Jump to content

Norton Internet Security

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 81.98.195.53 (talk) at 02:44, 18 March 2009 (→‎Version 2009 (16.0)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Norton Internet Security
Developer(s)Symantec Corporation
Stable release
2009 or 16.5.0.134 (Windows Edition), 4.0 (Macintosh Edition)
Operating systemMicrosoft Windows, Mac OS X
TypeInternet security
LicenseProprietary
Websitehttp://www.symantec.com/norton/internet-security

Norton Internet Security, developed by Symantec Corporation, provides malware prevention and removal. It is distributed as a download, a box copy, or preinstalled on computers as OEM software. Norton Internet Security and its sister product, Norton AntiVirus, combined, held a 61% antivirus market share, as of 2007. Major competitors in terms of market share include CA, Trend Micro, and Kaspersky Lab.[1]

Norton Internet Security's malware protection signatures and heuristics to identify viruses. Other features include a software firewall, e-mail spam filtering and phishing protection.[2] Additional functions, such as parental controls, are available as extensions developed also by Symantec.[3]

Norton Internet Security runs on Microsoft Windows and Mac OS X. Version 16.5.0.134 is the latest update available for Norton Internet Security 2009.[4]

System requirements

Windows XP Service Pack 2 (32-bit only) Windows Vista (32/64-bit)
Processor Intel Pentium 300 MHz (or equivalent) Intel Pentium 800 MHz (or equivalent)
RAM 256 MB 512 MB
Free hard drive space 200 MB 200 MB

The Norton Toolbar requires Internet Explorer 6 or Mozilla Firefox 2 to function. To run the Norton Recovery Tool, 512 MB of RAM is required. The Norton Recovery Tool facilitates malware removal via bootable CD, outside the Windows environment.[5]

Version History (Windows)

Version 2006 (13.0)

Main Graphic User Interface of Norton Internet Security 2006
Main Graphic User Interface of Norton Internet Security 2006

Norton Internet Security 2006 debuted on September 26, 2005.[6] The redesigned main graphical user interface, dubbed the Norton Protection Center aggregates all information in a central location.[7] CNET reports the Norton Protection Center, while useful, attempts to advertise additional products. To help identify new, or zero day viruses, Bloodhound technology disassembles a variety of programming languages, scanning code for malicious instructions using predefined algorithms.[8] Internet Explorer homepage hijacking protection was introduced in this release as well; however notably missing is search engine hijacking protection. E-mail filtering blocks unwanted e-mails automatically or can be configured using a blacklist of blocked senders or a whitelist, comprised of allowed senders.[9] Norton Internet Security 2006 can block the transmission of confidential information via instant messenger. Users can create a blacklist of credit card numbers for example, that are not to be transmitted to third parties.[9] Parental controls assigns each user account an account type, each preconfigured with certain restrictions. Supervisors can define exceptions, add globally blocked sites, block certain programs from accessing the Internet, and restrict newsgroup access. However, the option to schedule times when each user is permitted to use the Internet is notably absent.[10] Advertisement blocking compares a website's code against a blacklist, and rewrites the HTML to prevent advertisements from being displayed.CNET highlighted Norton Internet Security 2006's noticeable impact on system performance.[7]

Version 2007 (14.0)

The 2007 version was released on September 12, 2007. Symantec revised Norton Internet Security with the goal of reducing high system resource utilization.[11] Despite having about 80% of the code rewritten, CNET reports mixed results in performance testing.[12] New features include a tabbed interface, eliminating the need to have separate windows open for the Norton Protection Center and for configuring the settings.[12] Symantec extended its Veritas VxMS rootkit detection technology, allowing Norton Internet Security 2007 to inspect files within directories to files on the volume level, detecting abnormalities or inconsistencies.[12] Windows Vista compatibility was introduced in this release as well.

Additional features include a exploit scanner which looks at system components commonly hosting vulnerabilities, such as weak user account passwords, Internet Explorer settings, and file sharing settings. When possible, Norton will attempt to fix issues found, otherwise the user is warned of the vulnerability.[13] A startup application manager allows users to prevent applications from launching at login.

The e-mail and instant messenger filtering, parental controls, and advertisement blocking features were dropped from this release. However, the features are available in 2007 add-on package.[14]

Version 2008 (15.0)

Norton Internet Security 2008 was released on August 28, 2007. Emphasizing malware prevention, new features include SONAR, which looks for suspicious application behavior. This release adds exploit protection, preventing attackers from leveraging common browser and application vulnerabilities.[15]. Norton Identity Safe stores personal information, such as phone numbers and fills online forms as needed. Identity Safe replaces the information filtering feature found in the 2006 and 2007 release.[16] Norton Internet Security 2008's extension package does not include the advertisement and pop-up blocking features found in the 2007 add-on package.

Version 2009 (16.0)

Norton Internet Security 2009 was released on September 8, 2008. Addressing software bloat, this version was designed with a “zero-impact” goal.[17] Benchmarking conducted by PassMark Software highlights this release's 52 second install time, 32 second scan time, and 7 MB memory utilization. Symantec funded the project and provided some of the scripts used to benchmark each of the antivirus software. [18]

The security status and settings are now displayed in a single main interface. Newly introduced features include a CPU usage monitor, which displays the total CPU utilization and Norton's CPU usage in the main interface. Other features include Norton Insight which cuts scanning time by whitelisting files based on reputation.[19] Updates are now delivered updates every 5 to 15 minutes. However, such updates are not tested by Symantec, and may cause false positives, or incorrectly identify files as malicious. The exploit scanner found in the 2007 and 2008 versions was dropped from this release.

Existing subscribers of Norton Internet Security, with an active subscription can download the latest version without having to pay an upgrade fee.[20]

Macintosh Edition

Norton Internet Security 4.0 for Mac includes the features found in Norton AntiVirus 11 for Mac. Additional features include a software firewall, which blocks access malicious or attacking IP addresses using a blacklist. The phishing filter blocks access to fraudulent websites attempting to steal confidential information. A feature similar to Privacy Control, found in Norton Personal Firewall and Norton Internet Security 2006, prevents confidential information from being transmitted via instant messenger programs. Operating system requirements call for Mac OS X v10.4.11. Hardware requirements call for a PowerPC or an Intel Core processor, 150 MB of free hard disk space, and at least 256 MB of RAM, with 512 MB recommended.[21] Norton Internet Security Dual Protection for Mac incorporates Norton Internet Security 2009 and Norton Internet Security 4.0 for Mac.[22]

Reception

FBI Cooperation

The FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail and other documents as part of a criminal investigation. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.[23][24] The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer. The trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications.[25][26] Symantec and other major antivirus vendors have whitelisted Magic Lantern, rendering their antivirus products, including Norton Internet Security, incapable of detecting Magic Lantern. Concerns include uncertainties about Magic Lantern's full potential and whether hackers could subvert it for purposes outside the jurisdiction of the law.[27][28]

Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party".[29] Another reaction from this came from Marc Maiffret, chief technology officer and cofounder of eEye Digital Security who states: "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[30]

FBI spokesman Paul Bresson, in response if Magic Lantern needed a court order to deploy, "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[31][32] Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.[33]

Performance

In 2006, Oli Warner published two articles comparing the system performance impact of various Windows applications, including Norton Interent Security 2006. Warner later decided to rerun the benchmarks, revising his methodology. Before the second report was published, Warner claimed to have received an e-mail from Symantec, asking him to benchmark the 2007 version, providing him with a free license. Warner benchmarked the processor and the disk performance with and without each application, compiling two scripts in C++, a programming language. One calculated all prime numbers between 100,000 and 200,000 and the other tested file read/write time. BootVis was used to measure boot time. All testing was conducted inside a virtualized environment created by VMware. Despite the 2007 version's improvements, Warner noted its significant boot delay.[34]

Relations with Ask.com

On February 3, 2009, Symantec announced a "multi-year, strategic partnership" with Ask.com, a search engine. The latest update for Norton Internet Security 2009, or 16.5, installs an Ask toolbar to Mozilla Firefox and Internet Explorer. Searches routed through the toolbar are color coded by saftey, leveraging data from Norton Safe Web, which inspects websites for malicious software or phishing scams.[35] The Ask toolbar is classified as spyware by major antivirus vendors, including McAfee and Trend Micro, for downloading and installing software without explicit user consent.[36][37] Version 4.0.2 of the Ask Toolbar, and possibly other versions, suffer from an unpatched vulnerability allowing attacker to access computers remotely.[38]

Uninstallation

Norton Internet Security have been criticized for refusing to uninstall completely, leaving unnecessary files behind.[39][40] Another issue is versions prior to 2009 installed LiveUpdate, which updates Norton-branded software, separately. The user must uninstall both Norton Internet Security and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present.[41] In response, Symantec developed the Norton Removal Tool to remove leftover registry keys and values along with files and folders.[42] However, neither route of uninstallation will remove subscription data, preserved to prevent users from installing multiple trial copies.

Windows XP Service Pack 3 and Vista Service Pack 1

When Norton Internet Security 2008 is installed, users encountered incompatibilities upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1. Users report numerous invalid registry keys being added, resulting in an empty Device Manager and missing devices such as wireless network adapters.[43][44] Symantec initially blamed Microsoft for the incompatibilities but has since accepted partial responsibility.[45] Symantec has issued a fix intended for users before upgrading, available via LiveUpdate. Before upgrading to Service Pack 3, Symantec recommends disabling the tamper protection component in the 2008 release.[43]

Windows Vista

Sarah Hicks, Symantec's vice president of consumer product management, voiced concern over Windows Vista 64-bit's PatchGuard. PatchGuard was designed by Microsoft to ensure the integrity of the kernel, a part of a operating system which interacts with the hardware. Rootkits often hide in a operating system's kernel, complicating removal."Battle with the Unseen–Understanding Rootkits on Windows" (PDF). Eric Uday Kumar. Association of Anti-Virus Asia Researchers. 2006. Retrieved 2009-03-15. Mike Dalton, European president of McAfee said, "The decision to build a wall around the kernel with the assumption it can't be breached is ridiculous", claiming Microsoft was preventing security vendors from effectively protecting the kernel while promoting its own security product, Windows Live OneCare.[46] Hicks said Symantec did not mind the competition from OneCare.[47] Symantec later published a white paper detailing PatchGuard with a instructions to obtain a PatchGuard exploit.[48][49][50] After negotiations and investigations from antitrust regulators, Microsoft decided to allow security vendors access to the kernel by creating special API instructions.[51]

References

  1. ^ "Channel Best-Sellers: Winning Security Players". CRN Staff. United Business Media LLC. November 23, 2007. Retrieved 2009-03-09.
  2. ^ "Norton Internet Security 2009 16.2.0.7". Softpedia. February 3rd, 2009. Retrieved 2009-03-14. {{cite web}}: Check date values in: |date= (help)
  3. ^ "Norton Add-on Pack 2.1". Softpedia. July 14th, 2008. Retrieved 2009-03-14. {{cite web}}: Check date values in: |date= (help)
  4. ^ "Norton Internet Security 2009 / Norton AntiVirus 2009 Update (16.5)". Tim Lopez. Symantec Corporation. March 2, 2009. Retrieved 2009-03-13.
  5. ^ "Download Norton Recovery Tool ISO to Create a Norton Rescue CD". Raymond.CC Blog. Retrieved 2009-02-26.
  6. ^ by bottod on December 7, 2005. "Norton Internet Security 2006 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.{{cite web}}: CS1 maint: numeric names: authors list (link)
  7. ^ a b by sralls on October 3, 2005. "Norton AntiVirus 2006 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.{{cite web}}: CS1 maint: numeric names: authors list (link)
  8. ^ "About Heuristics" (PDF). Stephen M. Sladaritz Sr. SANS Institute. March 23, 2002. Retrieved 2009-03-16.
  9. ^ a b "Security: A Suite Gift – Norton Internet Security 2006 - Full Review – Reviews by PC Magazine". Pcmag.com. Retrieved 2009-02-23.
  10. ^ "Security: A Suite Gift – Norton Internet Security 2006 – Full Review – Reviews by PC Magazine". Pcmag.com. Retrieved 2009-02-23.
  11. ^ Reviewed by: Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.
  12. ^ a b c Reviewed by: Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.
  13. ^ "Rad Tech Gifts for Grads – Norton Internet Security 2007 - Fresh Phish and Stale Settings – Reviews by PC Magazine". Pcmag.com. Retrieved 2009-02-23.
  14. ^ "Norton Internet Security 2007". Symantecstore.com. Retrieved 2009-02-23.
  15. ^ http://pcworld.co.nz/pcworld/pcw.nsf/feature/D797C6B246A7ECA5CC25734600732321
  16. ^ "11 Critical Security Apps – Norton Internet Security 2008 - Keep Your Identity Safe – Reviews by PC Magazine". Pcmag.com. Retrieved 2009-02-23.
  17. ^ "Symantec Launches Fastest Security Products in the World". Marketwire, Incorporated. September 9, 2008. Retrieved 2009-03-04.
  18. ^ http://www.passmark.com/ftp/antivirus_09-performance-testing-ed3.pdf
  19. ^ "Filtering Viruses Through The Cloud". Andy Greenberg. Forbes.com LLC. September 22, 2008. Retrieved 2009-03-11.
  20. ^ "Norton Update Center". Retrieved 2009-03-18. {{cite web}}: Unknown parameter |Publisher= ignored (|publisher= suggested) (help)
  21. ^ "System requirements for Norton Internet Security 4.0 for Mac". Symantec Corporation. Retrieved 2009-03-01.
  22. ^ "Worm Removal – Anti Phishing Filter – Identity Theft Protection: Norton Internet Security for Mac Dual Protection". Symantec Corporation. 2007-08-15. Retrieved 2009-02-23.
  23. ^ Sullivan, Bob (2001-11-20). "FBI software cracks encryption wall". MSNBC. Retrieved 2007-11-20. {{cite news}}: Check date values in: |date= (help)
  24. ^ Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
  25. ^ "FBI Has a Magic Lantern". Usgovinfo.about.com. Retrieved 2009-02-23.
  26. ^ "The FBI's Magic Lantern". Worldnetdaily.com. 2001-11-28. Retrieved 2009-02-23.
  27. ^ "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Retrieved 2009-03-12.
  28. ^ http://www.kaspersky.com (2001-12-11). "The FBI's "Magic Lantern" Shines Bright". Kaspersky.com. Retrieved 2009-02-23. {{cite web}}: External link in |author= (help)
  29. ^ Jackson, William (2001-12-06). "Antivirus vendors are wary of FBI's Magic Lantern – Government Computer News". Gcn.com. Retrieved 2009-02-23.
  30. ^ McCullagh, Declan (2007-07-17). "Will security firms detect police spyware? – CNET News". CBS Interactive, Inc. Retrieved 2009-02-23.
  31. ^ "FBI Confirms 'Magic Lantern' Project Exists" (PDF). Elinor Mills Abreu. At Home Corporation. December 31, 2001. Retrieved 2009-03-12.
  32. ^ "THE CASE FOR MAGIC LANTERN: SEPTEMBER 11 HIGHLIGHTS THE NEED FOR INCREASED SURVEILLANCE" (PDF). Christopher Woo & Miranda So. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
  33. ^ "IMPLICATIONS OF SELECT NEW TECHNOLOGIES FOR INDIVIDUAL RIGHTS AND PUBLIC SAFETY". Amitai Etzioni. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
  34. ^ "What Really Slows Windows Down". Oli Warner. Oli Warner. September 22, 2006. Retrieved 2009-03-10.
  35. ^ "Ask.com and Symantec Announce Strategic Partnership to Make Web Searching Safer". Yahoo! Inc. February 3, 2009. Retrieved 2009-03-10.
  36. ^ "Critics: Ask Jeeves Silently Serves Software", TechNewsWorld 13 Sept., 2005.
  37. ^ [http://www.benedelman.org/spyware/ask-toolbars/ Current Practices of IAC/Ask Toolbars
  38. ^ "Ask Toolbar ToolbarSettings ActiveX Control Buffer Overflow". Secunia. September 25, 2007. Retrieved 2009-03-17.
  39. ^ "Symantec uninstaller may not finish the job". Scott Dunn. WindowsSecrets.com. February 7, 2008. Retrieved 2009-03-05.
  40. ^ "How can I fully remove Norton Antivirus from my system?". Dave Taylor. Retrieved 2009-02-23.
  41. ^ "PCWorld". PCWorld. Retrieved 2009-02-23.
  42. ^ "Download and run the Norton Removal Tool". Symantec Corporation. Retrieved 2009-02-23.
  43. ^ a b Patch Watch, May 29, 2008 (2008-05-29). "Norton software conflicts with Windows XP SP3". Windowssecrets.com. Retrieved 2009-02-23.{{cite web}}: CS1 maint: multiple names: authors list (link) CS1 maint: numeric names: authors list (link)
  44. ^ "FAQ: Upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1 with your Norton 2008 product installed". Symantec Corporation. Retrieved 2009-02-23.
  45. ^ Gregg Keizer (2008-05-23). "Symantec pins blame for XP SP3 registry corruption on Microsoft". computerworld.com. Retrieved 2008-06-19.
  46. ^ "Vista PatchGuard Hacked". Marius Oiaga. Softpedia. October 16, 2006. Retrieved 2009-03-11.
  47. ^ "Symantec Snaps At Microsoft". Lisa Lerer. Forbes.com LLC. October 10, 2006. Retrieved 2009-03-11.
  48. ^ "Security Implications of Windows Vista" (PDF). Symantec Corporation. Retrieved 2009-03-11.
  49. ^ "Symantec Vista White Paper Links to PatchGuard Crack". Scott M. Fulton, III. Betanews, Inc. February 28, 2007. Retrieved 2009-03-11.
  50. ^ "Kaspersky Reveals the Fundamental Vulnerability of Vista PatchGuard". Marius Oiaga. Softpedia. February 9, 2007. Retrieved 2009-03-11.
  51. ^ "Microsoft to offer free security software". Gabriel Madway. Thomson Reuters. November 18, 2008. Retrieved 2009-03-14.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Norton_Internet_Security&oldid=278020533"