Wednesday, December 24, 2008

Symantec Antivirus puts you at risk

I'm flabbergasted - in 25 years of security work, I've never seen such an Epic Fail by a security company.

Symantec makes a popular antivirus (sometimes referred to by the brand "Norton" or "Norton Internet Security"). Now it's not particularly effective, and it is a performance hog - it will bring your computer to a standstill toute suite. But that's not the point of this post.

Symantec's on-line support procedures for people who get infected could not be better designed to maximize financial damage to Symantec customers.

Here's what happens: someone gets some sort of new malware on their computer. They smell a rat, and go online to Symantec for help. If their annual antivirus subscription has expired, Symantec's support site makes them enter their credit card number:

So what's wrong with this? Most of the malware today includes software that records every keystroke you type. So the malware gets to intercept the credit card details:

After railing at Symantac's customer support people via their online chat support for not properly protecting his machine, Delano was told to speak with their premium support folks who could remotely take control over his system and give it a thorough inspection and cleaning.

Delano said he initially protested, but after pricing other services like Best Buy's Geek Squad, he agreed to pay Symantac $100 for the service. He was instructed to enter his credit card number and other billing information at a secure Web site. However, the keyloggers that were still on his machine, intercepting his information.

The punch line? Symantec's own annual Internet Security Threat Report says that 70% of malware captures credit card information that is typed in by the user.

So, Symantec can't say that they don't know.

If you think that you have malware on your computer, do NOT use Symantec antivirus and absolutely, positively DO NOT ENTER YOUR CREDIT CARD.

You can get a second opinion via free online antivirus scanners: I like Trend Micro's House Call, but there are ones from ESET (well regarded for technical capability) and F-Secure as well. You'll have to use Internet Explorer, and while I tell you not to, just this once I'll forgive you.

But Symantec clearly doesn't give a fig for their customer's safety. While IANAL, this strikes me as such egregious negligence that they may be liable for damages.

Note: if anyone from Symantec reads this and wants to respond, you can leave a comment or email me (email contact info is in the links on the right hand side). Technical folks can expect some sympathy; marketing flacks better bring a good story.


TOTWTYTR said...

I hate Symantic anti virus. As you note it's a resource hog, and I don't think it's particularly effective. I use the free version of AVG and recommend it to everyone. McAfee isn't any better than Symantic.

Oh, Symantic customer service sucks, even if you have the paid version. Wait times are measured in days and they hide their phone number so deep in the manual that you'd need to be Sherlock Holmes to find it.

Buffboy said...

I agree with the previous commenter about Norton. If you want sluggish system performance and an absolute guarantee of infection, that's the program to buy. It's also much harder than a virus to remove. If you've ever installed Symantec, you have to format to completely remove it.

The problem I find with Free AVG is its massive popularity, the hackers know that program so well they can get around it sometimes. It's still better by far than even the corporate version of Symantec as I'm forever removing viruses from that premium priced POS.

I've found the free version of Avast is good. It doesn't have as many features as the free AVG, it also slows your system down more than AVG, it's a very slow scanner when you want to do a system scan, but it works. I've never used the free version's tech support so "no data" but in three years I've never had to.

If you are going to pay for antivirus, IMO, buy Avast(good tech support). The paid version of AVG seems a good program but if you ever need tech support, the free version is actually better with it's forum. The paid version: IME, you will never even receive a reply, ever.