Friday, 14 May 2010

Antivirus software review

Discussed widely in the last few days is this recent set of test results for Antivirus software.

Whatever you think is the best commercial software (there are anecdotes of every piece of antivirus software letting something through occasionally), I think it does illustrate well a few points I like to make to all customers.

Firstly if you ever shop, bank or register personal data online with your PC then I believe it is worth paying for commercial software over free. It might seem like a lot of money can be saved at renewal time, but what price a machine cleanup or fraudulently used bank details (just in the personal time it takes to get things sorted out).

Even AVGs comparison of its own products to their very popular free version shows that there is better functionality in a paid for version.

Secondly all internet security and antivirus products are not created equally, and their performance does differ. That software performance and how it impacts your over-all PC performance are very subjective so you will always find nay-sayers about any product. Look at a range of reviews; use places like Which as well as PC magazines, articles and personal recommendations and make a personal choice that suits you.

That personal choice can and should be impacted by factors like - how many questions will your product ask you about what to do and how well informed and qualified do you feel to answer them. Especially when those questions are affect security policy on your machine or are about whether to let some obscure process with a weird name access the internet. Many commercial packages still ask users a lot of questions about what to do.

I have always been a fan of Symantec products since first using Norton Commander as a field engineer 18 years ago. I've used their security and Antivirus products ever since and been very happy (in spite of many people complaining about a performance hit which I never saw personally and has been improved a lot in the 2010 products). Even though an advanced user I have used Norton 360 for 2-3 years now as I often recommend it because of its low demand for user input, which makes it ideal for the less confident user.

Most of the virus cleanups I've done in the last 5 months have I believe been caused by two factors -

Social Engineering - the user was tricked into thinking something normal was happening (eg visually by having a mock Microsoft logo, or security shield on display, or a tempting link in an email - like arranging a parcel redelivery) and the user pressing OK, without asking enough questions about what they were agreeing to.

Weak backup from security tools. All requests for help in this area so far this year have come from users who used free security tools of some kind or another.

Golden rules - think about the real worth of good security software and when using your machine think 'am I expecting this message on screen now and does it make sense given what I was in the middle of' before clicking any buttons to agree to anything.

Nearly caught out - discount vouchers offer after an online purchase

I heard about this problem a long time ago but had almost forgotten about it when last week I nearly got caught once, and then saw the same potential catch 10 minutes later.

Two very popular websites, both reputable national companies, one probably one of the most popular ones selling rail tickets in the UK and one a retailer of computer parts I've used for years, both came up with the following situation:

I'd completed a normal and safe purchase on both web sites, when I was presented with a final screen confirming my order. On that screen there was also a button marked continue, next to a message offering a discount off my next purchase. The button actually led me off to an external site (Shopper Discounts and Rewards) where I believe (I didn't see, I killed my web session part way through loading as soon as I saw it was an external web page) if you agree and claim your discount; actually your credit card details are passed on from the first site and you end up pretty seamlessly joining a subscription service for discounts costing something like £10 a month, which does get you vouchers, but it is far from clear that it's a subscription service.

Fortunately I think I stopped the page before I was joined against my will, but it just goes to show that it's too easy to get complacent about online safety.

There is a long discussion (the link is to page 41!) and advice about how to escape if you've been caught by this on one of my favourite web sites Martin Lewis'