NIS/NAV 2010 Beta just started

Discussion in 'other anti-virus software' started by yaslaw, Jun 27, 2009.

Thread Status:
Not open for further replies.
  1. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    You can find downloads for and discuss MSE (Microsoft Security Essentials; previously codenamed "Morro") here.
     
  2. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,506
    Location:
    The San Joaquin Valley, California
    I installed the new build, 105, today, but it shows I have one day of my subscription left. I manually ran LU, but didn't get an updated key. How do I get the new key. I posted the question at the Norton beta forum, but haven't gotten an answer yet.
     
  3. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Have you done your "one-time renewal" yet? Otherwise I think what's supposed to be used is registering of your e-mail again to get a new key through there. ;)
     
  4. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,506
    Location:
    The San Joaquin Valley, California
    I didn't know about the "one-time" renewal. How do I go about doing that? I still haven't gotten a reply from my post at the Norton forum. :(
     
  5. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    .
    Interesting! Certainly a useful feature. Seems like it would still be good to keep the apps updated, but it's easy to fall behind in that regard so this advanced intrusion protection will help.
     
  6. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,506
    Location:
    The San Joaquin Valley, California
    I opened NIS 2010 a few minutes ago, and a warning about my subscription having 0 days left popped up. I was given the option to renew my subscription, which I did, and now have another 14 days. All is well again. :)
     
  7. kinwolf

    kinwolf Registered Member

    Joined:
    Oct 19, 2006
    Posts:
    271
    And in the case of stuff like java, where you have no choice to keep an old vulnerable version because an app needs it, it is highly useful.
     
  8. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    Are the toolbar and IPS working with FF3.5.1?

    Thanks,
    Ian
     
  9. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    606
    Location:
    Cleveland, Ohio USA
    How to speed up your Norton Internet Security 2010 beta

    How to speed up your Norton Internet Security 2010 beta

    http://www.betanews.com/article/How-to-speed-up-your-Norton-Internet-Security-2010-beta/1248467702
     
  10. JasSolo

    JasSolo Registered Member

    Joined:
    May 9, 2007
    Posts:
    414
    Location:
    Denmark

    Yep, it works just fine.


    Cheers
     
  11. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
  12. ASpace

    ASpace Guest

    Hello.Perhaps it is a bit late but I installed NIS 2010 beta the newset build with debugging off - new beta tester :) I decided I should see it myself , not just reading about it , about Download Insight .

    NIS 2009 is nice , v2010 is great,too . I like the improvements about SONAR , The Norton Insight feauture . The GUI of 2009 appeals to me more .

    Anyway- about Download Insight - "the clould" . I don't see any practical benefit of this feauture . I mean , Symantec already have Pulse updates , which should deliver updates against new stuff every 5-15 minutes. I do realise the difference between the way DI and PU work but the practical benefit of DI is ...

    Examples : I am downloading something . DI checks it - it has no information about it and simply pops-up to warn me that it has no information about it (a.k.a - just a few users - less than 10 , have used it... this less than 10 could also mean zero). I can successfully run the file .

    If Symantec virus researcher have seen that file , too , they would have added definitions against it and pushed them via Pulse updates (PU) , right .

    In case of malware (which I tried yesterday) - this is the situation . Norton didn't have definitions against a new variant of malware . DI simply reported it in yellow because it simply haven't seen the file before . But this doesn't stop me from running the file . There are millions of such files that "just a few people have seen" . Actually , any new variant of malware is such a file. The warning in yellow is just a marketing - it just points the users that Norton is there. Yes , marketing , no practical benefit . Even Windows itself warns us before running the file that it is executable and that it could potentially harm our machine , that it has no digital signature .

    In case of clean file - again marketing . DI simply reports the file is clean . Well , I know the file is clean even without DI because it was not , Norton's auto-protect would have warned me about that. And Norton's auto-protect is connected with the regular definitions and the rapid ones (PU).

    In my opinion , Panda's cloud and the way it works (for example (1) users could send suspicious for them files directly there and (2) everything suspicious for that clould automatically gets into Quarantine) is better , more aggressive way of detecting malware . DI is currently nothing but marketing. I simply can't see it helpful for detecting malware . Please , correct me if I am wrong.
     
  13. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    I find your post interesting, and want to reflect on some things... good news is that you should have even quicker definitions with 2010 than delivered with Pulse Updates alone. No wait a minute... instant I mean (okay, so that was intentional :D)!

    Quorum and SONARv2 are not the only new things - the definitions are also kept "in the cloud". This means you'll have up-to-date definitions on what's coming onto and is on your system - always. ;) Please read on...


    I like to think about the "no data"-prompt differently... I say "no data"-prompt since that's actually what it's. When there's no definition available for what's about to run, you'll still be protected, since Norton will warn you and you can make a choice of what to do, where what's recommended is to stop it. That's because, in most cases (if not all...), when you see this prompt, it's actually a new threat. Known, legit software will have so much data and users that they can be determined as safe straight away instead. Quorum is just another component in the arsenal. The software is always improved in the way that all the components of the suite work more and more together - together to come to the right determination and automatic action for the user. Quorum fills a gap which is that no unknown files can enter your system without a "Hey... who TH are you!?" (:D), and comes to that conclusion - that a file is unknown - through checking many points and behavior. It simply adds another "step" in the protection delivered. The suite working more and more as a complete "team" simply makes it a sort of race who comes first to the determination. :)
     
  14. ASpace

    ASpace Guest

    Hello , raven211

    Yes , but actually Windows itself will do the same - e.g. if it is executable , Windows will warm me . If it is requires administrator rights , UAC will also step in .

    Know , legitimate software is no problem for anybody . For professionals , they are safe because professionals know legitimate sourses (e.g. big names , legitimate vendors , good web-sites , servers , files with digital signatures) . For users (average Jo) , they are also not a problem - (1st) because they are really not a problem ; (2nd) because they are legitimate ; (3rd) Jo doesn't care at all.

    Example , I downloaded Windows Defender , IE8 setup file and Skype from their legitimate sourses , I got a big gree checkmark they are safe . I know they are safe . Jo doesn't care , he supposes they are safe or he knows Norton will pop-up and tell him if they aren't .

    Well , yes , we fill the 5-15 minutes gap . But what is the chance for anybody to fall victim of a new threat - small one. DI (because it has no info that it is 100% dangerous) is helpless for Jo.

    Yes , I agree here . But I still see very little (tiny, small , mini :D ) practical benefit of the way it works.
     
  15. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    "Yes , but actually Windows itself will do the same - e.g. if it is executable , Windows will warm me . If it is requires administrator rights , UAC will also step in ."

    - Then again Windows doesn't have a big clue. It just sees that "ZOMG - it's a (new) exe +1! *bing!*" Norton's is based on lot's of data and behavior analysis. I would say that Windows' prompting is what's most of the time silly, the exception being some UAC prompts.

    I would personally prefer only the protection from some serious malware which has been reported that UAC is able to tackle actually - not silly prompts on every little thing, and, I mean, come on - you can't be serious with an example like Windows' "exe-warning". That's just arguing with your own arguments IMO, only that you seem to be on the side which is against Norton, and not neutral.


    "Example , I downloaded Windows Defender , IE8 setup file and Skype from their legitimate sourses , I got a big gree checkmark they are safe . I know they are safe . Jo doesn't care , he supposes they are safe or he knows Norton will pop-up and tell him if they aren't ."

    - There we agree; simply marketing.


    "Well , yes , we fill the 5-15 minutes gap . But what is the chance for anybody to fall victim of a new threat - small one. DI (because it has no info that it is 100% dangerous) is helpless for Jo."

    - Don't forget that in PU' case they still have to make definitions before they're sent out. That's why they make an instant way to deliver determinations by putting definitions directly in the cloud as well, filling any gap. Otherwise it'd obviously just be a waste of time developing if it was useless, I think they've thought that through.


    "Yes , I agree here . But I still see very little (tiny, small , mini ) practical benefit of the way it works."

    - Seriously, have you been totally against Norton in your past life or what? No offence, but you seem over-critical to me. I was a freakin' "hater/basher" even when it's at the 2007-edition, but am always open for a different opinion - hence I "accepted" Norton back in 2008-edition.
     
  16. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    ASpace, in the case of the “file unknown” warning by Norton Internet Security 2010, the recommended action is to wait a few hours and then to check the status of the file again. By that time, NIS10 should have been able to determine if the file is malware or not. This is an exceedingly reasonable process, in my opinion -- and one that has a high degree of practical benefit.

    ASpace, the world has changed. Increasingly, threats are no longer mass distributions of a small number of static files occurring over long periods of time -- rather, threats are now “unique” (i.e., “few” instances in the wild) with a short lifespan (e.g., 24-36 hours) and large in number (e.g., 2,000 new threats emerging per hour). In this new world, the ability to instantly leverage knowledge from across a massive userbase through the cloud is quite significant.

    If Symantec’s new advancements in NIS10 were simply “marketing,” then one would expect the performance of the 2009 and 2010 editions of the product to be quite similar. Early tests, however, show that NIS10 has improved substantially:

    Norton's performance was absolutely stellar. It scored 8.0 of 10 points for malware removal, beating previous top scorer Panda Internet Security 2010. It also set a new record on the malware blocking test: 9.6 points, trumping Prevx 3.0, the previous champion and our Editors' Choice for standalone anti-malware. (see here)​
     
  17. ASpace

    ASpace Guest

    Yes , they - the experts , make a decision . With DI it is me who makes that decision based on a community rating .



    Yes , in the past . Not any more .

    I am not over-critical . I am trying to understand why they are developing this and if there is any practical benefit . A lot of security software now has feautures that (you must accept that fact) are really of no benefit , no more secure .
    IMO , 2009 is the first from 2004 that is quality for users . Smart Security , engineered for speed ;) 2008 , 2007 - were not smart security , engineered for speed
     
  18. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    "Yes , they - the experts , make a decision . With DI it is me who makes that decision based on a community rating ."


    - Yep, that's exactly what it does, but to put it in more detail, it analyzes these things for every file that's downloaded:


    - How many instances of a particular file are seen?
    - How long has that file been around?
    - From which URLs were they downloaded?
    - What is the basic health of the system that is submitting the data?
    - Which software vendor does the file belong to?



    Afterall, that's partly what "in the cloud" security is for - instant definitions and community data to provide as instant determination of everything that's run as possible. I can't seem to understand your point yet, cause I haven't seen one to be honest. o_O
     
  19. dschrader

    dschrader AV Expert

    Joined:
    Mar 10, 2009
    Posts:
    54
    As a Symantec person, let me explain the advantages - and the significance of Quorom/Norton Insight.

    First, realize that Insight is a whitelist not a blacklist. Pulse updates the blacklist - it gets you sig files faster. Sonar 2 does a better job detecting new threats (inside tip - waite till av-comparatives and other testers of pro-active detection test it - it will blow away our previous approach).

    A white list tells you what not to scan - know what is safe before you scan.

    Here is the problem. Last year we hit the 1 million mark - that is 1 million different viruses, trojans and other malware. This year we will hit the 4 million mark. Next year, 10 million.

    Now imagine scanning all 600,000 scanable objects on your computer - checking each one against a database of 10 million viruses. Scans are going to take forever - there are just too many things to scan for. Something has to give.

    What if you didn't have to scan all 600,000 files you your computer? Scanning would be faster, much faster. So Norton has a vast database known files. Every time a user does a scan on their system - a hash of any new programs found is sent to the database. At the same time a risk rating is assigned to the file - based on both the results of the local scan (SONAR) and on how we correlate that file with malware behavior across millions of computers. If we see the file often enough - on systems that don't show any sign of problems, then we know the file is safe. So over time, our scanner gets faster, smarter - because it uses this huge, dynamic white list to identify what is safe and what might not be.

    The same system informs our firewall - allowing it to make intelligent choices about, what programs should be allowed to access the internet. This (IMHO) is how UAC should work. With millions of new programs being written every year, you need a dynmatic, crowd driven model to identity what is safe and what is not.

    Insightalso informs our heuristic engine - so we can be more aggressive depending on the risk rating of the file.

    We also use this reputation system to rate web sites and to help weed out spam.

    I hope this helps

    Dan
    Symantec
     
    Last edited: Jul 28, 2009
  20. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    that sounds great, symantec seems to be moving in the right direction.
     
  21. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Dan, can you elaborate upon “how we correlate that file with malware behavior across millions of computers”?
    • Does the Quorum database contain only a file’s characteristics/attributes (e.g., prevalence and age) -- or, does it also contain information about each file’s behaviors (e.g., activities such as modifying a registry entry or deleting a folder)?
    • When you refer to “that file,” do you mean all files on a user’s PC -- or, only ones that has been identified as malware?
     
  22. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Dan, PC Magazine has published a favorable review of Norton Internet Security 2010 beta (see here) conducted by AV-Test. However, there are a few items which are unclear.

    (1) “They tested ... using very new samples. Norton found 80% of these, which AV-Test calls an excellent result.”

    (1a) Did the remaining 20% of the samples cause the “new file dialog” prompt to appear?

    (1b) When the “new file dialog” prompt appears, does AV-Test count this a “malware detection” in their results?​

    (2) “AV-Test only tested the classic anti-malware functions described above. Norton Internet Security does much more, but they have not yet tested the newer functions.”

    (2a) What “newer functions” were excluded from the testing? For example, was SONAR disabled in their testing?​

    Any insights you have on these questions would be appreciated.
     
  23. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    It's interesting to note you posted the same question over on the Symantec forums 11 days ago, and have yet to receive a response. :/
     
  24. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    TonyW, you’re right. My objective was to catch the attention of Dan (a Symantec employee) while he was visiting this forum -- but, (alas!) no success.

    I infer that Symantec doesn’t know much about the AV-Test procedures, which is reasonable since the two organizations are unrelated. Nonetheless, I had hoped to pique the interest of Symantec to look into these questions.
     
  25. controler

    controler Guest

    This beta is done now?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.