Jon loses his patience with AV vendor intimations that suggest they’re offering perfect security; one, in particular, causes Windows to go haywire
Jon loses his patience with AV vendor intimations that suggest they’re offering perfect security; one, in particular, causes Windows to go haywire.
The news that an antivirus package has managed to go rogue, and decide that key Windows system files were malware, caused quite a flurry of tut-tutting. But it isn’t the first time this has happened. Every year or so, it seems that one of the major AV packages gets an updated set of definitions, only to cause huge disruption. It grabs core Windows system files and moves them into quarantine, or deletes them, or performs some other, quite unhelpful action. If you’re unlucky, you won’t notice this until the machine is rebooted, and the subsequent reboot attempt fails with the end result a thoroughly scrambled OS. If you’re really unlucky, then the machine just dies before you’ve had an opportunity to save your work.
As in the previous instances, something went wrong inside the AV package, and the files got nuked, or scrambled, or moved away. Fixing this isn’t simply a case of “press F5 when you boot and it will sort itself out”. No, you need to get the files back from the quarantine area, and then put them into the right places, and then try to reboot. In most cases, it will probably be easier to recover from your image-based backup solution. You do have one of those, don’t you? If not, try one of the various repair methods for Windows, and hope it works.
Now I understand that software has bugs; I’ve discovered a number over the past 30 years. I was probably responsible for some in my younger, coding years. But the very action of a piece of downloaded code attacking your Window system and causing chaos, without your authorisation, sounds remarkably like… do you know, it could almost be a virus? The very process you’re trying to protect yourself from is the process that kills your machine. It’s hard to take this sector seriously when such errors occur and are pushed out to the paying public.
Ah, but the cure is better than the illness, the AV vendors will claim. After all, aren’t a few mess-ups such as this better when compared to the trillions of pieces of malware that come trundling down your internet connection every time you browse the John Lewis website, or order some toilet rolls from Tesco?
They might be right. But here’s the problem: I don’t trust any AV package to secure my system. None of them – because they demonstrably don’t work. If they did, then I could say “Go buy package X”, and you would. And then you’d never have a malware or virus problem ever again. You could sit content in the knowledge that your computer is going to be fine.
But this isn’t the issue. And here is where I become really annoyed at the AV industry. You can take a whole bunch of malware – it isn’t difficult to find; there are plenty of kosher websites out there from which you can download terabytes of malware every month. And then you can get your package to scan this seething cesspit and see what it finds. And it’s entirely possible that everything is found, and cleaned, on the first sweep through.
This, you might conclude, means that the AV package is doing its job just fine, and that you’ll be safe. Except for one nagging issue – the difference between the macro and the micro. Does the efficacy of your package today give you any guarantee about how it will work tomorrow, when that new threat tomorrow is entirely unknown today?
The AV vendors will whine that they have all sorts of reverseengineering capabilities, and sandboxes and other fabulous things. All of which matter not one jot, simply because there may well be some malware tomorrow that gets through. It doesn’t matter how good the software was last week; what matters is that it will fail tomorrow. It doesn’t need 40,000 pieces of malware to be correctly identified today – it just needs one, just the one, to get through tomorrow and you’re hosed.
By any sensible measure of capability, this is a failure. The macro response is irrelevant when it’s one piece of malware that gets through and trashes your computer. When it’s the AV package itself that does this, one’s faith in the whole scenario is further shaken.
Now the AV package vendor will claim that it can’t protect you against everything, and thus my annoyance is misplaced. But go take a wander around the websites of the major vendors. “We believe that everyone has the right to be free of cybersecurity fears” quoth Eugene Kaspersky. Webroot – the vendor in question with regards to this latest screw-up – has a question and answer wizard, which on completion recommends a product, claiming “The perfect security for you is... SecureAnywhere AntiVirus.” Not “recommended”, but “perfect”.
McAfee says, “By protecting consumers across all their devices, McAfee secures their digital lifestyle at home and away.” Avast: “Our job is to keep you safe. Get Avast for home, business or on the go, and protect everything you do.” Avira goes for, “It’s the first-ever full security package that not only blocks malware, but anonymizes your browsing, and wipes your online traces clean – for free.”
You can decide for yourself how close these claims are to false advertising. But please note that none of the vendors offers significant financial compensation for failure of their product to protect you. Which isn’t quite the sort of liability you’d expect from a company making such bold claims.
Microsoft isn’t blameless in this, either. The mere fact that a piece of malware, or Webroot in this case, can take a hatchet to your running OS, shows that it isn’t a secure operating system. Microsoft is happy to claim that “Windows Defender is your antivirus security solution that delivers comprehensive and real-time protection against software threats across email, cloud and web. Because it not only detects and removes viruses, spyware and malware; Windows Defender is the last thing a malware threat ever sees.” Which, if true, means that I have no need at all to purchase or install a third-party antivirus package. Why would I need to when, “Windows Defender is the last thing a malware threat ever sees”?
What’s the answer? If we’re going to use operating systems that are, frankly, so laughably easy to terminally corrupt, and which seem incapable of protecting themselves, then the only safe way to run them is within a virtual machine. That way you can snapshot it, roll it back when something goes wrong, and even have a base starting point from which a session can be restarted. Why are we continuing to support a market worth some $25 billion per year when suppliers’ claims are out of alignment with the end-user reality, and when a vendor is capable of operating in a way that’s indistinguishable from the very issue it claims to protect you from?
Mac Pro mistake
Apple has admitted it made a mistake. Yes, it’s that big a deal – Apple almost never admits that anything is less than merely “fabulous” or “incredible” or “knee-trembling”. Okay, I made the last one up. But it has decided to try to persuade us that it really does care about the high-power workstation market – and that maybe the Mac Pro wasn’t what a lot of its users wanted.
I think history is being a bit unfair to the Mac Pro. It does what it does extremely well. I use it as a desktop high-performance workstation, and its primary task is running Windows virtual machines under Parallels. I do a lot of software testing in these VMs, including antivirus testing. The facilities of Parallels, and the ability to lock down VMs and their networking, and access to facilities such as VMs, is a godsend when working with malware. The ability to flatten a VM and bring it back up again in a few seconds is a huge help too, especially when you execute a bit of malware and the package installed in that VM doesn’t catch it in time. But I could rant about that topic for hours – oh look, I already have.
The downside of the Mac Pro design was that it had no internal storage. So those who needed external PCI cards had to resort to using card cages connected using Thunderbolt. There’s nothing really wrong with this approach: I use it myself for the interface card to my HP LTO tape library, connected via a long length of Thunderbolt fibre cable. The internal storage is eye-wateringly quick, but others wanted to plug in their own drives. Again, there are plenty of Thunderbolt solutions to do this in a powerful and effective way.
Some decided that two GPUs wasn’t enough power compared to what you can do today using a monster single GPU – but again, it’s a little unfair to rewrite the expectations after the event. And some doubtless hated the cylindrical design because it’s a pain to rackmount, requiring custom mounting hardware from third parties.
For me, the biggest issue is that it wasn’t upgradable. It’s still USB 3. It can’t output video at a higher resolution than 4K, so I can’t plug in the latest monitors. It’s Thunderbolt 2, not the far superior Thunderbolt 3 over USB-C (neither of which was around when the Mac Pro was released, of course).
So here is what I think Apple will do. A new box in a desktop and in rackmount configuration. Numerous Thunderbolt 3/USB-C connectors. Internal storage directly connected to the bus, but with some drive slots too. Internal PCI-E slots, for those who demand that. Built-in video support to at least 5K, possibly 8K resolution. A truly monstrous GPU facility. All for a price tag that’s eye-watering, but doesn’t quite require your first born.
“If we’re going to use OSes that are laughably easy to corrupt then the only safe way to run them is within a virtual machine”
Also note that Apple has announced the likely availability of an iMac Pro, a product that again would benefit hugely from Thunderbolt 3/USB-C. A range of proper monitors wouldn’t go amiss either. I note that Dell now has an 8K resolution monitor – something similar would be just the ticket. If Apple delivers on both, then it can truly claim to be back in the groove.
By the way, a certain birdy in the form of a product manager just told me that there would be no Thunderbolt 3 on fibre cables this year. Maybe next year, he said. Seems that getting Intel to decide upon how it wants to do this is somewhat problematic, and that we shouldn’t expect anything just yet. I’m not surprised – it took forever for Thunderbolt on fibre to finally ship, after deadline after deadline went whooshing past. But it will come.
Apparently, Apple doesn’t want fibre ports mounted on its computers. Fibre is too sensitive to dust and fluff, and Apple is paranoid about users having a bad experience. Hence the reason it’s sticking to electrical connectors that are self-wiping/ self-cleaning on each insertion.
Blackmagic for free
Blackmagic Design, the company that makes a huge range of pro video and audio devices, along with cameras, has released a new public beta of its DaVinci Resolve software. Think of it as editing software in the same vein as Final Cut Pro X.
Six months ago it bought Fairlight, a company with a long history in the pro audio world. The original Fairlight sampling synthesizer was what started the whole sampling era, as typified by Frankie Goes to Hollywood, The Art of Noise, Peter Gabriel and so forth.
In recent years, Fairlight has been making studio-grade audio systems specifically aimed at film and video production. Resolve has always had pretty good audio-editing capabilities, but the acquisition of Fairlight – and its integration over a few months – is nothing short of breathtaking. High-end video programs, such as Final Cut Pro X, Resolve or Adobe’s Premiere Pro, aren’t the sort of tools that you just dip into. You need to invest time to learn how to use such a formidable array of capabilities. With the Fairlight acquisition and integration, Resolve has made a rightful claim to being one of the very best. And note that it offers a full range of hardware control surfaces too, both for the video and colour grading world and the Fairlight audio side, which significantly lifts Resolve above Premiere Pro or Final Cut Pro X.
And the best bit? It’s free: you can get a fully functional version of the app without spending a penny. If you want every high-end bell and whistle, including simultaneous multi-user editing within the same project, it will cost you the princely sum of $299 per user. To say this is an insanely low price is perhaps the understatement of the decade. Download Resolve ( pcpro. link/274resolve) and give it a whirl. You might well like what you find.
Dropbox leaves it in the Cloud Mode
There’s a nice new feature in Dropbox: you can decide to leave your files in the cloud and to only download a particular file when you need it. It seamlessly works with the file system, so as far as your OS is concerned, it’s there in your file manager. But when you click on it, Dropbox downloads the whole file in the background. It’s a superb solution for those who have large Dropbox installations, running to a number of terabytes in my case.
I don’t want to turn on Selective Folder Sync and thus cut out folders I think I won’t need, only to discover that I need them after all. At which point they’re downloaded in their entirety and my laptop hard disk becomes full. With Cloud Mode, I can have apparent access to everything, but only pull down what I need, when I need it. Once downloaded, it’s kept downloaded – the process is just seamless. If you run Dropbox, give this mode a twirl and see how well it works for you.
One the biggest annoyances of the iPhone 6 and 7 range is that they don’t support inductive charging. It’s even more annoying because inductive charging has been the only way of charging an Apple Watch since that particular device shipped. So Apple clearly knows all about it, and has shipped product using it. But not the iPhone range.
My annoyance is compounded when trying to fiddle with either the Lightning cable or the desktop stand I have for charging my iPhone. Getting it correctly aligned so that it connects up is tricky, doubly so in the dark at 2am without my glasses on.
So imagine my delight to find a vendor on Amazon that sells a very thin case for the iPhone that implements inductive charging. There’s a small tag cable at the bottom, terminated with a Lightning plug with a 90-degree turn. This pops into the socket on the phone, and is pretty much streamlined. Take a standard inductive charging pad, drop the phone onto it, and a modern miracle occurs. In fact, it would be quite hard for me to go back to wired charging.
Suffice to say, if wireless charging isn’t part of the next iPhone, then I will be really quite cross.
Jon is the MD of an IT consultancy that specialises in testing and deploying hardware
BELOW AV software is fine for today’s threats, but can it really guard against what’s to come?
ABOVE The Mac Pro: missing something? Quite a lot, actually
ABOVE Give Resolve a go – its features easily put it in front of Premiere Pro and Final Cut Pro X
BELOW Dropbox Cloud Mode gives you what you need, when you need it
ABOVE Come on, Apple – isn’t it time that iPhones supported inductive charging?