Norton Internet Security
File:NortonInternetSecurity.png | |
Developer(s) | Symantec Corporation |
---|---|
Stable release | 2009 or 16.5.0.134/135 (Windows Edition), 4.0 (Macintosh Edition)
|
Operating system | Microsoft Windows, Mac OS X |
Type | Antivirus |
License | Proprietary |
Website | http://www.symantec.com/norton/internet-security |
Norton Internet Security, developed by Symantec Corporation, provides malware prevention and removal during a subscription period and uses signatures and heuristics to identify viruses. Other features include a software firewall, e-mail spam filtering and phishing protection.[1] Additional functionalities, such as parental controls, are available as extensions developed by Symantec.[2]
Symantec distributes the product as a download, a box copy, or OEM software. Norton Internet Security and its sister product, Norton AntiVirus, combined, held a 61% antivirus market share as of 2007. Major competitors in terms of market share include antivirus products from vendors CA, Trend Micro, and Kaspersky Lab.[3]
Norton Internet Security runs on Microsoft Windows and Mac OS X. Version 16.5.0.135 is the latest update available for Norton Internet Security 2009, made available for users encountering issues when updating to build 16.5.0.134.[4] The latest Mac version is 4.0.
Windows edition
In August of 1990 Symantec acquired Peter Norton Computing from Peter Norton.[5] Norton and his company developed various utilities, or applications for DOS. Symantec continued the development of acquired technologies. The technologies are marketed under the name of "Norton", with the tagline "from Symantec". Norton's crossed-arm pose, a registered U.S. trademark, was featured on Norton product packaging.[6] However, his pose was later moved to the spine of the packaging, and later dropped altogether.[7]
Product activation was introduced to Norton Internet Security 2004, addressing the estimated 3.6 million counterfeit Norton products sold. A alphanumeric code is generated to identify a computer's configuration, which ties in with the product key. Users are allowed to activate their product five times with the same product key.[8] Spyware detection and removal was introduced to the 2005 version for Windows, with the tagline "Antispyware Edition".[9] The tagline was dropped in later releases.
Version 2006 (13.0)
Norton Internet Security 2006 debuted on September 26, 2005. The main graphical user interface, dubbed the Norton Protection Center aggregates all information in a central location.[10] CNET reports the Norton Protection Center, while useful, attempts to advertise additional products and services from Symantec.
To help identify zero-day viruses, Bloodhound technology disassembles and scans application code for possibly malicious instructions.[11] Norton can revert Internet Explorer homepage hijacking attempts and block advertisements. Users are warned of unauthorized changes to Internet Explorer's homepage, and given an option to revert such changes. Advertisement blocking rewrites a website's HTML to prevent advertisements from being displayed. E-mail filtering blocks e-mail spam and can be configured using a blacklist of blocked senders or a whitelist comprised of allowed senders.[12] Parental controls, bundled with this release, allow users to block specific sites, block certain programs from accessing the Internet, and restrict newsgroup access.[13]
CNET found this version had a noticeable toll on system performance, especially when opening files across a network or on a removable disk.[10][14] Oli Warner also noted Norton's significant drag when opening or creating files, compared to similar offerings from different vendors.[15]
Windows 98 compatibility was dropped from this release. System requirements were Windows 2000 Service Pack 3 or Windows XP, 325 MB (Megabytes) of free hard drive space, a 300 MHz processor, and 256 MB of RAM is needed.
Version 2007 (14.0)
The 2007 version was released on September 12, 2006. 80 percent of the code was rewritten, with the goal of reducing high system resource utilization. New features include a tabbed interface.[16] Symantec extended its Veritas VxMS technology, enhancing rootkit detection. VxMS allows Norton to detect inconsistencies among files within directories and files at the volume level.[16]
Phishing protection was introduced in this release. Norton checks sites against a blacklist and analyzes its code if the site is not present on a blacklist. Other features include a exploit scanner which looks at system components commonly hosting vulnerabilities, such as Internet Explorer settings. Supplementing the scanner, real-time exploit protection blocks attackers from leveraging common browser and application vulnerabilities. When possible, Norton will fix issues found; otherwise the user is warned of the vulnerability.[17] A startup application manager allows users to prevent applications from launching at login. E-mail spam filtering, parental controls, and the advertisement blocking features were not bundled with this release. Instead, the features are available in 2007 add-on package.[18]
CNET reports mixed results in performance testing; however gains were made over the 2006 version.[16] Warner also noted the 2007 version's reduced impact on system performance, compared to the 2006 version.
Windows 2000 compatibility was dropped from this release. Compatibility with 32-bit editions of Windows Vista was introduced later in this release with a patch from Symantec. When installed in Vista, 350 MB of free space, an 800 MHz processor, and 512 MB of RAM is needed. When installed in Windows XP, 350 MB of free space, a 300 MHz (Mega-Hertz) processor, and 256 MB of RAM is required.
Version 2008 (15.0)
The 2008 version was released on August 28, 2007. New features include SONAR, which monitors applications for malicious or damaging actions. SONAR was designed using technologies acquired from WholeSecurity. The Norton Identity Safe stores personal information and fills webforms as needed.[19] The startup application manager was dropped. Advertisement blocking was also dropped in the 2008 add-on package.
When installed in 32-bit editions of Windows XP Service Pack 2, 350 MB of free space, a 300 MHz processor, and 256 MB of RAM is required. Support for 32-bit and 64-bit editions of Windows Vista was introduced in this release. 350 MB of free space, a 800 MHz processor, and 512 MB of RAM is required for those.
Version 2009 (16.0)
The 2009 version was released on September 8, 2008.[20] Benchmarking conducted by PassMark Software highlights this release's 52 second install time, 32 second scan time, and 7 MB memory utilization. However, Symantec funded the benchmark test and provided scripts used to benchmark each participating antivirus software.[21]
A main interface replaces the tabs found in prior releases. A CPU usage monitor displays the total CPU utilization and Norton's CPU usage in the main interface. Other features include Norton Insight which whitelists files based on reputation, cutting scanning time.[22] Virus signature updates are now delivered 5 to 15 minutes, supplementing the reliability tested updates issued by Symantec every several hours. However, such updates may incorrectly identify files as malicious. Users can disable receiving such updates. The exploit scanner found in the 2007 and 2008 versions was dropped from this release.[23]
When the 2009 version is installed in 32-bit editions of Windows XP, a 300 MHz processor, 256 MB of RAM and 200 MB of free space are needed. The 2009 version is compatible with 32-bit and 64-bit versions of Windows Vista. An 800 MHz processor, 512 MB of RAM, and 200 MB of free space is required. Existing users of Norton Internet Security 2006 through 2008 can upgrade to the 2009 version without having to buy a new subscription.[24]
Macintosh edition
Version 1.0 through 3.0
Norton Internet Security version 1.0 for Mac was released November 1, 2000. It can identify and remove both Windows and Mac viruses. Other features include a firewall, advertisement blocking in the browser, parental controls, and the ability to prevent confidential information from being transmitted outside the computer. Users are prompted before such information is able to be transmitted. The incorporation of Aladdin Systems' iClean allows users to purge the browser cache, cookies, and browsing history within Norton's interface.[25] Operating system requirements call for Mac OS 8.1. Hardware requirements call for 24 MB of RAM, 12 MB of disk space, and a PowerPC processor.[26]
Version 2.0 also ties in with the WHOIS database, allowing users to trace attacking computers. Users can inform network administrators of the attacking computers for corrective actions. When running under Mac OS 8.1 or 9, a PowerPC processor, 24 MB of RAM, and 25 MB of free space is required. Under Mac OS X 10.1, a PowerPC G3 processor, 128 MB of RAM, and 25 MB of free space is required.[27]
The subsequent release, version 3.0, maintained the feature set found in version 2.0. The firewall now allocates internet access as needed rather than relying on user input using predefined rules. Compatibility with OS 8 was dropped. When running under OS 9.2, a PowerPC processor, 24 MB of RAM, and 25 MB of free space is required. Under OS X 10.1.5 through 10.3, a PowerPC G3, 128 MB of RAM, and 150 MB of free space is required. However, version 3.0 is not compatible with OS X 10.4, or "Tiger".[28]
Version 4.0
Version 4.0 was released on December 18, 2008.[29][30] Symantec also markets a bundle of Version 4.0 and the 2009 version for Windows, intended for users with both Microsoft Windows and Mac OS X installed.[30] iClean was dropped from this release. The firewall now blocks access to malicious sites using a blacklist updated by Symantec. To prevent attackers from leveraging insecurities in the Mac or installed software, exploit protection was introduced in this release.[31] Phishing protection was introduced in this release as well.[32] Operating system requirements call for Mac OS X 10.4.11 or higher. Either a PowerPC or Intel Core processor, 256 MB of RAM and 150 MB of free space are required.
Reception
FBI cooperation
The FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail as part of a criminal investigation. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.[33] The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer. The trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications.[34][35] Symantec and other major antivirus vendors have whitelisted Magic Lantern, rendering their antivirus products, including Norton Internet Security, incapable of detecting Magic Lantern. Concerns include uncertainties about Magic Lantern's full potential and whether hackers could subvert it for purposes outside the jurisdiction of the law.[36][37]
Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party".[38] Another reaction came from Marc Maiffret, chief technical officer and cofounder of eEye Digital Security, "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[39]
FBI spokesman Paul Bresson, in response if Magic Lantern needed a court order to deploy, "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[40][41] Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.[42]
Performance impact
In 2006, Oli Warner published two articles comparing the system performance impact of various Windows applications, including Norton Internet Security 2006. He later reran the experiments, revising his methodology and included 2007 version at Symantec's request. Warner benchmarked the processor and the disk performance with and without each application, compiling two scripts in C++, a programming language. One calculated all prime numbers between 100,000 and 200,000 and the other tested file read/write time. BootVis was used to measure boot time. All testing was conducted inside a virtualized environment created by VMware. Despite the 2007 version's improvements, Warner noted its significant boot delay and impact on file operations.[15]
Recent testing conducted by PassMark Software found the 2009 version had the least impact on system performance. As noted earlier, Symantec funded the testing and provided some of the scripts used. Warner's scripts were also used to test file read/write time. The second and third ranked suites were ESET Smart Security 2008 and Kaspersky Internet Security 2009, respectively.[43] Systems were benchmarked with a clean installation of Windows Vista, then again with a security suite installed. The 2009 version had the least impact on boot time, the fastest scan speed, lowest memory utilization, and the program itself installed the fastest out of its competitors. However, the 2009 version had the second most impact on file read/write time, as highlighted by Warner earlier.[43]
Uninstallation
Norton Internet Security (Windows versions) have been criticized for refusing to uninstall completely, leaving unnecessary files behind.[44][45] Versions prior to 2009 installed a separate LiveUpdate program, which updates Norton-branded software. The user must uninstall both Norton Internet Security and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present. In response, Symantec developed the Norton Removal Tool to remove leftover registry keys and values along with files and folders.[46] However, uninstallation will not remove subscription data, preserved to prevent users from installing multiple trial copies.
Windows XP and Vista Service Packs
When Norton Internet Security 2008 is installed, users encountered incompatibilities upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1. Users report numerous invalid registry keys being added by a tool named fixcss.exe, resulting in an empty Device Manager and missing devices such as wireless network adapters.[47][48] Symantec initially blamed Microsoft for the incompatibilities but has since accepted partial responsibility.
Dave Cole, Symantec's senior director of product management, acknowledged that users running Norton products were experiencing problems, but said the numbers are small. Cole also said that Symantec had done "extensive testing" of its products with Windows XP SP3, but this issue hadn't surfaced. Cole essentially blamed Microsoft, "This is related to XP SP3," he stated. Microsoft recommended users to contact Windows customer support.[49] To resolve the problem, Symantec has issued a fix intended for users before upgrading.[47] Symantec also recommends disabling the tamper protection component in the 2008 release, dubbed SymProtect.[48] A tool to remove the added registry entries is also available from Symantec.[47]
Windows Vista
Sarah Hicks, Symantec's vice president of consumer product management, voiced concern over Windows Vista 64-bit's PatchGuard feature. PatchGuard was designed by Microsoft to ensure the integrity of the kernel, a part of a operating system which interacts with the hardware. Rootkits often hide in a operating system's kernel, complicating removal.[50] Mike Dalton, European president of McAfee said, "The decision to build a wall around the kernel with the assumption it can't be breached is ridiculous", claiming Microsoft was preventing security vendors from effectively protecting the kernel while promoting its own security product, Windows Live OneCare.[51] Hicks said Symantec did not mind the competition from OneCare.[52] Symantec later published a white paper detailing PatchGuard with instructions to obtain a PatchGuard exploit.[53][54][55] After negotiations and investigations from antitrust regulators, Microsoft decided to allow security vendors access to the kernel by creating special API instructions.[56]
References
- ^ "Norton Internet Security 2009 16.2.0.7". Softpedia. February 3rd, 2009. Retrieved 2009-03-14.
{{cite web}}
: Check date values in:|date=
(help) - ^ "Norton Add-on Pack 2.1". Softpedia. July 14, 2008. Retrieved 2009-03-14.
- ^ "Channel Best-Sellers: Winning Security Players". CRN Staff. United Business Media LLC. November 23, 2007. Retrieved 2009-03-09.
- ^ "NAV/NIS 2009.5 Patch Update [ Edited ]". Tim Lopez. Symantec Corporation. March 19, 2009. Retrieved 2009-03-13.
- ^ "COMPANY NEWS; Symantec to Acquire Peter Norton". Lawrence M. Fisher. The New York Times Company. May 15, 1990. Retrieved 2009-03-30.
- ^ "Legal Notice - Symantec Canada". Symantec Corporation. Retrieved 2009-03-30.
- ^ "SYMANTEC BRAND IDENTITY" (PDF). frog design inc. Retrieved 2009-03-30.
- ^ "Symantec adds product activation". David Becker. CBS Interactive Inc. August 26, 2003. Retrieved 2009-03-31.
- ^ "Norton Internet Security 2005 Antispyware Edition". Robert Vamosi. CBS Interactive Inc. April 18, 2005. Retrieved 2009-03-30.
- ^ a b Ken Feinstein (September 11, 2005). "Norton AntiVirus 2006 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.
- ^ "About Heuristics" (PDF). Stephen M. Sladaritz Sr. SANS Institute. March 23, 2002. Retrieved 2009-03-16.
- ^ "Security: A Suite Gift – Norton Internet Security 2006 - Full Review – Reviews by PC Magazine". Ziff Davis Publishing Holdings Inc. Retrieved 2009-02-23.
- ^ "Security: A Suite Gift – Norton Internet Security 2006 – Full Review – Reviews by PC Magazine". Ziff Davis Publishing Holdings Inc. Retrieved 2009-02-23.
- ^ "Symantec Norton Antivirus 2006". Matthew Overington. IDG Communications. 05/02/2006. Retrieved 2009-03-27.
{{cite web}}
: Check date values in:|date=
(help) - ^ a b "What Really Slows Windows Down". Oli Warner. Oli Warner. September 22, 2006. Retrieved 2009-03-10.
- ^ a b c Reviewed by: Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews – CNET Reviews". CBS Interactive, Inc. Retrieved 2009-02-23.
- ^ "Rad Tech Gifts for Grads – Norton Internet Security 2007 - Fresh Phish and Stale Settings – Reviews by PC Magazine". Ziff Davis Publishing Holdings Inc. Retrieved 2009-02-23.
- ^ "Norton Internet Security Add-on Pack". Symantec Corporation. Retrieved 2009-02-23.
- ^ "11 Critical Security Apps – Norton Internet Security 2008 - Keep Your Identity Safe – Reviews by PC Magazine". Ziff Davis Publishing Holdings Inc. Retrieved 2009-02-23.
- ^ "Symantec Launches Fastest Security Products in the World". Marketwire, Incorporated. September 9, 2008. Retrieved 2009-03-04.
- ^ http://www.passmark.com/ftp/antivirus_09-performance-testing-ed3.pdf
- ^ "Filtering Viruses Through The Cloud". Andy Greenberg. Forbes.com LLC. September 22, 2008. Retrieved 2009-03-11.
- ^ "Symantec says security software needs speed". Gregg Keizer. IDG Communications. 16/07/28. Retrieved 2009-03-27.
{{cite web}}
: Check date values in:|date=
(help)http://www.techworld.com.au/article/253266/symantec_says_security_software_needs_speed - ^ "The Norton Update Center". Retrieved 2009-03-18.
{{cite web}}
: Unknown parameter|Publisher=
ignored (|publisher=
suggested) (help) - ^ "Symantec Releases Norton Personal Firewall". The Mac Observer, Inc. November 1, 2000. Retrieved 2009-03-30.
- ^ "Symantec Brings Market-Leading Norton Internet Security and Norton Personal Firewall to the Macintosh". CBS Interactive Inc. November 1, 2000. Retrieved 2009-03-30.
- ^ "Norton Internet Security 2.0 Mac". Daniel Jardine. AbleStable. Retrieved 2009-03-27.
- ^ "Norton Internet Security 3.0 for Macintosh". Creation Engine, Inc. Retrieved 2009-03-27.
- ^ "Symantec unveils Norton Internet Security for Mac 4.0". Jim Dalrymple. Mac Publishing, LLC. Dec 18, 2008. Retrieved 2009-03-27.
- ^ a b "Symantec releases Norton Internet Security for Mac 4.0". Justin Berka. Condé Nast Digital. December 19, 2008. Retrieved 2009-03-27.
- ^ "Symantec Unveils Norton Internet Security for Mac 4.0". Jim Dalrymple. PC World Communications, Inc. December 18, 2008. Retrieved 2009-03-27.
- ^ "Norton Internet Security 4: A Comprehensive Suite". John Martellaro. The Mac Observer, Inc. December 18th, 2008. Retrieved 2009-03-27.
{{cite web}}
: Check date values in:|date=
(help) - ^ Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
- ^ "FBI Has a Magic Lantern". Usgovinfo.about.com. Retrieved 2009-02-23.
- ^ "The FBI's Magic Lantern". Worldnetdaily.com. 2001-11-28. Retrieved 2009-02-23.
- ^ "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Retrieved 2009-03-12.
- ^ "The FBI's "Magic Lantern" Shines Bright". Kaspersky Lab. 11 Dec 2001. Retrieved 2009-03-27.
- ^ Jackson, William (2001-12-06). "Antivirus vendors are wary of FBI's Magic Lantern". 1105 Media, Inc. Retrieved 2009-02-23.
- ^ "Will security firms detect police spyware?". Declan McCullagh and Anne Broache. CBS Interactive Inc. July 17, 2007. Retrieved 2009-03-27.
- ^ "FBI Confirms 'Magic Lantern' Project Exists" (PDF). Elinor Mills Abreu. At Home Corporation. December 31, 2001. Retrieved 2009-03-12.
- ^ "THE CASE FOR MAGIC LANTERN: SEPTEMBER 11 HIGHLIGHTS THE NEED FOR INCREASED SURVEILLANCE" (PDF). Christopher Woo & Miranda So. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
- ^ "IMPLICATIONS OF SELECT NEW TECHNOLOGIES FOR INDIVIDUAL RIGHTS AND PUBLIC SAFETY". Amitai Etzioni. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
- ^ a b Lai, Karen. Wren, David. (2009). "Antivirus, Internet Security and Total Security Performance Benchmarking Edition 3", PassMark Software Pty Ltd.
- ^ "Symantec uninstaller may not finish the job". Scott Dunn. WindowsSecrets.com. February 7, 2008. Retrieved 2009-03-05.
- ^ "How can I fully remove Norton Antivirus from my system?". Dave Taylor. Retrieved 2009-02-23.
- ^ "Download and run the Norton Removal Tool". Symantec Corporation. Retrieved 2009-02-23.
- ^ a b c "FAQ: Upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1 with your Norton 2008 product installed". Symantec Corporation. 8/4/2008. Retrieved 2009-03-28.
{{cite web}}
: Check date values in:|date=
(help) - ^ a b Patch Watch, May 29, 2008 (2008-05-29). "Norton software conflicts with Windows XP SP3". Windowssecrets.com. Retrieved 2009-02-23.
{{cite web}}
: CS1 maint: multiple names: authors list (link) CS1 maint: numeric names: authors list (link) - ^ Gregg Keizer (2008-05-23). "Symantec pins blame for XP SP3 registry corruption on Microsoft". Computerworld Inc. Retrieved 2008-06-19.
- ^ "Battle with the Unseen–Understanding Rootkits on Windows" (PDF). Eric Uday Kumar. Association of Anti-Virus Asia Researchers. 2006. Retrieved 2009-03-15.
- ^ "Vista PatchGuard Hacked". Marius Oiaga. Softpedia. October 16, 2006. Retrieved 2009-03-11.
- ^ "Symantec Snaps At Microsoft". Lisa Lerer. Forbes.com LLC. October 10, 2006. Retrieved 2009-03-11.
- ^ "Security Implications of Windows Vista" (PDF). Symantec Corporation. Retrieved 2009-03-11.
- ^ "Symantec Vista White Paper Links to PatchGuard Crack". Scott M. Fulton, III. Betanews, Inc. February 28, 2007. Retrieved 2009-03-11.
- ^ "Kaspersky Reveals the Fundamental Vulnerability of Vista PatchGuard". Marius Oiaga. Softpedia. February 9, 2007. Retrieved 2009-03-11.
- ^ "Microsoft to offer free security software". Gabriel Madway. Thomson Reuters. November 18, 2008. Retrieved 2009-03-14.