defintions that were released on the 19th.
Automatic is a thing that dreams are based on. Have you never looked at
the virus list to see if the new one you are concerned about is there?

If you put a rubber on before sex do you use blind faith the rubber is OK?

 

[FromTheRafters]

that's exactly what antivirus
software should be. It shouldn't need babysitting.

You should use safe computing practices, and maybe
use an on demand scanner as one of the tools to help
you. Anything more than that is asking for AV software
to babysit *you*.

It is up to you, the administrator, to stay on top of things
or get out of the game.

 

[FromTheRafters]

Thanks, but I think I'll redirect my efforts towards more frequent
system backups. That method of protecting my data seems rather more
reliable.

Good choice. Besides AV should have been in addition to
frequent backups and not instead of frequent backups in
the first place.

 

[Chris Jones]

Does the virus definitions date update when you used "LiveUpdate"? Are you
aware that you would of probably not been protected from Gibe.F / Swen.A if
all you did use "LiveUpdate" anyway?

I updated to the latest definitions Live Update would provide. On
Symantec's webpage on Swen it said that to protect against Swen, I
should use Live Update (the manual update was also an option, but the
site did not say that only that way would work).

Have you never looked at
the virus list to see if the new one you are concerned about is there?

Symantec's own webpage told me the Live Update definitions would sort
out the virus. They didn't. That's all.

If you put a rubber on before sex do you use blind faith the rubber is OK?

Condoms come with clear written warnings about ways in which they can
fail, so that you can use them as safely as possible. NAV does not.

 

[FromTheRafters]

....quantify exactly how much compulsory user participation is acceptable
in an "automated" system.

To start with, RTFM is a given.....

 

[Chris Jones]

You should use safe computing practices, and maybe
use an on demand scanner as one of the tools to help
you. Anything more than that is asking for AV software
to babysit *you*.

Why would I pay money for "auto-protect" and "auto-update" otherwise?
Of course I'm asking it to "babysit" me, if I didn't want that then I
wouldn't have bought it in the first place.

On-demand scanning may work fine if you're in control over every file
that's written or executed on your system - Windows and Windows
software often doesn't allow that.

It is up to you, the administrator, to stay on top of things
or get out of the game.

I would much rather remain a user than waste my life acting as an
administrator for every aspect of my system. Computers exist to
automate tasks for me in the first place, and I will continue to use
automation to help me out for as long as it benefits me.

It is also not a game.

 

[Chris Jones]

To start with, RTFM is a given.....

That's no excuse for applications installing with insecure
configurations.

 

[FromTheRafters]

That's no excuse for applications installing with insecure
configurations.

I agree that a failure in the autoupdate feature should have
been brought to the users attention. But as far as what should
and should not be defaulted to on install is open for debate.
My opinion is that all installations should be defaulted to the
simplest form thus enforcing the requirement that the end user
take an active part in the configuration options to get to the
desired state.

Yes, I know that that is not practical.

 

[FromTheRafters]

Why would I pay money for "auto-protect" and "auto-update" otherwise?
Of course I'm asking it to "babysit" me, if I didn't want that then I
wouldn't have bought it in the first place.

Then you are forcing the software to become more complex, and
complexity increases the likelihood of programmatical errors. You
then shouldn't be too surprised when an error rears its ugly head.

Your money is what drives the software toward this end.

On-demand scanning may work fine if you're in control over every file
that's written or executed on your system - Windows and Windows
software often doesn't allow that.

....it sure doesn't make it easy, you got that right.

I would much rather remain a user than waste my life acting as an
administrator for every aspect of my system.

I long for the bygone days in which computer use required a clue
on the part of the user. This "user friendly" trend ruined everything.

Computers exist to
automate tasks for me in the first place, and I will continue to use
automation to help me out for as long as it benefits me.

Worms love automation, because it is often flawed.

It is also not a game.

Oh yes...it *is*...

Even if you choose not to play, you're still in the game because
the players can still use your resources to achieve their ends.
If you guard your resources well, you become a *good* player
for the anti-virus team.

 

[kurt wismer]

And you're conveniently assuming that when I say "plug and play", that
I mean perfect, when I don't. An odd fight to pick, but let's go.

plug-n-play ~= install and forget... imperfection is simply the reason
why it's problem... the install and forget mentality is wrong-headed
and has been getting people into trouble for years...

[snip]

Plug and play doesn't imply perfection. It means that the software
will set itself up in a working and generally sensible way. It is not
unreasonable to expect the default configuration to be the safest.

not quite... it's not unreasonable to demand that they're the safest,
maybe even hope for it but to expect it, on the other hand, is
ridiculous... i think this must be where the term 'duh'fault must have
come from...

[snip]

And yet if the toaster is within warranty (and sometimes outside it),
the manufacturer can be held liable for damage caused due to any
defects. The same is not true for AV software - if I had lost any data
due to NAV's failure, I would have had no recourse.

yes, the lack product liability in the software field is deplorable...
no arguments here..

 

[kurt wismer]

Why would I pay money for "auto-protect" and "auto-update" otherwise?

why do you pay money on insurance?

 

[David]

It is turned on by default. Unfortunately you turned it off. Unfortunately
the software couldn't protect you from your own actions.

I didn't look through them all, that's right. Should doing this be a
prerequisite for expecting software to work properly?


That was only one of my three complaints, and I still find it
ridiculous that the option you refer to wasn't set to the most useful
setting by default.

You should be doing this in any case. But you better learn how to
effectively use AV software so that you are sure your backups aren't going
to be infected also.

Thanks, but I think I'll redirect my efforts towards more frequent
system backups. That method of protecting my data seems rather more
reliable.

And how do you propose they should do this when a virus' is written to kill
the processes and overwrite the executables?

 

[FromTheRafters]

And you're conveniently assuming that when I say "plug and play", that
I mean perfect, when I don't. An odd fight to pick, but let's go.

I thought that "plug 'n' play", "plug and play", and "plug & play"
all referred to automated hardware support schemes. You seem
to be talking about "install and forget" which is a totally different
thing altogether.

...although both are aimed at the "user freindly" = "any idiot can
do this" market (no clue required).

 

[FromTheRafters]

why do you pay money on insurance?

My car has an oil pressure warning light, a high coolant
temperature warning light, a low fuel warning light, an
electrical (alternator) voltage warning light ~ imagine my
disgust when it failed to warn me of impending brake failure.

Shouldn't there be a light on the dashboard for that too!?
My motorcycle had one, and I paid *more* for the car!

I guess motorcycles are just safer.