Quick Update: Installation of BitDefender Total Security 2011

This is just a quick video I put together showing the entire installation process of BitDefender Total Security 2011 from start to finish. I’m still using BitDefender Total Security 2011 as my main internet security suite and I am still enthusiastic about the product & the security of my PC. I have to give the team at BitDefender props for being responsive to updates in other software that breaks *their* software.

Case in point: Firefox 3.6.9 was just released and in short order, I was informed by the nifty plugin-checker tool in Firefox, that the BitDefender AntiPhishing toolbar was incompatible with the latest release. Almost immediately, I tweeted to the BitDefender account on Twitter about the issue.

heads up @BitsyBD @bitdefender the bitdefender antiphishing toolbar is incompatible with latest firefox v3.6.9

BitDefender AntiPhishing Toolbar

In less than 2 days, an update was pushed out that rectified the problem!

happy @bitdefender released an update quickly for ff 3.6.9 antiphishing toolbar and outlook antispam issue.

Without further ado, embedded in this post is the video I created (using the excellent Camtasia screencasting software) to show the installation process of BitDefender Total Security 2011. I installed BitDefender Total Security 2011 on my HP TouchSmart 600 and the experience was markedly different (positively) from when I installed it on my notebook! Read my initial impressions of the BitDefender Total Security 2011 software on my site.

httpv://www.youtube.com/watch?v=ki-iMYrx4wg

Overzealous malware hunter: Norton Internet Security 2010

I‘m a happy user of Norton Internet Security 2010 (referrred to as NIS 2010 henceforth). I have never been infected with any nasties primarily due to a combo of taking common-sense precautions (like not downloading “free ringtones”, “sexy videos” or any “codecs” to view said sexy videos), being aware of my internet surroundings and having NIS take care of things when I’m lax. However, NIS 2010 has issues that I need to vent about.

NIS 2010 has this nifty feature called Insight Network Scan where Norton consults its community/database on a file it’s not sure about. By default, it appears that if a file has been used by less than 10 users (not sure how they can definitively say this because they may be counting only systems with Norton Internet Security 2010 installed, who knows?), Norton classifies the file as a risk, specifically as WS.Reputation.1 or Reser.Reputation.1. Here are some specific and notable instances of Norton Insight ensnaring ‘innocent’ files:

  1. Wireshark x64 v. 1.2.6: On the 28th of January 2010, I downloaded the 64-bit version of Wireshark and I got alerted that the file was Suspicious and the risk it posed was called “Reser.Reputation.1”. After complaining on Norton’s Facebook page, some updates were pushed out and the “Reser.Reputation.1” classification was removed.
    wireshark.png
  2. FastPicture Viewer Codec Pack v. 2.1R3: On 26th of May 2010, I purchased this Codec Pack and downloaded the file. Norton complained and deleted the file after calling the risk “WS.Reputation.1”. This case was actually interesting because I contacted the developer via email to verify that their software hadn’t been somehow tampered with and I got a semi-humorous lecture about my use of internet security software. 🙂 They assured me their software was fine, provided me with VirusTotal links, etc. I also went ahead to notify & they instructed me on how to submit a false positive report.
    fastpicture-nortonissue-flattened.png
  3. Fraps (paid version) v. 3.2.3: On the 16th of June 2010, I learned of a new version of Fraps via Neowin and I went to download this latest copy. Norton deleted this file because it was *gasp* a risk, having been used by less than 10 people in the Norton “community”. This time, the Fraps file’s risk was termed “WS.Reputation.1”. I wasn’t even given the opportunity to whitelist the particular executable that I downloaded. Eventually, I had to temporarily pause Norton’s “antivirus protect” service just so I could download and install the file! As usual, I notified @NortonOnline and filed a false positive report.
    fraps.png

Now, up till now, my impression of the “xx.Reputation.1 risk” classification has been that it’s a minor disturbance. Everytime this happened with a file I cared about (Wireshark, Fraps, etc), I notified @NortonOnline (their official twitter account) and filled out a dispute form on their site. and I can certainly appreciate why this feature was put in place, but clearly the feature is becoming a little too trigger-happy. So far, the files that have been caught in this dragnet have been files I downloaded from the internet. However, today (06/27/2010), Norton Internet Security 2010 went too far.

I learned that Firefox 3.6.6 had been released via Twitter and I quickly went to upgrade my install of Firefox from 3.6.4 to 3.6.6. NIS 2010 didn’t complain about the upgrade and I got the standard post-install welcome page from Mozilla about the successful upgrade. Fast forwarding to about ~ 4.20pm (EST) today, I got a prompt from NIS 2010 that I had never seen before:
nortonprompt.png

I was surprised because I hadn’t even received notification of a suspicious file being found. So, I reviewed the “Recent History and found out that NIS 2010 had slapped the “WS.Reputation.1” tag on 3 .dll files in Mozilla Firefox‘s install folder on my C: drive (freebl3.dll, softokn3.dll and nssdbm3.dll). From the NIS 2010 interface when reviewing the history, it’s not readily apparent on how to “reverse” any decisions the Insight engine has made so I reluctantly restarted my computer.
ffdlls.png

Since restarting my computer at ~7.30pm (EST), Firefox refused to start and crashed every single time.
ffcrashes-06272010.png
I’m pretty sure it wasn’t happy that those 3 .dll files were deleted by NIS 2010. In fact, those files are pretty important to Firefox (duh). Anyway, after getting tired of having IE 8 as my default browser and feverishly updating NIS 2010 definitions, I reinstalled Firefox 3.6.6. and *knock on wood* it hasn’t mysteriously decided that certain dll files are suspicious.

*That* was a mouthful. I’m sure I’ll have more of these false positives before the month is over. I’d rather NIS 2010 err on the side of caution every time, but they’re running the risk of me/users getting used to temporarily turning off the software just to install stuff. The end. 😛

In an automated email to me, Norton recommended:

  1. Digitally signing your binaries.
  2. Submitting your software to their Whitelist program here: https://submit.symantec.com/whitelist/

norton-rec.png

My Workarounds in Ubuntu and Getting Weaned Off Windows.

However, there are alternatives to the key programs I’m missing such as Microsoft Office Outlook which is being replaced by Evolution Mail. I’m getting used to Evolution‘s email interface and finding out that it’s not so bad. I imported my contacts and while it wasn’t smooth (i.e. mis-identifying imported items), it’s doing the job of checking my email for me. 🙂 So here goes (it’s an evolving list):

1. On my Vista laptop, I found 7zip indispensable because it was fast and integrated itself into the Windows explorer environment. On Ubuntu, my alternative to 7zip is the built-in Archive Manager, which can also be accessed by typing “file-roller” into a terminal window. In fact, after a couple of uses, I’m growing to appreciate the speed of this utility. I’m sure there is a way make an entry into the context-menu, but until then, I’m settling for managing file archives via Archive Manager.

2. When I was using Windows, Cyberlink Youcam was rather terrific for making silly videos as well as for video chat because it had a wealth of fun additions like the whiteboard, effects, etc The closest I have come to on Ubuntu is the Cheese Webcam booth. Currently, the videos it takes are just as high-quality as Cyberlink Youcam’s, to my uneducated eyes. 🙂 The effects are cheesy and there’s really not much to it beyond taking webcam snapshots and videos. Editing the webcam and videos will have to happen a different program, but Cheese Webcam Booth is free and demonstrably works. Check out the two items under “Preferences”.
Ubuntu Cheese Webcam preferences

3) Microsoft Office 2007 is a thing of beauty and I particularly enjoyed creating documents with it. Now, being on Ubuntu has forced me to consider alternatives such as AbiWord and the Open Office suite of products. The user interface for Open Office is really archaic (in my view) and a little confusing for me. However, I’ve gotten the basic commands I need to survive and I’ll keep adding more skills to my repertoire. The preferences menu in Open Office is really scatterbrained and I hope Open Office 3.0 will bring some sort of order/sense into it. Maybe I’m severely biased (after 7 years of Microsoft Office), but I am willing to put Open Office through its paces and make sense out of it. 🙂 Wish me luck!

4. Security on Linux: This is the biggest scare for me because I was reasonably adept at staying secure on my laptop when it had Vista on it. Now, I’m learning things like the Linux filesystem does not need defragmentation, there aren’t very many dedicated security suites for Ubuntu/Linux or those available are for server-grade protection, etc. Frankly, I’m a little frustrated, but I’m doing my due diligence by reading up on ways to keep my computer protected from intruders. For instance, I’ve enabled the built-in Ubuntu firewall (ufw) and I currently use Firestarter to observe the kind of traffic that’s leaving and entering my computer. I haven’t created any custom rules because I dread accidentally locking myself out one of these days.

5. Secure remote access: This is the downside (for now) of switching to Linux. On my Vista installation, I had installed Logmein Pro and I had a dooms-day plan hatched out whereby I would be able to take pictures of any criminal using my laptop to get online or even wipe my data. Now, I’m kinda stuck with messing around with finicky VNC clients, etc. Hopefully, my online scourings will turn up a useful utility like Logmein that I can use to remotely access my computer. A name that keeps popping up as a robust remote access solution is NoMachine’s NX Free Edition. I gave it a whirl, but was unable to get it to work on my Linux laptop. There are other Virtual Network Computing solutions out there (RealVNC, UltraVNC, TightVNC, etc), but they are all way over my head at this point. I’m settling for doing a whole lot of reading and simply learning to fortify my computer against computer varmints. 🙂 In that respect, I’ve enabled OpenSSH server on my laptop and changed the default port (22) to something else. That action probably threw a monkey wrench in to my NXServer configuration, but I’m a little tired. lol.

6. Secure online surfing: My method of staying under the radar while surfing was through SSH tunneling. To be able to perform “SSH tunneling”, you need access to an SSH server and there are a few free SSH servers out there. On Ubuntu/Linux, I installed the Gnome SSH tunnel manager (search for ‘gstm’ using the Synaptic Package Manager which is like the Windows “add and remove” programs feature with awesomeness added. lol) and because I have Firefox, I’ve got the Foxyproxy plugin to toggle the tunneling session on or off!

That’s about it for now. More to come! Cheers.