Save content
Have you found this content useful? Use the button above to save it to your profile.
AIA

Stewart Twynham's IT security diary: Dreadful security software

by
15th Aug 2007
Save content
Have you found this content useful? Use the button above to save it to your profile.

This week, Stewart discovers just how bad internet security software can be, and looks at a very interesting alternative for mobile workers.

As the dangers on the internet grow daily, anti-virus vendors have been quick to leap in with ever more sophisticated "internet security software". These suites package a single vendor's anti-virus, anti-spam, anti-spyware, firewall, and several other things you'll probably never ever use into a single product.

This all might sound like a good idea, but I just don't like internet security software, for two very good reasons:

  1. Running security software on your PC as your only line of defence doesn’t actually work. Any virus or malware you pick up that isn't spotted by the anti-virus can disable your entire protection completely, sometimes silently.
  2. I have yet to meet anyone who fully understands how to use and configure what is increasingly sophisticated software. Users are left with PCs that don't work properly with certain applications, or are bombarded with pop-ups asking questions like, "Should the application wcescomm.exe be allowed to make a TCP connection?"

This week I enjoyed a minor celebration in the office as I discovered a third reason to hate internet security software: speed.

Any security software will slow your computer down. Software makers don't usually like to disclose just how much, so we ran a series of tests this week, comparing a leading (PC Pro ‘A’ rated) internet security suite with one of the latest security hardware devices from Yoggie.

The Yoggie Pico is little larger than a USB memory key, and simply plugs into a spare USB port on your PC. Pop the supplied CD into the drive, and within minutes all of your PC's network traffic is laundered through the Yoggie device first before being acted on. The device does all the anti-virus, anti-spam, anti-spyware, anti-phishing, stateful inspection firewall and intrusion detection that many of the software products claim. It just doesn't use any of your PC's brain to do the work.

The results were astonishing. We took a two-year-old Dell laptop and compared boot-up, login and shutdown times when running no software, the F-Secure 2007 suite and the Yoggie Pico drivers.

Sequence No security software F-Secure 2007 release Yoggie Pico
Boot-up to login screen 37 seconds 38 seconds 39 seconds
Login until network icons shown 18 seconds 79 seconds 27 seconds
Login until PC usable 18 seconds 350 seconds* 27 seconds
Shutdown 37 seconds 73 seconds 36 seconds

*PC remained unresponsive for almost six minutes after login. During this time CPU stood at 100%, and memory usage went as high as 170MB, dropping to around 60MB at ‘idle’.

The results for F-Secure were simply dreadful. With all of the standard features enabled, the PC slowed to a crawl. Logging in took minutes rather than seconds, consuming a huge amount of system resources (CPU and memory) in the process. Turning off some of the features improved things a little, but we still found that the machine (which had 512Mb of RAM installed) was quickly running out of memory!

Clearly, the software makers have the right intentions, but making computers more secure through software alone simply isn't the answer. Devices such as the Yoggie may be an interesting sign of things to come.

Stewart Twynham
Bawden Quinn Associates Ltd

Tags:

Replies (11)

Please login or register to join the discussion.

By RogerNeale
22nd Aug 2007 11:16

terrible machines
Ben,

The simple fact is that businessmen don't have to "put up with these terrible Multimedia games machines"!!

I've been dealing with business customers and office equipment for over 25 years and I often find that the ones who I hear complaining about Pcs are those who buy the cheapest ones. These are usually designed for domestic use and not for all day every day business use.

Businessmen should buy business PCs from business computer systems specialists rather than going for the cheapest from the high street chains or domestic sections of web sites.

I know it's easy to go for the cheapest, that's logical, but if you want real quality go for a trusted business specification system. Get proper advice from a business IT specialist.

Remember when Microsoft brought out Windows 3, Windows95 and 98 ??
Microsoft didn't really stress it but the fact is that these were aimed at Domestic users.
They released Windows NT for business users at the same time but how many of you business users actually used NT?

My general advice: Buy the correct tool for the job.

Roger Neale
Diamond Accounting Solutions
07714 670 789

Thanks (0)
avatar
By spaxtastic
16th Aug 2007 14:38

Not the answer?
Looking into this, I've spotted a review that talks about the additional security software that comes bundled with the Pico that you can install or keep what you already have, and another one says:

"Corporate networks have gateway servers that put a firewall around all network traffic and filter out viruses and spam. The Yoggie Pico Personal brings that kind of hardware-based protection to your individual PC. It's an added layer of protection, but it doesn't replace a software security suite."

Thanks (0)
avatar
By User deleted
17th Aug 2007 14:17

Interesting circularity here
In a previously posted article it was suggested that Linux (and all the other stuff) might provide an acceptable alternative (for example) to Microsoft.

One of the reasons against such a choice was the absence of accounting and similar software.

Reasons for such a choice include control and the absence of spyware, key loggers, and a need for anti-virus (providing it's not a gateway to other software).

Here people are bemoaning anti-virus packages and loss of control.

One solution would be for the Accountancy professions to sponsor development of suitable accountancy software suitable for running on Linux, funded from the savings in anti-virus and other paid-for software. And they would control the development of features.

Inspiration for the idea and how to start might be found from Google's "summer of code" in which Google lob in a small wedge to sponsor comp sci students to develop "stuff" which expands the availability of code and applications that run on Linux etc.

Just a thought.

Thanks (0)
avatar
By User deleted
16th Aug 2007 17:04

Packages are the pits
Just like a suit of armour which had to be exceptionally well tailored to permit the occupant to move, sadly there just doesn't seem to be that much tailoring in security suites.

I used to swear by AVG for my single machine until they wished a suite on me.

Now I use Nod 32( which sells itself as an anti-virus but seems to do everything that a suite might do) coupled with a freebie Zone Alarm fire wall.

I'm running virus and malware free with very reasonable speed on my old Dell XP.

Thanks (0)
avatar
By PMHHPH
16th Aug 2007 16:35

Still software
Although I agree that the Yoggie will make a difference in speed when checking network traffic remember that it is still a software security suite, just running on a plug-in device rather than in RAM. The software running is functionally similar to Norton, McAfee, F-Secure etc and needs to be kept updated. This is not hardware protection. Accordingly it does not get around Stewart's first two complaints against security suites.

I have two thoughts about the test itself. Firstly, when a pc starts up a suite such as F-Secure will check all the processes loading into memory to prevent problems caused by anything already in the machine., which is what takes the time during login. If the Yoggie only checks network traffic then it's not doing that. If the pc is 2 years old then it may well be loading lots of unnecessary background software such as helpers for utilities that were tried out and then never used, and all these will be checked by F-Secure. Secondly, 512MB of RAM is the bare minimum for a pc nowadays - I wonder whether the pc would have booted faster if it had more RAM?

The IT industry generally accepted security baseline recommendations are for both hardware and software protection plus, just at least as important, user education and company policies backed up by sanctions where they are breached.

Recently I have used ZoneAlarm Internet Security Suite which has been consistently at or near the top of industry lab test reviews, plus Mailwasher Pro which I find an excellent practical tool as well as helping security.

Thanks (0)
avatar
By AnonymousUser
16th Aug 2007 13:29

What about other protection packages
It would be interesting to see how these times compare with other software packages such as Norton and MacAfee.

I use Norton at home and my wife is constantly moaning about the time it takes her to log on and for the computer to be ready to use.

Thanks (0)
avatar
By AnonymousUser
16th Aug 2007 14:45

Norton
We ditched Norton two years ago as it interfered so much with the operation of Office, and switched over to F-Secure, which has worked just fine.

However, our network sits behind a custom linux firewall, which sits behind a hardware firewall in the ADSL router, so F-secure might be an overkill.

And we don't use MS browsers or e-mail. Firefox and Thunderbird instead.

But I agree. I have no idea what's really going on with all those application control things!

Thanks (0)
By RogerNeale
16th Aug 2007 15:21

Antivirus - more like Let's make your PC un-usable.
I've had dreadful experiences with Norton in past. As a consequence, I won't have Norton anywhere near any of my systems.

As for anti-spyware, most anti-spyware software actually puts spyware on your PC and they charge you for the priviledge.

Personally I don't think there's any anti-virus software to beat McAfee, I've done tests against Norton, Sophos and AVG. On a number of occassions I've found that only McAfee has picked up a new virus.

I wouldn't trust a USB device. There must a system overhead, passing all that data first through the network card then through the USB port and it's associated software.

Each to his own I suppose.

I'll stick with my Watchguard firebox and McAfee Anti-virus thanks.

Thanks (0)
avatar
By ACDWebb
16th Aug 2007 15:39

Count me another Norton hater
It came packaged on the machine with a long licence (don't ask!!) and has recently developed an extended login wait - though not 6 minutes.

The router firewall is on and email comes through Mailwasher Pro so I sometimes wonder why I do not just switch over to Avast - which is free for home use and better than most on the market anyway according to a friend in the business

Thanks (0)
Morph
By kevinringer
24th Aug 2007 15:54

Why such differences?
I used to always buy Norton security products, but I found my PC getting slower and slower. So I switched to McAfee, until that got too slow. I tried F-Secure and found my PC froze completely. I tried several others before settling on ZoneAlarm. ZA is so much quicker than Norton, McAfee and F-Secure. But some of the others are quick too (eg Computer Associates eTrust). But why are some products so much quicker - are they not as thorough? I was reading a recent report done by one of the PC magazines into security suites. The market leaders (Norton and McAfee) scored very poorly - but they still have the biggest market share. I don't like the way Dell and HP sell PCs with trials of Norton pre-installed. Norton is such a resource hungry product that I bet many users don't continue with the trial and are put off security software.

Thanks (0)
avatar
By oldshoremore
21st Aug 2007 18:15

Phooee!
You guys have an interest in allowing this dangerous rubbish to infest the internet. It would be possible for all providers to clamp down on all this tripe at source and throw these timewasters in gaol. You wont, because it generates massive sales in inefficient software and endless callouts dealing with the failures resulting. No one is going to upset this cash cow.
I might have been impressed with this USB gizmo if you had indicated why it should be any better than software at arresting the viri and the spies. Is it infallible? or is its main claim to fame that it diverts all the traffic via the port and therefore faster than its onboard mates?
I'll wager that if you try to download a tax return on Iris to HMRC with this little device it will cause one of IRIS's prozaic little gems to appear like " am blowing up because the initialisation of the .net file was two bytes short of a full house....." (This is usually caused by firewall fun their programmers have never tried the software with. It is SO informative and really helps you to keep calm on deadline days)
No, Stewart, I suspect a plug for yet another gizmo here.
I shall hang on like grim death to my speedy AVG, because basically at heart, I am a luddite.
Why do we businessmen have to put up with these terrible 'Multimedia' games machines? There must be a market for a bog standard, rock solid machine that won't fall over because some nerd wants to have a laff. At least my old Apricot failed for a reason you could see or smell! It is the biggest cause of high blood pressure to be faced with an unresponsive program.
It took me hours to wipe out all the rubbish and thinly disguised spying devices that were preinstalled in a new Dell laptop the other day. It is all that rubbish that clogs up the startup.
We could feed Africa on the hours wasted staring at Bill Gates' monsters while they boot.
Come on Gordon you're missing another opportunity to come riding in from Dorset on your charger to save the world. Tackle the viri at source.
Put a tax on spam!

Thanks (0)