 Norton Insight in Norton Internet Security 2010 | |
| Developer(s) | Symantec Corporation |
|---|---|
| Operating system | Microsoft Windows |
| License | Proprietary |
Norton Insight whitelists files based on reputation. Norton-branded antivirus software then leverages the data to skip known files during virus scans. Symantec claims quicker scans and more accurate detection with the use of the technology.
Insight was codenamed Mr. Clean. Its initial aim was to help users determine what programs from the Internet are safe to install. Mr. Clean would provide a risk assessment to discern between safe and malicious files. [1] However, its goal was later changed to making virus scans more efficient; instead of scanning every file, known files are skipped, cutting scanning times. [2]
Norton Community Watch, a voluntary and anonymous service, allows a user's Norton product to forward information to Symantec servers. [3] Among the data collected are the processes running and their SHA256 values. A reappearing hash value and its corresponding file are whitelisted, and Norton Insight checks the processes on a user's computer against the whitelist. Matching processes are excluded from scanning.
When a process is "trusted", it has been deemed safe and excluded from risk scanning. There are two trust levels; "standard" and "high". The third option is to disable Norton Insight. In standard trust, processes appearing in the majority of participants' computers are deemed safe. High trust, in addition, excludes digitally signed files from scanning.
Norton analyzes the NTFS file system upon startup, and if unaccounted changes are found, trust values of the processes on the system are revoked.
In the case of a mistake, a revocation mechanism was implemented, where clients receive a list of revoked SHA256 values via LiveUpdate. If the client has a file matching a SHA256 and is currently trusting that file, all trust is revoked, and the file is once again scanned. [4] Norton File Insight was a feature released in Norton 2010 products.
The Norton Download Insight feature, provides insight of the files that you download and install in your computer. While the File Insight give you the reputation information, and locates the file on your computer, as well a feature that copies the information to the users clipboard.
It supports the Norton Download Insight Feature, and assizes a reputation about the file. The File Insight window provides the following information:
Upon release the Download Insight program would erroneously flags a downloaded file as having no Digital Signature and no version number and therefore a potential threat. [5]
The Tech Herald, which tested Norton Internet Security 2009, found Insight affected system performance while whitelisting files. [6] After scans, the publication also noted total number of files scanned and the number of trusted (skipped) files varied each scan. The average amount of time Insight took to scan a 561 megabyte folder with 21,816 clean files was 0:00:24:41. Despite the oddities, the editor observed Norton Internet Security 2009 was faster than subsequent products. [7]
Antivirus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
Gen Digital Inc. is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.
Norton Internet Security, developed by Symantec Corporation, is a discontinued computer program that provides malware protection and removal during a subscription period. It uses signatures and heuristics to identify viruses. Other features include a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It was superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.
Norton Personal Firewall, developed by Symantec, is a discontinued personal firewall with ad blocking, program control and privacy protection capabilities.
WinFixer was a family of scareware rogue security programs developed by Winsoftware which claimed to repair computer system problems on Microsoft Windows computers if a user purchased the full version of the software. The software was mainly installed without the user's consent. McAfee claimed that "the primary function of the free version appears to be to alarm the user into paying for registration, at least partially based on false or erroneous detections." The program prompted the user to purchase a paid copy of the program.
The Vundo Trojan is either a Trojan horse or a computer worm that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook. It also is used to deliver other malware to its host computers. Later versions include rootkits and ransomware.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
SONAR is the abbreviation for Symantec Online Network for Advanced Response. Unlike virus signatures, SONAR examines the behavior of applications to decide whether they are malicious. SONAR is built upon technology Symantec acquired in its late 2005 purchase of WholeSecurity, a developer of behavioral anti-malware and anti-phishing software solutions in the United States.
Kaspersky Internet Security was an internet security suite developed by Kaspersky Lab compatible with Microsoft Windows and Mac OS X. Kaspersky Internet Security offers protection from malware, as well as email spam, phishing and hacking attempts, and data leaks. Kaspersky Lab Diagnostics results are distributed to relevant developers through the MIT License.
VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google in September 2012. The company's ownership switched in January 2018 to Chronicle, a subsidiary of Google.
Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers. It has the largest market-share of any product for endpoint security.
Norton Safe Web is a service developed by Symantec Corporation that is designed to help users identify malicious websites. Safe Web delivers information about websites based on automated analysis and user feedback.
Norton Family is an American cloud-based parental control service. Norton Family is aimed at "fostering communication" involving parents and their children's online activities. Computer activities are monitored by the software client, and reports are published online.
Norton LiveUpdate is a utility developed by Symantec Corporation that downloads and installs security updates and software patches. LiveUpdate can only apply updates for a particular version of Norton; it cannot however upgrade a version of Norton to a later version. To upgrade the product to the latest version, one would have to go to a separate website.
Norton Power Eraser (NPE) is a small portable executable which uses Norton Insight in-the-cloud application ratings to scan a computer system. The program matches an application found on the user's computer with a list of trusted and malicious applications. If it's in the list of trusted applications, Power Eraser leaves it on the system. If it is in the list of bad applications, it is marked for deletion. If it is unknown and not in any list, it is reported as suspicious but not marked for removal. Instead, the program recommends a "remote scan", which will upload the file to Symantec's servers to check it with virus definitions.
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.
AnyDesk is a remote desktop application distributed by AnyDesk Software GmbH. The proprietary software program provides platform-independent remote access to personal computers and other devices running the host application. It offers remote control, file transfer, and VPN functionality. AnyDesk is often used in technical support scams and other remote access scams.
Norton 360 was an "all-in-one" security suite for the consumer market developed by Symantec. Originally released in 2006, it was discontinued in 2014; its features were carried over to its successor, Norton Security. However, in 2019, Symantec released a "NEW Norton 360", as a product replacement for Norton Security.
