Software Programs, Technology Security

How Good is Your Computer Security Product?

Symantec's advertising on airports and mallsGerry Egan, Sr. Director of Product Management, presented Making Sense of 3rd Party Efficacy Tests to Next@Norton attendees. He pointed out that every security product has a different set of protection features, and many focus on just one aspect of protection. That gives you with a false sense of security and leaves you vulnerable to other threats.

When buying software, we all depend on reviews and the results that come out of testing labs before we purchase. A Consumer?s Reports approach to buying software. The presentation was about the reliability of software that purports to protect us from threats to our computer. Egan began the discussion on finding the "best" security product with file-based testing that looks for malware already in residence on the computer. He said that many traditional tests are no longer even relevant. An on demand file scan test is comprised of a preset number of problems. The product that unearths the most planted problems is declared the winner. But what does that really prove?

A virus checker, although important, isn?t all you need. A clever display at a local Fry?s illustrated that viruses come in many forms, and hand sanitizers, though popular, aren?t the only answer.

A product?s ability to block real-world attacks introduced via actual infection vectors isn?t measured correctly when scanning files using old fingerprints with no cloud connection. Labs should test against real world conditions, where users are surfing the web, receiving emails, and inserting thumb drives, all of which are sources of threat.

Egan?s opinion was that when a security product is installed on a machine that has already been infected, it should clean up the infected computer. He developed a check list that showed just how thorough a product test should be, including the ability to repair any damage it finds. It should also cover a broad spectrum of potential problems.

Norton takes a comprehensive approach to security. Yes, it includes file based virus checking, but their products also take into account the expanding capabilities of hackers. Norton considers network susceptibilities and measures the reputation of websites. Just as an individual is judged on their behavior, what the malware does is of critical importance. Norton?s Sonar (Symantec Online Network for Advanced Response) is a product directed at analyzing the processes in place to ascertain the behavior aspect of malware.

Threats come from multiple sources, don't depend on one approach to protect you
Threats come from multiple sources, don?t depend on one approach to protect you

Symantec’s products rank high, in fact are rated Excellent in recent lab tests, along with avast! which offers a free anti-virus package as a carrot, and F-Secure which duplicates Norton?s product title, Internet Security 2011, in its own offerings. Each of these products have detractors. Cnet reported in April that Avast had acknowledged a false positive glitch in an update which was automatically rolled out to their AV users. The bug flagged legitimate websites as being infected with malware.

How to  evaluate the testing procedure used on security products
How to evaluate the testing procedure used on security products

Sonar also came with problems of its own. Some showed up in the gaming environment. Notably, Gamemaker 8.1 and Torque Game Engine?s torqueDemo.exe which Sonar would delete. World of Warcraft came upon a conflict as well when Sonar wouldn?t let users download a patch. As one post noted: "The patch just came out, SONAR recognizes that few people (with Norton) have downloaded the file, so it blocks it." This highlights a good reputation checking by Sonar, but in this case it tripped itself up when coming upon a legitimate situation.

You discuss hot topics and tell Semantec what you think at Norton Community
You discuss hot topics and tell Semantec what you think at Norton Community

Blogs and forums not only highlight product failings for consumers, but provide the related company with valuable feedback that enables them to address and, hopefully, improve their products. One such forum sponsored by Semantec itself is Norton Community where you can question, discuss, register kudos or complaints, and even apply to be a pre-release tester of upcoming products.

The website offers free 30 day trials of their products. You can view a video on how to download, install and activate their products. There is a check list which helps you decide which product you need: Norton Utilities, On-Line Backup, Anti-Virus 2011, Internet Security 2011, or Norton 360 Version 5 which is their suite. There are similar offerings for the Mac. If you are not a DIY person, for $39.99 a Semantec employee will basically come to your home via the internet, connect to your PC, then install and configure your chosen Norton product to fit your specific needs.

When selecting an anti-virus, threat finding software, use caution. Many pop up ads, come-ons, and video demonstrations offered on line, are simply finely disguised malware themselves.