Norton Launches 2012 Products

Hmmm....next week.....?

 

Yeah, I have an SSD as a system drive, so I have both the "optimizer" in NIS and the regular Windows defragmenter disabled.

 

Nice test of NIS 2012 here - http://youtu.be/9Yj2vm_cMyU?hd=1

 

Norton Internet Security 2011 secured a 5-star review, so see how Norton 2012 compares:

http://www.softwarecrew.com/2011/09/review-norton-internet-security-2012/

 

I like the fact that Chrome is now supported fully! It's working perfectly for me. I am as happy as can be with my setup.

I download something off Internet with Chrome [sandboxed in SBIE] --> Forced sandboxed folder --> Norton Insight scans the file --> Good? Then move it outside download directory and install. Bad? Execute file inside download directory which is forced sandboxed in SBIE to test it along with Buster's Sandbox Analyzer.

Extremely light setup! And oh how safe!

 

Wait until you encounter a Norton targeted malware and disables it.

 

How would that happen? All unsecure software are sandboxed (incl. browser, so no attack from there either).

 

that can happen with any AV

 

The risk is extremely small with a properly configured Sandboxie.

 

Yes,i know that could happen to any AV.
Indeed,the odds to encounter the "proper" malware to disable your AV is small...but it exists.

 

there should be no such risk at all with sandboxing of any type:-all decisions should be yours

 

NIS 2012 TOTAL failure ?

http://www.youtube.com/watch?v=vevMayUWcwQ

 

Yeah, I know people will look for excuses for that fail, but it looks like it simply didn't detect that rootkit, with any of the layers of protection, not by definitions and not with SONAR. Of course, nothing is 100% and this will happen to any and all security products, but a fail it was.

Worse, though, I think, is the fact that Norton was killed so easily by the malware.

 

Scary.

 

That is why an image backup is very important

 

Certainly you're right!

 

Yes. Layered setup (I'm running NIS 2012 with Sandboxie for untrusted applications) is the only way to stay somewhat safe!

 

Even scarier (more scary)

The Beta test 2 months ago by the same reviewer also failed for the same reason -- malware disabled and deleted NIS and allowed 70 malware files onto the system.

 

Image backups and rollback programes,while useful in restoring the pc to working condition isnt going to un-compromise bank details or passwords that have been stolen from any malware/rootkit infection though

 

Exactly. So I'm starting to use KeyScrambler on my machines. To help in at least one afterinfection.

Not much I talk. It was something I did not expect.

 

I see no UAC prompts in the video. Rootkits can't disable security products when they are executed under standard user accounts.

Most of the attacks can be prevented by using non admin user account

-http://www.zdnet.com/blog/security/report-64-of-all-microsoft-vulnerabilities-for-2009-mitigated-by-least-privilege-accounts/5964-


The reviewer favors a security product that essentially reduces the rights of unknown executables

 

Absolutely, but lets face it: the vast majority of computer users can't and won't be bothered to be logged in as anything but administrator.

 

Regarding the previous test of the beta, do you know if the same malware was used? I confirmed that he's using Windows 7 Home Premium and he must have UAC turned off since there are no prompts, but he didn't say so. I feel it's valid to test NIS with default settings since many users will not change them, but it would also be good to test with the settings turned up, such as Boot Time Protection set to Aggressive instead of normal. NIS 2012 by default is also using Smart Definitions instead of downloading the full sig database and that can be changed.

Regarding the comment that NIS was "killed", this is a bit of hyperbole. It doesn't really matter whether the security product is just bypassed or deleted as well. I've seen this often with older versions of AVG, where it is completely erased by the malware. Sometimes though the security app is just disabled and after the malware is removed it begins functioning again, but practically it doesn't matter because the app is not working while the system is infected. More generally I think Languy needs to be more precise in his observations. For instance he opened the folders where NIS is installed and decided that it had been partially erased by the malware, but he didn't check the file list against a fresh install of NIS - he expressed an opinion which he didn't verify and demonstrate to the viewers. While I think his test provides useful information it would be a lot better if he used more professional methodology. For instance he should state which version of Windows he's using, whether it 32 or 64 bit, UAC On or Off, did he confirm the system was clean before he installed NIS and started the test, etc. More attention to detail is needed. Still, if I worked at Symantec I'd be looking closely at the apparent vulnerability uncovered here.

 

True because the Admin account is the default and many users don't know how or why to change defaults. Still, in the video UAC was apparently turned off since it would prompt in an Admin account as well (just not require different credentials) and there were no prompts. UAC Off is not a default.

 

Something is fishy in this video and to be honest, this is the first time that I've seen Norton failed.
He used to make good reviews back in the day, but the last year or two every video is "Comodo is the best, every other product fails".
That's the whole purpose of his "reviews".
Besides, I can make a video making Comodo fail with every single link or piece of malware in the hard drive, I start by "it's updated as you can see, settings are at default, let's start...." , then I pause the video, disable the protection, let the malware go through, then I go "Oh..what's this in memory..." , I mean you can do it in hundreds of ways.