|
|
|
10 Ways To Make Your E-mails Grab Attention!
1. Use extra white space creatively in your subject line. You can add extra blank spaces between your words or letters. 2. Combine capital letters with lower case letters. Use all capital letters in every other word or use a capital letter between...
A Review on “Power Shortcuts for Adobe Photoshop CS”
If you want to produce outstanding and award-winning movies instantly, you can count on Adobe Photoshop CS software and its integrated web production application software. Photographers, graphic artists, web designers, and video professionals can...
How To Avoid Getting Hooked By Pfishing
"Pfishing", sometimes spelled "Phishing", is a word that's used to describe a method of identity theft where con men use fake e-mail that looks like it comes from legitimate sources. This e-mail is designed to hoodwink you into giving out...
Predicting The Future Online
The psychic Hotline won't help you in this article! However, I want to share my predictions for 2003 and the trends I see affecting how you will use the Internet for both business and pleasure. ** Anti-Spam! Anybody with an email account for...
"Secrets To Secure Email!"
Is there such a thing as "Secure Email"? We can break it down into two main parts. First, as any of you that have been online for a while as I have, over eight years this month, you have no doubt shared your email address with other people on the...
|
|
| |
|
|
|
|
|
|
Risky Business: Security Software Testing
January 11, 2005
Testing Security Software
By Tim Klemmer
CEO, OnceRed LLC
This is the fourth in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.
Reason #3: Security Software Testing
Ever ask yourself the following question as you’re standing in the aisle at CompUSA or Best Buy: how well will this piece of software work with my other programs? Probably not. There is a high expectation that whatever piece of software you buy will work acceptably on your computer and won’t infringe on other programs.
Games, word processors, spreadsheets, music players are just those types of self-contained software programs that you wouldn’t expect any trouble from. And for the most part, you don’t experience problems.
Security software, on the other hand, by its very nature is more invasive and more likely to intrude on your way of computing. First and foremost, all good anti-virus software packages install on-access/on-demand scanning. This means that every time you start up a program, every time you access a document or spreadsheet, every time you access a directory in Explorer, the anti-virus program will scan it for viruses. Unfortunately, the consequence of this is that it slows down your computer. Unfortunately still, all vendors set on-access/on-demand scanning up as the default when you install the software. They have to.
When you install security software it has to install itself in such a way that it will always have the upper hand when new programs are run on a PC. Why? For the simple reason that you are installing this software to protect you from bad software. Security software tries to analyze anything you do on your computer and decide if it is a good thing or not.
But will the software make good decisions? Will this software cooperate with other programs? Security vendors have spent years perfecting their testing and testing against enormous suites of commercial software. But they can’t test every
combination of software, every different version of software (there are still PCs out there running DOS 3.0 programs). They have to concentrate on mainstream. The problem is they may have no idea that your video card in combination with those two older games you installed will wreak havoc with their detection algorithms.
We see this all the time. Users send in emails or write notes in newsgroups complaining that such-and-such a package is preventing them from installing a new game or that such-and-such version is saying that their new game is infected.
Or worse still, things just don’t work the same anymore since the software was installed. Downloads become more tedious because instead of just clicking download, now users are forced to answer questions about each download or approve downloads.
Solution
So what’s the answer? The answer as we have been touting in these series of articles regarding security software is to move to a more centralized approach. Instead of installing scanning software on your computer, install behavior-based software on an off-site testing server that receives test requests from the email server. All emails are routed through the testing server.
This then can be expanded to include web traffic that runs on a 10-second delay much like talk radio. You connect through the internet, all subsequent downloads, ActiveX controls, etc. are routed via a testing server and then arrive on your PC or are halted and removed and you receive the appropriate message.
In the time that it takes to receive a file, it can be tested, and trouble software can be detected. This approach works for detecting everything from viruses to worms to spyware. You as a user notice no long waiting, no downtime, no drag, and no incompatibilities.
About the Author
Tim Klemmer
CEO, OnceRed LLC
http://www.checkinmyemail.com
Tim Klemmer has spent the better part of 12 years designing and perfecting the first patented behavior-based solution to malicious software.
|
|
|
|
|
|