It seems an Avast update has screwed the pooch again, blocking HTTP requests from all applications. That's also going to make getting support to fix the issue a bit of a problem.
An Avast software update pushed out on Wednesday is preventing web access for at least some devices running the firm's freebie anti-malware software.
Users affected by the problem have started threads (here and here among others) on Avast's support forum.
El Reg learnt of the issue through reader Michael S.
"Non tech savvy users will have issues reporting or getting the problem fixed," he explained. "To regain web access you have to disable Web Shield or disable Avast or uninstall Avast. To fix the issue you have to do a clean install of the latest version of software."
It's unclear how widespread the problem is. Avast's PR reps have acknowledged our requests for comment but are yet to supply a substantive response.
(Score: 4, Insightful) by physicsmajor on Saturday May 13 2017, @06:06PM (22 children)
This means Avast users continue to be vulnerable to the WCry, for example via a compromised computer being brought on the local network, as WCry attacks through SMB but the kill switch is a HTTP request to a random now-registered website. Stellar job!
(Score: 3, Interesting) by cafebabe on Saturday May 13 2017, @06:22PM (19 children)
Yes, I speculated that Avast's failure and the large-scale computer attack may be related [soylentnews.org]. However, this raises questions about Avast's previous failures and also competitor failures. Are they self-inflicted or the work of malicious third-parties?
1702845791×2
(Score: 0) by Anonymous Coward on Saturday May 13 2017, @07:11PM (18 children)
Are they self-inflicted or the work of malicious third-parties?
Neither... Blame Microsoft for shitty security.
(Score: 1, Insightful) by Anonymous Coward on Saturday May 13 2017, @08:49PM (17 children)
Linux Mint is very popular with folks who are trying something other than Windoze (trying to escape the Borg).
A very common question in the Mint forum is about what anti-virus to use with Linux.
The typical answer is that is if you're running Linux (and only Linux) you don't need to paste band-aids all over the outside of your OS.
(Just don't run as root and do keep up on your updates.)
I wish more of the responses would do as the parent commenter did here and note that if MICROS~1 hadn't constructed such a vulnerable ecosystem (and would respond QUICKLY to revealed vulnerabilities), Windoze users wouldn't need layers of additional "security" apps either.
...then we get into the subject of this story when the paste-on app is released with flaws and breaks things.
Another thing that gets mentioned with some regularity at the Mint forum is that AV apps make your system LESS secure.
In so many cases, those are so poorly built/maintained that THEY INCREASE THE ATTACK SURFACE.
...and, really, if you think that your system has been compromised, why are you trusting some app (which may or may not include a "cure" for that particular infection) to attend to things properly?
...and a "security" app that needs updates DAILY?? Really??
Wouldn't the logical thing be to pave over the existing installation and start over with something you can trust?
I have come to view Windoze users as masochists.
I remember Homer posting some stuff to comp.os.linux.advocacy in years past that showed that the list of most-sought apps for Windoze was mostly "security" apps and the most-sought stuff for Linux was productivity apps.
I thought--and-still think--that that speaks volumes.
Hey, it costs zero to try Linux.
You don't have to give up Windoze to try it; if you like, the 2 can exist side-by-side.
...and, in my case, I very quickly found that Linux was more powerful than what MICROS~1 offered.
The mark-it-and-it-goes-into-a-middle-click-buffer thing is really handy (in addition to the Ctrl-C thing).
The layers thing (make this window always be on top) is extremely cool.
The scroll-a-window-without-changing-the-focus thing is very nice as well.
Add to this better memory management and no disk defragging and, again, you spend less time waiting for your system to get right.
Updating and getting addition apps is the cherry on top.
We previously did the story about how the German basketball team plying a home game got dinged by the league because their scoreboard was run by Windoze.
Just as the game was to start, the computer decided that it needed to do an update and Redmond seized control of the box for more than 15 minutes.
Really?? People still accept this sort of thing??
Again, just get Linux.
It replaces this nonsense in a completely logical way.
-- OriginalOwner_ [soylentnews.org]
(Score: 2, Funny) by Anonymous Coward on Saturday May 13 2017, @09:22PM (12 children)
I have mint on my second ssd and can choose between during a boot. Half (2/4) monitors won't show up even after like 30 hrs of tinkering, so I only use it when I need to do something not possible in windows. I would love to switch to linux, but lets not pretend there aren't some things that windows does manage to do much better.
(Score: 0, Disagree) by Anonymous Coward on Sunday May 14 2017, @12:27AM (10 children)
[let's] not pretend there aren't some things that windows does manage to do much better
As I see that:
There are some developers who won't use cross-platform tools such that their stuff can't be easily ported to other platforms.
Single-platform exclusivity of stuff is not a plus in my book.
I can't think of a single thing where Windoze has an inherent superiority.
This story demonstrates an area where it is clearly inferior.
-- OriginalOwner_ [soylentnews.org]
(Score: 0, Troll) by Anonymous Coward on Sunday May 14 2017, @12:39AM (9 children)
I have 4 monitors using 2 graphics cards, any two will work fine but I could not figure out how to get all 4 together to work even after lots of tinkering. On windows, it just worked. I don't see how you can blame the hardware here...
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @08:25AM (4 children)
Did you try another kernel? [google.com]
(Unlike Windoze) you can have multiple Linux kernels installed and choose the one you want at startup.
You know that. Right?
-- OriginalOwner_ [soylentnews.org]
(Score: 2) by Wootery on Sunday May 14 2017, @08:38AM (2 children)
So your answer is spend tens more hours tinkering with the kernel?
This is a parody of Linux fanboyism, whether intended that way or not.
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @12:00PM (1 child)
To me, it seems that most (not all) of the problem is caused by proprietary software, which denies users their freedom and forces free software developers to reverse engineer their garbage. That's a significant undertaking.
GNU/Linux operating systems have their flaws, but no amount of technical advantages would be worth using proprietary software; freedom is mandatory.
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @07:38PM
proprietary software, which denies users their freedom
Yup. Pick your poison.
Some of us have found FOSS to be much less toxic.
and forces free software developers to reverse engineer their garbage
Brad Rodriguez has a nice example (also video-related) of a simple tweak that got a bargain monitor he had picked up working.
If he had been running the closed-source OS, he'd still be waiting for an update to get it working.
...or, more likely, would have had to drive his bargain back to the store for a refund.
FOSS made the difference. [googleusercontent.com] (orig) [goodbyemicrosoft.net]
Back in the day, Homer had an example of the flip-side of this that he would mention at comp.os.linux.advocacy on these occasions.
He had stuff that had been working under Windoze and an "update" to the[1] EULAware removed the functionality.
As I recall, he would have needed to pay[2] for a "pro" or "ultimate" version to get that back.
I believe that was another video situation as well.
[1] Notice that didn't say "his" EULAware; clearly, Homer was not the owner.
[2] Notice that didn't say "buy"; with MICROS~1's OS, it's always Redmond that owns it.
Again, pick your poison.
-- OriginalOwner_ [soylentnews.org]
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @02:25PM
At some point I have other stuff to do and it becomes not worth it. Its like if someone gives me a free car but I need to tinker with it for weeks before it works right...
(Score: 2) by NCommander on Sunday May 14 2017, @09:20AM (3 children)
Are you using two seperate video cards with one being NVIDIA and another not? I ran into this landmine a few weeks ago on my desktop as I use both the onboard graphics and an NVIDIA card to drive two separate monitors. It's possible to get this to work (the problem is that NVIDIA's drivers are epic piles of poop).
Still always moving
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @02:20PM
NVIDIA GeForce GT520 and GTX750 Ti
(Score: 2) by mcgrew on Sunday May 14 2017, @02:51PM (1 child)
I had the same problem with Suse fifteen years ago. Had a video card with S-Video out I used to plug it into the TV. Windows showed in the TV, Suse showed garbage, but worked with a monitor.
Poe's Law [nooze.org] has nothing to do with Edgar Allen Poetry
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @04:17PM
My favorite was when Fedora Core refused to output blue. You could adjust the RGB sliders in the video settings and blue could be full on but turn down red or green and the screen was black. And yes, the colors worked when the runlevel was changed to 3 or lower. Never did figure out that problem as it disappeared after running up2date one day.
(Score: 0) by Anonymous Coward on Sunday May 14 2017, @03:45PM
you may have found a weakness compared to windows(or not) but that wouldn't have ever happened to me b/c i wouldn't have tried to use two video cards for 4 monitors. i also wouldn't be using nvidia slaveware at all. An amd card with capacity for four displays would probably work just fine with the open source driver. the open source nvidia driver for linux is reverse engineered and sometimes has problems. the closed driver is a piece of shit and a pain in the ass in various ways. if you don't care about nvidia purposely not helping the nouveau team (by giving them basic info about their slaveware) or the various problems with the proprietary driver then you need to take your nvidia windows gamer ass back to windows (no offense. most of us come from a similar place.).
If, on the other hand, you were just trying to use what you were stuck with, then know this: everything seems very difficult at first when moving from windows to linux. MS has taught you to be a ignorant slave. (I was too). maybe start with a simpler setup and you will "get better at linux"(learn what the hell the deal is with everything. it's just a very different computing paradigm. one that requires the user to be somewhat responsible/educated) without having to try so hard all at once. Later it will seem easy and you will be embarrassed by how ignorant you once were. i know i was. You will also pick better/more freedom respecting hardware. good luck.
(Score: -1, Troll) by kurenai.tsubasa on Saturday May 13 2017, @10:33PM (3 children)
Only misogynerds use Linux. I guess you're pro-rape. Why do force computers to be so technical? It's not women's fault you're a worthless homosexual who can't get laid. You have no right to rape womyn-born-womyn with your "Linux" shit.
(Score: 0) by Anonymous Coward on Saturday May 13 2017, @11:59PM (2 children)
Warning: Drinking the same stuff that E-f does (particularly in those kinds of quantities) will really mess up your brain.
Why do [???] force computers to be so technical?
I haven't found Linux to be more difficult.
As stated, I found it to be even more useful than Windoze.
Not having to monkey around, trying to make up for the shortcomings of MICROS~1 "innovations", makes things easier for me.
...but some people have allowed themselves to get locked into narrow thinking.
Again: Masochists.
-- OriginalOwner_ [soylentnews.org]
(Score: 1, Insightful) by kurenai.tsubasa on Sunday May 14 2017, @12:40AM (1 child)
I know it's easier for me, but that's because I'm an assigned male. Gender essentialism dictates that my Y chromosome makes Linux easy. For example, it is not possible to type sudo emerge -auDNv @world, to understand that command's output, or to type Y to proceed without a Y chromosome. A womyn-born-womyn, lacking a Y chromosome, cannot press the Y key, and would instead try to press the X key and be unable to update her Gentoo install. Therefore, Linux is for misogynerds. It is unusable by womyn-born-womyn, and it rapes womyn-born-womyn, because reasons.
That is why womyn-born-womyn are empowered by closed-source, proprietary, DRM-UEFI-locked-down operating systems. What's happened here with Avast is more proof that misogynerds everywhere are actively working to lock womyn-born-womyn out of computers.
Oh, what the hell did I just type? My mind is going... I can feel it. I'm a...fraid. :(
(Score: 2, Funny) by Anonymous Coward on Sunday May 14 2017, @02:40AM
I find that people who need to ask someone how to get Linux to do what they want it to do had the same situation when they were running Windoze.
At this point, some will say that the only intuitive interface is the nipple.
-- OriginalOwner_ [soylentnews.org]
(Score: 2) by wonkey_monkey on Saturday May 13 2017, @08:20PM (1 child)
Is the kill switch an HTTP request, or is just to be able to DNS resolve the domain name?
I heard the researcher just had to register the domain name.
systemd is Roko's Basilisk
(Score: 3, Informative) by physicsmajor on Saturday May 13 2017, @08:27PM
It actually has to open a connection successfully. Further analysis revealed that it uses INTERNET_OPEN_TYPE_DIRECT, which is not proxy aware and will fail (killswitch OFF, encryption is a go) if behind a proxy.
(Score: 5, Insightful) by BsAtHome on Saturday May 13 2017, @07:24PM (4 children)
They are completely right. The internet is an extremely dangerous place and nobody there can be trusted. They all want to sell you something or steal your money using less honest means. Lets block that attack vector once and for all. Well Done Avast! Finally someone who understands how to save us from the dangers of the net.
(tong in cheek)
Although, I'd simply pull the plug; cheaper and far easier.
(Score: 0) by Anonymous Coward on Saturday May 13 2017, @07:53PM (3 children)
What does this mean?
https://en.wikipedia.org/wiki/Tongs [wikipedia.org]
(Score: 2) by RamiK on Saturday May 13 2017, @08:00PM (2 children)
Means he's taking a break from the post to have a quick grab at the salad.
compiling...
(Score: 0) by Anonymous Coward on Saturday May 13 2017, @08:14PM (1 child)
Could be worse. Could be thong in cheek.
(Score: 4, Funny) by aristarchus on Saturday May 13 2017, @08:32PM
I am more worried about where he's pulling the plug from!
(Score: 1) by GreatOutdoors on Saturday May 13 2017, @07:42PM (1 child)
Some people would love to find a way to break the internet. Imagine a major antivirus supplier making an update that affected high level servers. Yes I know that people should do testing before release, but many don't and it could cause a major issue.
Yes, I did make a logical argument there. You should post a logical response.
(Score: 3, Interesting) by NCommander on Sunday May 14 2017, @09:21AM
You laugh, I know too many businesses who run something like Avast on internet facing Windows/IIS servers.
Still always moving
(Score: 0) by Anonymous Coward on Saturday May 13 2017, @08:30PM
Does it run on Linux?
(Score: 1) by corey on Saturday May 13 2017, @11:22PM (1 child)
Do people still run anti virus software?
(Score: 2) by mcgrew on Sunday May 14 2017, @02:54PM
It's stillnecessary on Windows, but Windows comes with its own AV (Windows Defender). I don't understand why anyone would install a different one.
If You're running Mac, Linux, BSD, Chrome, or about any other OS AV isn't needed.
Poe's Law [nooze.org] has nothing to do with Edgar Allen Poetry
(Score: 2) by mcgrew on Sunday May 14 2017, @02:57PM
For those like me who don't trust that rag, I only found one other site covering it.
"We have identified that the problem is caused by an update issue of the dynamic link library (dll), which is part of the WebShield feature. We are preparing a patch that we will provide to the small number of users affected as soon as possible."
Poe's Law [nooze.org] has nothing to do with Edgar Allen Poetry
(Score: 0) by Anonymous Coward on Monday May 15 2017, @06:50AM
Stopped using Avast years ago after it would panic over anything I built in Visual Studio that accessed files. Like, at all. Basically worthless if it's literally going to complain at something like file "Hello, world!"
These days, I just use the built-in Windows Defender (and I've got MalwareBytes installed to do a deeper, likely better scan, but it's the free version so I don't have real-time scanning from that).