Symantec’s New “Statistical Approach” to Computer Security
Over the years, we’ve seen Symantec’s reputation go down-hill as their Norton line of antivirus and security products has been labeled sluggish and bloated by those who use it. According to a recent article in The Wall Street Journal, Symantec is hoping to change the future of security software by making it “less annoying” which could help improve their reputation and bring customers back. Their ideas sound good, and it certainly would be faster, but could present some problems.
The future of Norton security products will involve a new statistical method for finding malware instead of the current method which is more intense and is deeply involved with the operating system. The WSJ says, “security software works, in part, by hooking itself into a PC or system to look for unusual behavior that might be a hint that malware is lurking within. In coming releases of its consumer-security suite, Norton 360, Symantec plans to use a new statistical approach to finding malware that looks at factors like the number of total PCs a piece of software is installed on. If it’s installed on a lot of PCs, it’s probably safe; if it’s installed on just one computer, it’s probably not.“They are also hoping to reduce the amount of time it takes for the software to be installed.
Do you see any problems with the method they are working on, to make security software “less annoying”? The problem we see is that if a virus is wide-spread and installed on thousands of computers, which happens, it could provide a false sense of reassurance. It seems as though solely using a statistical approach could prove to be faster, but unfortunately, it could be less reliable. Ultimately Symantec hopes to make Norton both faster and more reliable, but from the sounds of it, Norton will only be faster unless there’s more to this approach than we’re aware of, or if they combine methods.
We do have to give Symantec some credit for breaking away from what’s familiar to try something new. Rowan Trollope who is the head of Symantec’s consumer business says his goal is to build “zero-impact” security software that won’t slow down computers. He says, “I’ve staked my career and reputation on this.” Hopefully it proves to be worth it…
Enjoyed the post? Subscribe to our feed to get a daily dose of CyberNet!
Related Posts:
- Microsoft’s Security Site Pictures A Mac User
- Norton Internet Security 2007 Not Much Better Than 2006
- Online Data Backup Solution in Symantec’s Future?
- Mozilla Will Support Firefox 2 Until Mid-December 2008
- Hot Deal: 3-User McAfee IS 2008 for $5
“The problem we see is that if a virus is wide-spread and installed on thousands of computers, which happens, it could provide a false sense of reassurance. It seems as though solely using a statistical approach could prove to be faster, but unfortunately, it could be less reliable. ”
I’m sure there would be other factors in determining if the software is a virus or not (probably dozens). More importantly, todays virus are identified by their “signature”; their file name is often random to help avoid detection. So each installed instance of the virus would appear to be unique.
I think Symantec is going to need to use both heuristic analysis and statistical analysis if they are going to offer an effective malware scanner.
Wide spread viruses are usually known so I think those can be easily blacklisted.
Well, he says they will use that data as a factor to detect malware, so clearly they’ll use other methods. I think what the means is that they’re creating something similar to SpyNet in Windows Defender or the whole ThreatFire idea.
Anyway, Norton perception problem does not lie in its poor detection capabilities, but the impact the software has on computer performance (or it used to have at least).
I’m sure they’ll be using multiple methods for identification, and this will just be an additional method of protection.
That’s true, and something that I hadn’t thought about. So this could turn out to be rather effective.
They claim that this will help with performance though, which is one reason why it’s intriguing. I’m interested to see whether they will be able to recover some of the reputation they have lost.