Got an Idea? Tell us!
Have you ever used a product and thought “if only it had this feature…” or “if I could just do that easier” wishing you could spend a few minutes with the developers to hear you out? Well, today we’re excited to introduce a new section of the Norton Community called Norton Ideas which will allow you to do just that. Norton Ideas is a site that will allow you to submit your product feature suggestions directly to the Norton product development team. The Norton product team is here to listen to your suggestions, discuss them amongst the community and put the best id...
AMTSO (the Anti-Malware Testing Standards Organization) is a coalition of security professionals, including many antivirus product vendors, product testing organizations and publishers, and some interested individuals. Given the highly technical nature of its activities, it is inevitable that the organization owes some of its authority to the expertise of the security specialists within its ranks, but that doesn’t make it a vendor lobby group. As Kurt Wismer (not himself a member) points out here (http://anti-virus-rants.blogspot.com/2010/06/nss-labs-vs-amtso.html) “many of them are employ...
Sad but true: that new computer isn’t going to last forever and, especially if you’re not careful, neither will all its precious data. Over time, once-zippy computers can start to lag, getting bogged down with unnecessary programs, too many temporary files, broken registry keys and all sorts of other digital gunk. What’s more, hard drive failure, theft and natural disasters can wipe out your precious files in an instant – music collections, treasured photos and financial documents that could be lost forever.
I’m excited to announce the newest Norton weapon in the fight against PC slugg...
This year we have some innovative changes that build upon the successful, effective, and efficient SONAR 2 behavioral security engine. For those who are not familiar with SONAR technology, here is a link to an article that describes it. With SONAR 2, we have a proven track record of being able to convict malware and secure Norton users from malware designed to evade most other security features. In the last nine months alone we prevented upward of 4.2 million infections out of about 140 million incidents that we analyzed for Norton users. Most of these incidents were never-before-seen malw...
A few years ago we threw down the gauntlet, challenging the idea that performance must be traded away in favor of security. To accomplish our mission, we changed ourselves and in the process, changed the entire conversation, shifting the focus to include not only effectiveness and accuracy but minimum performance impact felt by the customer. But we’re an industry leader, so rehashing the previous cutting-edge methods won’t do. In 2011, we’ve picked up our own challenge and turned in a new direction, pushing ourselves to go even farther for the betterment of our customers.
In order to do...
What is IPS?
Intrusion Prevention System (IPS) is a proactive protection technology that provides security at the network level. It is the first line of defense against malware.
There is sometimes confusion between an IPS and a firewall. Personal firewalls are more basic, making allow/deny decisions to ensure that only “selected” programs are allowed to interact over the internet. Firewalls also block network communication on non-standard ports, which are generally not used by legitimate programs and services. On the other hand, an IPS goes one step further, and examines all network traff...
I haven't made a post on here in a while,
and there's a good reason. I've been keeping my head down, working hard
with my teammates on Norton Online
Family. Now that the beta has been released you can see the fruits of
our labor for yourselves.
I am really excited about this
product. I'm not a parent yet, but my wife is expecting our first child
at the end of July so I have spent a lot of time over the last year or so
thinking about what type of father I aspire to be as well as thinking broadly
about the unique problems related to keeping your family safe online. I'm
The new Norton AntiVirus 2011 and Norton Internet Security 2011 beta products include several new and improved features which I'm going to detail here.
In our 2009 products, we introduced Norton Insight which dramatically improved performance by not scanning known good files.
In 2010 products, we went one step further by using reputation data to mark files as good, bad or unknown.
With 2011, we are enhancing this even more by providing fine-grained reputation information about files and by allowing users to perform a Reputation Scan of their files. You...
In January of this year, Symantec became a founding member of the Anti-Malware Testing Standards Organization (AMTSO). Symantec and about 40 of the leading academics, reviewers, testers and vendors in the security industry joined forces to form the organization dedicated to helping improve the objectivity, quality and relevance of anti-malware technology testing. Since then, we’ve met several times and shared numerous spirited debates, but something we have agreed upon since our inception is the charter of the organization: · Providing a forum for discussions related to the testing...
(view in My Videos)Sometimes you need a bodyguard, sometimes you need an advisor
Most often, users are concerned about dangerous, active threats against their computer.
If malware is detected on the PC, users generally prefer that it is simply and quietly blocked. Similarly, when users are online, they expect to be protected from pages that contain malicious content or that are part of phishing scams.
Phishing sites are an obvious, immediate and direct threat on a user’s most valuable information. This is a simple security decision. A webpage is either the correct webpage or it’s an imp...
As we talk to consumer and enterprise customers, we are
finding many don’t understand the risks of the Internet today, why their
computers have been compromised or how the threat landscape has really
changed. The fact that just visiting
your favorite Web site can either lead to malware silently being installed on
your computer WITHOUT ever clicking on anything, or being plagued by misleading
applications, such as fake antivirus software, seems to be a surprise to many
users and IT managers.
With the increase in Web based attacks that users are
being subjected to every day, we w...
As I write this--about 15 minutes before Apple's "Newest Creation" event is set to begin--I feel, if the hype is to be believed, that I am writing this on a piece of papyrus, musing on the concept of the printing press. I think it is fair to say that this morning's presentation is the most anticipated technology announcment in Apple's history, if not of all time…and we are not even sure if Apple's actually going to announce it!
"It," of course, refers to Apple's entry into the tablet market, the next wave of computing, which does away with the standard keyboard/mouse/screen computer and ...
(view in My Videos)
In just the past few years, the threat landscape has significantly changed – and traditional antivirus technologies can’t keep up. Attackers generate literally tens of thousands of new malware variants every day, often distributing each variant to just a handful of users. That means that each time a new victim visits an attacker’s web site, a slightly different piece of malware is served up. How can a security vendor ever hope to discover each of these thousands of variants?
We call this problem “server side polymorphism” and we’ve seen it grow over several years. Yo...
There's evidence that the Conficker botnet (oh, did you really think they distributed those millions of bots without a plan to monetize them?) is now being used on a "for hire" basis. A story from the UK referencing a new report from Cisco, states that malware called Waledec is being distributed via Conficker's millions of infected computers. Waledec uses your system to send out spam and spread itself to other computers. Before you pull your hair out in frustration, just make sure you've got an up-to-date copy of Norton Internet Security or another comprehensive security product on your co...
It seems like having a computer equates to having PC problems. We've all been there. You are sitting at your desk and your computer's speed is crawling while you are trying to get something done. Very frustrating. It's not clear what the problem is exactly, but it is clear that your computer isn't running as fast as it use to. You think maybe it's all of the music and photos you've downloaded? Or maybe it's just the fact that your computer is a couple of years old?
It's time to put an end to slow computers and PC frustrations. There's a free new application from NortonLive that wil...
As Alec Baldwin remarked in State and Main, "Well, that happened." Pretty much sums up this year's MacWorld Expo, which ended this week in San Francisco. As I have done for several years (my first ad was in 1985), I made the annual pilgrimage to Moscone Center to meet up with my fellow Mac-heads, eager to see what was happening with Apple and other software and hardware makers and just enjoy what the world might be like if everyone used a Mac, if only for a few days.MacWorld's an interesting phenomenon. In the early days of the Macintosh (as we called it back then), it truly was the best ...
Microsoft Internet Explorer Unpatched Vulnerability is Here…
Norton Users Never Fear!
You might have heard a few things about a vulnerability in
Microsoft Internet Explorer this week.
This is otherwise known as a “zero day” because it was found and hasn’t
been patched by Microsoft at the time of discovery. You can read more about the actual
vulnerability here in the Microsoft
Security Advisory for CVE-2008-0015.
This bug in Internet Explorer can lead to users having malware installed
on your system silently just by visiting any Web site that might be hosting
malicious code designe...
Why Download Insight?Downloading malicious software, typically when tricked into doing so, is becoming the primary way malware infects people’s computers. Nearly every threat today is unique in some way and is designed to evade detection putting tremendous pressure on the traditional signature-based approach. By the time a signature is written for a particular malware variant, it has already changed itself and as far as the signature is concerned it is an “unknown” file. Whether the signatures are on the disk or in the cloud, they are usually not fast enough to keep pace with modern threa...
It’s G.I. Joe week here at Norton, and to celebrate the upcoming movie , we want to give you stuff! Okay, maybe we’re going to make you work for it. Just a little, though.
Here’s the deal: follow us on Twitter (@nortononline) this week. The first 50 new people to follow us after this message is posted will receive (2) free Fandango movie passes. Just for showing up. Really, it’s that easy.
Throughout the week, pay attention! We’re going to be asking you some trivia questions about G.I. Joe and if you’re the first one to answer the question correctly, you might get one...
Norton Internet Security 2010 BetaWelcome to the Norton Internet Security 2010 and Norton AntiVirus 2010 Public Beta!
We’re really excited about his year’s version of Norton Internet Security 2010 and Norton AntiVirus 2010. We’ve made significant improvements to our existing features, as well as added a few new ones. We’ve also included support for Windows 7, the new upcoming version of Microsoft’s popular operating system.
To access the Public Beta build, simply navigate to Norton Beta Center and select Norton Internet Security 2010 or Norton AntiVirus 2010.
After you complete registrat...
The message might have come in early yesterday on your Twitter feed, "Want to know whos stalking you on twitter!?: http://twitviewer.net/" You might have clicked the link to visit the website. It all happened so fast, the fabulous offer (heck yeah, I want to know who the last 200 people are to look at my Twitter profile!) and the large scale distribution of the "tweet". Even seasoned journalists who should always wear their cynical and world-weary thinking caps fell for it. Yes, Virginia, it was a phishing scam that required people to cough up their Twitter username and password. It's true...
Symantec's Mac product manager, Mike Romo is attending the Apple WW Developer Conference in San Francisco this week and shares some thoughts from this morning's keynote address in this video...Message Edited by Sondra_Magness on 06-08-2009 05:41 PM
A new wave of phishing attacks on Facebook users is
underway. You'll remember the story from several months back of someone
whose login credentials were stolen and then the crook used that Facebook
access to swindle the victim's friends out of thousands of dollars. The current
effort resembles that one, in that a compromised account sends a malicious
link to friends. The friends click on the link and are taken to a site that
looks just like a Facebook login page. Providing the criminals with their login
and password can sometimes injure the victim beyond the damage to their social
Ever had one of those days?
You really intended for things to go right, but they didn’t. And they didn’t simply whimper out of existence, but left large, smoking holes in the living room carpet. That was this Tuesday.
In truth, it began on Monday evening around 4:30 p.m. Pacific when we released a patch, the infamously named “pifts.exe,” which left the building before we signed it. This is a process that has worked like clockwork for many years, but due to a simple mistake, the patch wasn’t signed and was instead sent out to Norton AntiVirus and Norton Internet Security customers using th...
We’ve been hearing a lot about cloud computing lately. Seems like just about anything you can tuck away into the clouds gets better, or so the story goes, since it allows everyone to access it from anywhere and harness the power of humongous databases full of useful information, among other benefits. Sure enough, the recent RSA conference had its fair share of hype on cloud computing and it has been mentioned to do everything from change security as we know it to solving the imminent swine flu pandemic. On the heels of RSA, a new “cloud antivirus” (AV) solution has been introduced which ha...
Social engineering: meh or muh-oh?
There’s been a lot of news lately about the CanSec security conference where all the major Web browsers were “hacked”. The attack for the Safari Web browser required the user to click on a link, after which complete control of the machine was given to the attacker. Is that a real attack since it required somebody to click on a link? Aren’t viruses all about hacking into somebody’s machine without them doing anything? Not really. The Internet landscape has changed a lot recently. Not too long ago, a virus or worm could infect your computer while it just sa...
a diagnostic patch "PIFTS.exe" targeting Norton
Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009.
This patch was released for approximately 3 hours (4:30 - 7:40 PM
March 9, 2009 Pacific Time). In a case of human error, the patch was
released by Symantec "unsigned", which caused the firewall user prompt for
this file to access the Internet. The firewall alert for the patch caused
understandable concern for users and began to be reported back to Symantec.
Releasing a patch unsigned is an extremely rare occurrence that does not
pose any security ...
A N00b MMORPG guild celebrates a great victory and experiences an unexpected defeat. This is the second episode of our "Gamer Gets Pwned by His Antivirus" series.
Here is episode one of our "Don't Get Pwned by Your AntiVirus" series...(enjoy)
How crazy is it that cybercriminals are designing malware to steal log-ins for our online game accounts? Are they really that valuable? I can understand wanting to steal my credit card or bank account number. I can understand wanting to steal my identity so they can open new credit accounts in my name and stick me with the bill.
But, my game account? Really?
Over the last few years, various security companies (including Symantec) and several independent security agencies have published reports about the growing prevalence of Trojans aimed at stealing online game account log-ins. Rece...
In the old days, practicing “safe Internet” meant staying in the good online neighborhoods so you didn’t get infected. Today, almost any website you visit could be a landmine leading you to having your system compromised. We all remember the quote from Austin Powers where Dr. Evil says “One MILLION dollars”. Now imagine a techie version of Dr. Evil, let’s call him “Dr. Drive-by” saying in that same tone “One MILLION websites compromised”. Drive-by download outbreaks can be measured in how many occurrences a particular domain name occurs in Google searches. Recent reports from SANS Interne...
I've been doing a lot of thinking about Cloud Computing lately. This was sparked, in large part, by Symantec's internal engineering conference, Cutting Edge, as well as a number of things I've been reading. Cloud Computing is shaping up to be one of the "next big things" that we are all going to be hearing a lot about over the next couple of years. In fact, Microsoft just announced "Azure," their cloud computing services platform. Microsoft Azure is positioned to bring cloud computing to the development masses. Anyone will be able to write cloud-aware applications and run them hosted i...
Hello, my name is Kunal Karandikar and I am a Manager on Symantec’s Consumer Products Engineering team. My colleagues and I are excited about Norton Insight, a brand new feature to the 2009 Norton product line. There have been a lot of questions about how it works and what it does. In fact, there have been a few articles published recently that have compared Norton Insight with other technologies which we think are actually somewhat different, and believe do not really match up well to our new feature. We will hopefully be able to clear up some of the confusion and misconceptions within th...
To our Norton Customers:
Symantec is pleased to announce the official release of our Norton 2009 products. This year, we’ve made performance improvement the key focus of the 2009 Norton product line. Virtually everyone in the company - including executive management, product engineering, Quality Assurance, design, and development - knew that this was our main mission ever since our first 2009 engineering planning sessions. Since then, we’ve questioned, agreed, and disagreed to many of the ideas and concepts that came up, but we were consistently guided by our shared vision and dedicatio...
Email, cell phones, Facebook and now Twitter all have something in common: they are being used by fraudsters for phishing attacks. If you are a Twitter subscriber you should be aware of these recent phishing efforts and how to protect yourself. You may even have received a warning from Twitter in the past few days.
Here's the short and sweet (if I were really good at Twittering, I'd write this entry in 140 character segments but I'll spare you in the interest of getting you the facts):
Chris Pirillo broke the story on January 3rd: "Phishing Scam Spreading on Twitter" just a few moments aft...
Every day, corporations, governments, and individuals must live with security vs. performance tradeoffs. An extra layer of security in any situation, digital or otherwise, always has a performance impact. A simple (and probably overused) example is airport security. Standing in an airport security line is time consuming, but provides the level of security mandated by the government. We are mandated to trade performance (walking straight to the terminal) for the security provided by the inspections. Overzealous security can cause bottlenecks, which inhibits daily activities. Eliminat...
A year ago we reached out to the gamer community at DreamHack in Sweden to find out what they wanted from their anti virus software and more specifically what they didn’t want. Their biggest request was for anti virus that didn’t use up precious PC resources. They also asked for security software that wouldn’t interrupt them when they were gaming. Some of them even asked for anti virus that would automatically change its mode of operation to accommodate them appropriately when they were gaming versus when they were surfing. Of course we could have just walked down the hall and talked to s...
You remember the Shoemaker’s lesson, don’t you? It’s always the shoemaker’s children go barefoot. And so it was that after thirty years of writing about PCs and wagging my finger at those who tempted fate by not backing up regularly, I did it myself. The entire episode has made me feel a little addle-brained, a lot chagrined, and like a cautionary tale.
It started when I bought the new Dell XPS—fully loaded. When was the last time you moved three years of work from one PC to another? Seriously, it consumed my free time for about three weeks until I had things the way I wanted them. You...
Whether it’s defragging, cleaning and repairing the hard drive, maintaining your PC with a one-click checkup tool, or getting rid of unwanted Internet clutter, Norton SystemWorks delivers a comprehensive toolkit for faster, up-to-the-minute performance boosting utility tools.
One of the most significant improvements in Norton SystemWorks is that it delivers the enhanced performance of Norton AntiVirus 2009. You may have read about how we reengineered our 2009 products to make them the fastest and most up-to-the-minute security solutions. Norton SystemWorks 12.0 customers now save time w...
The Norton Pulse Updates Feature
It’s a simple truth: The faster virus definitions are received, the better the protection is for the computer. Norton 2009 has added a new technology, called Norton Pulse Updates, which downloads new virus definitions almost as soon as they are created, without sacrificing reliability or performance.
When new virus definitions are created, they are posted right away as small Pulse Updates. Every five minutes, Norton LiveUpdate downloads the latest Pulse Updates and they are incorporated into the customer’s PC virus protection immediately.
Are you Naked?
Exploits from the latest Microsoft Vulnerability seen in the wild
Which is worse, being seen
naked running down the street or having a vulnerable computer leaving you
exposed to attacks from drive-by downloads? It is probably a matter of opinion (or local
laws.) Unfortunately, I think people are
more concerned about being seen naked than whether they have a computer that is
vulnerable. Don’t get caught being
exposed by having a vulnerable system!
In my previous blog
post, I talked about the way that malware is able to get onto your
system. Exploits from drive...
This past weekend I was joined by an international group of journalists and bloggers for a Zero-Gravity flight to “blast off” the launch of the Norton 2009 security products. This 18-person “band of brothers” boarded the G-Force One in Las Vegas, prepared to float, flip and fly the way orbiting astronauts do. One word describes the experience - awesome. But most people want to know, what in the world does a Zero-G flight have to do with security software?
And the answer is simple…we designed the 2009 Norton products with a mantra of "zero-impact performance". Meaning, we want our softw...
In recent years, Consumer Reports (CR) decided to take on reviewing security software in addition to the scores of energy drinks, vacuum cleaners and toasters they put through the paces annually. Consumer Reports has faced some challenges in this new endeavor; you might remember they generated a fair bit of industry discussion based on their security testing practices. Well-known organizations like McAfee, Sunbelt and others voiced concerns at test methodology that fell well outside the industry norm. Last year, we were – to put it mildly – shocked by the information and results published ...
A recent PCMag.com blog post points out that the fake White House website whitehouse.org (no, I won't link you to it) has been hacked and is serving up malware. Part of the issue here is that many people attempting to go to the government website www.whitehouse.gov will accidentally mistype it as whitehouse.org. This is a specific case of a very real threat.
If you look at the list of the top 500 most popular websites according to Alexa.com. How many of these domain names are easily misspelled or mistyped? There is nothing stopping bad people from registering common typos of popular do...
Today, the Norton team is excited to introduce Norton Labs, an online community where users can download new security technologies and share input directly with developers-- ultimately helping to shape our future products and features.
We created Norton Labs to foster a dialogue with our customers and bring them into our development process. It gives us an outlet to showcase technology under development and get valued feedback from our most sophisticated users. Also, Norton Labs gives us the flexibility to introduce key functionality outside of our standard development cycle.
Based on ...
I was surfing the web tonight and I came across an article on Scientific American. The author asked some friends for permission to break into their bank accounts and then went to work trying to steal their identity. The ease at which he was able to do so is startling. He first used a variety of techniques to gather information including reading the target's blog and googling them and then he used that information to break into the user's email accounts via password resets. Once he had access to the target's email he would be able to receive password reset emails from their bank accoun...
This Blog is dedicated to you - as a past, present or future user of our products. A large team of our product managers, engineering, testers and designers will regularly be posting directly to this blog. Each of us care passionately about security, and share the responsibility to design, develop and test the solutions that protect our customers.
It is my hope that, through this Blog, you will be able to hear directly from the people who are working on the Norton products. Through your feedback, whether it is frustrations, accolades, opinions or ideas about our products, I believe we c...
The Boston Globe had an article recently on how difficult it is to be anonymous in the internet age. Reading the article compelled me to perform my every-once-in-a-while "googling" of myself. What I found was pretty interesting.
First of all, I'm not keeping a very low profile. There were approximately 23,000 responses to the search query on my name (541 if you put my name in quotations.) Most of the front page stuff was computer related. A post on an old blog of mine about a web programming framework; several links to my posts on the Norton Protection Blog; a patch I submitted to an...
There has been a lot of coverage in the tech-related blogosphere lately regarding a specific threat called (among other things) Trojan.Gpcoder.F. Once this malware has infected your machine it searches for files on your system that could potentially be important to you (based on the extension of the file) and then encrypts the data using a 1024 bit key (technically it creates an encrypted copy of the file and deletes the original.) Once your data has been encrypted, the malware informs you that your files are being held for ransom along with details on how to buy the decryptor program to...
So, this is a bit of a deviation from our standard security-focused articles, but given how you can't go 15 minutes without hearing about the iPhone 3G, I think it's appropriate to bring it up. I have an original iPhone (4GB!) and was able to successfully download the new iPhone software before the mad rush and figured I would share some observations after a full week or so of using the software.First off, I admit it: I haven't been this excited about computers since I got my first Mac in 1985. Apple's App Store (accessible via iTunes and through the iPhone itself) brings back that sense...