Re: [sqlite] SQLite and McAfee Anti-Virus
> After sending my email I realized the blame is partly with > me because SQLite is putting is own name on TEMP files. > I changed this so that the prefix is now "etilqs_" instead > of "sqlite_". That should help head off future troubles. I think this is worse. Veritas does something similar which makes people believe their system has been hacked (IIRC, they use something like .sEcUrItY names, way too cute). Let's hope the situation can still be resolved amicably. - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: > No need to call in a preemtive Slashdot bombardment just yet. > Let's give diplomacy a chance... > > -- > D. Richard Hipp <[EMAIL PROTECTED]> <$.02> As was mentioned previously, why *not* add a prominent section under the sqlite.org web site, which describes the problem, and turns a negative into a positive. I mean, SQLite is embedded in McAfee's products ... why not yours (but put your toys away when you're done playing like good little boys and girls)? In addition, it occurs that if a residual tempfile has outlived its usefulness, a prefix of DeleteMe_ has more meaning to the great unwashed than SQLite_ spelled in either direction. - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
At 22:59 31/10/2006, you wrote: I have to second this idea. It worked well for Poul-Henning Kamp. He published an open letter (http://net127.com/2006/04/07/open-letter-to-d-link-about-their-ntp-vandalism/ ) to Dlink on 2006-04-07 which was linked to from many sites such as slashdot, the register, and digg. He and Dlink reached an amicable agreement on 2006-04-27 ( http://people.freebsd.org/~phk/dlink/ ). Sometimes bad publicity and pressure from a lot of potential customers is very persuasive to a commercial enterprise. Dennis Cote Another example is on http://acme.com/software/thttpd/repo.html where a company suits acme because a hacking community used its webserver (thttp, one of the most used tiny webservers for unix) and has a logo with a link to http://acme.com. - To unsubscribe, send email to [EMAIL PROTECTED] -
AW: [sqlite] SQLite and McAfee Anti-Virus
I would actually remove the default or use the process name instead. Just my $0.02. Mike -Ursprüngliche Nachricht- Von: John Stanton [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 1. November 2006 01:28 An: sqlite-users@sqlite.org Betreff: Re: [sqlite] SQLite and McAfee Anti-Virus Why not make it McAfee and direct the complaints to the culprits? Joe Wilson wrote: > Even better - name the temp file prefix msaccess_ and no one will dare > touch it or question it. > > - Original Message > From: James Berry <[EMAIL PROTECTED]> > To: sqlite-users@sqlite.org > Sent: Tuesday, October 31, 2006 6:14:11 PM > Subject: Re: [sqlite] SQLite and McAfee Anti-Virus > > On Oct 31, 2006, at 2:24 PM, [EMAIL PROTECTED] wrote: > >> only people in >>the know will figure out 'sqlite' is 'etilqs' backwards and, as you >>point out, > > > You're assuming that Google won't find this thread, which is now > public record. Soon a search for (that new word) will get back to > sqlite anyway... ;) > > -jdb > > > > > > > -- > --- To unsubscribe, send email to > [EMAIL PROTECTED] > -- > --- > - To unsubscribe, send email to [EMAIL PROTECTED] - - To unsubscribe, send email to [EMAIL PROTECTED] -
[sqlite] SQLite and McAfee Anti-Virus
On Tue, 31 Oct 2006, [EMAIL PROTECTED] wrote: and it leaves lots of files in C:/TEMP that contain SQLite in their names. This annoys many windows users. My efforts to contact Mcafee about this problem have been unfruitful. CentOS had a run in with this high degree of intellectual analysis -- google: Tuttle Centos for the details -- The Register puts a proper spin on the matter. About all that can be done is to come up with a local varying convention for the tempfile names, based on some variant of a UUID computation -- maybe XOR 'SQLite' with the last 6 in hex of the MAC address? so that the owner of machine A cannot google out a similar report from machine B -- Russ Herrold - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
Why not make it McAfee and direct the complaints to the culprits? Joe Wilson wrote: Even better - name the temp file prefix msaccess_ and no one will dare touch it or question it. - Original Message From: James Berry <[EMAIL PROTECTED]> To: sqlite-users@sqlite.org Sent: Tuesday, October 31, 2006 6:14:11 PM Subject: Re: [sqlite] SQLite and McAfee Anti-Virus On Oct 31, 2006, at 2:24 PM, [EMAIL PROTECTED] wrote: only people in the know will figure out 'sqlite' is 'etilqs' backwards and, as you point out, You're assuming that Google won't find this thread, which is now public record. Soon a search for (that new word) will get back to sqlite anyway... ;) -jdb - To unsubscribe, send email to [EMAIL PROTECTED] - - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
Even better - name the temp file prefix msaccess_ and no one will dare touch it or question it. - Original Message From: James Berry <[EMAIL PROTECTED]> To: sqlite-users@sqlite.org Sent: Tuesday, October 31, 2006 6:14:11 PM Subject: Re: [sqlite] SQLite and McAfee Anti-Virus On Oct 31, 2006, at 2:24 PM, [EMAIL PROTECTED] wrote: > only people in > the know will figure out 'sqlite' is 'etilqs' backwards and, as you > point out, You're assuming that Google won't find this thread, which is now public record. Soon a search for (that new word) will get back to sqlite anyway... ;) -jdb - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: http://www.sqlite.org/cvstrac/tktview?tn=2049 Does anybody have an suggestions on how I might deal with this? Does anybody know how I can get in touch with an engineer at Mcafee so that we can at least change the names of the files in future releases? i think you should hack the source to detect a macafee install and, if detected, to name all temp files starting with macafee. Cute. But I decided to take a less confrontational approach. After sending my email I realized the blame is partly with me because SQLite is putting is own name on TEMP files. I changed this so that the prefix is now "etilqs_" instead of "sqlite_". That should help head off future troubles. Now, I just have to figure out how to get Mcafee to upgrade to the latest version of SQLite and recompile -- D. Richard Hipp <[EMAIL PROTECTED]> You might write to the new, interim CEO of McAfee, Board Member Dale Fuller and enlist his help. Fuller is a former CEO of Borland. I would agree with you that in these matters you definitely catch more flies with honey than with vinegar. - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
With the bigger companies, like McAfee, the phone support people are often not employees at the companies they represent. Phone support these days is largely outsourced. The first level tech you get usually does triage from a script. If you get to a second level (or higher) tech, they are more likely to actually do some work. And it depends a LOT on the individual you get. I'm certain McAfee outsources their support. -Clark - Original Message From: Clay Dowling <[EMAIL PROTECTED]> To: sqlite-users@sqlite.org Sent: Tuesday, October 31, 2006 1:41:36 PM Subject: Re: [sqlite] SQLite and McAfee Anti-Virus Actually, just by following the links on your web site I was able to find a forum post from a McAfee employee suggesting that they were going to change the naming of the temp files, or were at least considering it. Check the last message in the forum posting that you have linked from the wiki page about the McAfeeBug. One of the chief problems that you're running into is that people in general can't or won't troubleshoot problems to determine a root cause (I'm certainly guilty of this). Additionally, the McAfee phone support people don't seem to be aware that their program is generating these files, probably because any poor soul stuck on phone support is fairly new to the company and the product. Phone support in any company has a high turnover. Clay Dowling [EMAIL PROTECTED] said: > I need advice from the community. The problem > is seen here: > > http://www.sqlite.org/cvstrac/tktview?tn=2049 > http://www.sqlite.org/cvstrac/tktview?tn=1989 > http://www.sqlite.org/cvstrac/tktview?tn=1841 > http://www.sqlite.org/cvstrac/wiki?p=McafeeProblem > > It appears that McAfee Anti-Virus uses SQLite internally, > and it leaves lots of files in C:/TEMP that contain > SQLite in their names. This annoys many windows users. > They get on Google and search around for "sqlite" and > find me. Then they send me private email or call me at > my office or on my cellphone to complain. Many refuse > to believe that I have nothing to do with the problem > and I am accused of spreading a virus or malware. > > My efforts to contact Mcafee about this problem have > been unfruitful. > > Does anybody have an suggestions on how I might deal > with this? Does anybody know how I can get in touch > with an engineer at Mcafee so that we can at least > change the names of the files in future releases? > > -- > D. Richard Hipp <[EMAIL PROTECTED]> > > > - > To unsubscribe, send email to [EMAIL PROTECTED] > - > > -- Simple Content Management http://www.ceamus.com - To unsubscribe, send email to [EMAIL PROTECTED] - - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: I need advice from the community. The problem is seen here: http://www.sqlite.org/cvstrac/tktview?tn=2049 http://www.sqlite.org/cvstrac/tktview?tn=1989 http://www.sqlite.org/cvstrac/tktview?tn=1841 http://www.sqlite.org/cvstrac/wiki?p=McafeeProblem It appears that McAfee Anti-Virus uses SQLite internally, and it leaves lots of files in C:/TEMP that contain SQLite in their names. This annoys many windows users. They get on Google and search around for "sqlite" and find me. Then they send me private email or call me at my office or on my cellphone to complain. Many refuse to believe that I have nothing to do with the problem and I am accused of spreading a virus or malware. My efforts to contact Mcafee about this problem have been unfruitful. Does anybody have an suggestions on how I might deal with this? Does anybody know how I can get in touch with an engineer at Mcafee so that we can at least change the names of the files in future releases? How did you try to contact McAfee? Did you address your request to McAfee corporate or to the McAfee General Counsel? I would expect that those people would have a special interest in intellectual property matters and be aware of the downside of bad publicity and selling software which has an important open source component. They would also have the clout within the organization to have the product changed post haste. At the moment McAfee is in a sensitive position, having just been trapped in a $622 million accounting fraud and been fined $50 million. The McAfee Chairman and CEO George Semanuk and President Kevin Weiss have both been fired. The new management is in cleanup mode, and should be amenable to change. - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: Dennis Cote <[EMAIL PROTECTED]> wrote: Roger Binns wrote: The usual approach is to write a web page about it and then publish a story on Slashdot. I have to second this idea. It worked well for Poul-Henning Kamp. OK. Thanks everybody for your support. But let's try to de-escalate this just a bit. I've checked in changes so that the default temp-file name for SQLite no longer has an "sqlite_" prefix. And so if I can just get in touch with responsible developers at McAfee and get them to recompile, or better yet, recompile with -DTEMP_FILE_PREFIX="mcafee_" then I think the problem will be solved. And I have received private email from a former McAfee employee who is hopeful of being able to put me in touch with the right person. The phone-call frequency is not currently that bad. I've only talked to two irate Mcafee customers so far today. I can deal with that. I just want to make sure the phone-call rate doesn't grow. And so if I can get new builds of Mcafee products to use the latest version of SQLite, or to use the TEMP_FILE_PREFIX compile-time option shown above, then the problem will eventually dissipate. No need to call in a preemtive Slashdot bombardment just yet. Let's give diplomacy a chance... despite my initial sarcasm i do feel this is by far the best approach - just obfusicate the issue with a little (configurable) renaming. only people in the know will figure out 'sqlite' is 'etilqs' backwards and, as you point out, a compile option to override should leave no one any room to complain. a simple, elegant, non-confrontational solution to be sure. -a -- my religion is very simple. my religion is kindness. -- the dalai lama - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
Dennis Cote <[EMAIL PROTECTED]> wrote: > Roger Binns wrote: > > > > The usual approach is to write a web page about it and then publish a > > story on Slashdot. > > > I have to second this idea. It worked well for Poul-Henning Kamp. > OK. Thanks everybody for your support. But let's try to de-escalate this just a bit. I've checked in changes so that the default temp-file name for SQLite no longer has an "sqlite_" prefix. And so if I can just get in touch with responsible developers at McAfee and get them to recompile, or better yet, recompile with -DTEMP_FILE_PREFIX="mcafee_" then I think the problem will be solved. And I have received private email from a former McAfee employee who is hopeful of being able to put me in touch with the right person. The phone-call frequency is not currently that bad. I've only talked to two irate Mcafee customers so far today. I can deal with that. I just want to make sure the phone-call rate doesn't grow. And so if I can get new builds of Mcafee products to use the latest version of SQLite, or to use the TEMP_FILE_PREFIX compile-time option shown above, then the problem will eventually dissipate. No need to call in a preemtive Slashdot bombardment just yet. Let's give diplomacy a chance... -- D. Richard Hipp <[EMAIL PROTECTED]> - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
Roger Binns wrote: [EMAIL PROTECTED] wrote: Does anybody have an suggestions on how I might deal with this? The usual approach is to write a web page about it and then publish a story on Slashdot. That will get the requisite people's attention as well as ensuring highly prominent search results for anyone looking for it in the future. It will also draw attention of other people who use SQLite internally to ensure they do have the same problem. Roger I have to second this idea. It worked well for Poul-Henning Kamp. He published an open letter (http://net127.com/2006/04/07/open-letter-to-d-link-about-their-ntp-vandalism/ ) to Dlink on 2006-04-07 which was linked to from many sites such as slashdot, the register, and digg. He and Dlink reached an amicable agreement on 2006-04-27 ( http://people.freebsd.org/~phk/dlink/ ). Sometimes bad publicity and pressure from a lot of potential customers is very persuasive to a commercial enterprise. Dennis Cote - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: Now, I just have to figure out how to get Mcafee to upgrade to the latest version of SQLite and recompile I posted a summary to Slashdot, so hopefully it won't be too hard. I hope you're not offended but I was rather annoyed that a company which is using your library isn't taking care to keep *their* users off *your* back, especially when this problem has been reported on their forums for (IIRC) over 18 months. Martin - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] said: > Now, I just have to figure out how to get Mcafee to upgrade > to the latest version of SQLite and recompile I think you need to contact this fellow: David Juche Development Manager McAfee Master Installer/Download Manager I don't have an email address, but you can probably look it up, or even call the company switchboard and ask for him. If you tell him who you and what you do he's probably going to listen. Clay Dowling -- Simple Content Management http://www.ceamus.com - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
Actually, just by following the links on your web site I was able to find a forum post from a McAfee employee suggesting that they were going to change the naming of the temp files, or were at least considering it. Check the last message in the forum posting that you have linked from the wiki page about the McAfeeBug. One of the chief problems that you're running into is that people in general can't or won't troubleshoot problems to determine a root cause (I'm certainly guilty of this). Additionally, the McAfee phone support people don't seem to be aware that their program is generating these files, probably because any poor soul stuck on phone support is fairly new to the company and the product. Phone support in any company has a high turnover. Clay Dowling [EMAIL PROTECTED] said: > I need advice from the community. The problem > is seen here: > > http://www.sqlite.org/cvstrac/tktview?tn=2049 > http://www.sqlite.org/cvstrac/tktview?tn=1989 > http://www.sqlite.org/cvstrac/tktview?tn=1841 > http://www.sqlite.org/cvstrac/wiki?p=McafeeProblem > > It appears that McAfee Anti-Virus uses SQLite internally, > and it leaves lots of files in C:/TEMP that contain > SQLite in their names. This annoys many windows users. > They get on Google and search around for "sqlite" and > find me. Then they send me private email or call me at > my office or on my cellphone to complain. Many refuse > to believe that I have nothing to do with the problem > and I am accused of spreading a virus or malware. > > My efforts to contact Mcafee about this problem have > been unfruitful. > > Does anybody have an suggestions on how I might deal > with this? Does anybody know how I can get in touch > with an engineer at Mcafee so that we can at least > change the names of the files in future releases? > > -- > D. Richard Hipp <[EMAIL PROTECTED]> > > > - > To unsubscribe, send email to [EMAIL PROTECTED] > - > > -- Simple Content Management http://www.ceamus.com - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: > On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: > > > > http://www.sqlite.org/cvstrac/tktview?tn=2049 > > > > Does anybody have an suggestions on how I might deal > > with this? Does anybody know how I can get in touch > > with an engineer at Mcafee so that we can at least > > change the names of the files in future releases? > > i think you should hack the source to detect a macafee install and, if > detected, to name all temp files starting with macafee. > Cute. But I decided to take a less confrontational approach. After sending my email I realized the blame is partly with me because SQLite is putting is own name on TEMP files. I changed this so that the prefix is now "etilqs_" instead of "sqlite_". That should help head off future troubles. Now, I just have to figure out how to get Mcafee to upgrade to the latest version of SQLite and recompile -- D. Richard Hipp <[EMAIL PROTECTED]> - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: > > My efforts to contact Mcafee about this problem have > > been unfruitful. McAfee aren't playing fair. :( How about putting that explanation on a page on your site with a link to the support at McAfee so they can complain directly to the real culprits? I suppose this is the sort of thing Slashdot and The Register like to write about? ;) Martin - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
On Tue, 31 Oct 2006 [EMAIL PROTECTED] wrote: I need advice from the community. The problem is seen here: http://www.sqlite.org/cvstrac/tktview?tn=2049 http://www.sqlite.org/cvstrac/tktview?tn=1989 http://www.sqlite.org/cvstrac/tktview?tn=1841 http://www.sqlite.org/cvstrac/wiki?p=McafeeProblem It appears that McAfee Anti-Virus uses SQLite internally, and it leaves lots of files in C:/TEMP that contain SQLite in their names. This annoys many windows users. They get on Google and search around for "sqlite" and find me. Then they send me private email or call me at my office or on my cellphone to complain. Many refuse to believe that I have nothing to do with the problem and I am accused of spreading a virus or malware. My efforts to contact Mcafee about this problem have been unfruitful. Does anybody have an suggestions on how I might deal with this? Does anybody know how I can get in touch with an engineer at Mcafee so that we can at least change the names of the files in future releases? i think you should hack the source to detect a macafee install and, if detected, to name all temp files starting with macafee. alternatively, setup call forwarding to their number. then they'll call you ;-) -a -- my religion is very simple. my religion is kindness. -- the dalai lama - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
[EMAIL PROTECTED] wrote: Does anybody have an suggestions on how I might deal with this? The usual approach is to write a web page about it and then publish a story on Slashdot. That will get the requisite people's attention as well as ensuring highly prominent search results for anyone looking for it in the future. It will also draw attention of other people who use SQLite internally to ensure they do have the same problem. Roger - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] SQLite and McAfee Anti-Virus
On 01/11/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: My efforts to contact Mcafee about this problem have been unfruitful. Does anybody have an suggestions on how I might deal with this? You could trademark the name SQLite and have a lawyer send them a letter. Companies respond much better to that than polite conversation. -- David - To unsubscribe, send email to [EMAIL PROTECTED] -