Jump to content

Norton AntiVirus

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Jacob Poon (talk | contribs) at 22:48, 25 March 2009 (→‎Version History (Windows)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

‎Norton AntiVirus
Developer(s)Symantec Corporation
Stable release
2009 or 16.5.0.135 (Windows Edition), 11.0 (Mac Edition)
Operating systemMicrosoft Windows, Mac OS X
TypeAntivirus
LicenseProprietary
Websitehttp://www.symantec.com/norton/antivirus

Norton AntiVirus, developed by Symantec Corporation, provides malware prevention and removal. It is distributed as a download, a box copy, or preinstalled on computers as OEM software. Norton AntiVirus and its brother product, Norton Internet Security, combined, held a 61% antivirus market share, as of 2007. Major competitors in terms of market share include products from vendors CA, Trend Micro, and Kaspersky Lab.[1]

Norton AntiVirus' malware protection uses signatures and heuristics to identify viruses.[2] Norton AntiVirus runs on Microsoft Windows and Mac OS X. Version 16.5.0.135 is the latest update available for Norton Internet Security 2009. This update supersedes the 16.5.0.134 update, which failed to install on many computers. The 16.5.0.135 will only be made available for affected users.[3]

Version History (Windows)

2000

It is designed for Windows 95 or higher.

2001

It is designed for Windows 95 OSR2 or higher. Support for Windows ME is added.

2002

It is designed for Windows 98 or higher. Support for Windows XP is added.

Also added to the family is Professional Edition.

2003

2004

2005

Professional Edition was dropped in this release.

Version 2006 (13.0)

The redesigned main graphical user interface, dubbed the "Norton Protection Center" aggregates information in a central user interface.[4] CNET reports the Norton Protection Center, while useful, attempts to advertise additional products. To further facilitate detection of zero-day malware, Bloodhound disassembles a variety of programming languages, and scans code for malicious instructions using predefined algorithms. [5] Internet Explorer homepage hijacking protection was introduced in this release as well; however notably missing is search engine hijacking protection. CNET highlighted Norton AntiVirus 2006's noticeable impact on system performance.[4]

Operating system requirements call for Windows 2000 Service Pack 3 or Windows XP. 150 MB of free space and a 300 MHz processor is required under either operating system. 128 MB of RAM is required under Windows 2000, while 256 MB is required in Windows XP.[4]

Version 2007 (14.0)

Norton AntiVirus was released on September 12, 2007. Symantec revised Norton AntiVirus with the goal of reducing high system resource utilization. [6] Windows Vista compatibility was introduced in this release as well. Despite having about 80% of the code rewritten, CNET reports mixed results in performance testing. [7] New features include a tabbed interface, eliminating the need to have separate windows open for the Norton Protection Center and for configuring the settings. [7] Symantec extended its Veritas VxMS rootkit detection technology, allowing Norton AntiVirus 2007 to inspect files within directories to files on the volume level, detecting abnormalities or inconsistencies.[7]

Windows 2000 compatibility was dropped from this release. Compatibility with 32-bit versions of Windows Vista was added to this release with a patch from Symantec. Hardware requirements under Vista call for 150 MB free space, a 800 MHz processor and 512 MB RAM. Requirements under Windows XP similarly call for 150 MB free space, a 300 MHz processor, and 256 MB of RAM.

Version 2008 (15.0)

Norton AntiVirus 2008 was released on August 28, 2007. Emphasizing malware prevention, new features include SONAR, which looks for suspicious application behavior. This release adds real-time exploit protection, preventing attackers from leveraging common browser and application vulnerabilities. [8][9]

When installed in 32-bit versions of Windows XP Service Pack 2, 300 MB of free space, a 300 MHz processor, and 256 MB of RAM is required. When installed in 32-bit and 64-bit versions of Windows Vista, 300 MB of free space, a 800 MHz processor, and 256 MB of RAM is needed.

2009 with Antispyware (16.0)

Norton AntiVirus 2009 was released on September 8, 2008. Addressing performance issues, over 300 changes were made, with a "zero-impact" goal.[10][11] Benchmarking conducted by Passmark Software PTY LTD highlights its 47 second install time, 32 second scan time, and 5 MB memory utilization. It should be noted Symantec funded the benchmark test and provided some scripts used to benchmark each participating antivirus software.[12]

The security status and settings are now displayed in a single main interface. A CPU usage monitor displays the total CPU utilization and Norton's CPU usage in the main interface. Other features include Norton Insight, a whitelisting technology which cuts scanning times by mapping known safe files using information from an online database. [13] To address malware response times, updates are delivered updates 5 to 15 minutes. However, such updates are not tested by Symantec, and may cause false positives, or incorrectly identify files as malicious. The exploit scanner found in the 2007 and 2008 versions was dropped from this release.

When installed in 32-bit versions of Windows XP Service Pack 2, 150 MB of free space, a 300 MHz processor, and 256 MB of RAM is required. When installed in 32-bit or 64-bit versions of Windows Vista, 150 MB of free space, a 800 MHz processor, and 512 MB of RAM is required.

Macintosh edition

Norton AntiVirus 11 for Mac introduced support for Mac OS X v10.5 Leopard platform, with the capability to detect both Macintosh and Windows malware. Other features include a vulnerability scanner, which blocks attackers from leveraging software exploits.[14] Norton AntiVirus 11 also includes the ability to scan within compressed or archived files, such as Time Capsule volumes. Operating requirements call for Macintosh OS X v10.4.10.[15] A PowerPC or an Intel Core processor, 128 MB of RAM, and 100 MB of free hard disk space are also required. Norton AntiVirus Dual Protection for Mac is intended for Macintosh users with Windows running on their systems, using Boot Camp or virtualization software such as VMWare Fusion. It provides a license for both Norton AntiVirus 11 with Norton AntiVirus 2009. System requirements for Norton AntiVirus 2009 are listed above[16][17]

Criticisms

FBI Cooperation

The FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail and other documents as part of a criminal investigation. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.[18][19] The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer. The trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications.[20][21] Symantec and other major antivirus vendors have whitelisted Magic Lantern, rendering their antivirus products, including Norton AntiVirus, incapable of detecting Magic Lantern. Concerns include uncertainties about Magic Lantern's full potential and whether hackers could subvert it for purposes outside the jurisdiction of the law.[22][23]

Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party".[24] Another reaction from this came from Marc Maiffret, chief technology officer and cofounder of eEye Digital Security who states: "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[25]

FBI spokesman Paul Bresson, in response if Magic Lantern needed a court order to deploy, "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[26][27] Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.[28]

Product support

Retail customers report slow and indifferent service on bugs. Examples include a faulty error message that valid subscriptions have expired. [29] Users received an error that stated "Your virus protection cannot be updated." This error occurred after an update to the software and refused to allow daily updates.[30] Though the bug was reported in 2004, it was not corrected for the 2005 or 2006 versions.

Another incident occurred in May 2007, when Norton Antivirus flagged components of the Pegasus e-mail client as malicious, rendering the program corrupted. [31] Symantec customer service addressed the problem by running through a checklist of troubleshooting steps which were not always successful, perhaps indicating a need for a more thorough understanding of the product on the company's behalf.

Faulty update

On July 25, 2006, Symantec released a faulty update for Norton AntiVirus 2006 users. Users reported an onscreen message stating "Norton AntiVirus 2006 does not support the repair feature. Please uninstall and reinstall.". [32] Symantec claimed the faulty update was downloaded to customers between 1:00 PM and 7:00 PM on July 25, 2006. Symantec developed a workaround tool and has listed troubleshooting steps, available here. The company released a statement, stating they expected to deliver a repair patch to affected users by Monday, July 31, 2006." [33]

Aggressive Subscription Marketing

If you choose not to update your subscription, after 90 days you get a pop-up reminder which is (a) always on top and (b) won't go away. Symantec customer service acknowledges this as both "a design feature" and a "friendly reminder". The feature occurs despite the user electing to disable alerts. Symantec also acknowledge the only way to get rid of this pop-up, which effectively disables your computer by obscuring nearly 1/4 of the screen, is to pay Symantec further money to upgrade or update subscription, or to uninstall software one has purchased the full rights to use.

Uninstallation

Norton AntiVirus has been criticized for refusing to uninstall completely, leaving unnecessary files behind.[34][35] Another issue is versions prior to 2009 installed LiveUpdate, which updates Norton-branded software, separately. The user must uninstall both Norton AntiVirus and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present.[36] In response, Symantec developed the Norton Removal Tool to remove leftover registry keys and values along with files and folders.[37] However, neither route of uninstallation will remove subscription data, preserved to prevent users from installing multiple trial copies.

Incompatibilities with ZoneAlarm

Norton AntiVirus 2007 will not install alongside ZoneAlarm. This incompatibility has caused annoyance for Norton customers who purchased Norton AntiVirus 2007 with no prior warning or notice of the incompatibility. [38] Symantec recommends removing ZoneAlarm, then reinstall with the Internet Worm Protection feature disabled, which controls what applications and the protocols which can be used accessing the Internet.

PIFTS.exe

On March 9, 2009 some users of Norton AntiVirus started experiencing a firewall warning that a Norton-associated file called "PIFTS.exe" was trying to connect to the Internet.[39] Initially Norton deleted all posts about this program on their forums and representatives refused answer questions about it over the phone, prompting claims of a conspiracy.[40]

Investigation conducted by users suggested the file attempted to connect to servers in Africa while other speculated PIFTS was an acronym for "Public Internet File Tracking system".[41][42] The SANS Internet Storm Center claimed to have spoken to a Symantec employee who has confirmed that "the program is theirs, part of the update process and not intended to do harm". [43]Graham Cluley, a technology consultant from antivirus company Sophos found that PIFTS.exe attempted to connect to a Symantec server, forwarding the product name and computer information, and supporting Symatec's assertion that PIFTS.exe was not malware.[44]

On March 10, Symantec made an official response to the PIFTS.exe incident, claiming that posts in the support forum were deleted due to a massive spam attack.[45] Symantec also claimed PIFTS.exe itself is nothing other than a diagnostics patch. [45] The Washington Post subsequently updated their article with information from Dave Cole, senior director of product management at Symantec.[40] Cole stated the purpose of the update was to help determine how many customers would need to be migrated to newer versions of its software as Windows users upgrade to Windows 7.

References

  1. ^ "Channel Best-Sellers: Winning Security Players". CRN Staff. United Business Media LLC. November 23, 2007. Retrieved 2009-03-09.
  2. ^ "Norton Internet Security 2009 16.2.0.7". Softpedia. February 3rd, 2009. Retrieved 2009-03-14. {{cite web}}: Check date values in: |date= (help)
  3. ^ "NAV/NIS 2009.5 Patch Update [ Edited ]". Tim Lopez. Symantec Corporation. March 19, 2009. Retrieved 2009-03-13.
  4. ^ a b c by sralls on October 3, 2005. "Norton AntiVirus 2006 Internet security and firewall reviews - CNET Reviews". Reviews.cnet.com. Retrieved 2009-02-23.{{cite web}}: CS1 maint: numeric names: authors list (link)
  5. ^ "Bloodhound". Symantec. Retrieved 2009-02-23.
  6. ^ Reviewed by: Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews - CNET Reviews". Reviews.cnet.com. Retrieved 2009-02-23.
  7. ^ a b c Reviewed by: Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews - CNET Reviews". Reviews.cnet.com. Retrieved 2009-02-23.
  8. ^ http://pcworld.co.nz/pcworld/pcw.nsf/feature/D797C6B246A7ECA5CC25734600732321
  9. ^ "Symantec unveils Browser Defender in its 2008 consumer security software". Gregg Keizer. Fairfax New Zealand Limited. August 30 2007. Retrieved 2009-03-07. {{cite web}}: Check date values in: |date= (help)
  10. ^ "Symantec Launches Norton Antivirus 'Gaming Edition'". PC Magazine. Retrieved 2009-02-24.
  11. ^ "Symantec Launches Fastest Security Products in the World". Marketwire, Incorporated. September 9, 2008. Retrieved 2009-03-04.
  12. ^ http://www.passmark.com/ftp/antivirus_09-performance-testing-ed3.pdf
  13. ^ Tal (January 5, 2009). "Norton Internet Security 2009". geekstogo.com. Retrieved 2009-01-07.
  14. ^ "Norton AntiVirus 11 for Leopard Announced". PC World Communications, Inc. December 10, 2007. Retrieved 2009-02-28.
  15. ^ "Norton Antivirus 11.0 for Mac". about.com. Retrieved 2009-02-24.
  16. ^ "Norton AntiVirus 11 for Mac". Symantec. Retrieved 2009-02-24.
  17. ^ "Norton AntiVirus Dual Protection for Mac". Symantec. Retrieved 2009-02-24.
  18. ^ Sullivan, Bob (2001-11-20). "FBI software cracks encryption wall". MSNBC. Retrieved 2007-11-20. {{cite news}}: Check date values in: |date= (help)
  19. ^ Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
  20. ^ "FBI Has a Magic Lantern". Usgovinfo.about.com. Retrieved 2009-02-23.
  21. ^ "The FBI's Magic Lantern". Worldnetdaily.com. 2001-11-28. Retrieved 2009-02-23.
  22. ^ "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Retrieved 2009-03-12.
  23. ^ http://www.kaspersky.com (2001-12-11). "The FBI's "Magic Lantern" Shines Bright". Kaspersky.com. Retrieved 2009-02-23. {{cite web}}: External link in |author= (help)
  24. ^ Jackson, William (2001-12-06). "Antivirus vendors are wary of FBI's Magic Lantern – Government Computer News". Gcn.com. Retrieved 2009-02-23.
  25. ^ McCullagh, Declan (2007-07-17). "Will security firms detect police spyware? – CNET News". CBS Interactive, Inc. Retrieved 2009-02-23.
  26. ^ "FBI Confirms 'Magic Lantern' Project Exists" (PDF). Elinor Mills Abreu. At Home Corporation. December 31, 2001. Retrieved 2009-03-12.
  27. ^ "THE CASE FOR MAGIC LANTERN: SEPTEMBER 11 HIGHLIGHTS THE NEED FOR INCREASED SURVEILLANCE" (PDF). Christopher Woo & Miranda So. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
  28. ^ "IMPLICATIONS OF SELECT NEW TECHNOLOGIES FOR INDIVIDUAL RIGHTS AND PUBLIC SAFETY". Amitai Etzioni. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
  29. ^ [1]
  30. ^ http://service1.symantec.com/SUPPORT/sharedtech.nsf/0/3a154213bd3ad4cc88256a370054cab6?OpenDocument
  31. ^ http://www.tnpcnewsletter.com/blog/2007/05/18/pegasus-email-client-being-flagged-as-a-trojan-program/
  32. ^ "Faulty Update Stymies Norton Users". The Washington Post Company. 2009. Retrieved 2009-02-26.
  33. ^ Symantec ships faulty Norton AntiVirus 2006 update - Alpha Blog - alpha.cnet.com
  34. ^ "Symantec uninstaller may not finish the job". Scott Dunn. WindowsSecrets.com. February 7, 2008. Retrieved 2009-03-05.
  35. ^ "How can I fully remove Norton Antivirus from my system?". Dave Taylor. Retrieved 2009-02-23.
  36. ^ "PCWorld". PCWorld. Retrieved 2009-02-23.
  37. ^ "Download and run the Norton Removal Tool". Symantec Corporation. Retrieved 2009-02-23.
  38. ^ Norton AV versus Zone Alarm - can't you have both? | Ask Jack | Guardian Unlimited
  39. ^ Beaumont, Claudine (2009), Internet conspiracy theories abound over Symantec Pifts.exe file, retrieved March 10 2009 {{citation}}: Check date values in: |accessdate= (help)
  40. ^ a b Krebs, Brian (2009), Users Complain of Mysterious 'PIFTS' Warning
  41. ^ http://voices.washingtonpost.com/securityfix/2009/03/symantec_users_complain_of_mys.html
  42. ^ http://isc.sans.org/diary.html?storyid=5992
  43. ^ Frantzen, Swa (2009), Conspiracy fodder: pifts.exe
  44. ^ Cluley, Graham (2009), http://www.sophos.com/blogs/gc/g/2009/03/10/mystery-symantec-pifts/ {{citation}}: Missing or empty |title= (help); Text "The mystery of Symantec and PIFTS.EXE" ignored (help)
  45. ^ a b Cole, Dave (2009), Norton product patch "PIFTS.exe" and Norton Users Forum
Retrieved from "https://en.wikipedia.org/w/index.php?title=Norton_AntiVirus&oldid=279685120"