The continuing terrorism against corporate and personal computers

The continuing terrorism against corporate and personal computers

We live in what has become a dangerous world. Admittedly, the danger is not equal to that of a full-fledged world war. However, physical attacks by terrorists on soft targets across the globe are frequent reminders of the ill wishes of unseen enemies. In today’s highly connected computer world, similar unseen enemies pose a costly threat. Marketers have become familiar with worms, viruses, Trojan horses, adware, spyware and overall malware. Today, many corporate computer system managers protect their systems by forbidding downloading of the variety of threat vehicles that attackers use. In most cases, executable files, which use the suffix.EXE, are automatically blocked. Executable files were the easiest effective weapons in the computer terrorist’s arsenal. They caught the unwary. Anyone clicking on the .EXE file attachment might suffer a hard disk attack that erased programs and data. Sometimes the effects were immediate; sometimes cumulative.

Attackers are remarkably opportunistic. When users recognized the threat of .EXE files and stopped opening them, the computer terrorists chose another innocent looking weapon, the .ZIP file. The programs that compress file sizes to facilitate file storage and transfer are remarkably helpful and commonly used. Hackers would secret a dangerous program within a .ZIP file to attack when the file was unzipped. Now, corporate computer managers routinely block that file type.

Similarly, hackers have exploited picture file, music and video formats as weapons. The average marketer may be able to rely on the company computer specialists to protect the desktop PC or workstation. Those of us who work at home or take a laptop on the road will probably have to look after ourselves. With this in mind, we look at two of the top computer protection software programs on the world market: Norton AntiVirus 2006 and McAfee VirusScan 2006.

The programs

Most computer users are familiar with one or both of the two programs. For desktop users, McAfee makes McAfee VirusScan, and Symantec makes Norton AntiVirus.

The short list of competitors includes: Trend Micro’s PC-cillin Internet Security, and a few others. All three majors are capable programs. In the past, our hardware lab relied heavily on PC-cillin. It performed well and was easy to setup and like the other competitors, offered online periodic automatic updates. Trend Micro also offered a website to support its older products like PC-cillin Version 6. The update service was not automatic. Users could got to a web site to find, download and install the latest updates. Trend Micro made the link increasingly difficult to find while promoting the enhanced capabilities of its newer products. That marked the industry transition from a program with indefinite free updates to an annuity: a program updated each year, requiring a new program fee.

PC-cillin fell victim to the market share problem. While still a capable program, it suffers from lower market share than the two main competitors and seems to be slowly losing share. PC-cillin may be a victim of McAfee and Symantec’s effective use of sales promotion. Both will offer full discounts on their anti-virus programs in the form of 100 percent price manufacturer’s rebates. Retailers love this technique since it entices customers into the store. The manufacturers are using a “cigarette” strategy similar to that used by the tobacco companies. Namely, they give the program away and hope that users become confirmed adopters who continuously update their programs annually, supplying a consistent stream of revenue. They also hope that a percentage of buyers decide not to bother with the rebates.

There is also the problem of a more complicated world. Virus attacks may be covert and not apparent to users. Other intrusions, like pop-up advertising is out in the open and annoying. Pop-ups are a product of programs called adware. Computer protection programs need to address adware as well as other more malicious programs that hide on a hard disk and view the information contained therein. This threat is spyware.

In terms of threats, viruses that erase the data on a computer’s hard disk cause damage that is limited to the value of the data destroyed or software that must be reinstalled. In contrast, spyware may allow a thief to empty a user’s bank account or apply for credit in the user’s name exploiting the information that a computer may contain. Alternatively, capturing the keystrokes of a user entering his or her bank account online is a license to steal.

In the past, both programs concentrated on offering antivirus protection. Protection from adware, creating a firewall or protecting from spyware came from other programs. Happily, both McAfee and Norton have added solid antispyware protection to their basic antivirus package. However, the additions are less effective than stand alone specialty products.

Given the importance of getting computer protection right and their commanding market share, we can expect that both programs offer robust protection. Potential users may find it valuable to see what that protection costs in terms of money and time.

Program comparison

The two programs differ in terms of how they operate. McAfee’s uses a proactive warning method. The program warns in advance of downloading a potentially unwanted program. McAfee does not offer much detail as to the problem and the user must rely on the program’s intelligence. In contrast, Norton uses a passive warning method. It allows users to download suspicious files and offers a warning that it might be spyware. Symantec offers details about the nature of the potential problem and allows the user to make his or her own decision. In some cases, the program might flag a file that the user knows to be harmless, like a known attachment. The best of both worlds would combine the proactive design of McAfee with the full disclosure of Norton.

Speed of operation

Over time we have used multiple versions of a variety of anti-virus software. They vary in terms of speed of loading, speed of detection, and speed of scanning. As time has passed, many anti-virus software programs have tended to slow down. Admittedly, the job they do is more complicated than it used to be and the dangers against which they must be vigilant have increased. However, both programs seem to produce noticeable system slowdown when performing deep system scans. When compared to last year’s version: McAfee VirusScan 2005, the new program takes much longer at full system scans. It may be another reason to upgrade hardware. Users with older computers, may find the speed of both McAfee and Norton to be a problem.

Speed of reaction to new outbreaks

The industry resource, c/net, recently published data on the speed at which the two companies reacted to the outbreak of a new virus. Over the last six months, there were several major virus outbreaks including: Sober.r , Zotob.e, Sober.p, MyDoom.bb. When c/net noted the times that Symantec and McAfee made their first responses, in each case McAfee responded with a fix first. Sometimes the differences in responses were just minutes; other times several hours. The lesson is that virus outbreaks can infect computers in moments and every minute of vulnerability counts. In this respect McAfee has the edge.

Price

Both programs carry a similar price, around US $50. Symantec seems to be more active in offering mail in rebates for the full purchase price so Norton AntiVirus 2006 may effectively be less expensive.

Product updates

As mentioned above, antivirus programs are now sold as prescriptions. Since they can be outdated quickly, the subscription provides an arrangement for keeping the program fresh.

Updates comprise two basic types. One is a program update; the other a virus definition, otherwise known as a virus pattern, update. Anti-virus programs work by recognizing the pattern of a known virus and then excluding or quarantining it. Virus definitions are updated regularly and at times of an outbreak.

The more significant update is the program upgrade, which may add functionality or remedy potential bugs. Users should expect virus pattern updates without charge during the life of their subscription.

Norton AntiVirus 2006 provides users both product upgrades as well as virus signature definition updates through the life of the subscription. Previously, Symantec required users to upgrade from older versions of the software to take advantage of any new features.

In addition, Norton AntiVirus 2006 users may choose between free online chat and paid telephone support. Both are offered 24/7. Phone support costs $29.95 per incident or $2.95 per minute

In contrast, McAfee introduced an improved subscription model. Users with a standard one-year license can get software version updates, not just updates of virus definitions. Current users with time remaining on their subscriptions will be entitled to VirusScan 2007. It will automatically download along with its new features. Users whose subscriptions have ended, will have to resubscribe.

McAfee provides a variety of free support. The methods include online chat, e-mail, and Web-based user forums. There are even FAQs that are helpful. McAfee offers more options than Symantec provides its Norton users. Like Norton, McAfee’s telephone help costs extra. It is priced at $2.95 per minute via 800 number or $3.95 per minute via a 900 number. With either option, the first two minutes are free.

Overall evaluation

Both are competent, effective programs that offer protection for standalone PCs and laptops. Both cost about the same price and both offer about the same features. Choosing one over another is a matter of identifying the one or two critical differences that matter to a particular user.

Edited by Dennis A. PittaUniversity of Baltimore