Is "security" software the root of all evil?

[VanillaMozilla]

This post was the last straw. After seeing thousands of reports of Firefox not being able to view Web sites by DNS, or not being able to view secure sites, after all kinds of similar problems went undiagnosed, and after seeing reports that Symantec Antivirus, Kaspersky Antivirus, and other security programs can block Internet access or otherwise mess up in previously unexpected ways -- even after the user turned them off -- I'm beginning to wonder how many support requests are actually due to software that's keeping us just a bit too "safe". Is my perception accurate here? And what, if anything, should we do about it? This is a thread for your horror stories and your thoughts on the matter.

PLEASE DO NOT POST REQUESTS FOR SUPPORT HERE. THEY WILL NOT BE ANSWERED.

[Daifne]

The majority of business coming to me is caused by either 1) security programs failing to do their job (Norton) or 2) security programs being overly aggressive.

[old SKopischke]

I have spent more time in the last 25 years working on security software problems with personal computers than any other single topic. In my opinion, they have become too aggressive in attempting to stop the bad stuff. It may also be a case of poor (or inadequately thought-out) software design.

[old LoudNoise]

I think that it is more a matter of defaults being set to high. And lets face it, the security firms are not getting particularly pummeled by support requests when a different program is affected. They really don't have any reason not to be overly aggressive and have a number of good reasons to be.

There is also an "all things to all people" thing at work here. The companies want to be a one stop solution for your malware, virus and firewall. Making all these things work in one suite isn't easy. It took a long time before office suites were worth the effort.

Finally, it is also something of a new business. When all you really had to support was I.E. and I.E based browsers it was simple (Netscape really wasn't around for the grand age of attacks).

[VanillaMozilla]

I did a Google search for <b>security software did it</b>. Not surprising, the first hit was this. Malware gained administrative rights? That's right, your security software did it. But I digress.

I'm thinking we need more systematic coverage in the Knowledge Base and Mozilla's docs about what problems can be caused by security programs. Maybe some of you who have broad knowledge of this software could contribute here. Would this be a good idea? There's more discussion here.

[old SKopischke]

Lovely.

[VanillaMozilla]

Missing any children or pets? But I digress again. This is serious.

[old LoudNoise]

Missing any children or pets? But I digress again. This is serious.

Assuming that the mods would be willing to protect this against support questions could this thread be used to construct a "12 reasons way.." like item?

[old FatJohn]

I certainly agree. One big problem imho with the "security" software is they tend to turn into bloated monsters. Suddenly a 'virus scanner' is blocking popups, or a 'firewall' is suspending animated gifs, etc. They are out of control. I'm all for the unix philosophy.

[the-edmeister]

IMO, security suites are garbage, no one company does a good job with everything. The firewall part might be good, but then the AV part sucks, or vice versa - and that is what causes the grief people experience.

My advice (as a non-professional - I am not in the 'business') is to run a hardware firewall or a router for fixed location computers, along with a good AV program and the usual malware scanner programs - I rely on my router (and Firefox) to keep crap from getting into my PCs on my LAN to start out with, and the AV program and the scans to find and get rid of whatever sneaks thru or gets deposited by 'dubious' program installations, and wants to phone-home. I also use Webmail exclusively to avoid getting 'surprise packages' via downloaded email.

IMHO, firewall is only necessary on laptops that will get connected to other "networks" - I use "unsecured" Wi-Fi HotSpot connections in retail stores, 3 days out of 7 for my job. I have been running Comodo Firewall Pro since June when I bought this laptop, and have had my share of "excitement" with Comodo - I had to reinstall the firewall program after my first Firefox update {the 2.0.0.6 update} as the Firewall just turned itself off! (was told to reinstall by the Comodo Firewall popup box and from information I got at the Comodo forum)
No problem with the 2.0.0.7 update, and even used a non-Admin account on WinXP to do the update.


Ed

[Lost User 227344]

It's getting almost to the point of having "more" security software on your system than anything else. To me this is a little bit ridiculous. I'm using an older laptop that isn't all that bad on the net and it runs what software I have installed on it fairly well. The way that all software is getting bloated is hopeless. The day of the massively large hard-drives is at hand and my poor little machines (I also have a newer desktop) will be useless.

If I recently hadn't suffered a stroke I would have already switched to Linux, but my concentration isn't what it used to be, nor my patience to learn a new system.

[old LoudNoise]

The bloated issue is sort of singing to the choir here. The question is how to support the folks who use the crap. How many times has VanillaMozilla had to repeat that a closed firewall is not necessarily a stopped firewall? If nothing else the "12 ways" message seems to get the point across when you copy the link to a thread.

[VanillaMozilla]

For what it's worth, the "12 ways" message was never intended to be permanent. It was just a quick and dirty response to a huge number of confused users that we were seeing at the time. It's hard to maintain now that the topic is locked.

But I was thinking of a polished article or section for the KB, etc.

Breaking news: http://forums.mozillazine.org/viewtopic.php?t=588475 (thanks to Ed-meister for the tip). Avast and Kaspersky are processing all http: traffic. I don't think they're the only ones.

[Oldfart]

It's getting almost to the point of having "more" security software on your system than anything else. To me this is a little bit ridiculous. I'm using an older laptop that isn't all that bad on the net and it runs what software I have installed on it fairly well. The way that all software is getting bloated is hopeless. The day of the massively large hard-drives is at hand and my poor little machines (I also have a newer desktop) will be useless.

If I recently hadn't suffered a stroke I would have already switched to Linux, but my concentration isn't what it used to be, nor my patience to learn a new system.

Ubuntu's flavour of Linux is not too bad - but it can be fiddly sometimes: there is a learning curve. There's an 'alternate' download which creates a text-only CD image for installation on machines which are a bit short of memory. There's also an application for it, called Wine, which lets you run windows executables (well, some). But it is rather an extreme measure to protect yourself against malware, when Windows (XP, and, yes, even Vista) is really rather good, all things considered - blasphemous though that might sound. Even Ubuntu is really for hobbyists.

In my view a simple good AV and a standalone software firewall (like ZoneAlarm - though it is getting boated, plus some antispyware programs are just fine. Suites are for those who don't want to be bothered with any admin - and, of course, there is small cost in this. However, my wife has very little trouble from ZoneAlarm Security Suite, running first on XPSP2 Home, and now Vista Home Premium.

[old SKopischke]

Oldfart, you make some excellent points. I would make the move to some flavor of Linux, if they all were a bit less hobbyist in focus. I have been an IT "geek" (as my 14 year-old daughter calls me) since 1979. I have learned more operating systems, applications, utilities and interfaces than I care to remember. It's not that I am unable to learn a new one, but I have better things to do with my time. Ergo, I am sticking with Windows XP Pro for the nonce because I already know it and its foibles.