PC Tools' Internet Security suite for 2010 gets some things right, and frustratingly drops the ball on others. It's hard not to like the feature set, which is robust, and the recent efficacy badge from Virus Bulletin. However, some of the problems in the suite are glaring and will potentially scare aware users who might otherwise find it a good security tool.
The default landing page should appeal to those who like quick glances to ensure everything is running smoothly. Green checkmarks or red Xes make it easy to see if you're at risk. Drilling deeper down to the settings pages could be better, though. Too often, the plain text felt squished by the chunks of white space on the right, and made it unnecessarily hard to parse logs and fine-tuning controls like the firewall or advanced scan settings.
The performance benchmarks weren't horrible, but they didn't impress, either. Falling somewhere in the middle of its competitors, and notably slow especially on computer start-up times, the suite could be much more nimble. Also annoying is that when held up against most of its competitors, the trial version is noticeably hamstrung. You only get 15 days to make a decision with the suite, and it won't remove any threats it detects.
What PC Tools fans will like is that although two earlier tests by Virus Bulletin this year gave PC Tools Internet Security 2009 failing marks, the first test of the new version passed the test on Windows 7. So for those with new computers, PC Tools' slightly lower price point of $50 for three licenses for its premium product may stand out as a good deal. Read the full review at CNET Reviews.
The feature-rich versions of popular security program AVG have been updated, with AVG Technologies claiming faster scan times, faster boot times, and other under-the-hood improvements. While version 8 introduced a consolidated product line, making those features work better together takes the attention of AVG Internet Security 9 and AVG Anti-Virus 9.
AVG is making some bold claims for these updates. The company is touting scan times that are "up to 50 percent" faster, based on marking files safe until their file structure changes, and boot times that are "10 to 15 percent" faster. Memory usage is also expected to be "10 to 15 percent" better, as well. The built-in firewall, available only in the Internet Security version, uses a new database for automatically determining if certain programs are safe to access the Internet without user input. This trusted database, called TrustedDB by AVG, should be less intrusive by querying for user input 50 percent less often than in the previous version, says AVG. Also, the installation process has been shortened from 22 screens to 11.
There are few wholly new features available in version 9, but an interesting one is the Identity Theft Recovery Unit. Included in AVG Anti-Virus and AVG Free, but only for users in the United States, ITRU is a business partnership with Identity Guard which provides "consumer identity theft solutions." Accessible only from the browser toolbar, which only works in Firefox or Internet Explorer, the service provides "a dedicated identity theft recovery unit with fraud experts," to assist handling, getting and analysing a credit report, enrolling in credit file monitoring, and offering report-filing support.
In hands-on testing last week, I found AVG to be relatively easy to navigate around, although the interface could be simpler. When you click on one of the items in the main window, you must double-click on one of the features to access more information on it. A single click, or even a mouse-over pop-up, would make the experience faster. Before I even ran my first scan, AVG detected icons associated with Pidgin as threats.
AVG 9 looks very similar to AVG 8. Most of the changes are under the hood.
(Credit: Screenshot by Seth Rosenblatt/CNET)Double-checking them against Avira and McAfee revealed those detections as false positives, and when I finally ran the Fast Scan it took longer than 20 minutes. That doesn't compare favorably to competitors, some of which can complete a first Fast Scan in around 60 seconds. I was also surprised to find that Mozilla Thunderbird was not automatically approved to go through the firewall, despite the new firewall trusted database. While the installation process offers to install the browser toolbar for you, it doesn't seem possible to opt out during the installation and then install it later from the AVG interface, a strange oversight.
AVG Internet Security 9 is available for $49.99, and AVG Anti-Virus costs $34.99. Both come with a one-year license and a 30-day trial, although AVG Anti-Virus lacks the firewall, identity protection, antispam, and system tools that come in AVG Internet Security. Fans of the free version of AVG 9 will have to wait a bit longer, as AVG always delays the release of Free until after the full suites have been made public.
Symantec is betting heavily that program behavior is the future battlefront of security and is making a big push in its 2010 security program lineup with a behavioral engine called Quorum.
Take a tour of Norton Internet Security 2010 in this slideshow, and keep in mind that the look is very similar to Norton AntiVirus 2010. The biggest differences between the two include ancillary features, price, and the number of computers supported by one license.
Symantec is betting heavily that program behavior is the future battlefront of security and is making a big push in its 2010 security program lineup with a behavioral engine called Quorum.
Debuting Wednesday, both the basic Norton AntiVirus 2010 and the more robust Norton Internet Security 2010 will use Quorum, which Symantec is calling an advanced security network based both on traditional malware signatures and on reputation for both files and software.
This screenshot is from the Norton Internet Security 2010 beta, though it's not expected to change drastically in the final version. This shows the Norton Insight screen.
(Credit: Screenshot by Seth Rosenblatt/CNET)The Quorum system uses the uniqueness of mutating malware against the threat itself, said Dan Nadir, director of product management for Norton AntiVirus and Norton Internet Security. Multiple variations of a single threat have become a potential risk to the efficacy of definition-based antivirus, so a system like Quorum--in which the unfamiliarity of a new threat becomes the tool by which the threat is neutralized--could drastically improve security programs.
Symantec noted that it hasn't abandoned last year's pledge to improve Norton's performance, and it is keeping the quick scan to about one minute. An in-progress scan conducted with the beta version used about 70MB of RAM, while the program used about 15.5 MB when idle. Symantec also exposes how much memory the program is using in the main pane. Symantec says that in the final version, Norton users should expect to see working memory usage at less than 10 MB, and that the "quick scan" should be completed in 64 seconds.
The Quorum technology is designed to expose system and threat-detection data, so users who want more than just "set-it-and-forget-it" information can customize Norton's responses. The Insight Network incorporates Quorum and uses statistical analysis of file attributes to judge the trustworthiness of a file. Norton Threat Insight provides information on detected threats, such as the URL of a threat. Norton System Insight uncovers system information and can be used to detect system slowdowns. Norton Download Insight uses Symantec's cloud data to determine the safety of a downloaded file before it runs.
The more robust Norton Internet Security includes new enterprise-level antispam algorithms, which Symantec says shouldn't require any "training" from users. These have been incorporated from Brightmail, a company that Symantec bought more than five years ago. Norton Internet Security also includes OnlineFamily.Norton, Symantec's new parental control system, and Norton SafeWeb, which is a search results and e-commerce rating component.
Norton Internet Security 2010 costs $69.99 for a three-PC license, and Norton AntiVirus 2010 is $39.99 for one computer.
Best known for its ZoneAlarm firewall, Check Point Software has announced updates for ZoneAlarm's more full-featured security suites. Available in two versions, ZoneAlarm Internet Security 2010 gives users a robust firewall, antivirus and antispyware, and parental control package for $50, while ZoneAlarm Extreme Security 2010 adds Web browsing protection, system tune-up tools, backup options, and anti-phishing technology for $70.
ZoneAlarm is still best known for its firewall, but it currently offers users much more than that. See what's available in ZoneAlarm Extreme Security 2010, which is similar to but has more features than ZoneAlarm Internet Security 2010.
ZoneAlarm Extreme Security 2010 in picturesZoneAlarm is claiming faster performance in its antivirus and antispyware scans because it has unified them, something that its competitors did awhile back. The company says that users should expect scans to be 80 to 90 percent faster. The Internet Security version lacks access to a free add-on for laptop hard drive encryption, doesn't have keylogger protection, is missing browser-based safeguards, and has far fewer anti-phishing options.
Other features in the Extreme Security edition include an identity protection module to encrypt personal information and alert you when it leaves your computer--as well as helping you set up an eBay fraud report, if you're an eBay user. There are also an outbound e-mail alert, in case your account gets hacked, parental controls, and the browser toolbar for Firefox and Internet Explorer. Unfortunately, the browser protections only work in those two browsers. The toolbar comes with a private browsing option, but it's not entirely clear how it's different from the ones that already come with the host browser.
ZoneAlarm's main interface tucks quick access to key features at the bottom of the left nav.
(Credit: Screenshot by Seth Rosenblatt/CNET)Of course, ZoneAlarm's well-known firewall is included, and after spending half a day with it on a Windows 7 computer I didn't notice any of the usability problems that have notoriously plagued it. That doesn't mean they don't exist, of course, but I didn't experience them on the latest version during a short period of testing.
In terms of threat detection and removal efficacy, independent data isn't available yet for this version. On ZoneAlarm Extreme Security 2009, the program scored better than average but not in the upper percentiles on malware detection, removal, response times, and only average on false positives. In my empirical testing of scan times, I noticed that the quick scan was extremely fast--it took less than 30 seconds. The full scan was fairly quick, too, taking about 20 minutes. The two deep scans that are available scan all data on the computer including archives, and appropriately they both took upwards of 90 minutes.
ZoneAlarm's trial period is shorter by half than its competitors, but if you're looking for brand-name protection ZoneAlarm isn't a bad place to start.
Tell me about your security suite preferences in the comments below.
Norton Internet Security 2010 won't be available for a few more months, but the beta version is available now. In it, Symantec continues to build on the rejiggering it did last year. Built upon the dramatic performance improvements are deeper integration with other security tools like OnlineFamily. Norton, and the new Norton Insight for judging threats by community behavior as well as file definitions.
Symantec released a diagnostic patch for some of its older Norton products on Monday night that did not identify its origin and thus triggered alerts on user firewalls, the company said Tuesday.
The patch for 2006 and 2007 versions of Norton Internet Security and Norton Antivirus, a program dubbed "PFST.exe," (Product Information Framework Trouble Shooter) was distributed to collect anonymous statistics on matters such as how many computers are using the products and what operating system they are running, Jeff Kyle, group product manager for Symantec consumer products, said Tuesday.
Because it was unsigned--a result of human error--firewalls started prompting users with messages asking them if they trust the patch, Kyle said. Of course, because the patch had no signature indicating it was from Symantec, users didn't know whether to trust it and many of them went to the Norton user forum for answers.
The company pulled the patch after three hours and then unwittingly laid the groundwork for conspiracy theorists after it started deleting forum posts related to the matter. The company was not censoring the posts, but fighting off a spam attack, according to Kyle.
"At the same time we were pulling down the patch a spammer created a new account on our forum and minutes after that there were 200 new users all targeting the same thread," he said. "Within the first hour there were like 600 posts to that thread. Obviously it was a bot creating this."
The posts were written with poor grammar and broken English and some were vulgar and nonsensical. It is possible, though, that Symantec could have inadvertently deleted some legitimate posts while it was purging the spam, Kyle said.
"There is no conspiracy theory. There's nothing we are hiding at all," Kyle added.
Meanwhile, Kyle said he isn't sure whether or when Symantec will redistribute the patch, but if they do, he said, it will be signed.
Symantec has more information on its message board site. The Washington Post reported that hackers were exploiting the situation and had managed to get malicious Web sites into top Google search results for "pifts.exe."
Updated 2:45 p.m. PDT with link to forum site and explanation, Washington Post reporting that hackers created malicious related sites that appear in Google search.
Check Point Software Technologies announced Monday it plans to acquire the security appliance business of cell phone giant Nokia.
With the acquisition, the security software maker plans to use Nokia's security appliance business to broaden its footprint in the security appliance market.
Check Point, which is predominately known for its security firewall business, has branched out into the security appliance business over the past five years, beginning with its VPN-1 Edge device.
Nokia's security appliance business currently serves 23,000 customers throughout the world and is already designed to work with Check Point's firewall, virtual private network (VPN), and unified threat management software.
The two companies have collaborated on product development for over a decade, including developing security software for mobile and Internet devices.
For example, Nokia's Internet appliance clustering technology allows groups of VPN and firewall appliances to work together, with an aim toward improving performance and reliability.
The deal is expected to close in the first quarter. Terms were not disclosed.
A new report from the Anti-Phishing Working Group is yet another reminder of the information security threats we all face. This latest publication states that the number of compromised URLs used to distribute malicious code nearly tripled in the 12-month period from July 2007 through July 2008.
This data, along with similar research from McAfee, RSA Security, Symantec, and Trend Micro, demonstrate that the bad guys are taking advantage of the global recession with an increase in attack volume and sophistication. Certainly, security professionals recognize this unsettling trend, and according to ESG Research data, security remains a top IT priority for 2009. Based upon recent activities, it appears the federal government also sees the need for countermeasures.
While insiders seem to see the storm approaching, however, I'm worried about the Internet everyman--"Joe the Online User," if you will. Information security tends to be an esoteric topic sure to bore the pants off friends and neighbors at upcoming holiday parties, but there's more in play than ignorance alone.
I am starting to see a whole bunch of no-name security grifters pitching second-tier products and services with Chicken Little, "the sky is falling" scare tactics. You tend to find these guys are on drive-time radio and entertainment Web sites. I'm not alone in this observation. This week the U.S. District Court in Maryland ordered two fly-by-night companies to stop promoting "scareware" through online advertisements. These pop-up ads would warn Web surfers that their systems had been compromised by viruses, spyware, and even "illegal pornographic content." They were even so brazen as to suggest that users could be investigated or outed as some type of degenerate porn addict. Of course, they were happy to sell you software and services to alleviate the problem.
Unfortunately, there will always be a population of low-down dirtbags willing to take advantage of people's fears and hardships. After September 11 they pitched gas masks; they sold bottled water for $10 a piece following Hurricane Katrina. Given the cybersecurity activity out there, we are bound to see more and more of these security scams. The difference here is that security con artists are preying on fears that users really don't understand. Consumers may get scammed or become cynical--neither of which is good.
We need a focused effort to pull together as a security community, educate consumers, and push for strict punishment of these flimflammers. If not, things can only get worse.
Webroot, the maker of SpySweeper, on Tuesday announced a new security suite for Windows XP and Vista. The product, Webroot Internet Security Essentials (WISE), provides antivirus, antispyware, a personal firewall, along with a few utilities. It includes up to 2GB of online file storage for backup. It does not include Parental Controls.
The product includes Webroot's own Spysweeper and Windows Washer products. Antivirus support comes from a licensing agreement with Sophos. For the personal firewall, Webroot uses a custom version of PWI's PrivateFirewall product. And for online backup, Webroot has partnered with SOS Online Backup.
Priced at $59.95 for up to three users, WISE costs less than Norton Internet Security 2009, but is more expensive than Trend Micro Internet Security 2009 and ZoneAlarm Internet Security 2009. Like Norton, Webroot does provide free online and phone support.
The interface for Webroot Internet Security Essentials should be familiar to existing Webroot SpySweeper users.
