Re: PC-cillin

From: Pete Cresswell (x_at_y.z.invalid)
Date: 04/11/05

  • Next message: Sam: "Norton NIS 2005 Latest LiveUpdate" 
    Date: Mon, 11 Apr 2005 07:51:27 -0700

    Per dougieone:
    >How is the
    >PC-cillin 2005 internet security from trendmicro???? Does anyone give it a
    >thumbs up??

    Don't know enough to comment on it's security level, but I find a problems with
    the UI. But then again, I tend to find problems with a lot of things that most
    people seem happy with... maybe it's the caffiene talking...

    Biggest and baddest UI problem is that PC-Cillin's attack notifications are
    interruptive: i.e. the dialog or popup that tells the user about the attack
    takes focus.

    Try typing something - or doing *anything* for that matter - when your PC is
    being hit with MS03_O26 or MS04_011_LSASS_Exploit twice per second.

    That behavior allows virus attacks to effectively disable your computer while
    it's online - even though PC-Cillin is preseumably dealing with said attacks
    effectively and they are no threat.

    Another thing I don't care for is the look/wording of the attack popup. Even
    though it is simply evidence that PC-Cillin is just doing it's job and
    preventing the baddies from getting to your OS, it's big, red, contains the word
    "Emergency", and has some CYA advice on it that, if followed every time it
    popped, would again make the PC useless: the user would spend all their waking
    hours doing complete virus scans. Maybe in that case it's the lawyers
    talking... but my reaction is "Is this thing doing it's job or not? If it is
    doing it's job, stop telling me I need to scan my entire system 23 times every
    hour." If not let me find some thing that will.

    A third thing that bugs me are warnings like "MS04_011_LSASS_VULNERABILITY".
    These things can keep popping over-and-over seemingly forever even though the MS
    patch to fix that vulnerability has been applied. Apparently there isn't even
    an attack going on - it's just noting a condition in the system, and not even
    turning itself off when that condition is remedied. The only relief is turning
    off notifications altogether. They really need a message-specific toggle.

    Finally, the facility to add a new program to the firewall's permit list is
    buried too deeply and the Common File dialog's default doesn't make a lot of
    sense. When somebody is configuring a system, this function will be invoked
    over and over again. The default Common File value SB C:\Program files or the
    last directory fed to it... and there needs tb a button right up on the main
    screen to add a program to the permit list.

    Having said all that, please note that I have said nothing at all about the
    product's most important aspect: whether or not the thing actually prevents
    virus/worm infestation.

    Their web site sure looks like *somebody* knows *something*.... And if it does
    effectly keep the nasties out, I'll cut the UI some slack....maybe even disable
    the notifications alltogether in favor of a periodic log review....

    Anybody out using Norton that has used PC-Cillin? Comments on relative merits
    of both?

    I'm thinking the excessive notification thing may go away once I get a hardware
    router/firewall in front of PC-Cillin. 

    -- 
PeteCresswell
  • Next message: Sam: "Norton NIS 2005 Latest LiveUpdate"