Wednesday, November 10, 2010

Article: Norton Online Family Premier

Norton Online Family Premier
http://www.pcmag.com/article2/0,2817,2372155,00.asp?kc=PCRSS05079TX1K0000992


  • Pros

    Parental control for multiple PCs or Macs. Full remote configuration and reporting. Controls/monitors instant messaging. New 90-day computer usage tracking. New video monitoring. E-mail alert on violations. New e-mail summaries. Tracks surfing, searches, social networking.

  • Cons

    Can’t filter HTTPS traffic. Notification e-mails don’t link directly to the corresponding event in log.

  • Bottom Line

    The free Norton Online Family offers almost everything you could want in a multi-computer parental control system. Stepping up to the paid Premier edition adds long-term information about computer usage, regular e-mail summaries, and monitoring of videos watched.

Neil J. Rubenking Lead Analyst for Security
Neil Rubenking

Norton Online Family Premier

Specifications

OS Compatibility
Windows Vista, Windows XP, Windows 7
Tech Support
Phone, chat, and email
More

For the modern multi-computer household, Symantec’s approach to parental control makes perfect sense. Parents view reports and manage configuration through a Web-based console while a small agent on each computer (PC or Mac) enforces the house rules. With the release of Norton Online Family Premier ($49.99/year, direct) parents can get more information than ever, and the initial promotional price will knock $20 off for the first year.

Earlier this year, Norton Online Family got a new name (it was OnlineFamily.Norton before) and a minor makeover. The changes were mostly cosmetic; most significant was its expansion to multi-lingual support for 25 different languages. The Premier edition offers all the same features as OnlineFamily.Norton (Free, 4 stars) did, and adds several new ones too.

What’s New in Premier
The basic Norton Online Family service has always been free, and it remains free. Symantec listened to many feature requests and identified several that they thought users would pay for.

Many parents wanted to track children’s time on the computer more closely. The free edition lets them see usage over the past week, but they wanted more. The Premier edition retains usage data for 90 days. Thus, parents can view a graph of usage for any week and a monthly calendar that lists hours spent each day.

Many kids spend hours watching online videos. Even with Safe Search forced on, some of the videos they find might not please parents. The Premier edition specifically tracks all videos watched on YouTube, Hulu, or Google Videos. In the activity report parents can click to view a thumbnail, category, and description for each video—they can even click through to view exactly what the child watched.

Norton Online Family can send e-mail alerts to one or more addresses any time a child violates policy, and parents can go online any time to view a summary of the child’s activity or very detailed reports. The Premier edition combines these features by sending out an e-mailed summery of activity at the end of each week and at the end of the month.

Still Full-Featured
The rest of the product’s features are shared with the free edition, and, taken together, they make an impressively full-featured parental control system. One point worth noting is that Symantec emphasizes communication rather than rigid control. Parents can choose to warn a child rather than actively blocking access to inappropriate websites. The system can simply tell the child to log off when the time-limit kicks in rather than forcing the issue. And each child can view a simple, English-language version of the product’s configuration settings expressed as “House Rules.”

Norton can block access to sites matching 47 distinct categories, and it’s not affected by the simple network command that knocks out Bsecure CloudCare 6.0 ($49.95 direct, 3 stars) and some others. It can’t filter secure HTTPS traffic, though, so if a clever teen gains access to a secure anonymizing proxy website all bets are off. Net Nanny 6.5 ($39.99 direct, 4.5 stars), our current Editors’ Choice for parental control, is one of the very few products that can filter HTTPS traffic. Net Nanny can also analyze the content of individual pages without necessarily blocking a whole site, something few others manage.

Norton’s weekly time scheduler controls when computer use is allowed, where Net Nanny, CyberPatrol Parental Controls 7.7 ($39.95 direct, 4 stars), Safe Eyes 6.0 ($49.95 direct, 4 stars), and most others control when Internet access is allowed. Parents can also set a daily maximum computer usage for weekdays and weekends, with an option to only count the time the child spends actively using the computer.

Instant messaging chat control in Norton is comprehensive and well thought-out. Worried parents can choose to block all new contacts until after they’ve approved each new friend. Those feeling a bit more relaxed can allow contact by new friends but monitor their conversations. The management console lists all IM friends and lets a parent set each to be blocked, monitored, or neither. Net Nanny and Safe Eyes can monitor conversations but don’t include the ability to block specific friends. The unusually effective parental control component in Kaspersky Internet Security 2011 ($79.95 direct for three licenses, 4.0 stars) does both.

Norton Online Family Premier product will track logins to Facebook, MySpace and other popular social networking sites, and it can alert parents if the child enters a spurious age. It can also alert if the child posts parent-specified personal information, but that’s about all. If your main concern is how your child behaves on social networking sites SafetyWeb ($100 direct, 4 stars) offers full tracking of publicly available information kids have posted.

Norton offers an aggregated list of all sites visited, omitting URLs that simply point to ads or third-party content. Parents can click to get details about a given site, including a thumbnail. Another page lists recent search terms; note that for Google, Bing, and several other popular sites Norton forces the Safe Search option.

As noted earlier, parents can get e-mail notification on various violations including visiting a blocked site, disabling Safety Minder, and entering a false age on a social network site. On receiving an alert the parent can log in and get details or take action. For example, if the child requested access to a normally banned site the parent can grant that access. I do wish the notification e-mail included a link to a specific event in the online activity report.

This all adds up to a product that’s nearly as powerful as Net Nanny, even considering only the free edition’s features.

Norton Online Family in Action
Setting up an account online is simple, and installing the tiny Safety Minder on the test computer went quickly. As noted, you can install Safety Minder on as many computers as you want—you could even install it on Grandma’s computer if the kids spend time with her. All you need to do is match each parental control account with the Windows account used by that child.

I couldn’t actually experience the full effect of some Premier features. Having 90 days of history rather than seven doesn’t make a visible difference when in reality my “kids” have only been active for three days. And I haven’t yet received an end-of-week report in e-mail.

On the other hand, video tracking is very effective and very clear. The list shows just what they watched, and when, with a handy option to go watch it yourself. And the basic features, those also available in the free edition, are well thought out and easy to use.

The activity summary page is especially helpful to get a handle on the child’s activities. It lists the most-visited web sites and most-contacted IM friends, along with a graph of the web site categories most often viewed. A “word cloud” panel offers an overview of recent searches, and the summary now includes a summary of the past week’s time spent on the computer.

Free or Premier?
Norton Online Family is definitely a good choice for parental control, especially for those who want to keep open a conversation about online safety with their kids. The Premier edition’s full non-promotional price costs $10 more than the Editors’ Choice Net Nanny, but you pay extra to install Net Nanny on multiple computers. There’s no bad choice here, so pick the option that best fits your family’s needs and lifestyle.

More Parental control reviews:
•   SafetyWeb
•   Saavi Accountability
•   Bsecure CloudCare Version 6.0
•   Safe Eyes 6.0
•   PC Pandora 6.0
•   more

Desktop security software news, reviews, and tips to stay aware and prepared.

Posted by edesktopsecurity at 5:14 PM 0 comments

Article: Kaspersky Lab Bundles Eight Products into Anti-Malware Package

Kaspersky Lab Bundles Eight Products into Anti-Malware Package
http://www.eweek.com/c/a/Security/Kaspersky-Lab-Bundles-Eight-Products-into-AntiMalware-Package-375964/?kc=rss

2010-11-04
Article Rating: / 1


There are 1 user comments on this Security story.

Kaspersky Lab bundled eight security products into an Anti-Malware Protection System to provide seamless security from endpoint and mobile devices all the way to the gateway. 

A mix of new and enhanced software, the Anti-Malware Protection System was announced on Nov. 2. The new Kaspersky products include the Kaspersky Security for Internet Gateway to scan Web traffic and the Kaspersky Endpoint Security for Smartphone, with support for Symbian, Windows Mobile, and BlackBerry phones. 

The enhanced applications have a newly updated anti-virus engine, and include Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition; for Linux and FreeBSD File Servers; and for Lotus Domino; Kaspersky Security 8.0 for Microsoft Exchange Servers 2007/2010; and Kaspersky Endpoint Security 8.0 for Linux and Mac. 

“This launch is not about products. It’s about establishing the best anti-malware protection across every layer of the enterprise,” said Gary Mullen, senior director for marketing at Kaspersky. 

Malware has become “incredibly sophisticated” with many threat vectors, so it’s important to have multiple layers of protection, said Mullen. With a mobile workforce that gets online outside of the office, having just an anti-virus on the gateway is not enough, said Mullen. Kaspersky made it a point to have the same anti-virus engine in every product component to ensure the “most comprehensive” security was available, according to Mullen. 

Kaspersky Security for Internet Gateway scans only Web traffic, and does not scan traffic going through other ports that the organization has open in the firewall, said Mullen. Organizations can open up non-Web ports�ports other than 443, 80, 8000 or 8080�in the firewall to give users access to certain applications and machines, which leaves them unprotected unless there are other levels of protection in place.

While malware specifically targeting Macs and Linux platforms is still not as prevalent as Windows-based attacks, IT managers can’t afford to ignore endpoint security for those two operating systems, said Mullen. With OS X gaining market share, cyber-criminals are using Macs as “jump points” to infect Windows machines on the internal network, he said.  

In other words, if a Mac user comes across a virus, worm or Trojan, either on a USB drive or from an online source, that piece of malware wouldn’t affect the Mac itself but can hop through the network looking for file servers or other Windows machines to infect. 

Kaspersky developed a centralized management console that gives a complete view into all the malware risks within the organization’s environment, said Mullen. The console allows IT administrators to manage heterogeneous platforms, automate deployment, simplify maintenance, and upgrade security software, according to the company.  

Kaspersky Anti-Virus 8.0 for Linux and FreeBSD File Servers offers protection for open-source platforms and remote management capabilities, said the company. It also has specific support for EMC’s Celerra devices, according to Mullen. 

The updated anti-virus engine is integrated with a new anti-spam engine for email security products from IBM’s Lotus Domino and Microsoft Exchange Servers. Endpoint Security for Smartphone features anti-virus, anti-theft, remote recovery and data privacy. Mullen said the new Windows Mobile 7 phones would also be protected under the smartphone security product, along with older Windows Mobile phones, Blackberrys, and Symbian-based phones. 

The Anti-Malware Protection System will be available in November, said Mullen. Customers can choose to purchase individual programs “ala carte” or as part of a suite that matches “what they want to protect,” said Mullen. The business suite will include only the file server and endpoint security packages. The enterprise suite will add on the email security package. All eight programs will be available in the total protection suite, according to Mullen. 

The management console will be included for free regardless of the suite purchased, said Mullen.

Desktop security software news, reviews, and tips to stay aware and prepared.  

Looking forward to hearing the reviews.  What are you expectations?
Posted by edesktopsecurity at 5:03 PM 0 comments

Sunday, November 7, 2010

Article: AV-Test.org unveils latest results

AV-Test.org unveils latest results
http://www.virusbtn.com/news/2010/11_05.xml?rss

Trend Micro pass, Microsoft and McAfee fail to reach certification standards.

Independent testing body AV-Test.org has released their latest set of quarterly test results, reporting on the performance of 19 products in their multi-layer certification scheme. The reports show some major players not reaching the required grade, with McAfee’s Internet Security solution missing out on certification for the second quarter running, while Microsoft’s free-for-home-use Security Essentials was also denied certification. Trend Micro, having put in a poor showing in the previous test, stepped up a gear to achieve their first certification under the scheme launched earlier this year.

The testing scheme puts products through a number of measures, balancing protection against live threats with cleanup and usability issues, such as impact on system speed and false positives; a minimum score is needed from the entire suite of tests to be granted certified status. Problems for McAfee and Microsoft were noted in both the protection and removal categories, putting the pass mark out of reach despite decent scores in the usability section.

Among those attaining the pass mark were solutions from Avast, AVG, Avira, BitDefender, Eset, F-Secure, GData, Kaspersky, Panda, PC Tools and Webroot, with Symantec’s Norton achieving the highest overall score across the three categories. Norman’s Security Suite was also denied an award for the second quarter running. A further three products were included in the test but their reports have yet to be made available.

The test was conducted on Windows XP, after last quarter’s Windows 7 test. Full details of the results, with fine-grained breakdowns for each product covered, are available from the AV-Test.org website, here.

How well does your AV solution protect you against today’s threats? And is a good AV solution enough to keep cyber criminals at bay? Learn more at the VB ‘Securing Your Organization in the Age of Cybercrime’ Seminar. This VB Seminar takes place at the IET London, UK from 9am to 4pm on 25 November 2010. Secure your place by booking online now. (Or download a PDF copy of the booking form and fax the completed form to +44 (0)1865 543153.)”

05 November 2010

Desktop security software news, reviews, and tips to stay aware and prepared.

Posted by edesktopsecurity at 4:57 PM 0 comments

Article: Success in anti-botnet operation

Success in anti-botnet operation
http://www.virusbtn.com/news/2010/11_04.xml?rss

VB Seminar speaker describes how m00p gang member exploited computer users.

A Scottish man pleaded guilty last month to ‘causing unauthorized modification to the content of computers’ as part of his involvement in the m00p hacking group.

The case was the culmination of a joint operation between the UK’s Metropolitan Police and Finnish authorities who were investigating the group which infected tens of thousands of machines worldwide by sending malware attached to spam messages. Thirty-three-year-old Matthew Anderson’s role was in distributing millions of spam messages.

DC Bob Burls of the Police Central e-Crime Unit - who will be speaking about botnets and cybercrime at the VB Seminar in London later this month - said: “This organised online criminal network infected huge numbers of computers around the world, especially targeting UK businesses and individuals. Matthew Anderson methodically exploited computer users not only for his own financial gain but also violating their privacy. They used sophisticated computer code to commit their crimes.”

According to the Metropolitan Police, Anderson took control of the infected computers, on occasion activating their webcams to spy on their owners. During the investigation, screen grabs were found on Anderson’s computers taken from webcams as well as copies of private documents including wills, medical reports, CVs, password lists and private photographs.

Burls continued: “The internet means criminals have increased opportunities to commit crime internationally, however I’d like to reassure the public that the international law enforcement and anti-virus companies response is increasingly sophisticated. As this case shows, criminals can’t hide online and are being held to account for their actions. A complex investigation like this demonstrates what international cooperation can achieve.”

Anderson will be sentenced later this month.

DC Bob Burls will present ‘Botnets - the cybercriminal’s weapon of choice’ at the VB Seminar, 25 November, London, UK. Secure your place by booking online now. (Or download a PDF copy of the booking form and fax the completed form to +44 (0)1865 543153.)

04 November 2010

Desktop security software news, reviews, and tips to stay aware and prepared.

Posted by edesktopsecurity at 4:55 PM 0 comments

Thursday, November 4, 2010

Article: BullGuard Antivirus 10

BullGuard Antivirus 10
http://www.pcmag.com/article2/0,2817,2372072,00.asp?kc=PCRSS05079TX1K0000992

  • Pros

    Built-in support system eases tech-support interaction. Spam filter integrates easily with numerous e-mail clients. Safe Browsing feature rates websites, blocks access to dangerous ones.

  • Cons

    Needed third-party help to install on two infested test systems. Low scores on some independent lab tests. So-so malware detection. Left behind many malware traces. Safe Browsing ineffective antiphishing tool.

  • Bottom Line

    BullGuard puts up a tough front, but it doesn’t come through in the crunch. In my tests and independent lab tests, its performance was mediocre at best. The bonus spam filter is nice, but first and foremost an antivirus product needs to be tough on viruses. BullGuard isn’t.

Desktop security software news, reviews, and tips to stay aware and prepared.
Posted by edesktopsecurity at 11:06 PM 0 comments

Sunday, October 31, 2010

Article: Hackers Target Halloween Search Terms

Hackers Target Halloween Search Terms
http://www.eweek.com/c/a/Security/Hackers-Target-Halloween-Search-Terms-569624/?kc=rss

By: Fahmida Y. Rashid

2010-10-30

Several leading security firms, including CyberDefender, Blue Coat, Panda Software and BitDefender, warned attackers were targeting users searching online for Halloween-related topics.

Attackers are targeting people searching for last-minute ideas on Halloween costumes, said CyberDefender on Oct. 29.

The Internet security vendor joined several other security firms, including Blue Coat and BitDefender, to warn users searching online for Halloween-related topics.

“Popular search terms have always been a target for cyber-criminals,” said Achal Khetarpal, director of  CyberDefender Research Labs.

CyberDefender identified a fake anti-virus Trojan downloader infecting pages that come up when searching for Halloween costumes. When users land on these infected pages, the fake anti-virus installer hijacks the user’s Web browser and initiates a malicious process, CyberDefender said. The infected PC becomes sluggish and slow-performing while exposing personal data, according to the company.

One form, identified by Panda Labs, displays a fake video player page and asks the user to download a codec in order to play the video.

Popular search terms reflect what users are interested in at that time, making it a lucrative target. Criminals often create pages that are highly search engine optimized, with keywords reflecting currently popular search terms, said Khetarpal.

Called SEO poisoning, hackers create these pages that Google and other search engines pick up thinking they are legitimate, and return them when users type in the search terms, said CyberDefender.

According to Panda Labs, searching for Halloween costumes, Halloween decorations, Halloween ideas, Adult Halloween costumes, and Free pumpkin pattern, can return search results with malicious links.

Blue Coat said clicking on the infected link lands users on a page hosted within a hacked blog, which then redirects users to a malware distribution site. Users are presented with a download for an executable file with a name that was constructed based on the original search term, said Blue Coat. For example, users typing “Regis and Kelly Halloween show” in the search engine will see a filename like “regis-and-kelly-halloween-show-2009-to-play-40064,” or “office appropriate Halloween costumes” returning “office-appropriate-halloween-costumes-to-play-40064,” said Blue Coat.

According to the screenshot of malicious search results posted on the Panda Labs blog, the listed URL looks legitimate, with phrases like “halloween-costumes” embedded in the URL, and the page name also looks relevant, such as “Viking Halloween costume.” The description is a giveaway, since it seems to not have anything to do with the page.

According to BitDefender, “If you’re planning to find templates for Halloween invitations, or if you’re trying to find a print shop for what you already have, then you should keep an eye on what search results you’re about to click.”

Khetarpal advised users to manually type the Web site URL, instead of just clicking on links displayed on the Google search results page. For example, if the search results page show a Halloween costume at Target, users should type target.com in the address bar and search within the store’s Web site instead of clicking on the link directly. This way, users won’t be re-directed to an infected site, Khetarpal said.

“Users should only click trusted links or type in the site address they want into the search bar,” he said.

Spammers and hackers often take advantage of current events, popular trends, and holidays like Halloween to target users. For example, there tends to be surge in the volume of spam with Super Bowl-related subject lines. According to Khetarpal, holidays and celebrities are “hot topics” and “prime targets” for malware authors.

Khetarpal and other security experts advised users to verify they have a security software suite installed on the computer before going online, let alone searching for something. The suite should be updated to its most recent version, and the operating system should be patched with the latest updates, they said.

Desktop security software news, reviews, and tips to stay aware and prepared.
Posted by edesktopsecurity at 11:28 PM 0 comments

Article: The H Week - Firefox 4 delayed, MeeGo 1.1 arrives, Adobe updates & zero days

The H Week - Firefox 4 delayed, MeeGo 1.1 arrives, Adobe updates & zero days
http://www.h-online.com/security/news/item/The-H-Week-Firefox-4-delayed-MeeGo-1-1-arrives-Adobe-updates-zero-days-1127496.html

30 October 2010, 12:59
In the past week, The H took an in-depth look at the Rosegarden Project, several OpenOffice.org Council members resigned, Mozilla delayed Firefox 4 and MeeGo 1.1 was released. Adobe patched its Shockwave Player and warned of a critical vulnerability in Flash, Reader and Acrobat.

Featured

This week, Richard Hillesley took an in-depth look at the open source Roesegarden MIDI and audio music composition application for Linux. Following a heart attack, our editor-in-chief Dj Walker-Morgan reflected on just how much the UK health care system relies on paper documentation.

Open Source

Following a call to resign on the grounds that their involvement with The Document Foundation constituted a conflict of interest, a number of OpenOffice.org Council officially stepped down. Oracle drew criticism for its policy towards the Java Community Process (JCP) and Mozilla announced that Firefox 4 would be delayed until next year. Canonical announced its custom Unity desktop would be the default in Ubuntu 11.04 rather than GNOME and Intel and Nokia released the first major update to their open source MeeGo mobile operating system, version 1.1.

Rumours spread that the Google Android developers have completed Android 3.0, code named “Gingerbread”, the Android Market officially surpassed 100,000 applications and Oracle claimed that Android contains code copied directly from Java.

Microsoft announced that it is working with Cloud.com to provide integration and support for Windows to the OpenStack software project and ForgeRock launched the OpenIDM Project for open source identity management.

Hadoop service provider Cloudera and Cassandra service provider Riptano both received venture capital funding.

The Linux Foundation announced that it would merge with the Consumer Electronics Linux Forum, which will become a Foundation work group, and Linux helped the London Stock Exchange to achieve world record breaking trading speeds.

Open Source Releases

Mozilla released browser building blocks, Firefox and Thunderbird security updates and a new add-on prototype for Firefox. There were releases for the Miro HD Internet TV / podcast downloader and player, MontaVista Carrier Grade Linux and a new version of the Lotus Symphony office suite. Updates arrived for Nokia’s N900 and KDevelop and development versions of Skolelinux and CyanogenMod were released.

Security

The Firesheep extension for Firefox made it easy for attackers to access social networking accounts, a 12-year old was awarded $3,000 for reporting a Firefox vulnerability and a trojan was discovered on the Nobel Peace Prize web site.

Java replaced Adobe Reader as the most frequent attack target and Adobe patched 11 holes in its Shockwave Player.

Kaspersky’s anti-virus software caused problems with some corporate servers, a flaw in the iPhone allowed access to private data despite a passcode lock and the developer of the ZeuS trojan toolkit handed over his code to his rival, the developer of SpyEye.

Anti-botnet specialist Damballa published an analysis that showed German ISP 1&1 was the most popular host for bot herders then, following criticism of its methods, Damballa removed the blog post about the statistics.

Security Alerts

Attackers exploited a zero day vulnerability in Firefox and the Mozilla developers issued security updates within 48 hours of the first report of a flaw. A variant of the Koobface trojan appeared on Mac OS X, Adobe announced yet another critical hole in its Flash, Reader and Acrobat products and Cisco fixed an issue in its CiscoWorks Server.

Desktop security software news, reviews, and tips to stay aware and prepared.

Posted by edesktopsecurity at 11:22 PM 0 comments
Subscribe to: Comments (Atom)