On March 21, 1991, I stopped using Norton’s security programs.
But I like to see what the dark side is up to, so I recently switched back to Norton. And I’m really happy I did.
Of course, knowing how you always like to hear the dirt, I’ll tell you the back story.
It was at the March 21, 1991 user group meeting that a Norton rep was showing off the company’s latest antivirus program. “Give these a spin,” I said, handing the guy doing the demo a floppy disk filled with live viruses.
Not an unreasonable request, I thought. But that’s just me.
He avoided making eye contact, wouldn’t look at the floppy, and said “no.” That’s it. To a roomful of 350 computer users. “No.”
One of the biggest burdens of being a Windows user is the responsibility of protecting yourself against viruses, spyware, and other threats–attacks which increasingly aim to steal personal information and money rather than just annoy you. And one of the biggest burdens of protecting yourself from these attacks has been the degree to which security software can be problematic itself. Symantec and Trend Micro are both announcing new versions of their software today with a focus on providing security that you can welcome onto your computer–and, better yet, largely ignore once it’s there–rather than stress over.
Symantec’s Norton products once had particularly bad reputations for being a resource-sapping, in-your-face hogs. The company has spent the past couple of years paying penance by reducing the load that new versions put on your system and the demands they place on your attention. It says that its 2011 editions are faster than both their predecessors and its competition, and that it’s reduced the number of alerts they’ll bother you with. They also snitch on other programs, via System Insight, a feature that monitors running applications and identifies ones which may be bogging you down.
Symantec’s Norton product line has been all but synonymous with utilities designed to fix PC problems since Peter Norton himself wrote some of the first utilities shortly after the IBM PC was released in 1981. Now the company’s announcing a big initiative to bring its software and services to devices other than Windows PCs and Macs–phones, set-top boxes, and just about anything else that connects to the Internet. It’s calling its plans Norton Everywhere, and they involve a variety of new releases.
Symantec, which rolled out Norton Online Backup as a standalone service earlier this year, is giving it a major overhaul that adds a bunch of attractive features and fixes some limitations of the original version.
The new version supports Macs as well as PCs for the first time. It can back up files even when they’re open and in use (a pretty basic feature that the previous iteration lacked) and it now keeps 90 days’ worth of old files so that you can roll back to a previous version if need be. You can now search for those old files as well as browse for them, can restore them to the original computer or any other system, and send them by e-mail.
The folks at Symantec have looked right past the artistic intent behind Lose/Lose, a computer game that deletes your files every time you shoot an alien, because they’ve just classified the game as a Mac Trojan.
Lose/Lose is described by its creator as “a game with real life consequences.” It’s a standard space shooter in the spirit of Galaga, except that each alien is assigned to a file on your hard drive. Blast the alien, and the file is gone forever, for real. Getting hit by an alien crashes the game, never to be played again. Here’s what creator Zach Gage says about the project:
By way of exploring what it means to kill in a video-game, Lose/Lose broaches bigger questions. As technology grows, our understanding of it diminishes, yet, at the same time, it becomes increasingly important in our lives. At what point does our virtual data become as important to us as physical possessions?
When I read about the game on Make a couple months ago, I chuckled at the concept, watched the video and wisely skipped trying the game for myself.
Symantec, on the other hand, dubbed the game a Trojan, gave it a name (“OSX.Loosemaque”) and created a threat assessment. Most amusing is how Symantec employee and blogger Ben Nahorney acknowledges Gage’s intent: “What’s interesting is that the author of this ‘game’ flat-out says what it does on his Web site,” Nahorney writes. “Reading through the author’s description, it seems that he has created this game/threat as some sort of artistic project.”
Still, Nahorney follows with a valid point, that someone with truly bad intentions could modify Lose/Lose’s code and distribute a game that doesn’t pronounce its file-deleting capabilities outright. So next time you download some obscure, simplistic alien-shooting game from the Internet, consider yourself warned.
Last month, Symantec released Norton Internet Security 2010 and Norton Antivirus 2010, updated versions of its venerable Windows security packages. They incorporated a new approach to threat detection–Symantec calls it Quorum–which attempts to increase accuracy and reduce resource-hogging tendencies by gauging the reputation of files based on data collected from the millions of folks who run the company’s software. (The reputation of a core Windows file that didn’t do anything suspicious would be high; the reputation of a file which Quorum hadn’t seen before which appeared to be behaving in a dangerous manner would be low.)
Today, Symantec is releasing a free beta version of Norton 360 4.0, the next release of its suite which includes both security and management tools such as backup and PC tuneup tools. It’s the first version of Norton 360 with Quorum, and in conjunction with today’s releasing, Symantec is touting recent test results for Norton Internet Security 2010 from third-party labs. The UK-based Dennis Technology Lab tested ten security products and gave Norton alone a perfect score; it also did well in recent testing by AV-Comparatives.org and AV-Test.org. (I’m not an expert on the relative strengths of independent security labs’ testing techniques, but I know that AV-Test knows their stuff and tells it like it is–they’re the lab we worked with back when I was at PC World.)
Whenever I mention Norton security products, I’m used to PC users reflexively accusing them of being in-your-face annoying and sapping precious system resources to an absurd level. Symantec clearly heard the gripes, too–the changes in both last year’s Norton 2009 products and this year’s Norton 2010 ones emphasis a general reduction in intrusiveness, and much of the advertising is devoted to conveying that it’s changed its ways. But computer users have memories like elephants, and I suspect that some will continue to look askance at Norton for years to come even if Symantec’s cleaned up its act.
So here’s a question for folks who are running any 2009 or 2010 version of any version of Norton security: How’s it treating you?
It’s not a gross exaggeration to say that without short URLs from services such as Bit.ly and TinyURL, Twitter might not have become the sensation that it is. They enable the sharing of interesting links and photos and generally let the service transcend its 140-character limit. But they also bring some major gotchas, such as the possibility of your links breaking if the short URL provider goes out of business or simply loses interest.
Another basic problem with short URLs: They can be dangerous. The very idea behind them is that they’re short (and therefore cryptic) but can redirect you to any URL. But the URLs they redirect to can send you to malware-infested sites–and since you see the short URL rather than the real one, you don’t have the opportunity to inspect the address for tell-tale signs that it’s risky.
If you can see the real URL before you click, there’s a very good chance you’ll figure out it’s not something you want to visit. Which is part of why many third-party Twitter apps (such as Seesmic) let you preview the true URL. Weirdly, Twitter itself only provides this capability in its search.twitter.com feature, via “expand” links (which don’t appear next to all short URLs–you don’t get them with Digg links, for instance).
Seems to me that it would be fairly simple for Twitter to make short URLs a whole lot more useful and a whole lot less insecure. Here, I’ll map out a course of action:
1) Twitter should launch its own URL-shortening feature*. (Currently, it uses Bit.ly as its default service.) It’ll tick off every third-party shortener and probably drive most of them out of business, but the benefits to Twitter users will ultimately be worth it. If Twitter itself controls the short URLs, they’ll work for as long as there’s a Twitter, and the company will gain the ability to make them better than existing ones.
2) It should institute a short-URL expansion feature throughout the site–and instead of making you click an “expand” link, it should autoexpand them so the short link never appears. If users need to take the extra step of clicking to see the real link, they may or may not bother–but if the real one is staring them in the face, many questionable URLs will be manifestly obvious. (And some scammers probably won’t even bother to try and do their dirty work via Twitter.)
3) It should put the real URLs that short URLs point to through a malware-detection feature along the lines of ones that are now standard in Web browsers. If a real URL looks suspicious, Twitter shouldn’t permit it to be turned into a short URL in the first place. (Again, doing this should not only foil malware links that do get through, but should discourage scammers from bothering in the first place.)
*If Twitter is really worried about destroying third-party URL shorteners, it could accomplish most of the above without launching its own service, by launching an API (with malware detection and other enhancements) that other URL shortener can take advantage of. Even if it does create its own service, it needs an API so that third-party Twitter clients can bring all of its goodness to their users.
The above game plan would require some time and money, but if Twitter’s ambition is to be the pulse of the planet, it’s going to be responsible for taking actions that make it harder for the bad guys to screw things up for the good guys. And if the company really has a hundred million bucks to play with, it should throw a little of the dough towards solving this problem once and for all.
Last week, I published the results of a little survey about Mac security that showed that the respondents, at least, are a pretty blasé bunch compared to their Windows-using friends. With the exception of firewall software–which comes built into OS X–the vast majority of survey respondents said they’re not running security software on their Macs, and don’t spend much time fretting about threats.
Symantec hopes that there’s a critical mass of Mac users who are security-minded enough to make its new Norton Internet Security 4 for Mac successful. The suite, which was announced today, is a Mac edition of a prominent Windows package. But Symantec has intelligently shifted the product’s emphasis when bringing it to OS X.
For the past eleven days or so, I’ve spent a meaningful amount of my computing day in Windows 7. It’s very much a rough draft of the operating system that will eventually ship: It’s missing major features and a meaningful percentage of the apps I’ve tried to use wouldn’t even install. Even so, I’ve been enjoying the experience. The preview version boots up quickly. It’s surprisingly stable. Best of all, it’s the most mellow and dignified Windows environment I’ve used in a long time, thanks to its minimization of pushy notifications and new tools for managing the System Tray and other venerable sources of Windows annoyances.
It’s been months since I’ve seen a good story about the battery inside a gadget spontaneously bursting into flames. So today’s news of Nanos overheating (again!) manages to make the top of the T-List. Continue reading this story…
On March 21, 1991, I stopped using Norton’s security programs.
The folks at Symantec have looked right past the artistic intent behind Lose/Lose, a computer game that deletes your files every time you shoot an alien, because they’ve just classified the game as a Mac Trojan.
It’s not a gross exaggeration to say that without short URLs from services such as Bit.ly and TinyURL, Twitter might not have become the sensation that it is. They enable the sharing of interesting links and photos and generally let the service transcend its 140-character limit. But they also bring some major gotchas, such as the possibility of your links breaking if the 
Last week, I published the results of a little survey about Mac security that showed that the respondents, at least, are 
For the past eleven days or so, I’ve 
It’s been months since I’ve seen a good story about the battery inside a gadget spontaneously bursting into flames. So today’s news of Nanos overheating (again!) manages to make the top of the T-List.
By Steve Bass | Posted at 2:14 pm on Thursday, September 23, 2010
24 Comments