Friday, April 14, 2006

 

F-Secure, no

Blacklight, No Occasionally a piece of software emerges that is so bad that it needs to be publicly crumpled up, cast to the floor, trampled, and spat upon. F-Secure's Blacklight trial version is one such. Let's be honest. There are no really good firewalls. They exist because the Microsoft builds defective software, because corporate America wants your computer infested with spyware, and because no one in the federal government has taken to heart Richard Clarke's warnings that the American way of life is susceptible to disruption of the Internet by, oh, say, viruses. Firewalls all, one day, manage to lock up, refuse to completely uninstall, prevent you from dialing out to get to technical support, and general reduce your life to misery for an indefinite period of time. But Blacklight began with so much promise. A compact, nicely configured package detected the Sony rootkit that had compromised so many computers. It was beautiful. A quick download, a 10 minute scan and you had your peace of mind back. My most recent term in Computer Hell began on April 9th. Now, part of the problem is my eccentricity. I refuse to buy broadband. As long as it is so easy for people to hack into or download malware onto your computer without any action on your part, the best way to frustrate such efforts is to make them suffer through what every dialup user endures. Slow in means slow out. So, downloading this bloated application took 7 hours. Not a problem: overnight. But good software is compact software. More warning signals started to appear on installation. Good programs play nicely with others. Bad programs, like abusive spouses, demand absolute exclusivity. Uninstall that other program or you sleep alone. Now, in some cases, it's reasonable. But Spybot? Any firewall that regards Spybot as intolerable is likely to make life very difficult in other ways. After installing, there were hours devoted to downloading virus updates. Why a trial version should have four month old virus definition files is a mystery.The best moment to sell your software is the moment of installation, when your software discovers some variant that Brand X missed. Then Blacklight corrupted itself, which I discovered by a little popup saying that it couldn't find fspex.exe. Oh, yeah. It also wouldn't let me sign onto the Net. Was that when I started getting keyboard errors on startup? I think so. And it wouldn't let me reinstall my other firewall. Well, ok. Unload, reload. There goes a couple of hours. And it's back to working again. A couple of days go by. I think this could work. And then it corrupts itself again. Well, ok. Uninstall, reinstall. It won't reinstall. It won't let me install my old firewall, even in safe mode. Well, ok. Start hunting down components and killing them from the program files, prefetch, registry, wherever. Very dangerous, but so is having no antivirus and no firewall. That's when a really bad sign shows up. There are what it calls legacy files that can't be deleted from registry. System restore? Forget it. It wiped out all the previous points. I may well have to reinstall Windows to get things back to normal. A friendly word: don't try F-Secure Blacklight. At free, it's waaaay overpriced.
Comments:
Thanks for the warning. No decent firewall should be more than a couple of megs in size. Any bigger, and it's more about screwing up other proggies than it is about protecting you from the bad guys.

One big problem with broadband is the fact that its "always on" feature means that it's got a static IP address. Dialup, on the other hand, is all about dynamic IP addresses. If you're going to be a target, it's better to be a moving one.
 
You must have been installing a package that contains a lot more functionality than just a firewall. Sounds like you had a firewall, anti-virus scanner and a rootkit scanner, possibly more.

And the reason for the 4 month old databases: your installation package was probably created 4 months ago with the databases that were current at the time.
 
Blacklight cannot be compared to a firewall! It is a rootkit detector! It detects rootkits and ONLY rootkits. It will not detect viruses, troyans, spyware or any other malware.

Security should be based on prevention and prevention can only work if people stop surfing in suspicious websites. Prevention will work only if people stop clicking on anything that is animated and colorful on their screen. It is natural that people will get infected if they go after porno sites, cheats, casino stuff and download programs which they have not doubled checked whether they are trustworthy. People get infected only because they are not security aware and not because there is a conspiracy behind this. They just dont care.

It is not true that there are no good firewalls. Kerio Firewall is an excellent and extremely powerful firewall. It can be unistalled perfectly ok without any problems.

You simply cannot handle your operating system in a correct way. These problems do not arise unless you have really messed up your system. And who knows what else you have done with it.

Blacklight is a great program, the best rootkit revealer out there.
 
It is natural that people will get infected if they go after porno sites, cheats, casino stuff and download programs which they have not doubled checked whether they are trustworthy.

Viruswitch, believe me when I say that Charles is probably one of the few North American males never to visit a porno site or any sort, do online gaming, or do online gambling. :-)

Thing is, if Blacklight just detects rootkits, why does it need to be so huge? Or are there as many rootkits out there as there are regular viruses, and each needing a new definition/cure? (It wouldn't surprise me if there were, actually.)
 
:-)

I think the stock market counts as gambling, PW, so I can't say I am completely innocent.

But it's true that as much as I admire the female form, I dislike the XXX commercialized format. All my anti-virus/anti-spyware is up to date. And I download very little: certainly nothing dicey.

That's not good enough nowadays. You can get malware by IM, by clicking on a normal-seeming website, or even by someone finding a port on your computer that isn't tightly guarded and sending it to your direct.

Viruswitch, the F-Secure product under discussion is (as Sami says) a security suite. It includes anti-virus, a firewall, parental controls, e-mail scanner, anti-spam etc.

It sucks, bigtime.

I have just now managed to yank out enough of the tentacles to be able to return to my former firewall. But it wasted three days.

BTW, some people like Kerio. Plenty don't.

I am not a geek, but if a piece of software causes me trouble, it will causes other people a lot more trouble.
 
One other point. Let's suppose, VW, that these problems are all my fault. Pray tell why has F-Secure not responded to my e-mail of Friday?

My guess is there are a few other people who have these problems. Whatever one can say, any vendor who offers a trial version and provides miserable support is not likely to provide better support after you give thm the money.
 
Blacklight is big because it was one of the first and few programs to detect rootkits. Rootkits are a not so common threat but a real one, which might develop into the future nightmare of IT security. I have seen rootkits in action. Rootkits can hide malware from the operating system completely and thus from antivirus software. They can install more malware which will remain invisible and take control of a system. Rootkits are dangerous and thats for sure.

I am not talking about you personally since I do not know you. But people in general get infected due to reckless surfing, due to an internet behaviour, which is not within the limits of reason because these people either do not have the necessary education on security or do not wish to accept it.

It has been 2 years since I last got a piece of malware (which did not even activate itself) and that was because I deliberately surfed in suspicious site. Apart from that nothing comes through the fortress of my pc. Why? Due to my antivirus? No. I even consider antivirus and firewall unnecessary if the pc is patched, windows and browser settings correctly set and one knows that the sites one visits are trustworthy.

I am not sure why they did not respond to your email. I also despise bad support. However, they always reply my emails when I sent feedback and problems related to blacklight and viruses.

You do not need to be a novice computer user to mess up your pc. It can happen to anyone, a small incompatibility between two running programs, errors from wrongly installed drivers, remains of registry keys, running processes or temp files etc from long erased programs can all lead to a great destruction. Sometimes the reason cannot even be identified. Windows is just windows.
 
Amen to "Windows is Windows", Virus Witch. It definitely is.

I don't think it's so that the size of this security suite is because of rootkits. F-Secure brought out a wonderful little app to nail rootkits and it couldn't have been more than half a meg. The security suite is, if I recall, 60 Megs zipped. That's getting biiiiig.

While it's true that most people get infected off of reckless surfing, it's also true that malware threats have started to get far more creative.

With my current firewall, every release says it increases system stability. This has been going on for four years. So, I think it's a widespread issue.
 
Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

More blogs about politics.
Technorati Blog Finder