Posted by Fred Wilson on August 17, 2010 · Leave a Comment
The 2010 “model year” for security suites got an early start out, with a couple of solutions already out in June of 2009. The February 2010 releases of McAfee Complete Safeguard 2010 and Norton 360 Edition 4.full the selection, at least as far as key security vendors are concerned. We’ve reviewed sixteen security suites for 2010; study on to see which will maintain you safe and which to avoid.
Of the early-birds Panda Internet Security 2010 produced a decent displaying, but eScan Internet Security Suite for House Users Edition 10 isn’t ready to supply significant competition for any of the greater-recognized contenders in the U.S.marketplace. Significantly the identical is true of K7 TotalSecurity Edition 10.: It’s common in Japan, but doesn’t live up to the standards set by other key products here-at least it didn’t bog down my test techniques.Through the summer the suites kept rolling in, preserving me busy with all-out evaluations.
Kaspersky Internet Security 2010 and BitDefender Complete Security 2010 arrived just about simultaneously in August (despite the fact that Kaspersky released its European variation really a bit earlier). Each present potent security, but BitDefender has the edge in most places, specially antispam and parental restrain.But both suites did have a measurable effect on method efficiency in testing, possibly due to getting crammed to the gills with bonus features that in fact enhance security.
F-Safeguarded Internet Security 2010 and Trend Micro Internet Security Pro (variation three) also came via the gate together. F-Secure up-to-date its interface, enhanced its detection, and additional explicit exploit safeguard to its firewall.Trend Micro changed little from its previous incarnation.They can get away with standing still this time, but I hope for some innovation in the following Trend Micro suite.
The anti-malware scores for Norton Internet Security 2010 blew aside the competition at the time, and it has shored up two notorious (if much less crucial) traditional weak spots for Norton.Parental regulate now comes from the total-featured OnlineFamily.Norton, and the new spam filter component is pretty correct (a enormous improvement).It remains our Editor’s Alternative, along with Norton 360 v four. which provides the very same level of security and adds PC Tuneup and a potent and flexible backup technique.
Previous year ZoneAlarm 2010 combined their ZoneAlarm suite with ForceField virtualization technologies and threw in backup, method tune-up and additional to develop a new item: ZoneAlarm Severe Security.I was impressed adequate to rate it Editor’s Selection, shared with Norton’s 2009 suite.I took a harder look at ZoneAlarm Intense Security 2010 and discovered a couple of minor flaws. Absolutely nothing large, and it provides some hot characteristics like entire disk encryption, but I’m not calling it Editor’s Option at this time.
I was excited to understand about FortiClient Endpoint Security Common Edition 4.1, a completely free complete security suite from Fortinet, improved regarded for their Enterprise solutions.
However it’s not actually free – you shell out in decreased security. In certain its anti-malware scores had been the lowest I’ve witnessed.And if you want direct tech assist or anti-spam you shell out extra.
CA Internet Security Suite Plus 2010 got a total facelift, a brand new user interface, but below that very surface its security safety was unimpressive.AVG Internet Security 9.2010, avast! Internet Security 5., and PC Tools Internet Security 2010, three suites from vendors greater recognised for their standalone anti-malware solutions, all produced a superior displaying. In unique, PC Tools scored even increased than Norton in the anti-malware category.
McAfee Complete Safeguard 2010 appeared on McAfee’s web website past fall, but the actual totally-current suite didn’t arrive out until months later.It was worth the wait-it’s an remarkable suite general with an particularly strong antispam module. The Editors Decision designation goes to the two Norton suites, but you won’t go wrong picking McAfee, ZoneAlarm, or BitDefender.
As often, click on the blurbs beneath to examine the total reviews.Note that although this roundup covers the vast majority of crucial security suites offered for 2010, it’s not an exhaustive list; if we appear across another suite that merits inclusion, it’s usually feasible we’ll add it.
About Author
* Windows XP: Documents and SettingsYour UsernameMy DocumentsMy Music
* Windows Vista and 7: UsersYour UsernameMusic
* Mac Os X: UsersYour usernameMusic
Posted by Fred Wilson on August 2, 2010 · Leave a Comment
Like a lot of companies we are trying to go to Windows 7 sooner rather than later. We skipped Vista and XP is starting to seem a bit old. One of the things holding us back is GuardianEdge’s Full Disk Encryption product. Here’s our timeline.
In October 2009 I asked GuardianEdge about Windows 7 support and Windows 7 64 bit support. They said both would available in version 9.5 due out in December 2009.
When GuardianEdge Hard Disk Encryption 9.5 was released (January or February), I found that there was no support for preboot authentication. Without preboot authentication, I think the encryption is pretty worthless. Support tells me 9.5.1 will include preboot authentication and be available in April 2010.
9.5.1 is released and I find it doesn’t work on my Toshiba Portege with windows 7 32 bit installed. I decide this may be a one off. I’m the only one using the Toshiba so I try it out on a few Dell E6500 computers with Windows XP and Windows 7. This failed miserably. It turns out this was a known issue with Dell E6500 and GuardianEdge was working on a patch.
GEHD 9.5.1 patch 1 came out. While it fixed the assorted problems with the E6500, I now see in the release notes:
There are known issues with GuardianEdge Hard Disk on various configurations of the following Dell computer models
■ Dell E4310,
■ Dell E6410,
■ Dell E6510,
■ Dell E5410, and
■ Dell E5510
Unfortunately the E6410 and the E6510 are two of the three systems listed on our standard configuration page. The third E4300, I suspect would really be the E4310.
GuardianEdge says this will be fixed in September 2010.
I wouldn’t this be surprised if this led to looking at other solutions and revisiting Bitlocker. I wrote about Bitlocker in March. These pretzels are making me thirsty.
Posted by Fred Wilson on July 18, 2010 · Leave a Comment
SANS – Internet Storm Center – CME-24 (Blackworm) Analysis: The destruction does not appear to spread across Windows network shares
CME-24 Analysis: The destruction does not appear to spread across Windows network shares (NEW)
I wanted to share some of the results of some long hours spent looking at this malware. When the infection occurs, it immediately places copies of itself locally on each share and on each share/mapped drive that it finds. Based on this behavior, my initial thoughts were that the destructive payload would be carried out via shares and/or mapped drives as well.
I now have changed my initial thoughts on how the destruction would occur. Here are some of my notes from my testing of this concept. Here is the MD5 from the file I was using:
1c66904ecb846da5b1fb2072f9ea6e0e *New WinZip File.exe
The first test I did led me to believe that the destruction would be carried out via the shares and mapped drives. In my intial test, I had two infected systems (one XP and one W2K) with drives mapped to each other. I infected each box, changed the system time to Feb 2 at 11:50pm, launched ethereal, filemon and ran the the first shot using RegShot. After an hour, I stopped the captures and launched my second shot of the hard drive with RegShot. All my data files were now over written, zip files were corrupted, etc. Everything was happening as I thought it would. All my mapped drives had corrupted files. The security logs from each box showed accesses from the other.
For the rest of this in depth analysis, go here: SANS – Internet Storm Center – Cooperative Cyber Threat Monitor And Alert System.
February 2, 2006 –
Posted by
antivirusguy |
Antivirus News
Filed under General · Tagged with across, Analysis, appear, Blackworm, Center, CME24, destruction, Internet, network, SANS, shares, spread, Storm, Windows
Posted by Fred Wilson on June 9, 2010 · Leave a Comment
Long time readers, and anyone who has ever Googled “Guardian Edge” recall my intense dissatisfaction with GuardianEdge 8.7 and Vista on my Toshiba Laptop. Everything old is new again.
GuardianEdge released 9.5.1 last month so we finally have support for Hard Disk Encryption with preboot authentication on Windows 7. The short version of the story is I’ll be finding out how good my Windows Backup is. I installed GuardianEdge Hard Disk 9.5.1 on my Toshiba Portege M780 and started encrypting. I shut the computer down, went home and the computer wont boot. When I hit the power button, I can get to the preboot authentication screen. The system fan is going full blast. It doesn’t do that normally. And 5 seconds later the computer turns itself off.
I called support and their advice is to use the GuardianEdge Access utility to recover my data and reinstall. Hope that backup worked. Not what I was planning to do tonight.
What am I supposed to do now. This gives me zero confidence to deploy this to others. While there are plenty of other dominos that need to fall in our Windows 7 project, getting a GE package for Windows 7 is an important one.
The recover /a option was grayed out. No problems were detected with the GEHD volume files. So I decrypted the drive and uninstalled GEHD. I was then able to use the computer. I have a lot of doubt right now about the ability of GEHD to encrypt Vista and Windows 7