The infamous "ERAC lies about the client's status" bug

[mauricev]

The clients window often lies about the state of the clients. The most notorious example occurs when a system hasn't checked in for some reason but ESET psychically knows the system is secure



Most of the time, though not all, ERAC neglects to the list the last known threat on a system. For example, here's a threat in the threat log



but the main client window has no idea

[SmackyTheFrog]

Uh, that's just the way the product works. Protection status is an alert to the kernel being running but certian components (real time scanner, email, whatever) not functioning correctly or in an inconsistent state. Its not like the console can report the status of the AV engine on a client that is powered down, and a computer being off is hardly an error condition in most all situations. The last threat alert column in the clients tab is only for threats that were unable to be cleaned automatically and likely require manual intervention.

[mauricev]

Quote:

Originally Posted by SmackyTheFrog

Uh, that's just the way the product works.

Otherwise known as a bug. Untrue statements count as bugs in my book.

Quote:

Originally Posted by SmackyTheFrog

Its not like the console can report the status of the AV engine on a client that is powered down,

Of course it can...

Code:

Protection Status is Unknown. Client hasn't checked in xx days

See, that's not hard.

Quote:

and a computer being off is hardly an error condition in most all situations.

Except ERAC doesn't know it's off, only that it hasn't checked in and therefore its protection status is unknown.

Quote:

The last threat alert column in the clients tab is only for threats that were unable to be cleaned automatically and likely require manual intervention.

Another bug. It could then say in the main client window

Code:

Last Unresolved Threat Alert

Rather, it should probably give the last threat, resolved or not.

but right now, it's says Last Threat Alert and it's blank, which makes it untrue and that makes it a bug. I think I mentioned that.

[SmackyTheFrog]

Oh boy.

Bugs are features that do not function correctly. You can't just walk in to a product without reading the documentation on how it functions and declare everything you disagree with a "bug". That's asinine considering the function of each column and tab is outlined in the help file. Yes, there's room for GUI improvement and ESET does seem receptive to that kind of feedback but lets not go around changing the definition of words to suit our whims.

As for report the state of the system, what you are proposing to resolve that is basically a "EVERYTHING IS FINE" alarm, which is a terrible idea. Clients voluntarily report in their status to the central server, their is no push-polling of clients except when you run a push deployment because network topologies can cause any number of issues with successfully reaching that client. As such, the console only has system state info as current as the last time the client reported in. Since this is security software, the idea would be to alert you to threats or error conditions that need to be addressed because they cannot be automatically corrected. Since a computer being powered off is a completely valid state, and as of the last system report it was secure, I see absolutely no reason why it should not continue to report as such until a real error condition is encountered. And its not like the last time the client reported its status isn't plastered all over the GUI in multiple locations. If you want something to report to you if a system is up or down and why, there are other tools that are correct for the job like hardware/OS SNMP monitoring.

[mauricev]

Quote:

Originally Posted by SmackyTheFrog

Bugs are features that do not function correctly.

Lying to the user does not qualify as functioning correctly.

Quote:

Originally Posted by SmackyTheFrog

As such, the console only has system state info as current as the last time the client reported in.

But it's not doing that. It's saying the system is fine now. The word "is" is present tense. Now I suspect the programmers know English and this bug is simply an oversight. But it's definitely a bug.

Quote:

Originally Posted by SmackyTheFrog

what you are proposing to resolve that is basically a "EVERYTHING IS FINE" alarm, which is a terrible idea

No, I'm proposing they fix the bugs in the report to reflect the truth as best ERAC knows it.

Quote:

Originally Posted by SmackyTheFrog

Since this is security software, the idea would be to alert you to threats or error conditions that need to be addressed because they cannot be automatically corrected.

So they should correct the column title to state, "Last Unresolved Threat". Right now, it's say Last Threat. Those phrases have different meanings. One is true and the other is not.

Quote:

Originally Posted by SmackyTheFrog

And its not like the last time the client reported its status isn't plastered all over the GUI in multiple locations.

Of course, it's telling the truth. No bugs.

[mauricev]

I found another place where ERAC lies.

In the main window, the program tells the truth, the last check was, in fact, 20 minutes ago, but the protection status dialog, it has some nonsense referring to 9 days ago.



The protection features dialog is even more dishonest