Time to ask again for what I've been asking for for years and years to no avail? Ok then, specifying once again that I've been using BD since version 7 and keep being frustrated at the reduction of user control started in version 10 (launch: 2006) and brought to utterly intolerable heights (or lows, more like it) with BD2012 (launch: 2011), so I'm stuck with BD2011 (gave 3 chances to BD2013 so far, but each time... no... some useful features, but overall just unusable) and consider switching to something else once my current license will expire more than ever, here goes:
1. Solid code, smooth out bugs BEFORE final release, be careful with the updates, low resource use.
2. Complete and easy user control. Having "autopilots" and "proper actions" and so on is well and good for those who don't want to bother, but let people who know what they want to happen on their computers easily customize and make choices, every single one of them if they want to.
1. Short list from memory of major BD issues so far (all but first and the incompatibility issues experienced personally):
- Moving all exes and dlls on 64-bit systems to quarantine.
- Putting system in a BSOD/reboot cycle.
- Causing BSODs during high speed transfers of multiple files.
- BD processes using up a full CPU core constantly.
- Extreme system slowdown.
- Blocking programs from running as administrator.
- Blocking chkdsk from running on startup.
- Incompatibility with known programs (ex: Wikipedia lists AutoCAD, and I know of an accounting program called SAGA that BD won't let save the work done).
- Faulty updates that break the program in various ways.
- False positives that, coupled with automatic actions, require reinstalls of other legitimate programs or even cause data loss.
- BD having issues and generally requiring a reinstall after IE is updated to a new version.
- Browser (and possibly other programs) occasionally hanging and possibly requiring a hard reboot of the system if a tab is closed (possibly opened as well, was never quite sure) just as BD updates (ongoing issue, for many versions).
And I'm sure I missed some. So before you release (or update!) something, test it, very very thoroughly! It's an antivirus ffs, a core system component that can make or break almost as much as the operating system itself, so act like you're aware of the responsibility for once! And, of course, also go for as small a resource footprint as possible, likely in CPU use over RAM if it comes to that choice.
2. I said full user control, so:
- Allow user to select which modules to even install.
- Allow settings to be made even during install, so program won't run in default mode at all if the user doesn't want it.
- If any threats are found during the install scan, inform the user of them and allow undoing the actions taken.
- Put back the "prompt" setting for pretty much anything and everything, and make the prompts informative (exactly what it found, where, what it thinks should be done, link to further info if available) and the answers highly customizable (further explanations below).
- Allow customization of automatic actions as specifically as possible, not just enabling or disabling of entire modules.
- Let the user customize the warnings, individually. Have a menu somewhere with all possible notifications, grouped for ease of access, and allow setting for each as critical (red, possibly a baloon warning, specified when mousing over the icon), notify (yellow, just number listed when mousing over icon, as it is now, need to open console to see details) and off.
- Allow customizing of the list of sites on which links are scanned. So instead of what it is now with what BD thinks are search engines and in newer versions Fb and Twitter, allow user to add or remove sites from the list and determine where the links to scan are on page (imagine this works by looking for div ids?).
- Add a context menu option to "scan target". If I had this, I'd remove all URL auto-scanning which takes up resources completely unnecessarily 95% of the time and just use it when there's a link I want to follow but I'm unsure about (most notably for short URLs). Not that the link scanning is of much use either way if you have HTTP scanning, but can't hurt if it'll be made on demand and not auto.
About prompts, if user selects that option:
1. On-access scan thinks it found something? If I pick "prompt" as action in that case, temporarily block access to the file until I answer, ask me what to do about it and allow me, from the prompt itself, to determine whether that action is to be taken just then or a rule is to be created. If I say make rule and choose to have the supposed threat ignored, allow me to put that file or even the whole folder it's in in exclusions right from the prompt, and maybe also allow ignoring the threat if it'll be found again on any other file. (If not ignored, rule can only apply to threat, obviously, because the file will be cleaned/deleted/moved and therefore a file rule will become irrelevant.)
2. On-demand scan thinks it found something? If unattended, log and ask what to do about it when the whole scan process is done, but also make the notification about infected / suspicious files clickable to allow me, if I'm at the computer at the time, to decide what to do about it sooner. And, of course, also allow rules to be created, so if I don't want to be asked again after the first time it finds something I can set the desired action as a rule right away and the next time I'll only be asked about new things.
3. Behavioral access modules, same. At least that currently works more or less fine even in 2013, if you make sure to click to be warned before taking action, but at this rate I fear you'll remove that option too. So, prompt for this too and decide whether you want your answer to apply just then or to be made into a rule.
4. Biggest peeve: Firewall detects a connection attempt?
- Give me all the info you can about it, including both IP and URL of destination if at all possible and whether that program is confirmed safe (scanned, signed, verified, whitelisted) or not, ask me what to do and let me customize the answer right away, starting from whether I want it to apply just to that connection attempt or I want a rule to be created, not always create rules!
- If I do say create rule, allow to immediately, from the popup, select generic (applies to all connections made by that program, period), strict (applies only to that program, called from that same other program, if applicable, with those parameters, to that destination, on that port, etc.) and custom.
- If I pick custom, apply my answer (allow or block) just to the current connection attempt so it won't be delayed even longer and open the advanced firewall rule window with all info for a strict rule (taken from the current attempt) filled in and allowing me to remove or modify whichever conditions I want.
- Also, for all custom firewall rules, allow multiple choices (such as for protocols, ports, destinations...), so user won't need to create several rules for the same program if, for example, it should be allowed to connect / blocked from connecting to several, but not all, hosts.
- Also, allow the creation of a generic rule for all connections to localhost (localhost, 127.0.0.1, possibly 0.0.0.0, specific current IP (not set by user, checked by BD each time), either IPv4 or IPv6 and whatever else may apply, if anything), possibly with customizable port/protocol details if anyone wants to be more specific.
Hm, probably the most complete list I put up yet, and I do believe a fair bit less angry than when I started ranting about this over the years in messages after noticing issues or contacting support for other problems. Now, how about it?
All Time Leaders
- 1.8K All Categories
- 777 Windows
- 87 Mac
- 329 Mobile Security
- 214 VPN
- 274 Central & Subscriptions
- 311 Other Products & Services
- 70 Security Research Team
- 121 Product features and Ideation
- 109 Enterprise Security
- 557 General Topics
- 138 News & Blogs
- 4.8K Home & home office protection
- 24.2K Old forum topics