safety on the nexus

[Telyn]

Mine was a Dell too, and the reason I asked them not to install it was because Norton would not let me connect via LAN to a home network on my first computer no matter what I did. Somehow I don't think this is a big coincidence. I think probably a lot of people had that problem. I admit I do not know if they fixed the issues I had, but I had a hard time uninstalling it, and never asked for it in the first place. I still hear people saying it is hard to uninstall so I am unlikely to try it.

[DarkeWolf]

On the earlier subject of uninstalling some of these AV scanners....

 

Make sure that you've got a recovery disk for your particular Operating System (OS- Version of Windows).

You can download them from a great variety of sources all over the web. Its used for a lot of repair functions for winDOZE.

 

Sometimes some of these AV's integrate themselves in so tightly with some of the system files *cough* explorer.exe *cough* that when uninstalling them it results in DAMAGE of those system files *cough* explorer.exe *cough* and ends up with some damage to your boot structure.

The most common one is a black screen during the boot. That hangs. And sometimes it's bad enough that you can't even get the desktop to show up.

This is especially common (when it happens) when uninstalling

Norton's

 

 

If this happens, have that restoration disk handy. Boot the comp with that in the drive, and choose to repair the boot files.

[bben46]

I've cleaned Norton off of a bunch of Dells. Some many years old with remnants of Norton that was never registered still clogging them up and slowing things down. I'm sure Norton gives them a kickback for every one that goes out with their crapware installed. I have uesd both Norton's own 'special' removal program that they specifically leave out of their 'free sample' install and Revo. Both seemed to work, but I think I prefer the Revo as I'm not sure the Norton doesn't send some information back to them.

[Telyn]

Exactly. I have difficulty trusting their removal program because of the way they install the stuff in the first place. I suspect they do give kickbacks or have some contractual agreement that it must be on all Dells because I followed Dell's correct procedures for customizing my installed software, told them in two Dell-approved ways NOT to put it on there. So the fact that it came with it indicates to me the option on the form was an illusionary choice. I made another software specification which was followed.

 

I love Revo. Don't know how anybody does without it. It's really sobering to see how much junk is left behind. When I first discovered Revo I felt like I had bought a new computer.

[Malchus]

All,

 

First of some qualifications: I remove/search for viruses on numerous computers everyday. These are from multiple different networks, homes, OS versions etc. That is my job. For reference, I do house call based computer repair for white collar types. It's very expensive, but I try to make it worth their time. 8)

 

I have my personal favorite programs, which is irrelevant, because they are for me, who has far more knowledge, and very specific needs, as compared to the average user.

 

Important parts though:

 

I do have some information for everyone on the "Norton-is-a-virus" train o' hate:

 

Norton's 360 v5.0 is the ONLY payed AV I've seen in a while that is actually worth some of it's salt. The detection rates are high and the entirety of the auto-protect is consolidated into one service. It runs quite happily with most of the windows seven builds I've seen.

It does not like netbooks, or Vista.

Primarily, I've been able to recommend it to a few less than capable computer operators who HAD to pay for an AV program.

 

That being said, here's some more dirt :biggrin:

 

Norton or Mcafee PAYS mainstream computer manufacturers to install their trial products as part of their OS. I don't have any figures on hand, but I think it's in the tens of millions for each manufacturer. It's just the idea of the conveyance buy.

If you go pick up a new HP Pavilion laptop, it's gonna come with Norton IS 2011 loaded on it. That program will then bug you to "Activate" your 30 day trial. But when those 30 days are up, it will then bug you that YOUR COMPUTERBOX IS UNPROTECTED ZOMG!!!! until you decide to purchase a copy. For around the $70 Price Point too....

 

So, don't worry, Norton is still evil, just seems that they at least have some function added to the products they nearly force onto people.

 

Now, for those of you still wondering about the "Best" anti-virus program for your home computer* Imma drop a bombshell here:

 

It doesn't matter.

 

Pick something up if it makes you feel happy, but it's not going to stop you from getting the viruses you're going to get.

 

Do you want to know why?

 

Because people kill computers, not viruses. You're computer at your house* isn't going to be the target of some perfect storm SQL Injection based direct attack from 1337 hackers in Anonymous. (Unless you REALLY like Fox news. Then get your tinfoil hat back out.)

 

Viruses come from ID10T errors. When you download Girls Gone Wild, or whatever you're into, and EXECUTE that video file. Or when a Website tells you that you have over nine thousand viruses and need to download this unsigned .exe to fix it, YOU are the weakest link.

Avast, Avira, AVG, Spybot, Norton, Mcafee, they'll all warn you that they have a bad feeling about this.

But you do it anyway.

The user is the problem then.

Despite all the tests, scan rates, benchmarks etc, in the end ultimate control of the computer is granted to the user, and that is the root of the root of the problem of the heartbeat of my paycheck.

 

My thoughts, I apologize if I left some info out, or conflicted some information. I didn't exactly follow APA formatting for this post.

 

-Malchus

 

*FOR HOME COMPUTER USE, <- that part can't be emphasized enough. Server side or workgroup security is a different story entirely.

[Telyn]

Good post. Also thank you for confirming what I thought. There is a box to uncheck on the form, but apparently I am right that unchecking does nothing because Dell has the obligation to install it no matter what. The option on the form is probably meant to disguise this. It comes pre-installed, so whether the buyer "activates" it or not, it is there. It was not an installer; it was installed. Kudos for you.

 

I have my own favorite security software, too, but I haven't named any because a consumer should consider how highly the software ranks in the specific areas they are most at risk. What security programs can do, even for novice users, is to warn the user, block some dangerous sites, protect the computer with a better than default firewall, scan downloads, and help them remove some infections they do get. They can't do your thinking for you, but they try. It isn't only idiots who are vulnerable. If you log onto the internet unstealthed, something automated will find you pretty fast statistically speaking. Not tinfoil. You can read the testimony of security experts have made to the US Govt, based on studies. You can read that material online if you Google around a bit. I have stopped following it since "pretty fast" is enough for me. The precise number of minutes isn't very important, Yet tech support people will cheerfully tell you to turn off your firewall for an hour or two and do various things in their troubleshooting script such as pinging Yahoo. They generally don't even remind you to re-enable the firewall. Fortunately, Windows will. Geek Squad will tell people to disable the firewall, download an app, and turn on remote assistance so they can help you. Then they don't always tell the customer how to undo that. I won't even describe the app or the changes a tech made to the security settings on the computer of a family member while troubleshooting, but it wasn't...advisable. They have their scripts and are obliged to follow them even if parts of it clearly don't apply to the problem and even though some of them probably do not agree with the script, especially at the higher tiers.

 

 

What I tell friends and family:

Don't pirate anything. Ever,

If your security program tells you a site is known for malware/spyware, it is right most of the time. You may know the site owner personally and the person would never intentionally give you malware, but they may belong to an ad network that isn't so nice.

USE a firewall that has stealth. Do not disable it because it sends you messages now and then. Most programs have a way to turn the number of alerts down and act on your behalf automatically without alerting you to the small stuff.

USE an antispyware program. Many very famous commercial sites such as car manufacturers, magazines and even the sites of some well known commercial security programs use tracking you would probably consider excessive.

USE an antivirus program, but unless you are breaking rule #1 the antispyware is more important.

Some freeware security apps rate higher than some commercial ones. Do your homework.

NEVER buy any security program that is advertised in a popup when you least expect one.

If you do have an game that heuristic analysis determines is acting suspiciously when you enter your account information and try to log on, hold off on using it, but DO report it to the maker of the software that alerted you. Check the boards for the game and/or write to the game staff for an explanation and see if the explanation sounds angry, vague or unlikely. It is very suspicious if they lock threads but do not ever issue a statement at all. Some games use authentication that does false positive but is not malware. They can apply to the security vendor to be whitelisted and if the game really is harmless, most security vendors do generally whitelist after investigation. LOTRO was at one point giving a false positive in some specific security programs. I believe WoW also had that happen in the early days. I know what usually causes it, but won't post it here because it's related to how some games attempt to thwart hackers.

 

Rule of thumb remains "If it's too good to be true, it isn't true."

 

And for those of you out there who do sing YOHOHO a lot, please please have the grace not to demand tech support from the company that made it. It costs them money and time. Lots of money and time. Support people don't work for free, and with smaller games, the support is only one hat they wear. They probably have other functions that are important to production. The majority of games do not break even. I won't get into the whole issue of the costs or lack thereof of piracy to developers, but there is no reasonable way to argue that a paid tech support person providing support for a non customer doesn't cost the company money. It does by the hour. Between 40-over 90% of the tech support requests they get are for pirated versions according to them. This makes them pretty paranoid. It contributes to developers moving to console only. If that doesn't convince you, most of the time your question will make it utterly clear to them you pirated it. Some companies now lay a trap by releasing versions with identifiable flaws through the usual methods of sharing. At least one company is getting ready to sue people who contact them for support with that problem. You probably don't want to encourage the game industry to respond the way the music industry has. I pay for my games and music, but even I think it's a sad situation when a single mom gets ordered to pay 10k because her kid shared 4 songs or something. I'm sure we can agree there.

[evilneko]

Since Matousec is using their own testing methods, it's entirely possible that they're built to favor some programs over another, isn't it? I'm just saying, you know, hypothetically speaking. The fact that they are paid by security software makers for re-testing and their methods and source code can be downloaded by anyone, it seems very possible that a security software maker could put a bit of time and effort to specifically beating these tests so Matousec will post better results.

 

Bingo. Matousec's playing field isn't level. If for absolutely no other reason, his tests are unhelpful because his methodology biases them towards products with a specific combination of features, mainly HIPS-type features. Notice every single one of the top-scoring products is a suite, and most of the bottom scores are single-issue products. Especially telling is how Avira--which has topped the charts several times over at av-comparatives--gets an abysmal ranking. Matousec doesn't just compare apples and oranges. He compares an entire salad bar to individual tomatoes, carrots, and lettuce, and then punishes the carrots and lettuce for not being fruit. I can only imagine how confounded Matousec would be by something such as Faronics Anti-Execute, which is not a HIPS, anti-virus or a firewall but would certainly prevent any malware damage.

 

All that said, Comodo's firewall is indeed a good one. The HIPS is not too shabby either. The antivirus engine is another matter entirely, though you wouldn't know it from Matousec's results, since it doesn't have much effect on the actual score. PC world reports on testing by AV-test.org that shows a clearer picture.

 

USE a firewall that has stealth

 

Slight correction: "stealth" has no security benefit over simply "closed." With respect to incoming connections, the built-in Windows firewall is just as good as any other. The differentiating factor for software firewalls is outbound protection, and the user's preference for whether to have his firewall also be a HIPS or not (though many include at least some HIPS-like features anyway).

 

Now, for those of you still wondering about the "Best" anti-virus program for your home computer* Imma drop a bombshell here:

 

It doesn't matter.

 

Even the worst Anti-Virus is better than nothing. :thumbsup: Well, unless it bogs down your system so much it might as well be one itself. :wallbash:

 

The user is the problem

 

If only those uppity users would stop running around with admin privileges, amirite?

[Arthmoor]

Slight correction: "stealth" has no security benefit over simply "closed." With respect to incoming connections, the built-in Windows firewall is just as good as any other.

 

That depends on how paranoid you are.

 

A "closed" port still generates a response on the other end. So whoever is there now knows something is at the IP. The fact that the system responded and said it was closed allows whoever is poking you to immedately start on other stuff.

 

A "stealth" system simply drops the packets and generates no response. The other end has no idea what happened or if something is even there and has to wait for the attempt to time out before moving on.

[evilneko]

Given how full the address space is, yeah, there's something there alright. Anyone thinking they're fooling anyone by dropping packets is fooling only themselves.

[Arthmoor]

Even if you're not fooling someone in the process, you can be assured that you tied up their resources for easily 60 seconds or more while it waited for the timeout response.

 

The would-be hacker at the other end has no idea if it's because there's nothing there, if it's stealth firewalled, if it's a NAT router that doesn't forward that port, or if the machine is just off.

 

Port scanning to find things becomes highly inefficient this way.