Norton Promotional Stuff



  • I should start by saying, this isn't spam. It's totally insane marketing campaigns that Norton uses and that I just found out about today, despite working for Symantec. Everybody in the office agrees that they are crazy.

    I'll start with the worst one: Norton Fighter. From what I gather, the yellow guy is North and the black guys are troublemaking viruses, I think?

    Next, did you know that Symantec has a rock band? Seriously, Rockdotrock. If you ever wanted to hear music about your firewall, that's the place to go!

    And finally, Safety Town is actually kind of cute, in an insane mind-numbing kind of way.



  • I take it you found out about this from digg. They had a very interesting article there called "Norton AV is a virus".  It had very good point:

    Norton AV consumes more memory and cpu cycles than the result of spyware/adware running. and on top of that, it reads everything before it goes into memory.

     

     

    oh and Clamwin ftw.



  • This is kind of like a viral marketing campaign done by people who clearly don't understand the point.



  • @Vechni said:

    I take it you found out about this from digg. They had a very interesting article there called "Norton AV is a virus".  It had very good point:

    Norton AV consumes more memory and cpu cycles than the result of spyware/adware running. and on top of that, it reads everything before it goes into memory.

     

     

    Norton Internet Security 2006 incurred a 2300% disk IO slowdown and 20% CPU slowdown. Those numbers are not typos. Two thousand three hundred percent slower than not using Norton. The 2007 version improved dramatically and only results in a 1500% disk slowdown and 8% CPU slowdown.

    [url]http://www.codinghorror.com/blog/archives/000803.html[/url]



  • @Vechni said:

    I take it you found out about this from digg. They had a very interesting article there called "Norton AV is a virus".  It had very good point:

    Norton AV consumes more memory and cpu cycles than the result of spyware/adware running. and on top of that, it reads everything before it goes into memory.

     

     

    oh and Clamwin ftw.

    I found out about it from a co-worker who found it from another co-worker. I'm not sure where that guy got it from, could have been Digg

    And incidentally, I'm not going to evangelize Norton software. I'm just a R&D guy who gets to do cool stuff. :)



  • @djork said:

    @Vechni said:

    I take it you found out about this from digg. They had a very interesting article there called "Norton AV is a virus".  It had very good point:

    Norton AV consumes more memory and cpu cycles than the result of spyware/adware running. and on top of that, it reads everything before it goes into memory.

     

     

    Norton Internet Security 2006 incurred a 2300% disk IO slowdown and 20% CPU slowdown. Those numbers are not typos. Two thousand three hundred percent slower than not using Norton. The 2007 version improved dramatically and only results in a 1500% disk slowdown and 8% CPU slowdown.

    [url]http://www.codinghorror.com/blog/archives/000803.html[/url]

    Thankyou.

    For years now I have hated and despised Norton and all its works.  Since I first encountered it I have been disgusted by the bloat, the dozens of tasks and services it seems to think it needs, the memory wasted on huge and ugly fisher-price-style UI graphics, the buggy and destabilising hooks it places throughout the operating system.  I have uninstalled it from any machine I have ever done service maintenance on and replaced it with light-weight alternatives, generally AVG and ZA free versions.  Many users have commented afterward on how much smoother and better their machines work after the change.

    Now you have given me the actual solid figures I need to back up my blind prejudice and hatred and turn it into a justified and quantifiable loathing!  Thankyou!

    (Gratifiyingly, those figures also suggest that my untested and intuitive choice of ZA and AVG as low-overhead replacements is pretty much the best combination possible!)

    The actual thrust of the argument in the article is, I feel, completely specious hyperbole.  Saying that AV software is somehow like a virus because they both use up CPU cycles is bullshit.  By that argument everything is a virus including calc and notepad.  This is semantic gameplaying; sure, it's just like a virus except in all the ways that it isn't like a virus, but the things that are what makes a virus a virus are the things in which it /doesn't/ match, and the similarities are all things that are common properties of /all/ computer software without exception.  It's like saying that a car is in fact a submarine, because they're both painted black.

     


     



  • The original "norton av is a virus" was a topic that was meant to get the article a lot of diggs. Also, the average digg reader doesn't know much difference between a virus and spyware.

     

    However, They should scrap the entire 'is a virus/trojan/worm' class.  It doesn't make sense because neither descriptions are exclusive and malware writers are incredibly creative-- some viruses will kill other viruses that they find on a machine. And most all are a worm (who would sit there and mail out each one?) as well as a trojan (why not have access to it?).



  • So Norton sucks. 

    What do you guys think of McAfee?  I know that whenever I start up something Java related, the entire system locks up because McAfee has to scan every single file that Java uses.  It's quite annoying.
     



  • How do you get AVG to have less impact on performance than Norton? It slows my computer more than Norton does for about the first fifteen minutes after I log in, and then it's just about the same as Norton after it finishes whatever it's doing.



  • use this:

    "lamWin Free Antivirus comes with an easy installer and open source code. You may download and use it absolutely free of charge. It features:

    • High detection rates for viruses and spyware;
    • Scanning Scheduler;
    • Automatic downloads of regularly updated Virus Database.
    • Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer;
    • <!-- google_ad_section_start(weight=ignore) -->Addin to Microsoft Outlook<!-- google_ad_section_end --> to remove virus-infected attachments automatically.

    The latest version of Clamwin Free Antivirus is 0.91.2
    Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware."
     

     

     

     

    it does not read *any* file  that is loaded into memory. Instead, u simply do a full memory scan when you wish to... and even that is fast (do w/e you want while that runs in background). Its fully loaded but does not force features run in background... 



  • My current employer, as well as my current client, both use Norman. Can't say much about it, though. Whenever I can I try to disable it, as long as I work inside a protected LAN environment. All AV is annoying if it scans every single file. As far as I know, most AV software can be configured to ignore certain file types (such as .java, .class, .jar), which is what I recommend you to try.



  • @TheRider said:

    My current employer, as well as my current client, both use Norman. Can't say much about it, though. Whenever I can I try to disable it, as long as I work inside a protected LAN environment. All AV is annoying if it scans every single file. As far as I know, most AV software can be configured to ignore certain file types (such as .java, .class, .jar), which is what I recommend you to try.

     Thanks I'll try that
     



  • @DaveK said:

    The actual thrust of the argument in the article is, I feel, completely specious hyperbole.  Saying that AV software is somehow like a virus because they both use up CPU cycles is bullshit.  By that argument everything is a virus including calc and notepad.  This is semantic gameplaying;

    Back on big iron, there was a saying: "Idle cycles never come back."
     



  • @Vechni said:

    Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware."

     

    it does not read any file  that is loaded into memory. Instead, u simply do a full memory scan when you wish to... and even that is fast (do w/e you want while that runs in background). Its fully loaded but does not force features run in background... 

    That is NOT a feature.   You can turn off real-time protection in Norton if you want to.



  • @belgariontheking said:

    So Norton sucks. 

    What do you guys think of McAfee?  I know that whenever I start up something Java related, the entire system locks up because McAfee has to scan every single file that Java uses.  It's quite annoying.

    I think that's really a fault of Java's brain dead each-class-needs-its-own-file policy. It looks to me like one of those things that looked great on paper but turned out horribly problematic in practice.

    There are many cases in which a design fault makes a completely different application look "broken" (for the average end-user at least) but I think here the right thing got blamed.



  • Isn't an AV software easier to bypass if I know its code? That's the one situation in which I think "closed source" is better than "open source".

     Also, not having automatic scanning may be ok for nerds like us, but imagine the "old lady who only uses her computer to send chain mail to her grandsons and granddaughters" having to deal with it. Such users would be too bored by having to scan many files by hand, or just wouldn't care to anyway. Also, it's already difficult to keep users from trying to see dancing bunnies with AV solutions as they are... This could be a nightmare for a sysadmin.



  • @rbowes said:

    Next, did you know that Symantec has a rock band? Seriously, Rockdotrock. If you ever wanted to hear music about your firewall, that's the place to go!

    "Non Traditional Two Factor Authentication"? Quite a mouthful, doesn't sound like a good name for a song.

     



  • [quote user="Renan "C#" Sousa"]

    Isn't an AV software easier to bypass if I know its code? That's the one situation in which I think "closed source" is better than "open source".

    [/quote]

    How exactly do you propose for a bit string to bypass a piece of software which compares it against another database of bit strings?

    Knowing what clamav is doing does not help you at all. And you don't really believe that the professional virus authors are incapable of finding out how the proprietary AV software works, do you? I've reverse-engineered more complex software than that just for the fun of it. It is nowhere near as hard as the proprietary software companies would like people to believe.

    Anything that relies on secret code for its "security" is not secure. In fact, there's already a guy in Russia selling an exploit for it to the highest bidder. Usually before the secret code has made it to market. Certainly long before you purchased it.

     

     

    My test for AV solutions for the systems I admin has been very simple for many years now: would this action increase or decrease the amount of work I have to do? Cleaning up the messes made by products like Norton and McAfee takes a considerable amount of effort, mostly spent uninstalling and reinstalling things. Trying to wrestle some decent performance out of them is likewise a pain. Ensuring that all the desktops have up-to-date databases is a nightmare, and that's assuming you're using the "enterprise" server widget that is supposed to automatically push out updates to the desktops (but in reality, breaks all the bloody time and then you have to do even more work to get it going again).

    I have found the following solution to involve the minimal amount of work:

    Deploy a multi-level online backup system. Require all users to store their files on the servers. Disable write access to the local hard drives for normal users (other than their profile area, which gets uploaded to the server on logout anyway), so that they damn well have to use the servers. Scan all inbound and outbound mail for known viruses, on the mail servers (usually clamav). Ban the use of IE and Outlook. Run a nightly scan of the servers' user areas (usually clamav again), and automatically erase anything infected (that's what the backup is for).

    Yes, you get the occasional infestation anyway because some idiot downloaded a .exe file from a dodgy website and ran it. It's considerably less effort to deal with those occasional issues than it is to deal with anti-virus software on the desktop, particularly since all the common avenues of attack are blocked and there's nothing important stored on the desktop so you can just wipe it and restore from an image.

    The next step in my plan is a fully automated image restore mechanism that runs every night on every desktop, so that nothing can survive on them; hospitals fight viruses by sterilising everything after use, so we can too. This should solve the virus problem, the idiot problem, and the software deployment problem all at the same time. It's been proving rather complex to get working, but once it's done it should need no further attention.



  • So banning IE is supposed to increase security?

    I'm a user of FireFox as well, but from all I know it has its vulnerabilites too. Could you elaborate on how is it safer than IE to a layperson?



  • @Vechni said:

    oh and Clamwin ftw.



    No.  I tried Clamwin and set it up for real-time scanning (winpch I think), and had to uninstall it because I frequently had several Clamwin processes using 99% of my CPU.  Oh, and automatic updates failed about half the time.



  • [quote user="Renan "C#" Sousa"]

    So banning IE is supposed to increase security?

    [/quote]

    Not exactly. It's supposed to decrease the amount of work I have to do.

     

    I'm a user of FireFox as well, but from all I know it has its vulnerabilites too. Could you elaborate on how is it safer than IE to a layperson?

    IE vulnerabilities are exploited by dodgy websites far more often than Firefox ones, hence requiring people to use anything else (Firefox, Opera, Safari, I really don't care) significantly decreases the frequency of infestations, and so reduces my workload.

    I don't expect the desktops to be secure because the users can't be trained not to do stupid things on the internet and I can't (yet) get them to stop running Windows. This means I don't really care how secure the applications used are, just how frequently they get hit.



  • Don't use Norton: at my school a update in the norton client was updated to all laptops in the school at once (about 300), and it included a bug that caused it to malfunction on all Toshiba Portege M400 computers (about 150) and preclude the above from booting.  Needless to say, it took two days to get Norton to push out a fix and install it manually onto all computers one by one.



  • @poochner said:

    Back on big iron, there was a saying: "Idle cycles never come back."

    Idle cycles never come back because they don't actually exist.

    @asuffield said:

    The next step in my plan is [...] It's been
    proving rather complex to get working, but once it's done it should
    need no further attention.

    :D

    I think you left out the "muahaha" and references to world domination.



  • Oh oh !  What about Norton 2001 ( I think it was) that actually crashed and corrupted your hard disk when using Windows XP because of the "new" system restore (as the norton rep put it).  Freaking morons...

    I refuse to use any application that replaces critical system files (like msiexec) with their own little virus piece of trash.



  • @ShadowWolf said:

    Oh oh !  What about Norton 2001 ( I think it was) that actually crashed and corrupted your hard disk when using Windows XP because of the "new" system restore (as the norton rep put it).  Freaking morons...

    I refuse to use any application that replaces critical system files (like msiexec) with their own little virus piece of trash.

    The last time I used Norton it corrupted my XP disk because I had disabled Last File Access Time.  


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.