Symantec Support Gone Rogue? 268
DigitalDame2 writes "PCMag Security Analyst Neil Rubenking has always praised Symantec's tech support. Lately, though, a number of readers have reported problems with chat support, so he investigated. Rubenking was trying to install Norton 360 version 3.0 on a malware-infested system when the computer crashed with a blue screen error. He connected with Symantec tech support and was told that they could fix the problem, but for a fee of $100! (Here is the transcript and screen-captures of the chat.) Even more, Symantec support suggested that he use a malware-removal tool that wasn't even made by Symantec."
It could be worse (Score:5, Insightful)
Maybe it wasn't Symantec Support??? (Score:5, Insightful)
Symantec has never been useful after-the-fact (Score:5, Insightful)
As a real-time scanner, it is pretty good, and the corporate editions are pretty light weight, but has symantec ever been useful as a repair tool?
The support tech sounds like he did right, despite the non-corporate policy of eating symantec's own dog food.
Anyone cleaning an already infected machine would start with malwarebytes or combofix before wasting their time with symantec's stuff.
Sounds like the tech who was helping him knew this.
Re:Maybe it wasn't Symantec Support??? (Score:1, Insightful)
One would assume that he wasn't daft enough to connect to Symantec through the infected machine...but then again you never know!
Re:It could be worse (Score:5, Insightful)
I'm not surprised. Norton makes an anti-virus/anti-worm/anti-spyware product. Not a general anti-malware/anti-adware product.
Their tool does one thing (sort of) well, scans for viruses, and pretends to do a few other things well.
Unfortunately nowadays, there's software that's more insidious than viruses, and it's beyond Norton's skill to detect.
Also, I doubt intrusion by malware not relevant to the AV is covered by software support agreements; troubleshooting an infected PC is up to the user, or the PC repair shop they'll hire to fix it.
AV support is for when your PC is working correctly and you are having problems running your AV, having trouble scanning a file, or not detecting a virus in an infected file.
If you actually got already got your system infected, before even trying to install the AV, that's 100% your issue.
Of course, the AV software won't install, the various malware programs prevent it from happening, and it's your problem to solve.
Not the A/V maker's. The only solution they can really offer you without a liability risk is to format, or hand the PC over to a qualified service person.
What we have here is a Failure to Communicate (Score:4, Insightful)
There is a major difference between offering defect support for software and offering services surrounding the software. Let's review the order of events here:
1) Customer is unable to install product on test environment. Receives BSOD.
2) Customer contacts Symantec requesting defect support. Per customer the product is not functioning as described on a test system.
3) Symantec's front-line support team misinterprets the customer's request for defect support. Instead, they believe the customer wants the system cleaned, regardless of whether a Symantec product is used or not. As a result, Symantec services are offered for an additional fee of $100.
4) End-result is one unhappy customer, and a heavily biased article criticizing Symantec support.
What should have happened is anybody's interpretation. But, during #3, at a minimum, the issue should have been escalated to the next level where an actual support engineer discusses a bit further with the customer to try to understand if they a defect with the product, something unique to customer environment, etc.
Conclusion: Front-line reps at Symantec need more training. Customer needs to work on communication skills to be clear when contacting defect support. Failure to communicate.
Re:Professional services cost money (Score:1, Insightful)
Moreover, Symantec's management acknowledged that they were in the wrong, and indicated they would be addressing this
Acknowledgment is valuable when faced with bad press.
Proof of a product need. (Score:2, Insightful)
this is just more evidence that anti-virus/malware products need to be on bootable read-only CDs that can connect to the internet, obtain current definition files, and scan and clean a computer before actually installing any realtime protection software.
Re:Uhm...? (Score:5, Insightful)
Re:You get what you pay for (Score:3, Insightful)
A hardware firewall will not stop outbound traffic if you don't have some kind of a IDS installed.
A really decent hardware firewall can do anti-virus, IDS and content filtering before it even reaches the PCs on your internal network. Problem is not everybody can properly configure the firewall or even understand exactly how it works. Which is why alot of security companies are making a killing on "security appliance" which for a yearly fee they will manage the device for you. They will push the updates to your hardware firewall and basically baby sit it for you. Only thing they will not help you with is ISP problems.
Re:Professional services cost money (Score:2, Insightful)
I'm curious. Did you actually read the article? The product he was trying to install was a desktop antivirus. It doesn't come on a boot disk, and it's not intended for cleaning heavily infected systems.
Obviously, most products that are actually intended for cleaning heavily-infected systems are self-booting. I'm sure Symantec can license some sort of command-line version of Windows in a way that's cost effective, or use a different NTFS implementation. It's just not what this product is intended for.
Re:Professional services cost money (Score:3, Insightful)
Yeah, and the typical Windows user which installs plenty of malware would have such an easy time fixing their Linux installation from said boot disk ..
Re:Uhm...? (Score:4, Insightful)
I am really glad there are so many Windows machines out there to take the heat and draw the attention of the hackers and organized crime.
It's a rogue industry ... (Score:5, Insightful)
I give my usual spiel that the best protection is not to pay money for anything, it's hard to say it's worth it (Slowing down your system, possibly causing more crashes and program compatibility issues, and then only catching perhaps 90% of threats). Open-source or freeware tools will do just fine to actually scan and heal threats. Largely it's the users actions that are the initial problem. I then offer my time, for free, to teach some safe practices.
You can't just punch in your credit card number and expect adequate protection.
Mark my words, there are lots of botnet'd windows boxes that have full-paid anti-virus software on them running just fine. My parents had one of them. (problem was identified in the logs of their linux firewall). The solution was to wipe it, given them firefox with some add-ons and clam-av. Zero issues since.
If your machine is properly patched your very unlikely to be taken over by a worm attack. Following that, with the right software, your unlikely to be hijacked in your browser and then infected. With the right ISP you won't have spam and e-mail threats. It's down to how the user operates, and discouraging them from skipping virus scanning that keygen.exe when downloading warez. Largely it's browsing that's the problem. Firefox plus some add-ons, and a little bit of user coaching.
I really wonder in who's interests it is to keep users dumbed down on security matters. Which in todays world has become as important as locks and alarms on houses cars and businesses. It's protection of critical infrastructure.
Why pay a exorbitant monthly subscription for a security guard to stand outside your house, because your house is equipped with vulnerable locks and the occupants are poorly trained at keeping the doors closed when they go out?
In hindsight I should have modded as redundant the mandatory:
Install Linux
which is inexplicably modded +5 something.
If 90% of the world ran one Linux distribution we would still have a thriving ecosystem viruses, trojans (albeit on a lesser scale). Good design, transparency and rapid patching in OSS only goes so far, it's not magic immunity. There is also a fairly constant amount of problems between the keyboard and chair - now that will not go away. Windows is the most common, therefore the most attacked... is the statement that raises hackles for some. However it is the truth. In much the same way having millions of genetically identical crops/livestock in unnatural concentrations provides for massive outbreaks of everything from blight to foot and mouth disease. Likewise millions of humans living in close proximity results in plagues - the human immune system was not built for this. And so our information technology infrastructure suffers the same fundamental laws of nature, you have one monoculture of identical entities you invite pandemic infection.
So how do we live in 20-30 million person cities, and don't all get wiped out in two weeks by ebola? We have sanitation: we all get taught how to cover our mouths when we cough, cook food properly and wash our hands after visiting the lavatory etc etc and we have some sanitary measures to back it up, ie chemicals that can clense pathogens.
User education is the key. The first thing we can teach is to stay the hell away from clearly rogue companies. We can also stop beating redundant very tired drums.
Re:Windows too infected to install antivirus.... (Score:2, Insightful)
How did you verify that your netstat hadn't been trojaned to report only what the virus writer wanted it to?
Maybe you ran an md5sum against it, compared it with known-good signatures. Great, except how do you know your md5sum too wasn' equally compromised?
Only way to be sure (apart from nuking it from orbit) is to boot from known-safe media, and manually verify *all* your files, binaries and data file alike. But at that point, it's easier to reinstall. Just don't trust your old config files - who knows what's lurking at the end of your .bashrc?
Re:Uhm...? (Score:5, Insightful)
Customers are ill-informed if they think that AFTER getting infected is the time to buy security software, and Its not the fault of the guy you're on the phone with that purchasing 360 does not include hours of over the phone support.
It is perfectly fucking normal to not be able to install software when your computer is infected with malware.
The writer of the article is a fucking douche, has unrealistic expectations for technical support for a retail product, and apparently (based on his purchase) does not understand that Symantec's business model is formed around IT execs having someone else to blame when (not if) their corporate network gets virus'd up.
The writer of this article, and the retard consumers he thinks he's protecting, made a fucking mistake. The mistake was this: they walked into Best Buy with their 'broken' computer. Geek Squad wants $170 to fix their computer. Norton costs $39.99. A few minutes of lowIQ number crunching later, they arrive at a decision, which is the fucking wrong one. Then they get mad at Symantec for not wanting to talk to you all day.
Much like Microsoft, I hate Symantec the same as you, but you hate them for the wrong reasons.