Kaspersky Internet Security 2012 fills the space between Kaspersky Anti-Virus 2012, a security application concentrating solely on virus and malware protection, and Kaspersky Pure, Kaspersky’s flagship product that adds security related modules like backups on top of the all-in-one system protection offered by Internet Security.

The program comes with an official price tag of $59.95, but discounts at retailers drop that price to about $20 for a three user version.

The program installation went through without complications, only the forced restart at the end was unexpected. The first system start after installation took longer than usual, probably due to behind-the-scenes configurations of the program and system. Firefox, Internet Explorer and Chrome users will receive notifications on first run that browser add-ons were installed by Kaspersky. Firefox users for instance will see Kaspersky’s URL Advisor, Virtual Keyboard and Anti-Banner pop up in their browser (depending on the version used either activated automatically or on user request). And while it is possible to disable the add-ons, it is more complicated to remove the add-ons completely. This is done by first disabling Kaspersky’s Self Defense protection under Settings > Advanced Settings > Self-Defense, then pausing the program’s protection, before deleting the extension files in the Kaspersky program folder).

The main application interface, which you see on the screenshot above, highlights the current protection status. It is recommended to run an update of the program’s database right away, as this is not initiated automatically on first start. Please note that the first update may download more than one hundred Megabytes.

You should then run a full system scan after that initial update has been made. Kaspersky Internet Security 2012 offers four types of scans.

• Full Scan – This scans the entire computer, it is the recommended scan after installation and updating the database with the latest program files and virus definitions.
• Critical Areas Scan – A fast scan that looks at folders and files that are often targeted by attackers and malware.
• Vulnerability Scan – Scans the system for known vulnerabilities. This includes program versions that are out of date (e.g. Thunderbird, XNView, Internet Explorer or Firefox), known vulnerabilities in programs and system vulnerabilities. System vulnerabilities are either system settings that make the PC vulnerable or unpatched vulnerabilities (with patches available).

  Details and fixes are provided for every system vulnerability.

• Custom Scan – Drag or drop, or browser for, folders or files that you want scanned on the system.

All malware scanners make use of virus definition databases, heuristics and Kaspersky’s cloud protection technology. Everything’s easy to handle, system vulnerabilities can for instance be fixed with two clicks of the mouse.

But virus protection is just one of the features of Kaspersky Internet Security 2012. The two-way firewall protects the system from Internet and network attacks. Controls are available with a click on Settings and the selection of Firewall from the Protection Center list. The firewall, unlike the virtual keyboard for instance, is not linked directly from the main application interface. This can be a issue for inexperienced users who notice that some of their system programs are not working properly after installing the Kaspersky software.

Network rules and adapters are managed under firewall settings. Here it is possible to disconnect a network adapter or click on the settings button to configure network traffic rules. Access rules for running applications can be defined here in detail. An option to add programs to the list that are not running seems to be missing. Kaspersky divides applications into untrusted, high restricted, low restricted and trusted groups. Rule sets for each group can be configured individually in the settings.

All security modules can be disabled in the settings with just two clicks.

The settings are divided into four tabs, with the first displaying settings for all program modules. The remaining tabs offer settings to configure scans, updates and advanced program features and settings. Especially the advanced settings are worth taking a look at.

Advanced settings can be used to configure gaming profiles, threat logging, network monitoring or parental controls. It pays to look at those settings in detail to customize the protection further.

Parental controls can be configured selectively for all Windows accounts. Accounts cannot be created from the Kaspersky software though.

Controls allow parents to restrict computer, application and Internet based activities.

Available options include limiting computer and Internet usage to specific days and times of the day, blocking application access and website categories and which contacts can be interacted with on social networking sites and instant messengers. Reports are available that detail account activity.

The applications activity monitor displays a list of all processes currently running on the system. This is comparable to the Windows Task Manager, with the difference that application trust levels and popularity are displayed here as well. The trust level can be changed with a click here. Other options include terminating the process or configuring the process’ access rules in detail

The network monitor highlights all processes with network activity. Data is presented in realtime and as a history under the network traffic tab. Kaspersky highlights open system ports and blocked computers in the network monitor window.

The Safe Run feature is a virtualization or sandboxing option that the program ships with. All applications on the system can be started in a safe environment (via right-click and selection of Safe Run in Windows Explorer). There does not seem to be a way though to always run select applications in the sandboxed environment.

Other options include creating a rescue disk to detect and eliminate threats if the operating system fails to start up properly, a privacy cleaner to remove temporary data from the PC’s history and detailed reports for every security module.

Verdict

Kaspersky Internet Security 2012 is an all-in-one security solution for Windows operating systems. The software has minor usability issues. Options to uninstall browser add-ons are for instance missing. An option to add modules to the main application window would have been nice as well.

It would also have been nice if the program would have initiated the program update check automatically on first run before suggesting a full system scan to the user.

The sheer amount of settings and protection modules add to the complexity of the program. Though once configured properly everything will run along smoothly.

Giveaway

We have ten Kaspersky Internet Security 2012 licenses. Leave a comment below to take part in the drawing. A 30-day trial version of Internet Security 2012 can be downloaded from the Kaspersky website.

The first program you need is called RogueKiller, which is free to download and run. You can download this by going to your browser and typing http://tigzy.geekstogo.com/Tools/RogueKiller.exe Don’t worry if you get some pop-ups generated by the malware when you open IE because it’s been hijacked, just close them until you get to your browser and copy and paste that link in. You’ll find the browser won’t block a direct link. Go ahead and save that file to your desktop. Before you save it however, change the name of the file from RogueKiller to Winlogon. If your browser really isn’t happy because of all the bugs, you can also paste that link into a run window. Go to start and then run, and paste the link. This will again open your browser and you may have to close a few windows before you can save the file.

Run the file on your desktop called Winlogon, and you’ll be presented with a DOS screen with some information and six options. RogueKiller will already have identified the process that is causing the problem, so the option you want is number two, for delete. This deletes the process that is locking up your computer. You’ll see a few screens flash by, and you’ll be presented with a report. You don’t need to view the report, it’s just for information, and so close it and you’ll be back at the desktop.

The next piece of free software you need is called Malwarebytes. You can download this by going to http://www.myantispyware.com/mbam You should find you have the use of your browser back, so go ahead and copy and past this into the address bar of IE and download the software. Again, copy it to your desktop, as this is a logical place to find it easily. Run the installation program and just follow the prompts, as it’s all fairly self-explanatory. When you get to two checkboxes at the end asking if you want to run the program and do an update, leave them checked and click finish. You may be asked if you want to buy the full version of Malwarebytes. At this point just decline and you can continue to use the free version.

Once the update has completed, you can go ahead and do a full scan. It will ask which drives to scan, uncheck everything except the C drive and run the scan. This may take some time, so go and do something else. Once it’s finished though, you can reboot your computer, and with fingers crossed your computer will be back to normal. Now’s a great time to update your antivirus software!!

The German computer magazine COM is currently running a giveaway of avast! Internet Security. The promotional web page is accessible by anyone. While only in German, it provides a license that works with English versions of Avast Internet Security as well.

Here is how you can get your free license of Avast Internet Security. Start by downloading the latest version of the security program from the official website. The link points to the English version of the software. I have not tested other language versions, they may work as well.

Go to the promo page and fill in your first name, last name and email address. You will receive a license download link in an email once you click on the send (Absenden) button.

The license file is zipped which means you need to unzip it first. Make sure you have Avast installed before you click on the License com! so geht´s.avastlic file. A click on the file registers the program. You can alternatively open Avast Internet Security and load the license under Registration Options from within the program interface.

The license itself expires April 2012, which means you get about nine months of free use from this marketing opportunity.

I have reviewed Avast 6 Antivirus Software back in February. I suggest you read that article as it covers the basic modules offered by Avast Internet Security. You can read up on the antivirus protection, sandbox or web reputation engine.

Avast Internet Security benefits from features that are not available in the free antivirus version. This includes more settings, faster program updates, boot-time scanning, game mode, firewall or keylogger protection. Plus it can be used commercially.

Interested users can read up on Avast Internet Security here on the Avast homepage. The program is compatible with 32-bit and 64-bit editions of the Windows XP, Windows Vista or Windows 7 operating system. (via)

There are two main attack vectors on today’s Internet. First the programs that users make use of to connect to websites, and second user ignorance, carelessness and lack of security sense.

Inexperienced users fall prey to attacks at a much higher rate than experienced users. Even commonly known best security practices, like making sure that an Internet browser is updated when the developer releases a new security patch, are often run in a time frame that is giving attackers ample time to exploit those issues.

But it is not only the technology that is making attacks successful. It is also its users. Phishing for instance has been a problem for more than a decade on the Internet. One would think that users would learn to identify phishing emails by now, but that’s not the reality. People fall for phishing attacks on a daily basis. This article would go to far to look at the root causes for this, but it is likely that ignorance plays a large part in this.

Lets go back to the browser for a moment. Most users know that they have to upgrade the browser when a new version comes out. Most browsers come with automatic update checks and installations these days. Only Google Chrome updates without user interaction, the other browsers, at least for now, display the update notification and give the user the option to run the update. If users opt out, they leave their browser insecure if the update fixed security issues.

Do you want to know how your browser compares to others? Sites like Browserscope allow you to run tests and compare the results with other versions of the same browser and Internet browsers from other companies.

Lets assume you have got your browser updated to the latest version, and that you generally update the application immediately when a new version comes out. You are secure now, right? Nope, you are not. Why? Because it is not only about the browser software. Browsers make automatic use of other applications, commonly called plugins. Popular plugins like Adobe Flash, Microsoft Silverlight or Java are attack vectors as well, and successful ones too.

If you fail to update the plug-ins that are enabled in the browser, you are still prone to attacks. That’s why companies like Mozilla have started to integrate plug-in checks into the browser to inform the user about updates.

But you are secure when you update your operating system, browser and plugins whenever they are updated, right? Wrong again. Two attack vectors remain. First the user and second software vulnerabilities that have not been discovered or fixed yet. (There are actually more if you consider the local network as well. The computer could have a virus for instance that could render all browser security pointless. Another vector are local area network attacks)

A browser cannot help a user who enters his credit card number, verification code and social security number in a web form on a site like paypal.com.sxrixxree.cn. Browsers could block the web address if it has been previously identified as a phishing website, if it was not, it is up to the user to come to that conclusion.

Browser developers are trying to automate security as much as possible, especially for users who do not know a thing about it. But even with all that automation, it boils down to the individual user in the end. Tech savvy users know that everyone should have at least a basic understanding of security to avoid the dangers on today’s Internet. The reality on the other hand looks grim, and it does not look like it is going to change anytime soon.

How do you cope with the dangers on today’s Internet? Do you try to educate family and friends, or have you given up on that?

Why? It should be clear that anyone can access public data, including companies, organizations and future employees. If they find something that they do not like, you can be sure that you won’t get that job that you wanted so badly. It can also have implications on your private life, bullying in class for instance or a divorce.

Forbes is reporting today that “the Federal Trade Commission gave a stamp of approval to a background check company that screens job applicants based on their Internet photos and postings”. The company gets hired to perform background checks by crawling social media sites, networks and other public sites for user information.

But what about data that is secured by an account, like Dropbox for file hosting? Two dangers come to mind: First hacking, which has been happening a lot lately. If hackers manage to break into a site, they can do all kind of things, including accessing your information and maybe even your files.

Second bugs that lead to data being publicly accessible. The latter has actually happened yesterday. Dropbox notified their users in a blog post that an update that they applied to their service had the result that for a brief period of time (according to Dropbox, Techcrunch states four hours) account log ins without the correct password were possible. Someone else could have accessed your Dropbox account during that time, which included accessing and downloading files hosted there.

Dropbox in the meantime has emailed all users who might have been affected by this.

If you need to sync or host files online, use encryption if the files are important to you. Check out BoxCryptor, Dropbox Realtime Encryption or SecretSync, Security Layer To Protect Sensitive Files On Dropbox for software reviews that do that automatically.

Closing Words

The majority of Internet users seem to lack an understanding of privacy, considering that many post public information on social networking sites like Facebook or Twitter, without giving a thought to possible consequences. The information are there for a very long time, which means that employees might base a decision to hire or fire on something that you have posted on Twitter or Facebook several years ago.

The good news is that you only need to harden one account to protect all Google services that you use.

The easiest way to harden your Google account is to open Google.com or a local Google domain. You need to log in first on that screen, and click on your name and the account settings afterwards.

Locate the Security section under Personal Settings. It should look like this.

Changing The Google Password

The password needs to be strong to protect the account sufficiently. A strong secure password should have at least 14 characters that include at least one of the following: lower case letter, upper case letter, number, special character.

Rules:

• 14+ characters made up of numbers, upper and lower case characters and at least one special character.
• It should not contain a dictionary word, or word that can be associated with you (home town, last name, high school).

To change the Google account password click on Changing your password under Security.

To change your password you need to enter your current password or the answer to your security question first, and then the new password twice.

A click on Save sets the new passwords which is from then on used to log into the account.

Account Recovery

The Recovering your password link leads to all account recovery settings. These options can be used to recovery the account password, for instance if it cannot be remembered.

You need to enter your current password before the recovering your password options are displayed. Here it is possible to add or edit a secondary email address, mobile phone number and security question.

All three options can be used to recover the account password.

• Email address: Needs to be protected with a secure password.
• Mobile Phone number: Protected by a password
• Security Question: Best to use a code or password and not a word or phrase as the answer.

2-Step Verification

2-Step Verification is a new option to protect the Google account login. It basically adds a second verification step to the login. Google users who have enabled 2-step verification log in with their username and password, and then in a second step with a temporary code that they receive on their mobile phone. The log in fails if the code is not entered during login.

A click on 2-step verification opens the setup for the security feature.

• 1. Phone setup, a verification code is send to the mobile phone number.
• 2. Backup options, important for account recovery, for instance if the mobile phone gets stolen.
• 3. Confirming the settings before the feature is turned on.

Authorizing applications & sites

Here you find a list of applications that have access to your Google Account. You can remove applications from the list to block them from accessing the Google Account. It is furthermore possible to create application-specific passwords which may be needed if 2-step verification is enabled and applications are used that do not support the secondary log in.

Closing Words

Google users have several optional but important configuration preferences at their disposal to properly protect their account. From selecting a secure password over 2-step verification to account recovery options. The best protection includes all options that Google offers.

How do you protect your Google account? Let us know in the comments.

This short guide lists the important changes and some general tips to improve a Facebook account’s security and login.

Facebook Account Hardening

Most security features on Facebook deal with the log in on the site. This is where we start as well.

• Facebook password: Make sure you use a secure password on Facebook. Best passwords are made up of a combination of letters, numbers and special characters. It is suggested to use at least 14 characters, the more the better. Make sure that you do not use dictionary words, names or other terms that can be associated with you.

To change your password do the following: Click Account on the upper right and select Account Settings from the menu.

Locate Password under the Settings tab and click the change link on the right of it. A form opens on the same page where you need to enter your old password and the new password. A click on Change Password completes the process so that the new password will be the valid password from that moment on. You will be logged of all computers when you change the password.

• Security Question: The security question and answer are used by Facebook to identify the account owner, for instance when you contact them because you do not have access to your account anymore. It is important to select a question and answer that only you can answer. Remember that you can add any answer that you want. Instead of answering “What was the last name of your first grade teach” with Mrs. Smith, you could instead use characters from your ID card, driver’s license or a phrase that you can remember well.

You can change the Security Questions under Account Settings as well. Just select change next to Security Question this time.

• Secure Browsing (https): You can open Facebook by loading http://www.facebook.com/ and https://www.facebook.com/. The difference? The HTTPS variant is more secure, as it uses encryption which blocks access to spy on your network traffic. That’s for instance helpful if you connect to the site from a public computer or wireless network.
• Login Notifications: You can enable this option to receive emails whenever someone logs in to your Facebook account from an unrecognized computer.
• Facebook Login Approvals: This new feature improves security by linking the Facebook account to your mobile phone number. Facebook sends a pin to the linked mobile phone whenever someone tries to log in from an unrecognized computer. You need to add your mobile phone number to Facebook before you can make use of that feature.

You can configure all three options under Account Settings. Locate Account Security there and click the change button to see the following configuration options.

It is suggested to enable all three, unless you do not want to add your mobile phone to Facebook. Enable the first two (secure browsing and login notification) then.

Is there anything else that you do to keep your Facebook login and account secure? Let us know in the comments.

The service rates websites in the categories trustworthiness, vendor reliability, privacy and child safety. Web of Trust today announced a cooperation with Facebook, that could multiple the company’s popularity and user base in short time.

Facebook has integrated Web of Trust’s reputation ratings into their security system. From now on, all outgoing links on Facebook will be checked by Web of Trust to protect users from accessing malicious or dangerous websites.

Facebook users may see an intermediary page when they click on an outgoing link on the social networking site.The notification reads:

Sorry

The link you are trying to visit has been classified as potentially abusive by Facebook partners. To learn more about staying safe on the Internet, visit our Facebook’s security page. Please also read Wikipedia articles on malware and phishing.

Website reported for spam, malware, phishing or other abuse. This warning is provided in collaboration with Web of Trust. Learn More.

Facebook users can ignore the warning to visit the page, get additional information about the warning by clicking on the learn more link, or go back to the page they were previously on.

All links that have been rated as untrustworthy by Web of Trust will show this or a similarly looking notification message.

The warnings are currently added on Facebook US. Other countries will follow next week after which the new security system will be available globally.

The addition of an outgoing link scanner improves security for Facebook users considerably, especially since there was no system in place before. Facebook has now added a powerful tool to their site that checks all outgoing links to warn users of potentially dangerous websites.

The integration of Facebook should give Web of Trust a noticeable boost. It is likely that the install base will rise significantly shortly after the roll out of the security system on Facebook.

This will have an effect on reports and ratings as well, considering that an increase in users should increase those numbers as well.

Interested users can read the announcement over at the Web of Trust blog. Facebook has not made an announcement yet on their website. It is likely that this is going to follow soon.

Total Security 2011 is the top of the line product that includes all features that the two other available products, Antivirus Pro and Internet Security offer, plus some that are exclusively available in Total Security.

The installer has been revamped, it now gives the user better control over the installation, which has been divided into visualized steps. This improves the user experience a lot.

bitdefender installation

BitDefender scans the system during installation, to eliminate any threats before the actual installation of the security software starts.

bitdefender installation 2011

The choice given during installation is excellent. It is for instance possible to keep or uninstall other security programs, select one out of three different layouts (for different experience levels) or turn off specific features during installation. Turning off features immediately again improves the usability. It is for instance possible to keep the Windows Firewall, and disable the firewall in BitDefender.

These settings can be controlled in the program options as well afer the installation, in case they need to be activated or deactivated at a later time.

Two video tutorials are offered on the first run, that offer an introduction to new users and users of last year’s product.

BitDefender Product Comparison

BitDefender Antivirus Pro 2011: Antivirus, Antiphishing, Antispyware, Search Advisor, Quick Scan, Home Network Protection, Chat Encryption, Smart Scan, Smart Schedule

BitDefender Internet Security 2011: Includes all Antivirus Pro features and, Parental Controls, Internet firewall, Antispam,

BitDefender Total Security 2011: Includes all Antivirus Pro and Internet Security features and, Online Backup, File Encryption, File Shredder, Tune.Up, Performance Optimizer.

Some features requires explanation:

• Quick Scan: Uncover malicious activity using in-the-cloud technology. This uses cloud based scanning technologies to scan files.
• Home Network Protection: Manage the security of your entire network from a single location. Automatically detect other computers that have BitDefender installed and adds them to the administrator network.
• Search Advisor: Warn about unsafe pages displayed in search results, available for Internet Explorer and Firefox.
• Online Backup: 2 GB of back up on a secure, remote server. Automatically back-up files and folders
• Chat Encryption: Keep your conversations private on Yahoo! and Windows Live (MSN)
• Optimized scanning technology skips safe files for better scan speed and lower system load. Prevent slowdown by adjusting settings to match available memory and CPU type.
• Smart Schedule: Maintain maximum performance with system load analysis so on-demand scanning tasks are suspended, to free-up resources for other processes, such as a media player or games

BitDefender Total Security 2011 Review

BitDefender Total Security 2011 looks slightly different depending on the interface selected during installation. It is possible to switch the interface in the main window, in case it displays to many, or to little information in its current state. Inexperienced computer users will see an interface with less settings and switches, while experts have access to all features and options directly in main window.

basic view

The dashboards of the basic and intermediate view can be customized, to include the modules most important to the user of the computer. This review was mainly written with expert mode activated.

bitdefender total security 2011

A click on a module in the left sidebar, say antivirus for example, displays the controls of that module in the main window. This usually includes a protection level slider, direct access to scans and other features. Tabs often divide the functionality on multiple pages to eliminate scrolling.

One aspect that comes a bit short are links to help files that explain the settings of the current page. Pages do contain descriptions (by hovering over an item, and on the page) but inexperienced users may sometimes still have questions left after reading those. Experts and most intermediate users will find those explanations sufficient on the other hand. Additional links to help pages for users, with an option to turn those off would be a good addition to the program.

BitDefender makes a distinction between settings, which are module specific, and options, which define the security software in general.

Antivirus

A new layer of security has been installed to this year’s version of the security application. The antivirus protection supports both signature based and heuristic scans, as well as intrusion detection to prevent the installation of malware drivers, manipulation of system files, the Registry, and dll injection.

Internet protection offers antiphishing protection for Internet Explorer, Mozilla Firefox and the two messengers Windows Live Messenger and Yahoo! Messenger. Search Advisor has been added on top of that, to provide the web user with instant information about search results in Google Search, Bing and Yahoo.

Protection levels can be set to a more aggressive or permissive profile, or a custom profile that allows greater customizability. A custom profiles enables the user to configure detailed scanning preferences, that for example includes the local and remote locations that are scanned, the types of threats, and the actions if malicious files are found.

Quick Scan makes use of the cloud to scan running processes and important files, taking less than a minute to complete.

Additional changes and features

Parental Controls have been extended with the functionality to monitor the activity of other family member’s remotely. This includes statistics about visited websites, applications and activity in instant messaging programs.

Parts of the parental controls can be accessed from the BitDefender website which provides access to alerts, recent activity and configuration options. Great for checking in from any location.

The Home Network option can be used to add multiple PCs to the BitDefender network, to administrate them from computers that have been configured as servers in the network. Activities include running remote scans of connected PCs, updating BitDefender or setting parental controls.

One interesting feature is the vulnerability scanner, which informs the user of available updates for Windows or Microsoft software, applications and other security settings like weak passwords or autorun settings, complete with options to take appropriate actions directly in the program’s interface. This feature has however not been integrated into the warning notifications on the dashboard. BitDefender should add those, as Windows patches that have not been installed can open the doors for malicious attackers exploiting those.

vulnerability scan

Game, laptop and silent modes are available that offer operation modes catered to specific system states. Laptop mode will for instance configure BitDefender to postpone or skip scheduled tasks if running on battery. Gaming mode allows for uninterrupted games, so that scans and other background tasks are reduced to a minimum.

These modes detect system state changes automatically, game mode comes with a default list of games that are detected automatically, and other games can be added to a custom list. To make things easier, game mode or silent mode can be enabled automatically for full screen applications.

BitDefender 2011 comes with several additional modules, including the previously mentioned firewall, data encryption, online backup and privacy controls.

One interesting feature that many users will like is the Troubleshoot Wizard, that can aid the user in troubleshooting issues. The wizard displays common problems associated with modules. For the firewall those are for instance problems accessing a computer in a network, printing or accessing the Internet. The troubleshooting wizard then tries to resolve the issue for the user.

It offers for instance to add an application to the firewall’s whitelist if the program fails to connect to the Internet. all the user needs to do is to select the program to add it (by browsing to it with a file browser).

Bitdefender 2011 Direct Downloads

BitDefender Antivirus Pro 2011

• BitDefender Antivirus 2011 (32-bit)
• BitDefender Antivirus 2011 (64-bit)
• Antivirus Pro 2011 Homepage

BitDefender Internet Security 2011

• BitDefender Internet Security 2011 (32-bit)
• BitDefender Internet Security 2011 (64-bit)
• Internet Security 2011 Homepage

BitDefender Total Security 2011

• BitDefender Total Security 2011 (32-bit)
• BitDefender Total Security 2011 (64-bit)
• Total Security 2011 Homepage

Verdict

BitDefender offers several improvements over last year’s version. A common trend among security companies seems to be to pack features into the software, even if they do not add anything to the protection of the system. BitDefender on the other hand as extended the functionality of their product in areas where it makes sense. Features like the gaming or laptop mode, cloud based antivirus scanning, file encryption, shredding or the improved parental controls with home networking options blend well into the existing product.

The only module that does not seem to belong into the program is Tune-Up, as it offers features such as Registry Cleaning, defragmentation or duplicate file finding. But that’s one module out of a dozen.

Computer users should take a look at the product comparison chart to find the BitDefender program best suited for their situation. BitDefender Internet Security 2011 gets our recommendation, as it comes with all security modules needed to protect a computer. Users who want more than that, like online backups or file encryption should pick Total Security instead. Users who already have a firewall installed, and who have no need for antispam or parental controls can pick Antivirus Pro 2011.

Additional information are available at the Bitdefender homepage.

Giveaway

The guys at BitDefender were nice enough to give us 15 licenses of BitDefender Total Security 2011. The licenses are valid for one year, and will be given to random commenters of this thread.

The giveaway ends in 48 hours from the time of posting, and we announce the winners in the Ghacks forum after this. Winners need to include a valid email address, as we are sending the product keys to the email addresses they made their comments with.

To make things interesting, tell us about your current security setup, and how you would use Total Security if you got one of the license keys. Good luck everyone.

How does this work? Using the IP address you provide to us, our automated system can determine your broad geographic location. If you log in using a remote IP address, our system will flag it for you. So if you normally log into your account from your home in California and then a few hours later your account is logged in from France, you’ll get a notice like the one above at the top of your Dashboard page – alerting you to the change and providing links for more details. [via]

Google has now rolled out the feature to all Google services, and will display suspicious account activity in the Google Dashboard.

This means that they now check the IP address in all Google services and not only Gmail, a useful change that adds to the security of the account.

google dashboard

Two links are provided in the notification message, details opens a small popup with additional information about the account activity listing the location, IP address and date and time. The alert can be ignored or closed in this popup. The other option is to change the Google Account password, an option that is also provided directly in the initial notification message.

The only problem with this service is that most users probably do not access the dashboard regularly, if at all. It would be great if the feature would be activated for all Google services so that the suspicious account activity would be displayed right there. Up until then it might be wise to visit the Google Dashboard regularly to check the account.

The system addresses a problem that security researchers and companies have faced in the past. Security researchers who uncovered vulnerabilities or stolen data were not able to pass the information along in a centralized secure way. There simply was no option to send a direct warning to service providers, banks or other companies that were affected by the vulnerability or compromised data.

Researchers had to analyze the data to identify the affected companies or online services before they had to find the right contact to pass the data along securely. Cyber-criminals benefited from this as it gave them additional time to make use of the stolen data.

“Last year, according to the Anti-Phishing Working Group, one million U.S. households lost money or had accounts misused as a result of phishing, at a cost of $650 million”, Nancy Anderson, Corporate Vice President and Deputy General Counsel said.

The Internet Fraud Alert System has been designed to provide security researchers and the security community in general with a centralized alert system to report stolen data, such as credit card numbers or account login details. The service furthermore allows the researches to contact the institutions directly, allowing them to take the appropriate action to protect their customers.

Through a centralized alert system powered by Microsoft technology and managed by NCFTA, Internet Fraud Alert provides a new, powerful tool to quickly inform financial and online companies about compromised customer account credentials (such as online usernames and passwords) or stolen credit card numbers. With this information, institutions can take action to protect their customers from further fraud against their accounts.

Microsoft donated the technology to the NCFTA, a non-profit organization dedicated to facilitating public-private partnerships between industry, law enforcement, and academia on cyber-security issues.

Only US companies participate in the Internet Fraud Alert system at the moment. It remains to be seen if this is going to change in the future or if this will remain a US-only project which would severely diminish the efficiency of the system.

Aza Raskin just posted an interesting article on his blog detailing a new phishing attack that he calls Tabjacking. The concept of this new attack is ingenious.

It basically refers to a website that is changing its look and feels to a fake website after some time of inactivity. Here is how it works.

The web user visits a harmless looking site and decides to keep it open in a tab for the time being. A JavaScript code on the page notices that and replaces the site’s favicon and title with a popular site’s one. This could be Facebook, Gmail or any other popular website that the user likely uses.

The website itself will also change its contents so that it looks like the website that the attacker wants to steal login credentials for.

Many users identify websites in tabs by their favicon and title. This could lead to the user believing that the site is indeed the real website. Clicking on the tab displays what the user expects to see as the copy looks exactly like the original.

For Gmail it would for instance be the Gmail login form. Users who enter their login credentials into the form will send them right to the attacker. The script on the website will redirect the user to the real website in the end.

A New Type of Phishing Attack from Aza Raskin on Vimeo.

There are obviously a few elements left that the user can use to identify the attack. The url for instance will not reflect the website that is displayed to the user. It is also likely that the site will not make use of https.

Take a look at Aza’s blog post for additional information about the attack including codes, fixes and lots of user comments.

A life without Flash would mean to make the system more secure. But which consequences would it have in terms of usability? Are there websites and services that would stop working completely or partially? To find out we need to take a look at the functionality of Flash. Why is it installed on so many computer systems and what are the core services that are offered in Flash?

What is Flash being used for?

There are not any official statistics about Flash usage on websites, at least none that we could find during our research. We were able to identify the following sectors in which Flash is being used:

• Media Streaming: Mainly video and audio players that stream videos on websites.
• Games and entertainment: Many games are created in Flash.
• Advertisements: Flash ads are a common occurrence on the web.
• Services and sites: Some site use Flash for specific services, like a chat for instance, or on their whole website.

HTML5 introduces media streaming capabilities which should reduce the need for Flash in that area. Youtube for instance is offering an experimental HTML5 video player that can be used instead of the Flash player to view the videos on the site. There are also some options to either replace the flash player in a web browser with a media player that is installed on the computer system. Firefox add-ons like Media Player Connectivity replace the Flash player, some display the output in the web browser while others redirect it to the local media player.

Games on the other hand cannot be played if Flash is not installed. The same is true for advertisements (which most Internet users probably won’t miss at all. The services and sites on the other hand depend largely on the user’s personal web surfing habits. Flash player might still be needed if websites with Flash exclusive features are accessed.

Can you live without Flash?

It is quite possible to not install Flash. Alternatives at least are available at least in the media streaming sector. Not all media sites might work though but the way is paved for a Flash less future. Casual gamers on on the other hand have barely any other options. Java might be an alternative but the majority of games are served in Flash.

What’s your opinion on the matter? Do you use Flash? Do you have plans to stop using it in the future?

Security software in particular is offering two, three or sometimes even more different versions of their products to their customers. There is usually a basic edition, an advanced edition and a complete edition.

Kaspersky Internet Security was until recently the flagship product of Kaspersky with Kaspersky Antivirus being the basic software program. Kaspersky now has released Kaspersky Pure which adds features on top of the Internet security product.

Kaspersky Pure has the following additional features (or improves already existing ones):

• Identity Protection
• Advanced Parental Control and monitoring of user’s Internet access, PC and application use and communications
• PC tune-up
• Password Manager can create, encrypt and store logins, auto-complete forms and has an inbuilt virtual keyboard
• File Shredder uses multi-pass technology to make deleted data unrestorable, even with sophisticated software
• Data Backup & Restore assures your data’s integrity. Set schedules, restore points and select backup media
• Data Encryption maximizes security. Create, store and transfer data in password-protected, encrypted containers
• Single-point protection management for other computers in home network

Many of the tools that are added to security applications like Kaspersky Pure are also available as free third party applications. Including those features on the other hand can be beneficial for users who have not heard of those before. It could also be interesting from a security point of view considering that all the tools are created by the same developer and not multiple ones.

Computer users who want to try out Kaspersky Pure can download a 30-day trial version at the official Kaspersky website. Additional information about the security software are provided on the Pure profile page.

Is the program worth the $79.95? It depends on multiple factors. Computer users who want one program for all security, privacy and recovery purposes might say yes while users who believe in free software will likely say no.

Many security software companies are currently either adding sandboxing or cloud computing to their products with sandboxing probably being the more popular option for most. Sandboxing comes in very handy when trying out new software programs, executing other files that could possibly be malicious or forcing regular programs to run in the sandbox (like a web browser) so that no matter what happens during use is not affecting the rest of the operating system.

Comodo has also improved the user interface of Comodo Internet Security 4 and the usability of the security application. The number of popup alerts have for instance be reduced. Popups have been redesigned to provide the user with additional options and information. Some core modules like the antivirus engine have been improved although it is to early to say how well they fare.

The Comodo Internet Security 4 Download is provided at the official Comodo website. Some users in the Comodo forums are experiencing bugs and other issues with the security software.

Comodo Internet Security 4 Downloads

Download 32-bit Offline
Download 64-bit Offline
Web Installer Download

Have you been using Comodo Internet Security 4? What is your opinion on the product?

Avira has published their January statistics of the most phished brands. This information can be helpful to identify or avoid services that are targeted the most by phishing attacks.

Most of the phishing attacks are carried out against financial services and sites. The only non-financial service in the top 16 list is Facebook.

The phishing list is tipped by PayPal which was the target of the phishing attack in 61.89% of all cases followed by HSBC Bank with 8.59% and Bank of America with 6.09% of all attacks.

Other companies in the list include Ebay, Abbey Bank, Chase Bank, Banco Poste Italiane, Alliance Leicester, Western Union and Citibank.

It is obviously not always possible to switch a company or service based on the phishing statistics but it should warn users that use these brands to be very cautious when they receive emails that seem to come from those companies. (via Avira)

This means that more than 30 million complete sets of emails, usernames and passwords were exposed to third parties. At least one hacker managed to get hold of all the data of which the passwords and a small sample was posted on the Internet.

RockYou users who have an account at the service should immediately change the passwords for all their services that use the password and email address to avoid that these accounts are hacked.

RockYou did not only store login information about its own service but also for third party websites like Facebook or MySpace to make it as easy as possible for the users to use the data in their social networking accounts. This means that MySpace, Bebo or Facbeook login information have also been stored on the Rockyou servers if the user has entered them before on their website (see Techcrunch for additional information)

Security company Imperva got hold of the 30+ million passwords that have been selected by RockYou users to secure their accounts. Their findings are alarming:

• About 30% of users chose passwords whose length is equal or below six characters.
• Moreover, almost 60% of users chose their passwords from a limited set of alpha-numeric characters.
• Nearly 50% of users used names, slang words, dictionary words or trivial passwords (consecutive
  digits, adjacent keyboard keys, and so on). The most common password among Rockyou.com
  account owners is “123456”.

The password popularity chart is therefor dominated by easy to guess passwords just as 123456, Password, rockyou or abc123. The full report of the findings can be downloaded from the Imperva server as a pdf document.

If a hacker would have used the list of the top 5000 passwords as a dictionary for brute force attack on Rockyou. com users, it would take only one attempt (per account) to guess 0.9% of the users passwords or a rate of one success per 111 attempts. Assuming an attacker with a DSL connection of 55KBPS upload rate and that each attempt is 0.5KB in size, it means that the attacker can have 110 attempts per second. At this rate, a hacker will gain access to one new account every second or just less than 17 minutes to compromise 1000 accounts. And the problem is exponential. After the frst wave of attacks, it would only take 116 attempts per account to compromise 5% of the accounts, 683 attempts to compromise 10% of accounts and about 5000 attempts to compromise 20% of accounts.

Recommendations for users

• Choose a strong password for sites you care for the privacy of the information you store. Bruce Schneir’s advice is useful: “take a sentence and turn it into a password. Something like “This little piggy went to market” might become “tlpWENT2m”. That nine-character password won’t be in anyone’s dictionary.”
• Use a different password for all sites – even for the ones where privacy isn’t an issue. To help remember the passwords, again, following Bruce Schneier’s advice is recommended: “If you can’t remember your passwords, write them down and put
  the paper in your wallet. But just write the sentence – or better yet – a hint that will help you remember your sentence.”
• Never trust a 3rd party with your important passwords (webmail, banking, medical etc.)

The easiest way to ensure all this is to use a password manager that can generate strong passwords and save them for the user. We recommend Last Pass which is available for several popular web browsers.

Symantec’s Norton suite has seen dramatic improvements in the last two years. The two most notable changes are a concentration on lower resource usage which was already noticeable in last year’s Norton Internet Security but becomes even more apparent in this year’s. Additional improvements are the new behavioral detection engine Quorum which uses a cloud based reputation system to identify threats and offers faster response times to new or mutating malware threats and additions to Norton Insight which has now been split to the four areas Download Insight for better control of file downloads, System Insight for system diagnosis, File Insight for file analysis and Threat Insight.

Here is a quick overview of what Norton Internet Security 2010 offers:

• Anti Virus
• Anti Rootkit
• Bot Protection
• AntiSpam
• Norton™ Safe Web
• Smart Firewall
• Network Monitoring
• Spyware Protection
• Identity Protection
• Parental Controls

Installation

Installation is a breeze. The most important change to installation is that no reboot is required to complete the installation of Norton Internet Security 2010. The installation process itself has also been improved as it now takes less than a minute (a bit more if you use an installer that downloads the components from the Internet) to install the security software on the computer system.

Interface

The interface is easily accessible and gives the user an immediate overview over the protection state of the computer system. Switches are provided in the main interface to switch the state of a specific module to on or off with the interesting option to turn a feature off for a specific time only.

The protection is divided into the three groups computer, network and web each with their own associated security modules, settings, information and options.

Another indicator that Symantec takes performance serious is a cpu meter that is displayed in the main interface. This cpu meter displays the cpu usage of the computer system and that of Norton Internet Security. A click on the provided performance link will lead to a performance monitor that displays the cpu and computer memory usage of the system and Norton Internet Security over time.

Other links in the main interface lead to Norton Tasks which displays a similar performance graph and the background tasks that are configured in Norton Internet Security 2010. Here it is possible to see their impact on the computer system with an option to start any of the background tasks right away.

Application Ratings is a very interesting module that displays Norton Insight information about files and programs of the computer system. It will for instance rate all running processes, startup items, loaded modules and even all files so that it is possible to get a quick overview of the danger of certain files.

Norton Insight uses a trust level, resource usage and Norton Community Usage as indicators for a file’s rating.

The remaining subscription days and links to the Norton account, help and support and feedback are provided in the main interface as well.

Computer Protection

Computer Protection consists of the four modules Insight protection, antivirus, antispyware and SONAR protection. It contains additional links to running a live update, accessing the history and quarantine, start a scan and to open the settings.

The settings are extensive and contain several optional modules that are not activated by default. It is here for instance possible to enable Microsoft Office Automatic Scan to protect Office documents. Modules can be turned on and off in the settings but there are also advanced options available. This includes configuring exclusions (good for false positives for instance or files that should not be accessed by Norton Internet Security), real-time protection features and scan performance profiles.

• Insight Protection – The Insight Network scan uses the Cloud technology wherein a remote server on the web contains the latest virus definitions.
• Antivirus and Antispyware – Security risks, such as spyware and adware, can compromise your personal information and privacy
• SONAR Protection – Symantec Online Network for Advanced Response (SONAR) provides real-time protection against threats and proactively detects unknown security risks on your computer.

Network Protection

Network Protection consists of the Smart Firewall, Intrusion Prevention and Email protection modules. A settings link is provided here as well that leads to the options for the listed modules. Configuration options for the firewall are divided into several menus. One element that seems to be missing is an overview of all the computer or network connections.

• Smart Firewall – Smart Firewall monitors communications between your computer and the other computers on the Internet.
• Intrusion Prevention – Intrusion Prevention scans all the network traffic that enters and exits your computer and compares this information against a set of attack signatures.
• Email Protection – Email Protection protects your computer against the threats that you might receive through email attachments

Web Protection

This group contains the parental controls, identify safe, browser protection, safe surfing and download intelligence modules.

• Identity Safe – The various features of Identity Safe help you manage your identities and provide additional security while you perform online transactions
• Browser Protection – (Firefox and Internet Explorer only) When you turn on Browser Protection, Norton Internet Security proactively blocks new or unknown malware programs before they attack the computer system.
• Safe Surfing – When you install Norton Internet Security, it adds the Norton Toolbar to Internet Explorer and Firefox.
• Download Intelligence – Download Insight provides information about the reputation of any executable file that you download using the Internet Explorer 6 and Firefox 3.0 browsers or later.

Verdict

Norton Internet Security 2010 is an impressive product that has a much lower resource footprint than previous versions of the software. The new performance monitor emphasizes this to give the user hard facts about the performance usage of the security software.

Modules like the application ratings and the new Norton Insight modules make it easier than ever to stay on the safe side.

The settings for each individual module are on the other hand somewhat hidden in the program. It would be more comfortable if links to individual settings would be provided in the main interface.

Christmas Giveaway

We have ten licenses for Norton Internet Security 2010. Please leave a comment for a chance to win one of the licenses. Let us know why you would like to get a license for Norton Internet Security 2010

Raju is giving away DAEMON Tools Pro Advanced, check it out as well.

The Installation of Panda Internet Security 2010 is wizard based with options to install a minimal, standard or custom version of the product. Depending on the choice made by the user the program will scan the computer memory and hard drive during installation. The program requires one restart after installation and it is highly recommended to uninstall any security software that might interfere with Internet Security 2010 before starting the installation.

Panda Internet Security will display the following interface after the system restart. Green lights indicate working and functional modules while red lights would indicate that a module is either not working properly or disabled.

Internet Security 2010 will automatically display a warning on top notifying the user that the software needs to be updated over the Internet. This will update the software to the latest version and should be the first thing a user does after the first startup.

The PC security software itself is dominated by two main areas: The tab bar on top and the links in the center that point to the various modules like firewall or antivirus.

The five tabs Status, Scan, Report, Quarantine and Services on top switch to other parts of the user interface.

Status: Displays scan statistics as well as the status of all modules of the antivirus firewall software with options to change settings by clicking on one of the modules or the settings link.

Scan: The user can perform manual scans in the Scan section. This ranges from scanning the computer, to hard disks, email, other items and detecting vulnerabilities.

Report: Will display event reports and statistics

Quarantine: The list of files that have been added to the quarantine.

Services: Option to create rescue disks, contact technical support, send suggestions or suspicious files.

Settings and the individual modules on the status page link to the configuration settings of the program. Each links to a help file which can aid the user in understanding the individual settings that can be changed. There is also always one global checkbox that can enable or disable a module immediately.

The settings are extensive. If you open the firewall protection settings for instance you notice three setting buttons for rules and one for networks and wi-fi. The three rules button configure the programs that are allowed to access the Internet or network, enable or disable Windows services and to specify ports, addresses and protocols that are allowed or disallowed on the computer.

Speaking of firewall controls. Panda offers a smart configuration mode for the firewall which will then automatically control the network traffic. Some security programs use very strict firewall settings that leave the user with no choice but to manually add programs to the list of allowed programs. Panda makes this almost unnecessary as we did not experience issues with any of the programs that we used to connect to the Internet.

List of Panda Internet Security 2010 modules:

• Anti-Malware Protection
• Advanced Proactive Protection
• Personal Firewall
• Anti-Rootkit Technology
• Anti-Phishing Filter
• Anti-Banking Trojan Engine
• Web Filter
• Personal Information Filter
• Anti-Spam Filter
• Parental Control
• Backup & Restore

The main changes to last year’s version are a stronger focus on the Collective Intelligence technology. You might have read about it when we reviewed Panda Cloud Antivirus. Collective Intelligence “works as an online, real-time database that stores the majority of signature files, keeping them at a minimum on the endpoint”. This has a measurable effect on the program’s computer resource usage.

Collective Intelligence was integrated into the last version, but Panda has refined the technology considerably in the past year. Internet Security – and Panda’s other 2010 retail products, for that matter – boast an 80% improvement in performance against previous versions; because signature files are shared in the cloud, the products take up considerably less memory. Panda’s baking Collective Intelligence across all of its products (most visibly with its free Cloud Antivirus, which they launched a few months back) and the technology has really become the company’s core differentiator in the past year.

The second addition is a USB vaccine technology which can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically.

Interested users can take a look a the program’s page over at Panda Security to find additional information about improvements and technical requirements of the Internet Security suite.

Christmas Giveaway:

We have ten licenses for Panda Internet Security 2010. Just reply with a comment to this article and let us know what you are currently using to protect your PC for a chance to win a 1-year 3-user license of Panda Internet Security 2010.

Raju over at TechPP is giving away Cyberlink Power Director 8 today, make sure to check out his giveaway as well.

The problem that he sees with today’s form of identification – which is IP based – is that it is sometimes not possible to identify the person behind the connection at a specific time thanks to Internet cafes or hacked computers.

Most users will probably say bollocks and move on. Others will find flaws in his suggestion. If you look at real life examples you will notice for instance that people are anonymous there as well. You can phone someone from a public phone anonymously, you can send someone a letter without revealing your name. You can shop anonymously and talk to people without revealing your identity.

What’s your thought in the matter? The full interview is available at the Zdnet Asia website.