Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
Hey, Norton: why does Security Scan behave so much like the malware I remove?
Why? Because it behaves very much like the fake alert malware which causes my customers so much grief.
For starters, it piggybacks on the installers for other programs. Sure, it's usually opt-out, but since it's also checked off for installation by default it usually ends up coming along for the ride. If this really is worth installing, leaving the checkbox blank and let customers opt-in instead (as Chrome does during the Avast! installer).
Once it goes to "work," Security Scan tells me my son's system doesn't have a security product installed. That's untrue, of course, and the same thing fake alert programs do. NSS might not recognize Immunet Antivirus, but it's been doing a great job protecting the laptop from threats.
And then there's that big, nasty threat count. However, apart from Super Mario Forever (hey, my son's 5 and he loves it) being noted as a trust risk, nearly all of the 131 "threats" were actually cookies. No trojans. No keyloggers. No rootkits. But Security Scan doesn't make that distinction -- it just shows me a giant red circle with an X in the middle and tells me Your Computer is at Risk! Just like fake alert malware.
When I click the fix now button, what happens? I'm whisked away to a page where I can purchase Norton instantly -- very similar to the way rogues ask you to activate protection now to remove "infections." To make it worse, there's loud audio as some woman tells me their scan "may have uncovered some problems with [my] PC." Highly annoying.
When you launch Security Scan, there's a big ad offering full protection from Norton 360 since NSS offers detection only. Just like fake alert malware. Security Scan also seems to pop up throughout the day to repeatedly remind me about all these threats -- again, just like fake alert malware does.
When I exit Security Scan, I'm reminded that there are still "threats" on my computer. That I'm at risk. I'm asked if I'd like to get protected (on a nice, shiny button) or say no thanks (in unattractive plain text). Once again, just like fake alert malware.
The image above is from an actual rogue antivirus program (one which has been around for ages). It's real, bona fide malware -- and Norton Security Scan sure appears to use similar tactics to encourage purchases.
Other antivirus providers -- Avast!, AVG, Avira, Immunet, and even Microsoft -- have found that providing actual protection for free is a great way to do business. Norton Security Scan might, in fact, do something useful, but it's nothing more than a bothersome scare tactic as far as I'm concerned.
Comments
24
Subscribe to comments3tearMar 30th 2010 4:26PM
It'd be good if there was a weboftrust-type service for av software.
eddMar 30th 2010 4:46PM
I'm a pretty savvy Interner user, and I've always heavily disliked anti-virus software.
I've always avoided having one for 10 years now, and while I know statistically I've been lucky, I've never been phished/hacked.had my PC turned into a bot etc.
I guess it does help that I often do fresh OS installs every 9 months, and I'm careful-ish with what I put on my machine.
To me, they are the second most annoying thing about PCs after crappy software that always clogs up new PCs), especially how they're near impossible to get off your system. They are also always (at least they used to be) overpriced, persistent nag-wares, and panic-inducing.
Rocketboy_XMar 31st 2010 6:49AM
As someone in tech support, AVG is awful. MANY false positives, and it will do things that you specifically told it not to.
bonesMar 31st 2010 8:51AM
Its sad. AVG 7.5 and prior versions were great. In 8.0+, in trying to do all, it became bloatware.
Mark BMar 30th 2010 6:19PM
Actually, it's the other way around. The malware gets on to PCs because it acts so much like the not-malware that SHOULD be on there. Red stop signs, exclamation marks, flashy-flashy - very eye catching.
Lee MathewsMar 30th 2010 6:22PM
Except, Mark, that this is a _brand new_ version of NSS.
Malware has used these tactics for ages, yet Norton deems it an appropriate way to style a legitimate product in 2010?
I disagree. There are more straight-up ways they could build this app.
Paul T.Mar 30th 2010 8:23PM
I vote the opposite: I hate NIS 2010. When my system upgraded, NIS proceeded to "infect" every facet of my computer, adding toolbars to browsers without asking, adding plugins to browsers that cannot be removed, screwing up years of email filters for their own (which don't work), adding program icons to every conceivable corner of the GUI, and breaking the networking between Vista and XP machines. And add that annoying behavior described above along with background scans any second I leave my PC unattended makes this as intrusive as any malware. I've had to disable a good 1/3 of the program to regain control over my PC. Their customer service is its typical useless self. This will be the LAST Symantec/Norton product I ever buy.
theampersandMar 30th 2010 9:16PM
I deal with and make videos on fake antimalware programs regularly, and I can say that you hit the nail right on the head.
enerGIMar 30th 2010 9:57PM
I run Norton 360 and it gives me no end of trouble, even after their online tech support plugged into my system and had a fiddle around, they couldn't find out why it still screws me about. Pile of crap. Its out of ere.
PatrickMar 31st 2010 9:28AM
I know you guys don't want to hear this, but I've been on a Macintosh since 1986 - no anti-virus, no scanners, nothing added, never pay attention to these things (I believe there's a firewall, whatever that is, turned on in OS X by default). I came to this story via digg as I had heard some people complain about Norton for the Mac and thought this might be about that.
Result? No virus, no malware, no stolen passwords, never turned into a bot. I'm not deliberately trying to be smug although it almost certainly comes across that way. When the malware comes to the Mac, I'll react at that time.
ragtagMar 31st 2010 4:41PM
Patrick: You must have been missing out on something. There were lots of viruses on Mac in the 80's and early 90's. Today there are a few Trojans, and a few malware/adware. They're also quite hackable, as the pawn2own competition has repeatedly shown. Get FreeBSD if you want a reasonably secure system, or maybe Linux with SELinux. :)
That said, for as long as I can remember, I've treated Norton anti-virus products, like a virus. They can be damn near impossible to un-install, they eat resources like crocodile let loose in a chicken farm and are a general annoyance. So there is nothing new here, they have always and are still making malware!
Mike OethMar 31st 2010 9:37AM
It is SOOOOOO annoying. Every few hours it pops up. No more Norton for me. I'm glad I'm not the only one annoyed by this piece of mal-ware wannabe.
MichaelMar 31st 2010 4:07PM
@Patrick good for you. :)
Also, People that really love technology protect their systems without degrading the experience. So in that regard that's why they invented Hardware Firewall's you can pick one up from Netgear for about $130.
MikeMar 31st 2010 6:12PM
YES! Thank you for posting this... Every time I sit down at my 8 year old son's computer I have to clean the "crud" off that is automatically installed when he installs games. I was very suprised to see Norton on the system, and now I know where it cam from.
Shame on you Symantec. I would hope that Peter Norton would be ashamed to see his good name soiled.
kevinmrussellMar 31st 2010 11:59AM
Am also a Computer Consultant by day and have removed over 20+ itterations of the 'Security Tool' malware. I'm disgusted but not surprised to see this latest aberation from Symantec - and glad you posted an article about it - especially since I haven't seen it yet. Symantec obviously has some major management problems which will be their downfall - as I used to be a long-time Symantec supporter back with Norton for Dos way back in the days. Back with the Norton 2004 version is where they went to pot and went total 'bloatware' - and I can't count the number of times a client would call up and go 'my computer is running SO slow and I don't know why'. I would ask 'have you installed anything recently?' and they would say 'Norton' - my response, 'there you go'. I was hopeful with thier latest Norton 09 and 10 re-writes - which I was impressed with speed on - however it still has it's major issues with freezing the entire computer (not even CTRL-ALT-DEL responded) out of nowhere - as I had a client with 3 brand new Dell computers freezing with their heavy local network application usage until we installed them. After uninstall, no freezing. Long story short, Norton is better - but has still a long way quality-wise (under the hood) to go. And don't even get me started on their atrocious (lack thereof) support. They usually want you to go to their forums where someone recites a script and then ignores your replies that 'it didn't work' - which they then hope you get frustrated and leave (and live with it). I would love to see Norton return to it's old 'glory and trusted' days - but I believe there's too much good competition doing it right (Avira, Malwarebytes, Avast) for them to actually succeed with their current business model. If they don't kill this ridiculous excuse for 'nagware', it's only another negative on their slippery slope they did not need right now.
Kevin Russell
Fort Smith, Arkansas
Gabriel UngerMar 31st 2010 12:12PM
For no reason should anyone be using Norton. Use Microsoft Security Essentials or Malwarebytes or something. ANYTHING but Norton.
@Patrick thanks for your help! Gee, who knew the solution to everything was to buy a Mac!
On the subject of security, it's not what kind of computer you have that determines your risk for infection. It's what you do with it. I have not actually found any viruses or malware on my PC in the past three years, and I'm betting it's because I'm not using Limewire/Kazaa/other p2p or visiting software pirating sites anymore. If you don't do any of that stuff and you don't open every email and click every link you see, you won't get any viruses or malware.
aweizdMar 31st 2010 5:29PM
how about this scenario...
NSS find malware on a n00bs PC including trojans, spyware, keylogger, whatever...
the n00b clicks on "remove threats", is forwarded to the norton site, enters his creditcard numbers and... is dumbfounded when next week he has $5000 booked on his creditcard.
Thanks Norton Security Scan!!!
scottixMar 31st 2010 12:42PM
I avoid NSS like the plague it is. Only have I had a good experience with their old Business light weight scanner at work. I find 360 is a load of crap. While were at it, lets put McAfee in there as well. I stopped using AVG because of the Adware installed. There are all pretty much making money based on our insecurities that only tend to complicate the problems involved. Right now I am using Panda cloud antivirus, only had a few issues with it as first. I am interested what do you suggest that is light weight and either free or cost effective?
Bobjr94Mar 31st 2010 2:01PM
I use to like AVG but took it off a few months ago. I kept getting pop-ups telling me to upgrade now or saying soon I may be unprotected. Even after I upgraded the the latest, it would give me pop-ups whenever I opened it trying to get me to buy a better version.
Best solution, use Firefox with Ad Block Plus. Not only does it block most all ads (video, flash, pop-ups) it blocks scripts that install malware in the first place, so no virus scanner needed.
Michael RigsApr 1st 2010 12:30PM
Well, I'll be the first in the list to say that while the newest Norton still needs some more work (it ain't perfect...I'm talking about 360 version 4 here), it really is the best all 'round anti-virus/firewall/adware-spyware solution that I've found so far. I build systems for a living. High performance gaming systems to be exact, so anything that kills resources or speed on a machine gets the boot from me. But after two separate devastating trojan attacks last year on a critical system of mine (which was supposedly covered by Avira and Avast), I said no more! I wasn't going to install four or five different applications (with varying degrees of success in doing their respective jobs) and have to constantly make sure they were all up to date, their 'definitions' were updated and there were no new versions released, possibly introducing bugs or memory leaks that would cause has much trouble as the thing they were trying to prevent. I hated Norton. Plain and simple. It was last on my list. I had dealt with Norton over the years on various systems and it was complete bloatware! But I reluctantly downloaded and installed Norton 360 version 3 after hearing about their re-writes and was very pleastantly surprised! Granted, it still took resources, but not nearly as much as before. It was just about tolerable and configured right, it didn't bug me all the time. Plus, there was one program to worry about, not 5. It updated on it's own and had a nice 'Silent Mode' that would keep pop-up messages from appearing whenever the mode was activated. I have since upgraded to version 4 and gotten a years subscription and I'm pretty happy with it. It has caught various things that my other scanners missed outright and I haven't had a failure yet. It's all in how you configure it. Yes, I know you might have to turn some things off (I have backup turned off) and getting it shut down completely is a pain, but uninstalling it is not an issue, should I need to do it, so I don't know what the problem there is...
In the end, it's really each to their own. Everyone as different tastes and different systems that do different things. I do gaming. Some do P2P (which can cause a lot of problems). Others do graphic and audio editing. I will say that I have not run into or installed the Norton Security Scan mentioned in the article, so I have no experience with that and can't say anything based on it. I can only tell about what I have experienced for myself and that is Norton 360 version 4, which I think is pretty good overall...