Norton Internet Security 2007 Issues

I’ve used the free ClamAV in the past, but was never convinced that it was doing much. There were some usability issues with notifying about updates but not automatically downloading and installing them also.

So this weekend I bought the Symantec Norton Internet Security 2007 3-pack at Fry’s. It was about $50 up front but should be free after rebates. I checked the PC Magazine reviews online at the store, and Norton was rated as more effective and polished than the CA product.

NAV has some issues too:

1. if you use Thunderbird as your email program, backup your mail files before installing Norton Internet Security 2007. On the 2 machines where I installed Norton, the read count was reset to 1, causing Thunderbird to redownload all 4100 emails … causing duplicates. Even worse problems can occur if viruses are detected inside a mail file.
2. without warning, the Norton installer kills outbound network connections. For example, file transfers and putty sessions will be killed.
3. the registration screen has top and bottom parts. The top part is for previous registered users, and the bottom is a registration form for new users. If you fill in the bottom, then you click on the top, you lose all your completed form data. Very annoying.
4. after completing the registration process for the first time, I received a confirmation email that:
1. was flagged by my default install of SpamAssassin as spam with a score of 6.2
2. contained a URL to their web site with my username and password in the URL! Not only is that a no-no for a security company, but the username and password aren’t even used to pre-fill the web login form. (And since those are GET parameters, they’re sitting in their webserver logs in plain text of course.)
5. when scanning, the Stop button seems to mean “stop after finishing the current file.” That’s not cool if you’re ready to close your notebook and you happen to be a in a large zip archive for example. And Task Manager is not allowed to kill the Norton processes.
6. the file virus scanner is slow – 24 hours to scan my desktop hard drives with 12 million files, mostly in tarballs, though the machine was still somewhat usable.
7. the installer took 45 minutes to initialize on my notebook – then worked ok, but basically locked up my Compaq 1.6 GHz/2 GB RAM/80 GB notebook while scanning though. Need to look into that.

How good was it at scanning for viruses?

Well, it found what I expected, and the Export Results link creates a useful report file with all the data I wanted. However the program UI goes out of its way to separate results from the corresponding files until you dig around.

Note that their EULA mentions that you have no privacy when using their product. They can send back your files for any reason, and make them available to authorities. Something to think about if you work for a software company or do computer security research.

Update: Symantec 2nd level support recommends running chkdsk and downloading and installing 10.4 to fix many issues. The filename is NIS071040.exe (50,559,136 bytes)

People in the know recommend not using any Symantec software products. For anti-virus software, they recommend AVG as being effective without using obscene amounts of system resources.