Catholic Online Forum

This is definitely not my area of expertise...I need to decide in the next few days if I get

Norton 360 upgrade

or

Norton Internet Security 2008 upgrade

Any suggestions??

Mary

For someone who does not want to get much involved in technical details it might be a good idea to get a security suite that includes at least anti-virus, anti-spy, and firewall protection.

I've been reading the reports from the Internet Storm Center almost daily for a couple of years now. The consensus opinion of a number of experts seems to be shifting now to the point of view that traditional means of protection against malware (e.g. virus, worms, spyware, trojans, phishing, etc.) namely malware signature scanning and updates is no longer adequate. The bad guys are spewing out variations of attacks faster than the anti-malware companies can keep up. Most anti malware softwares now protect against about a million different variants of malware, but that maybe covers only at best about 60 or 70 percent. Generation of malware variants can now be automated so that every visitor to a compromised web site (for example) gets a different variant of the same attack, if infected. So it's extremely hard to update the anti malware files when new variants of malware are being created as fast as all the users in the world can click on compromised web sites.

So even the best anti malware suites will provide diminishing protection until they come up with a new way to fight malware.

There are a couple of other ways that you can reduce your risk:

1. keep all your internet software up to date, i.e. keep it all fully patched as fast as the patch fixes are issued by the manufacturers.

One way to do this is to go to http://secunia.com and use their free scan of your computer to find programs that are vulnerable to web attackes because there are not installed the latest versions having all the available updates and patches. Unfortunately downloading and installing updates to some software can be a real pain. For example, it's even hard to figure out which version of Adobe Macromedia Flash you have. For example, unless you religiously uninstall older versions of Java , you may still be vulnerable even after installing patched version. On the other hand, if you uninstall an older version of Adobe reader, the update might not run. Confusing.

2. another step you can take is to use software that blocks scripting, java, flash, plug ins except on web sites that you trust and have personally marked as safe in your opinion. That is , you have "whitelisted" those sites.

I personally use Firefox browser and have Firefox add ons or extensions that block Java, Javascript, Adobe Macromedia Flash Player, Quicktime, Real Player, Windows Media Player, Adobe Reader, etc. on ALL SITES, even the ones I trust. Except that I HAVE to trust my bank and my web mail enough to at least let Javascript from those sites run automatically.

Since I only use Internet Explorer to update Microsoft software I don't worry much about "hardening" it for security, except I have added free McAfee SiteAdvisor to Internet EXplorer.

For Firefox browser, I have Finjan Safe Browsing , McAfee Siteadvisor, and NoScript scripting blocker and plug-in blocker in my list of Firefox extensions for additional protection in addition to anti virus , anti spyware, and firewall. (in addition I'm testing the alpha version of FireKeeper Intrusion and Detection System extension in Firefox browser. Since traditional anti virus and anti spy are becoming less effective since the bad guys are getting much smarter and there are now software tools for sale to bad guys to help them automate the spread of malware so ordinary criminals without strong computer knowledge can purchase excellent tools to attack the public in general or specific corporations, etc.

Unfortunately I don't know of a good place to go to learn how to better protect yourself that is not geeky or nerdy.

I also use free online malware scans such as http://housecall.trendmicro.com to get a "second opinion" in addition to the anti malware already installed on my PC as to whether my PC is infected or not.

You might want to try some sites such as download.com or tucows.com to get reviews or ratings on security suites or software.

David and I are both CISSP's (the industry-leading certification for Internet Security), but have rather different opinions on Internet security for the average user. David's advice is excellent

I am of the opinion that if you are behind a hardware firewall/router device (such as that which allows multiple machines to access your Internet connection), running a modern OS (XP SP2, Vista, OSX, or Linux) that has an operational firewall, you turn on automatic updates and install them when prompted, and you run a free anti-virus program such as AVG (http://free.grisoft.com), and DO NOT CLICK ON ATTACHMENTS IN EMAILS from people you don't know and trust, you've made yourself safe from 99.99% of all Internet attacks. Also, not running Internet Explorer as your primary browser will tack an additional 9 on the end of that percentage. I run Opera; Firefox is excellent as well. Also, secure any wireless connections you have. If you're not running a security type on your wireless network with the letters "WPA" in it, your ne

I am responsible for IT security at my company, and in the 9 years I have been there, we have had ONE security incident. Someone clicked on an executable attachment to an email before the virus scanner had updated.

Again:
1) Use a router/firewall, even if you only have one PC. It will do more to keep people out of your computer than any other single step.
2) Secure your wireless connection with a method including the letters "WPA" or "WPA2" in it. "WEP" is like putting gauze in front of a tractor-trailer; it does nothing.
3) Run a free anti-virus software like AVG Anti-Virus (http://free.grisoft.com) or Avast (http://www.avast.com/eng/avast_4_home.html)
4) DO NOT click on attachments from people you don't know. Be skeptical of unexpected attachments from people you do.
5) Turn on automatic updates and install them.
6) Run an alternative browser such as Opera or Firefox. They are faster and much more secure.

I think the major Internet security suites from McAfee and Symantec are bloated, overpriced, and hurt performance too much to be worth it.

I know many security experts disagree with me that this is sufficient. The reality is that while David's suggestions are accurate, they are unreasonably restrictive for most people to actually follow. If we overload people with unreasonable technical security recommendations, they will throw up their hands and give up. The above is a good balance of usability and security, which are always in tension in the IT world.

I hope that's been of help to you, Mary.

I agree with what Jeff said.

I do read the news feeds from the http://isc.sans.org Internet Storm Center but more out of paranoia and morbid curiosity, not out of professional interest.

I "got religion" about 4 years ago when my then PC was infected by malware because I had neglected to update/patch Internet Explorer. That was partly because it was Windows 98 which did not automatically check for updates back in those days. Of course Windows 98 is obsolete (unsupported since July 2006). I don't believe that the online scan feature of secunia.com existed back then (about 2003) so it would not have helped me. Another part of the problem was that I was on dial up then and it would have taken one or two hours to download some of the patches. Nowadays a lot of anti virus and firewall downloads are 30 mega bytes or more. The software for my sound card (original equipment, not some fancy virtuoso stuff) was about a 50 to 60 MB download to update it, luckly I did it by DSL, whew!

I think there is a site called File Hippo that also offers a program to check which of your installed programs need patches or updates. I have never tried it. I probably would recommend secunia over File Hippo because secunia is exclusively involved with security and would have more customer good will to lose if they messed up. But even with secunia , you need more than average expertise to know how to react to some of the warnings that it might give you. That is, secunia might recommend you to fix something that might be better left alone


Although I think that the combo of Firefox plus it's NoScript extension may be one of the best additional protections that one can add above and beyond anti virus, anti spy, and firewall , I hesitate to recommend it to people because there is a small learning curve involved in its proper use. For example, until you tell NoScript to allow scripting on your online banking site, you won't be able to do online banking there. That's because the default (out of the "box") setting of NoScript is to block ALL scripting.

Right now on this PC I have a router with built in firewall, plus Sunbelt (Kerio) Personal Firewall (free), plus AVG anti-spy (free), plus I use Firefox with NoScript (and other security addons) instead of Internet Explorer. Having a software firewall such as Sunbelt in addition to a hardware firewall is NOT redundant. Because most software firewalls are better than the default (Windows builtin firewall), because they will ask your permission before allowing any body any thing in your computer to "phone home". So if its a bad guy program (malware) you certainly want to stop it from "phoning home" to divulge your private info or download additional malware.

I also use Zone Alarm firewall on another computer. I find that Zone Alarm firewall and Sunbelt firewall (both having free versions) are not too complex to befuddle me. I did try the free Comodo firewall which also has anti malware features built in but it was annoyingly complex to use

Whatever you download, be careful where you download from. Get a second opinion if necessary before downloading. There are many bad guys with web sites that try to impersonate the good mfgs. to get u to download poison onto your PC.

For anybody with children in the household who can't afford one PC for each child, they are really in a fix. In such a situation it might not be a bad idea to install a security suite AND parental control software. Parental control software, even if the kids are saints. Because the fact of Parental Control software blocking access to web sites with bad content would also block access to many malware distribution/attack sites. Unfortunately parental control software is probably not trivial to install and if you uninstall it wrongly you could make your PC largely useless. It's hardly realistic to expect people with kids to have the time to become computer gurus just to keep their computers from being blown away, but that's almost as bad as it really is

I was a subscriber to Compuserve (the one time old home of COL) from 1983 to 2005, so I got habituated to reading the AP, Reuters, etc. news from their internet portal. But, esp. since AOL bought Compuserve and Netscape, the images on the front page of the portal often border on the edge of soft porn. So I've even set my browser to block images from that site. Securitywise, blocking images is sometimes advisable too, since the parts of the programs that display the images may be more likely to have security holes in them than the parts that display words. Unfortunately you can't block images on many sites since the icons and such are also images and if you cant see the icons how you gonna click on them ?

An easy to do precaution you can take is to use a search engine that blocks malware distribution sites.

If I am not mistaken, such blocking was NOT normal practice until very recently when the bad guys figured out a trick to boost their malware distribution sites into the top rankings of search engines. So for example, you might be searching for "diabetes" for example and an evil site could be among the top ten on the search engine. The situation got so bad that Google (who already has been tracking bad guys for some time) blocked those sites. Obviously if people stop trusting the internet and search engines, the business model of Google would collapse. I hope that the other search engines have followed suit.

It should be noted that if you ever did innocently click on a link to one of these sites in a search engine, you could easily be infected in a fraction of a second if you did not have ALL relevant software patches installed, UNLESS you had an extra safeguard such as NoScript (Firefox addon). Unfortunately , sometimes (perhaps increasingly more often as attacks become more lucrative for organized crime) the bad guys find out about the security holes BEFORE they are patched or even exist in the databases of antivirus programs. In this latter case, one would almost certainly be infected by clicking innocently on a safe looking link in a search engine, unless the search engine had never displayed the link in the first place or unless one had EXTRA security installed in the browser addons.

In the hope to have a better chance of infecting your computer from these so called "drive by download" sites, the bad guys will usually try to sneak thru a number of existing security holes in browsers and/or browser plug ins. Sort of like a multi-pronged attack. Or like a multiple warhead missile. Perhaps the designation would better be said as "drive by view" instead of download, since the user only intends to view, not download anything. In analogy to "drive by shootings" on the street.

After reading everyone's posts, I think I'm a bit more scared than I was before.

The thing is, I'm a very tired ancient greatgranny and 24/7 caregive for my husband who has dementia and alzheimer's disease.

I just can no longer figure out what I need to do to protect my computer in a way that I can understand.

Right now I guess before my 2007 Norton expires in a week I have to choose between these two:

Norton 360 upgrade

or

Norton Internet Security 2008 upgrade

I've tried to determine which one is better for me but so far I can't. I don't use my computer as much as I did before but in a sense it's my main connection to the 'outside world' and I don't want to give it up yet.

Mary

Mary if you go to the following page, you can click on compare to see the difference between the two.
http://shop.symantecstore.com/store/sym ... e.CP_en_US

Click on compare next to All in One Security than click on compare next to PC Security.
Though Norton 360 is more complete, the extras deal with repairing files and backing up critical files. If your main interest is virus and other threats they tend to provide almost the same in the comparison. Norton Internet Security 2008 is less expensive. Personally I buy the software from Costco where it is cheaper than online. Keep in mind your software will not stop working when it epires, you will just not get updates. I mention this only about your concern that it has to be in so many days.

What the others say is correct, but the only way you will have absolute protection is to stay off of the internet, but we don't want that.

I keep auto update on and use IE since it is my company standard and hence use it on my computers at home also. I still do not like Firefox though it may have less problems than IE.

I noticed that Norton 360 included 2GB online storage. You would need broadband (DSL or cable) to use that. You can also get 2GB free storage from AOL X-drive. I don't know if the online storage backup is the main reason for the $10 higher price of 360 versus Norton 2008.

It might be worthwhile to actually get the installation CD in a box in case you ever had to reinstall the software. Otherwise you could just download the software and make a copy of the installation download onto a CD by yourself if your computer has CD writing software. Depending on how the download of the software works, you may or may not be able to make a CD copy of it.

If you already have Norton security software installed and are comfortable using it, if you have not already done so, you might want to find out if you can just pay Symantec for virus updates for another year at a lower price instead of buying new software. Did your current Norton security software come with any free telephone support? That may or may not be a good idea, since they might try to sell you something more expensive.

You might want a RENEWAL (probably less expensive) instead of an UPGRADE.

Here's what I found out about it on their web site:



RENEWALS OF NORTON SOFTWARE

David up till now, I have found it cheaper just buying it new from Costco, but I usually catch it when they add additional discounts.

Mary,

Sorry to have wasted your time with the last post. I tried a couple experiments with the form on the Symantec web site I linked to and it seems like they don't give you any price break AT ALL for renewal instead of full blown upgrade.

So you might want to try your local Costco or Sam's Club, give them a call to check price and availability of the 2008 "model".

I read a review of some Norton product recently saying that they had improved it and made it less bloated. I forget which one. Maybe you will get lucky?

David if you look closer there is a $10 difference between the renewal versus the upgrade.

David I do have cable, and I always get the package mailed to me in case something goes wrong when I try to install it.

The package is also good for two extra computers in one's household.

I think I've settled for the 360 out of concern for my 'mental' health.

I'll ask my daughter to see what the stores around here are selling it for [there are no Costco's or Sam's around here].



The 2007 had a lot that needed improvement and a few things were left out of it. Fortunately for me a friend knew how to get them from a Norton Link.


Mary

I was not very careful so maybe I overlooked something.

I'm wondering whether even if the prices were the same, one might rather buy the renewal so as to avoid the "trauma" of having to install new software? Presumably one gets some online support or maybe even telephone support either way?

It would depend upon what improvements they have made in the new version.

This is off topic.

But I'm wondering how one of those "one laptop for every child" might be for security. If you could attach them to a regular wireless network it might not be bad for people who just want to get online but not mess with software downloads and upgrades and security, etc.

I heard somewhere that the OS was designed to be extra secure, such as having every application run in a separate virtual machine or something to that effect. I suppose the idea would be somewhat like "sandboxing".

I wonder if any offtheshelf printers could work with those laptops.