November 2019 Main Meeting
Tonight, our good friends from Norton
called in to talk about the exciting changes to Norton’s 360.
Norton Lifelock Systems Engineer was on hand to talk us through Norton’s Cyber Safety Strategy.
As it has become more difficult to attack individual PCs etc., the criminals have developed strategies to attack web sites in the hope of attacking us by the back door.
They create fake sites or hack legitimate ones. One of the favorited methods is form jacking.
This is where they exploit the vulnerabilities of a form on the site by hijacking the code behind it for example, to skim your information. One example from the floor was criminals high-jacking the information your browser uses to automatically fill in a form with your stored details.
Then there’s ransomware viruses which lock you out of your machine and demand a payment to unlock it.
Unfortunately, we are now seeing ransomware infecting phones and tablets. Next Dean spoke about Cryptojacking.
That’s hijacking your machine. not to steal your details or rob your accounts. but to use your computing power for example to distribute malware to other venerable machines. Dean moved on to describe how criminals have become more sophisticated in their approach. Most antivirus software will stop an attack so now they “live off the land”.
They use existing trusted software like Excel or PowerPoint to implant malicious code.
We then moved to smartphones. Dean drew our attention to the privacy concerns around phones.
A quick show of hands indicated a sixty to forty percent range between iPhone (60%) and Android users. Any smartphone user has apps on the phone, calendars, calculators, even e-mail clients. There are a whole range of handy applications.
Now here’s the problem, those “great” apps all want details and as Dean said most of the time it’s information which has no relationship to the function the app performs. As an example of risky permissions Dean looked at a flashlight app.
It wanted access to the phone’s storage, the Microphone, photos, location and WiFi access.
Norton now includes an app advisor. It addresses what permissions the app asks for. It goes beyond just looking for malware, the app may do exactly what you want but the Advisor gives you a sort of heads up as to what to expect.
Using the App Advisor,
on the Google play Store you can see how Norton rates the app and what permissions it wants before you download them.
Ninety three percent of people are concerned with privacy.
Norton has addressed these privacy concerns. One of the real problems is the use of unprotected public WiFi. One way to avoid that was a VPN (Virtual Private Network). For a lot of people, a VPN was seen as a way to get American TV. Now you can use the Norton VPN and avoid the risk of public WiFi. Norton’s Secure VPN was a separate product called WiFi Security and is now included in 360. We first meet Norton WiFi security in June 2016
Turning on Norton VPN is only a switch away.
You can turn it on or off using the switch in 360.
Another feature of 360 was its ability to scan any public WiFi for security problems.
Dean moved on to iOS or Apple Mobile. Once considered a haven from virus attacks the iOS users are finding themselves vulnerable. The stats Norton has found while running Norton Mobile Security (NMS) software on iOS shows that the longer a person has used an iOS device the more vulnerable they become.
Dean then took us on a tour of the new Norton 360.
Norton is now offering a 100% guarantee. If you are invaded by a virus which Norton can’t remove you get your money back.
The first thing Dean noted was the new unified access interface which works across all the elements in Norton 360 making access to any feature on 360 easy to find.
He ran through the major features.
such as the advanced threat protection which is constantly evolving to match the new threats.
Mobile Protection across both Android and iOS now includes the app advisor discussed earlier.
There’s Network Protection, again looking at WiFI networks, both public and your own home network. If you are using a public WiFi it will help identify the strength of the network and any vulnerabilities in the system, including if someone on the network is using tools to spy in your machine.
Also there’s the Secure VPN we touched on before.
The usual parent controls are included to help protect and manage your child’s online activity. Most, if not all laptops, even my smart TV, have a web cam. Norton has included a webcam monitor to supervise the apps and programs that use or try to get access to the camera.
The next feature Dean spoke about was Web Isolation. It’s new to 360 and it’s a great idea. Quite often if a link was suspect, anti-virus programs would block your access. Now with Norton Web Isolation if you still wish to have a look at the link Norton will open up the site in an isolation zone. It’s like the sandbox technology you can use to run a program until you are sure it safe. Here Norton opens the site on its server and sends you a fully workable rendered image while Norton contains any virus or malware on its servers. One of the features of Web Isolation is Banking or financial Protection. If you do online banking, use PayPal or a credit card Norton will always run your financial sites inside Web Isolation. So, if by some fluke you or your banking site is compromised Norton will contain that risk. As Dean pointed out the site becomes a virtual machine protecting your information and disabling any malware. By default, Isolation is triggered on financial sites and where malware has been detected.
Then there is Secure Cloud Backup. This is much improved over earlier versions with 100GB of storage available, originally it was around 25GB. One point, Dean made is that while other vendors may offer similar products Norton’s aim is to simplify the interface and make it easy to manage any product from the single access interface. Dean emphasized that with Norton it’s not a bunch of products you have to manage individually but a one stop shop incorporating all of the Norton security products.
Dean then ran though Norton’s protection, starting with Network. It’s more than just a firewall. Norton isn’t just waiting for an attack to start before it takes action. It’s monitoring the entire network and will stop a threat “inflight” before it can start running. System Harding is where Norton, rather than wait for a ransom ware attack, will strengthen your system to close the routes or vulnerabilities in the system that malware can take to corrupt your system. The file layer, in some ways the oldest level of security, is a list of the millions of known virus signatures. Now Norton is learning from your machine what’s not right, and blocking files that do the wrong thing while updating its virus signatures.
Reputation within the program and app field is also looked at by Norton. Who else on the net has accessed that program or site and what is the standing of the site or app within the community? Behaviour is the way Norton exposes the virus software by getting it to reveal its “intentions”, so to speak, before the virus can start to infect the machine.
Then there’s backup and system tools. Again, there is Norton backup which can be setup to automatically backup the documents and photos you most want to save. The system tools include things like password manager, start-up manager and disk optimisation.
We then had a quick look at the new Norton interface in action.
The new additions include Secure VPN and Password Manager. Password Manager was available but you had to look for it and the VPN was only there if you paid extra. Click on Device Security and the familiar interface shows up with all the device menus like security, internet security, backup etc.
With the VPN you can turn it on or learn more using the dropdown menu,
One suggestion from the floor was that you could log into your bank using the Norton VPN while overseas as if you were in Australia.
Now with Backup you can manage your backups straight from the interface.
Using password manager has been made simpler. Before you had to log in separately to the Vault to manage your passwords. Now Password manager is available right on the dashboard. One innovation is that now for any new password you enter Norton Password manager will prompt you to save it in Norton’s much the same way your browser does.
Dean demonstrated password manager by logging in to a Norton account.
The manager shows you all the passwords available for that account and you select the correct one. One bonus Dean mentioned was that if Norton see any of your registered passwords for sale on the net they notify you immediately.
You also have a safety dashboard.
This screen indicates that there are 111 passwords with a 60% security rating. It then shows the sites used and their passwords along with the number of times the same password has been used. Deans comment was “weak and duplicated passwords are what stand between you and the bad guys.”
If you wish Password Manager can generate a password for you.
How about OacHU=asw8pRI=rIFeT4! Try remembering that after a party, of course you don't need to remeber it with Norton Password Manager.
Tonight, Dean had five copies of Norton 360 Premium 5 with 5 licences and we had a few other gifts.
Our Norton winners.