But I like to see what the dark side is up to, so I recently switched back to Norton. And I’m really happy I did.

Of course, knowing how you always like to hear the dirt, I’ll tell you the back story.

It was at the March 21, 1991 user group meeting that a Norton rep was showing off the company’s latest antivirus program. “Give these a spin,” I said, handing the guy doing the demo a floppy disk filled with live viruses.

Not an unreasonable request, I thought. But that’s just me.

He avoided making eye contact, wouldn’t look at the floppy, and said “no.” That’s it. To a roomful of 350 computer users. “No.”

And it was downhill from there.

Over the years, Symantec’s Norton products grew popular; they also became bigger. They leapfrogged over Microsoft Office to obtain, and keep, the bloatware award. Norton products hobbled PCs by hogging computer resources and hard disk space. Like it or not, you got stuck with Live Update, a separate, massive, tool used to keep every Norton program in the world up-to-date — even if you only owned one product.

And when you’d had enough of Norton, you needed special software and a small backhoe to uninstall it. Live Update stayed with you forever.

Symantec shot itself in the foot over and over–and what really fascinates me, is when it had spare time, it did it again.

Why I Switched Back to Norton

It’s always been an open question whether I’m as smart as I look. It’s a question you might be asking, because as I type this, I’m using Norton Internet Security 2011, better known as NIS2011.

I’ve used Kaspersky Internet Security for about four years. I haven’t been happy for the last two. It’s no longer an unobtrusive tool. Its interface has always been confusing; the recent redesign hasn’t helped. It’s a big program and in some spots, thunderously slow.

The upgrade to Kaspersky’s new 2011 version is what killed the relationship: I lost too many brain cells configuring obscure exclusion settings to get a few online programs to work. If I had trouble, I’d guess you might, too.

Of course, synchronicity was waiting in the wings.

Brendon, a decade-long e-mail friend, works for Symantec. Every few months he pitches me to try a Norton security tool. “I’m pestering you about this not because it’s my job (I’m not in product marketing or PR or sales or anything), but because I respect you as an educated power user and would like my product to have a fair shake.”

My argument always starts with one word: bloat.

You’ll like his testy, paraphrased reply.

Oh, that thinking is so 2006!

I’ll admit the products had bad bloat problems in the 2004, 2005, and 2006 variants, and I totally understand the criticism and share in it.

We alienated a lot of the power-user base because of performance problems and focus on the wrong things, and it did a lot of damage to our reputation.

A big change in product management came, and we’ve been very aggressive in attacking performance and footprint, rewriting significant portions.

I was game. It was off with Kaspersky (thanks to Revo Uninstaller) and on with Norton Internet Security 2011.

Norton? I Love Ya

Norton's list of preapproved applications

I’ve had NIS2011 running for over a month, and it’s surprised me. It’s fast and keeps out of my way with no annoying alerts. It also found two embedded backdoor Trojans that Kaspersky missed.

Here are my impressions:

• NIS2011 installed in 57 seconds. Really.

• Every feature — the built-in firewall included — works fine using just Norton’s defaults. No tweaking necessary.

• Programs load faster than with Kaspersky’s Internet Security. I’m guessing that’s because NIS2011 does a Reputation Scan on all the apps on my PC and approves them based on its massive user database of programs.
• NIS2011 recognized and gave every program an A-OK; with Kaspersky, I had to manually set complicated exclusions for four tools (including SugarSync and Dropbox). Kaspersky also needed for me to change permissions in order for a few online apps to run properly, including Java and Firefox. Crazy, no? NIS2011 handled all the apps with no interference.

• In the past, Norton’s update system was a separate app (I hated that), but now it’s integrated into the program. That’s much better. And every few minutes, when the PC is idle, Norton’s LiveUpdate checks and downloads updates quickly and quietly.
  

  Have Trojans? NIS2010 will find them

• On NIS2011′s initial scan, it found two Keygen backdoor Trojans that Kaspersky hadn’t found. To be fair, if I’d tried to run them, Kaspersky would have blocked and removed them, too. But NIS2011 raises my comfort level considerably

• Until I checked the history, I never noticed that NIS2011 automatically does quick scans while my PC is idle. The default is every 10 minutes. Nice.

• Norton has a Web safety component, similar, but much stronger than WOT, that makes sure you don’t land on a malware drive-by page. If you happen to land on a site that’s dangerous, NIS2011 blocks you from accessing it.
• NIS2011 also makes sure the links on your Facebook account are safe.

• NIS2011 shows how much memory and resources are used by running programs; it doesn’t use any resources when it’s not doing anything and about 3 percent while it’s scanning. Bloated? Not at all.
• There are more things to like — paternal controls and anti-spam, for instance — but I’ll leave it to you to explore the other features.

Should You Switch?
If you’re happy with the performance of whatever you’re using, stick with it. Of course, if you’ve been kvetching and need a change, or if the license on your existing security tool is coming up for renewal, consider giving NIS2011 a shot.

And if you’ve had a bad experience with Norton in the past (and who hasn’t?), I’ll tell you first-hand — the current version’s a treat to use.

You can download a 15-day free trial, but don’t run two security programs simultaneously — or even have them loaded at the same time. Make sure to uninstall the program you’re currently using before installing NIS2011.

Amazon has NIS2011 for about $60 for a one-year license for three PCs. (Don’t have three PCs? It’s probably a violation of the license, and I wouldn’t do it, but if you have a buddy…) However, if you have the fortitude to wait for an annoying rebate, Frys.com has the same version for $20 (the deal expires at the end of September).

I can predict the future: You’re going to write and tell me about your favorite security tool. Save your bits and bytes, folks; while I’m always interested in what you have to say (well, okay, not always), I’ve tried nearly every major free and commercial security program there is. I’ve settled on Norton. So there.

[This post is excerpted from Steve's TechBite newsletter. If you liked it, head here to sign up--it's delivered on Wednesdays to your inbox, and it's free.]

Symantec’s Norton products once had particularly bad reputations for being a resource-sapping, in-your-face hogs. The company has spent the past couple of years paying penance by reducing the load that new versions put on your system and the demands they place on your attention. It says that its 2011 editions are faster than both their predecessors and its competition, and that it’s reduced the number of alerts they’ll bother you with. They also snitch on other programs, via System Insight, a feature that monitors running applications and identifies ones which may be bogging you down.

As before, Norton uses community-based reputation–judging files in part by whether other Norton users have downloaded them without problems. Other new features include protection against dangerous downloads that works in a comprehensive range of browsers, IM clients, and e-mail programs; and the ability to manage other browser-based Norton services (Norton Online Backup and Norton Online Family) from within the Norton dashboard. And the Norton Bootable Recovery Tool now lets you easily prepare a CD-ROM, DVD, or USB drive to undo damage to computers so crippled by an attack that they can’t even start up.

Norton 2011 is available in two versions. Plain-jane AntiVirus 2011 costs $39.99 for a version that covers one PC for one year. Norton Internet Security, which adds a firewall, antispam, parental controls, identity protection, and other features, is $69.99 for up to three PCs.

Symantec is also touting several free security downloads it offers, including Power Eraser, which is designed to detect and remove “scareware” that’s often maddeningly difficult to shake, such as malware which poses as real antivirus software.

Trend Micro, meanwhile, has given its security products a new name: Titanium. More important, it’s given them a new approach: Instead of making you download signatures to your PC to detect viruses and other dangers, it’s put most of the detecting (including its own version of community-based file analysis) in the cloud and aimed to prevent dangerous files from ever reaching computers in the first place. The company says that this dramatically reduces required resources. (The software does include features to detect and fix problems that happen when you’re offline.)

As with Norton 2011, the goal may be to be unobtrusive, but there’s a lot of information and settings if you want them:

This cloud-based strategy, Trend says, is particularly effective against zero-day attacks–ones so new that security companies haven’t created and distributed fixes for them.

Trend’s basic package, Titanium Antivirus+, is $39.95 for one PC or $59.95 for three. Titanium Internet Security adds antispam, parental controls, and other features for $49.95 for one PC or $69.95 for three machines. And Titanium Maximum Security tops that off with 10GB of online backup, system optimization, a secure erase utility, and other features for $59.95 for one PC or $79.95 for three. Unlike Norton, Trend doesn’t include a firewall with any of its versions, choosing instead to integrate with the one built into Windows.

I’ve been trying both Norton and Titanium this week and found them better behaved than security products of the past, including both company’s own past efforts. But this article isn’t a review–the biggest question about any security package is still how well it protects you from threats, and I’m not in a position to judge that.

For what it’s worth, both companies have commissioned well-known third-party testing organizations to put their products through their paces. You probably won’t be shocked to learn that all the results make the products of the commissioning company look good.

Here, for instance, is Norton using benchmarks by AV-Test.org to show that NIS is the most effective malware fighter:

And here’s Trend Micro’s chart based on tests by NSS Labs that show it catching the most threats before they execute on a PC:

Of course, there’s nothing fundamentally conflicting about the two companies’ charts: They’re reporting on different tests, and neither company’s tests include the other one’s brand-new version. I’ll be curious to see what conclusions PCWorld, PCMag.com, and other independent sites come to when they compare these and other 2011 versions.

So what security software do you run, Windows users–and how happy (or unhappy) a camper are you?

Today’s Norton is best known for its security products, but Symantec isn’t contending that malware presents a major threat to post-PC devices–at least not yet. So Norton Everywhere involves a bunch of different offerings designed to give people more control over their data and gear.

The initiative is kicking off with:

Norton Connect. This is a utility for iPhones and Android handsets, that provides access to files backed up using Norton Backup on PCs and Macs.

Norton Security for Android. Another Android app–one that does include a malware scanner, but also has a remote wipe utility that lets you destroy data on a lost or stolen phone, a call-blocking utility, and a program to prevent you from accidentally incurring roaming charges.

Norton DNS. Symantec will compete with OpenDNS and Google Public DNS by offering a free Domain Name System (DNS) service that you can configure as a substitute for the one used by your broadband ISP and/or wireless carrier. The company is partnering with DNS specialist Dyn to offer the service, and says it’ll be faster than default DNS options and will filter out dangerous sites (such as ones infested with malware or used for phishing) and potentially objectionable ones.  Since the service sits in between the Internet and Internet-connected devices, it’ll work with computers, phones, and anything else that connects to the Internet; Symantec plans to offer configuration utilities for PCs and Android phones when the service launches.

All of the above will be available in June. Symantec also says it’ll work with a company called Mocana to put the technologies from Symantec’s Live Update service into devices such as smart TVs, game consoles, and e-readers that receive over-the-air firmware updates.

One of the nice things about mobile gizmos and consumer electronics products is that they tend to need less of the troubleshooting, repair work, and general babysitting that’s been Norton’s stock in trade for so long. That’s why earlier attempts by PC utility companies to go beyond the PC usually haven’t gone much of anywhere. (Anyone but me remember McAfee’s anti-malware for Palm OS from a decade ago?) Symantec’s moves aren’t super-ambitious, but they sound logical enough. It’ll be interesting to see where they go–and may the day never arrive when we need to run Norton 360 on our phones, tablets, and TVs.

The new version supports Macs as well as PCs for the first time. It can back up files even when they’re open and in use (a pretty basic feature that the previous iteration lacked) and it now keeps 90 days’ worth of old files so that you can roll back to a previous version if need be. You can now search for those old files as well as browse for them, can restore them to the original computer or any other system, and send them by e-mail.

As before, the service is as close to fully Web-based as possible: You do need to download a small app to your Windows PC or Mac. It runs in the background to shuttle data to or fro (and didn’t seem to be much of a drag on performance in my test drive). But managing backups, restores, and other aspects of the service is done in the browser, so it’s exactly the same experience in Windows and OS X. The new version has a cleaner, easier user interface.

At first blush, Norton Online Backup’s price of $49.99 a year for up to 25GB of storage sounds pricey, given that rivals Mozy and Carbonite offer unlimited storage for slightly more money. But Mozy and Carbonite’s pricing is per computer, one of the defining features of Symantec’s service is that’s for multiple-PC homes–its price covers up to five PCs and/or Macs. Additional storage is available, ranging from another $49.99 for an additional 10GB to $239.99 for 100GB. And the service is bundled into Symantec’s Norton 360 3.0 suite.

Given the extra cost to get sizable quantities of online space for multiple computers–not to mention the inherently slow process of backing data up across the Internet–I think it still makes sense to be selective about what you back up to a service such as Norton Online Backup. Send your irreplaceable files up to the cloud, but use something like a 500GB Seagate FreeAgent Go drive to protect everything else. (Portable hard drives may not be as simple and safe as online backup, but they’re faster–and they cost about a tenth of what you’ll pay for one year’s worth of the same amount of storage with Norton.)

Symantec is also soliciting tales of data-loss woe (and woe averted) for a competition it’s callling Norton Saved My Bacon. I mention it here mainly because the prizes include a year’s worth of bacon and bacon-flavored foodstuffs such as mints. (Vegetarians can opt for the cash equivalent.) I give ‘em points for creativity–even though I don’t like bacon.

I confess that I haven’t used any online backup service on a regular basis, in part because I have multiple PCs and Macs around the house.  So the new Norton is tempting. (Clarification: I have been using SugarSync lately, but not for anything close to comprehensive backup–just to sync a few folders I need on more than one machine.) Anyone out there want to share their experiences—good or bad–with any online backup service?

Lose/Lose is described by its creator as “a game with real life consequences.” It’s a standard space shooter in the spirit of Galaga, except that each alien is assigned to a file on your hard drive. Blast the alien, and the file is gone forever, for real. Getting hit by an alien crashes the game, never to be played again. Here’s what creator Zach Gage says about the project:

By way of exploring what it means to kill in a video-game, Lose/Lose broaches bigger questions. As technology grows, our understanding of it diminishes, yet, at the same time, it becomes increasingly important in our lives. At what point does our virtual data become as important to us as physical possessions?

When I read about the game on Make a couple months ago, I chuckled at the concept, watched the video and wisely skipped trying the game for myself.

Symantec, on the other hand, dubbed the game a Trojan, gave it a name (“OSX.Loosemaque”) and created a threat assessment. Most amusing is how Symantec employee and blogger Ben Nahorney acknowledges Gage’s intent: “What’s interesting is that the author of this ‘game’ flat-out says what it does on his Web site,” Nahorney writes. “Reading through the author’s description, it seems that he has created this game/threat as some sort of artistic project.”

Still, Nahorney follows with a valid point, that someone with truly bad intentions could modify Lose/Lose’s code and distribute a game that doesn’t pronounce its file-deleting capabilities outright. So next time you download some obscure, simplistic alien-shooting game from the Internet, consider yourself warned.

Last month, Symantec released Norton Internet Security 2010 and Norton Antivirus 2010, updated versions of its venerable Windows security packages. They incorporated a new approach to threat detection–Symantec calls it Quorum–which attempts to increase accuracy and reduce resource-hogging tendencies by gauging the reputation of files based on data collected from the millions of folks who run the company’s software. (The reputation of a core Windows file that didn’t do anything suspicious would be high; the reputation of a file which Quorum hadn’t seen before which appeared to be behaving in a dangerous manner would be low.)

Today, Symantec is releasing a free beta version of Norton 360 4.0, the next release of its suite which includes both security and management tools such as backup and PC tuneup tools. It’s the first version of Norton 360 with Quorum, and in conjunction with today’s releasing, Symantec is touting recent test results for Norton Internet Security 2010 from third-party labs. The UK-based Dennis Technology Lab tested ten security products and gave Norton alone a perfect score; it also did well in recent testing by AV-Comparatives.org and AV-Test.org. (I’m not an expert on the relative strengths of independent security labs’ testing techniques, but I know that AV-Test knows their stuff and tells it like it is–they’re the lab we worked with back when I was at PC World.)

Whenever I mention Norton security products, I’m used to PC users reflexively accusing them of being in-your-face annoying and sapping precious system resources to an absurd level. Symantec clearly heard the gripes, too–the changes in both last year’s Norton 2009 products and this year’s Norton 2010 ones emphasis a general reduction in intrusiveness, and much of the advertising is devoted to conveying that it’s changed its ways. But computer users have memories like elephants, and I suspect that some will continue to look askance at Norton for years to come even if Symantec’s cleaned up its act.

So here’s a question for folks who are running any 2009 or 2010 version of any version of Norton security: How’s it treating you?

Another basic problem with short URLs: They can be dangerous. The very idea behind them is that they’re short (and therefore cryptic) but can redirect you to any URL. But the URLs they redirect to can send you to malware-infested sites–and since you see the short URL rather than the real one, you don’t have the opportunity to inspect the address for tell-tale signs that it’s risky.

Security software kingpin Symantec is understandably interested in short-URL security, and produced this video showing some sleazy ones on Twitter:

If you can see the real URL before you click, there’s a very good chance you’ll figure out it’s not something you want to visit. Which is part of why many third-party Twitter apps (such as Seesmic) let you preview the true URL. Weirdly, Twitter itself only provides this capability in its search.twitter.com feature, via “expand” links (which don’t appear next to all short URLs–you don’t get them with Digg links, for instance).

Seems to me that it would be fairly simple for Twitter to make short URLs a whole lot more useful and a whole lot less insecure. Here, I’ll map out a course of action:

1) Twitter should launch its own URL-shortening feature*. (Currently, it uses Bit.ly as its default service.) It’ll tick off every third-party shortener and probably drive most of them out of business, but the benefits to Twitter users will ultimately be worth it. If Twitter itself controls the short URLs, they’ll work for as long as there’s a Twitter, and the company will gain the ability to make them better than existing ones.

2) It should institute a short-URL expansion feature throughout the site–and instead of making you click an “expand” link, it should autoexpand them so the short link never appears. If users need to take the extra step of clicking to see the real link, they may or may not bother–but if the real one is staring them in the face, many questionable URLs will be manifestly obvious. (And some scammers probably won’t even bother to try and do their dirty work via Twitter.)

3) It should put the real URLs that short URLs point to through a malware-detection feature along the lines of ones that are now standard in Web browsers. If a real URL looks suspicious, Twitter shouldn’t permit it to be turned into a short URL in the first place. (Again, doing this should not only foil malware links that do get through, but should discourage scammers from bothering in the first place.)

*If Twitter is really worried about destroying third-party URL shorteners, it could accomplish most of the above without launching its own service, by launching an API (with malware detection and other enhancements) that other URL shortener can take advantage of. Even if it does create its own service, it needs an API so that third-party Twitter clients can bring all of its goodness to their users.

The above game plan would require some time and money, but if Twitter’s ambition is to be the pulse of the planet, it’s going to be responsible for taking actions that make it harder for the bad guys to screw things up for the good guys. And if the company really has a hundred million bucks to play with, it should throw a little of the dough towards solving this problem once and for all.

Symantec hopes that there’s a critical mass of Mac users who are security-minded enough to make its new Norton Internet Security 4 for Mac successful. The suite, which was announced today, is a Mac edition of a prominent Windows package. But Symantec has intelligently shifted the product’s emphasis when bringing it to OS X.

On Windows, security suites are primarily about real threats that might attack real Windows users: how to prevent them and how to remove them if they do get through. But there are still only a handful of known Mac viruses and spyware apps, compared to the thousands that target Windows. So Internet Security for the Mac is more focused on providing users with information about data traveling to and from their computers, as well as protecting against threats that are less platform-specific, such as phishing attempts.

Norton for the Mac does include anti-virus, but it plays up its firewall more. It’s integrated with Symantec’s DeepSight Threat Management Systems, which updates the firewall’s rules at least daily to reflect new threats. And Symantec is aiming it at folks who use firewalls not only to defend themselves against bad guys but simply to get a handle on which applications are phoning home from their computers and transferring data back and forth.

Symantec also includes anti-phishing features for Safari and Firefox–which are probably less essential now that Safari has joined Firefox in offering built-in phishing protection. But Symantec says its implementation is more comprehensive than the browsers’ standard phishing fighters.

Over the past few years, Norton products had developed a reputation for sporting in-your-face user interfaces and bogging down PC performance. But Symantec focused on making the new versions of its Windows products into better PC citizens, and it says that the Mac users it talked to asked for a suite that was essentially invisible in operation unless they asked it for information. It says it’s tried to provide such a package.

Norton Internet Security for the Mac is $79.99, including one year of updates. (That’s $20 more than Symantec charges for the Windows edition; I’m not sure what the official explanation is for the disparity and have asked the company about it.) An $89.99 version bundles the Mac and Windows versions, so folks who run both OSes on their Macs can get dual protection in one box.

In the end, security software still feels like it’s far more optional on the Mac than on Windows boxes. (Symantec acknowledges the rarity of Mac-specific attacks and says it’s not going to use scare tactics to pitch the new product to Macheads.) If you’re reading this and use a Mac, I’m curious: Are you going to at least give a thought to this security product, or do you think you’re safe enough with the security measures built into OS X and applications that run in it?

(Even UAC is surprisingly tolerable in W7: It’s amazing how much less aggravating it is when it doesn’t black out the screen and beep at you.)

I can’t give a verdict on Windows 7 until I’ve tried the final version, but I’m officially looking forward to it. But I’m also nervous that Microsoft will release a pleasing OS that gets messed up by the PC companies that use it. That’s because so much of the ugliness of the PC experience circa 2008 is caused by stuff that PC manufacturers pile onto the OS: icons that clutter up the desktop and System Tray, demoware that fills up the Start menu, and applications that bog down performance and waste your time.

(Check out this PC World feature from last year for some background on this scourge, including Test Center benchmarks that show that the junk robs you of some of the PC performance you paid for.)

Even utilities that serve no marketing purpose and theoretically improve on the basic Windows experience often degrade the OS. The last Lenovo and Toshiba notebooks I purchased both replaced the stock Windows Wi-Fi tool with their own networking utilities that layer on multiple levels of complexity for no clear purpose. (The Lenovo one tends to crash on me, too.)

In the past, Windows suffered from the broken windows effect–which traditionally refers to real windows in NYC housing projects, but hey, its name works perfectly in this case, too. The operating system itelf was so fundamentally disrespectful towards its users in so many ways that it wasn’t surprising that third-party applications picked up bad habits. (The reverse logic also works: Mac apps tend to be low-key good citizens, and that’s surely in part because OS X sets such a good example.)

I’d love to think that a more polite, less intrusive Windows will lead PC manufacturers to rethink their attitude. At last week’s PDC event, Microsoft said that it hoped PC manufacturers would rachet back the annoyingware on new PCs–but you gotta think that the company must tread carefully when telling companies how they can customize Windows given its past legal woes.

PC manufacturers presumably lard up their computers with extra stuff to add distinctive value to their systems (through apps that aren’t part of Windows itself) and squeeze more money out of their customers (through trialware and other marketing materials). These tactics are so pervasive that I’m not sure that many people in the industry realizes how self-destructive they are, and how much they could improve Windows by tampering less with it.

Here’s one tidbit that may be reason for optimism: Symantec, whose Norton Anti-Virus has long been the software equivalent of a potent medicine that tastes terrible, focuses on making its new Norton 2009 security products less of a system-sapping troublemaker.

Right now, the single biggest reason to choose a Mac over a PC is that OS X is simply far less of a hassle to use out of the box. Lots of folks are willing to pay a premium for the better experience. If Microsoft and PC manufacturers made a concerted effort, they could change the game pretty quickly. Windows 7 could be a sizable leap in the right direction, but I’ll remain a worried skeptic until Windows 7 machines start to ship…

Like the T-List? Read it as a feed.