All right, I know it's good to that Microsoft provides a free malware scanning utility and that I'm being a bit of a duck to have a go at them, but nevertheless, the Windows Live OneCare Safety Scanner is a bad idea that should be taken down fast.
For starters, it uses an ActiveX control - Internet Explorer required in other words - that's annoyingly hard to install. You get warnings galore from Windows 7's UAC and IE about popups and do you really really really want to install something that has the potential to roger your system well and truly?
That's not what a non-technical user wants to see, especially if s/he thinks the computer in question has been compromised via the Internet.
Does it work then? No idea yet, because this is far as I got:
Ah yes, good old error number 0x0C600C03. Of course. Tells you exactly what went wrong, doesn't it?
And why is this done over HTTP and not secured HTTPS anyway?
See that little "Love it? Tell your friends" exhortation to email your friends about the scanner? Yep, very bad idea that too, as from now on, malware writers will start spamming about OneCare safety scanner, with the payload likely to be something you really don't want on your computer.
Other related posts:
Video: Kim Dotcom and Mathias Ortman at the IITP Mega breakfast
Two-factor authentication broken
The problem with naming and shaming
comments powered by Disqus