#332319 - 22/04/2010 11:40
Re: McAfee killing OS
[Re: Dignan]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
The corporate versions are only as good as the IT person who sets them up. At my previous job, the local IT people configured Norton well, protecting the systems while also not impacting performance of work related tasks. Then someone up the chain at another location decided to take over and the systems slowed to a crawl.
McAfee at my current place of employment works ok for the most part, but I have had to disable it a few times when it silently would do something to a new program install and cause it to fail.
|
Top
|
|
|
|
#332320 - 22/04/2010 11:48
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
Can you say Deja vu? Check out the date on this post... That one looks legitimate. There are plenty of viruses that try and infect SVCHOST, due to it being a required OS file. It's responsible for running many services on a Windows machine, both Microsoft and 3rd party ones. If, instead, you enable on-access scan, then you experience some general minor responsiveness, but such difference is less and less perceivable as you move to faster processors. It also seems to me, but I have not tested it extensively, that multi-core processors make the difference unperceivable most times. It all depends on what is being done on the system. Processors have generally been fast enough for a while to mask the CPU performance impact of on access scanning. Hard drives however haven't kept up speed wise, and multi core processors can just make the situation worse with many more processes trying to perform IO running in parallel. Generally, on access scanning of a machine that is compiling code will add a very noticeable amount of overhead to the task, especially if the link step consumes most of the memory on the machine leaving none for the windows cache.
|
Top
|
|
|
|
#332322 - 22/04/2010 12:41
Re: McAfee killing OS
[Re: drakino]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
[...] that multi-core processors make the difference unperceivable most times.
It all depends on what is being done on the system. True. I meant, more precisely, standard office usage(Internet browsing, Word Processing, average Excel usage, sometimes advanced, rarely very advanced, Power point usage, of all levels, Email)
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332326 - 22/04/2010 13:42
Re: McAfee killing OS
[Re: Taym]
|
old hand
Registered: 14/02/2002
Posts: 804
Loc: Salt Lake City, UT
|
I got off pretty easy on this. While my employer does use McAfee (about 80K installs), and I know several of our sites around the world were hit with this, I didn't hear a single reported case at my site (~500 installs).
We switched from Norton to McAfee last year, and before I never would have thought I would miss Norton. The performance we see "on the front lines" for McAfee is horrible. We have had far more outbreaks that required manual cleaning. But since we're not the ones signing the checks we just do what we're told. :S
_________________________
-Michael
#040103696 on a shelf Mk2a - 90 GB - Red - Illuminated buttons
|
Top
|
|
|
|
#332349 - 22/04/2010 19:32
Re: McAfee killing OS
[Re: wfaulk]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
Virus free for over 15 years running Windows on multiple computers. No AV. Also no MS mail apps on personal systems. Yes to both router-based and client-based firewalls (in and out). I'd argue that simply not using IE is more effective than AV software. For the records, I am 15 years virus free on my Windows based machines without an antivirus, using IE daily since IE4 as my main browser, and using Outlook as a mail client for the last 10 years. And, never seen any BSOD on Windows Server boxes since Windows NT4, in the last 10 years. And, an uptime of more than 2 years on a Windows Server machine not connected to the internet and not needing any update-> reboot. It's quite easy to disprove popular believes with single examples. Neither the former nor the latter are relevant, IMO, to prove anything, if not apparently support the arguments of this or that system's fan. I am not saying that this is the case. I am instead saying that IMO the best way to protect oneself from viruses Is to keep ones machines as updated as possible, and yesterday's McAfee issues, statistically, does not change that. Of course, if such a disaster happened again one may decide do drop McAfee and opt for some other product. Otherwise, as to my personal experiences above with IE, OL, AV Software, DSOD, Uptime, etc... I must have been extremely, extremely lucky so far.
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332351 - 22/04/2010 19:48
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 24/12/2001
Posts: 5528
|
For the records, I am 15 years virus free on my Windows based machines without an antivirus, using IE daily since IE4 as my main browser, and using Outlook as a mail client for the last 10 years. For a minute there I thought you were still using IE4 and was about to ask if you were crazy And, never seen any BSOD on Windows Server boxes since Windows NT4, in the last 10 years. BSODs are generally caused by bad drivers or bad hardware but Windows takes the blame for it. And, an uptime of more than 2 years on a Windows Server machine not connected to the internet and not needing any update-> reboot. If it is a standalone machine that nothing else connects to then sure, leave it unpatched but if other machines do connect to it even if it isn't on the internet then you should patch it.
|
Top
|
|
|
|
#332357 - 22/04/2010 20:43
Re: McAfee killing OS
[Re: tman]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
For a minute there I thought you were still using IE4 and was about to ask if you were crazy Some people would agree I am, but for other reasons BSODs are generally caused by bad drivers or bad hardware but Windows takes the blame for it. Ditto. If it is a standalone machine that nothing else connects to then sure, leave it unpatched but if other machines do connect to it even if it isn't on the internet then you should patch it. It was little irresponsible, but not so much. It was a file server shared by four people for non critical content. I'had meant to put it down for years and never did, to the point that its uptime became object of fun; eventually we relocated and transportation would last longer than any UPS available around would. So, I had to power ir down.
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332364 - 22/04/2010 21:05
Re: McAfee killing OS
[Re: tman]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
And, never seen any BSOD on Windows Server boxes since Windows NT4, in the last 10 years. BSODs are generally caused by bad drivers or bad hardware but Windows takes the blame for it. Windows shouldn't blue screen because of a bad call in a printer driver. Thankfully Microsoft felt the same way, and moved printer drivers out of ring 0 in 2000. Slowly, they are moving more and more out of ring 0. I've seen a number of times my machine would have BSODed in XP, but not in 7 due to video drivers moving what they can down into user space.
|
Top
|
|
|
|
#332369 - 22/04/2010 21:18
Re: McAfee killing OS
[Re: drakino]
|
carpal tunnel
Registered: 24/12/2001
Posts: 5528
|
Windows shouldn't blue screen because of a bad call in a printer driver. Thankfully Microsoft felt the same way, and moved printer drivers out of ring 0 in 2000. Slowly, they are moving more and more out of ring 0. I've seen a number of times my machine would have BSODed in XP, but not in 7 due to video drivers moving what they can down into user space. Yeah. Back in the old NT 3 days, most of the subsystems were actually outside of the kernel and in userspace. NT 4 moved a bunch of subsystems into the kernel to improve performance. The Intel graphics driver for my laptop is really flakey and does crash quite often. I see the little balloon popup to say that something went wrong but it recovered. It must leave the hardware in an odd state however as its not quite right afterwards.
|
Top
|
|
|
|
#332381 - 22/04/2010 23:51
Re: McAfee killing OS
[Re: Dignan]
|
carpal tunnel
Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
|
I don't mind McAfee. It works well in corp evironment Yeah, whenever I bash Norton and McAfee I'm always bashing their home consumer versions. Norton's corporate version is extremely stripped down and doesn't impact performance from what I've experienced. It all depends on how paranoid and or caring corporate is. Some just turn on all the features in an "I can't be blamed for being too safe." mode of thinking.
_________________________
Glenn
|
Top
|
|
|
|
#332388 - 23/04/2010 14:35
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 13/02/2002
Posts: 3212
Loc: Portland, OR
|
Virus free for over 15 years running Windows on multiple computers. No AV. Also no MS mail apps on personal systems. Yes to both router-based and client-based firewalls (in and out). I'd argue that simply not using IE is more effective than AV software. For the records, I am 15 years virus free on my Windows based machines without an antivirus, using IE daily since IE4 as my main browser, and using Outlook as a mail client for the last 10 years. As long as we're wagging dicks, I'm 15 years Windows-free, and because I'm a Linux user, I don't even have to provide technical (or virus cleaning) support for friends or family!
|
Top
|
|
|
|
#332392 - 23/04/2010 17:51
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31602
Loc: Seattle, WA
|
For the records, I am 15 years virus free on my Windows based machines without an antivirus, ... and without a tool to inform you, how would you know you were virus free? Just kidding of course. I think it's completely normal to go 15 years on Windows without encountering a virus: If you never install any software from strange sources, never surf to any strange web sites, and never open HTML emails or emails with attachments, then there'd be no way to catch any viruses.
|
Top
|
|
|
|
#332393 - 23/04/2010 18:21
Re: McAfee killing OS
[Re: tfabris]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
There have been a large number of remote Windows exploits. If you add "behind a firewall" to that list, then maybe.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#332394 - 23/04/2010 18:23
Re: McAfee killing OS
[Re: wfaulk]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31602
Loc: Seattle, WA
|
There have been a large number of remote Windows exploits. If you add "behind a firewall" to that list, then maybe. Right.
|
Top
|
|
|
|
#332395 - 23/04/2010 18:27
Re: McAfee killing OS
[Re: wfaulk]
|
old hand
Registered: 09/01/2002
Posts: 702
Loc: Tacoma,WA
|
There have been a large number of remote Windows exploits. If you add "behind a firewall" to that list, then maybe. And keep your Windows up-to-date. The last major remote exploit was years ago when Blaster got out. Most exploits since then have not really been exploited in the wild to a significant extent. Probably because big business and education learned to actually update there Windows installation, most were not doing it back then.
|
Top
|
|
|
|
#332396 - 23/04/2010 18:57
Re: McAfee killing OS
[Re: tfabris]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
I think it's completely normal to go 15 years on Windows without encountering a virus: If you never *snip* surf to any strange web sites*snip* Indeed. I mean really, who goes to http://wellsfargo.com anyhow? Just thinking back to the rash of IIS exploits that lead to malware being sent from very legitimate sites to their visitors that happened a number of years ago.
|
Top
|
|
|
|
#332399 - 23/04/2010 21:52
Re: McAfee killing OS
[Re: drakino]
|
carpal tunnel
Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
|
_________________________
Glenn
|
Top
|
|
|
|
#332403 - 23/04/2010 23:31
Re: McAfee killing OS
[Re: wfaulk]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
There have been a large number of remote Windows exploits. If you add "behind a firewall" to that list, then maybe. One of the Windows machines I mention is actually a web server open to the internet, and it actually offers more services and therefore open ports than just the 80. Of course it is also behind a firewall that only allows access to designated ports. In any case, it is not a maybe, it's a fact. I am not - and was not - showing off . I think it is perfectly normal, as others said. My point was instead that saying that Windows/OSX/Linux machines are "unsafe" or "unrealiable", or that IE/Firefox/Safari is, or that Outlook is, are simply extremely generic statements, generic to the point that they have very little meaning in reality. The ones above are all mature products, and they are all beyond the stage where you can simply say "that's bad, this is good". One may point out weaknesses and stregths of the above software; one may discuss on versions, updates, speed to release updates, user behavior, plug-ins, popularity, amount of known bugs and hypotetical unknown ones, methods to estimates them, the good and the bad of open and closed source, and what not. Similarly, the fact that I or Bruno were virus-free for 15 years without an antivirus also does not prove anything accurate in terms of "safety", as one may argue that this or that piece of software is or is not properly designed to remain safe in the hands of the average user rather than the enthusiast or the professional, discuss ad infinitum on who "average" users actually are, and what not... To simply find out that all those elements create a more complex reality that the one depicted by the "This is bad, that is good" approach. On the contrary, those elements will make this or that product change its safety/security position versus competitors depending on time, type of user base, version, design features, etc. I think the rest is just "religion war". As a side note, guys, to me no matter how perfect a logo is, how credible and clever the wording is, an email asking me to reply with my password(s) is just phishing. I delete it without even thinking; I have just no doubt. But, I know extremely well educated and brilliant academic professionals who simply plainly believe what they read and give out their personal data and credit card number! While I find it more and more shocking as the internet becomes part of the popular culture and everyone's daily life, it still just happens, _regularly_. This alone tells a lot in terms of psychology or human beings, where they put their trust; it also makes NO software really "safe" unless you stop allowing software to run on it, just like no car really is unless you stop driving it; and of course this will always penalize the most popular software versus the most elithist for the simple reason that the most popular will be used by the brilliant professionals who really believe their bank needs their passwords and PINs and CC# in an email message.
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332404 - 23/04/2010 23:36
Re: McAfee killing OS
[Re: tfabris]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
For the records, I am 15 years virus free on my Windows based machines without an antivirus, ... and without a tool to inform you, how would you know you were virus free? No Disturbance in the Force I sense, of course.
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332430 - 26/04/2010 15:42
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
|
This really says it all: Good article, Ed Bott.
_________________________
= Taym = MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg
|
Top
|
|
|
|
#332433 - 26/04/2010 16:44
Re: McAfee killing OS
[Re: Taym]
|
carpal tunnel
Registered: 24/12/2001
Posts: 5528
|
Ouch. Leaving out XP SP3 in their testing??
|
Top
|
|
|
|
|
|