UNBLOCK ANY WEBSITE! With A VPN Surf The Web Anonymously Find out More

Trend Micro PC-Cillin review!

I’ve been threatening for months. This time I make good on the threat. Finally, my review of the latest consumer offering from Trend Micro, PC-Cillin 2006. My thanks to TM for sending me a copy to review.

D-Link router update.

D-Link announced recently that it has released a firmware patch for many of it’s wired and wireless routers to address a severe security threat that could compromise users who have enabled the UPnP service. I think it defaults to enabled which is why the great concern. The vulnerability exists in many of their consumer grade products in wide distribution. If you have a D-Link router, please make sure your product is patched if it is affected.

Open Source gets more attention from both sides.

I’ve been saying this for a while now. As open source products such as Open Office (a personal favorite), Firefox, the Linux OS and others gain popularity, so too do they become open season for hackers, spyware and viruses. The anonymity that once kept these products off the hacker’s radar screen is disappearing and along with it the the idea that these products were somehow inherently less vulnerable. Because many do not have automatic upgrade mechanisms that patch new threats as they arise, they may in fact be more vulnerable. Products with the largest number of users will always attract the largest number of hackers. This is why Microsoft has always been a favorite target. As the exodus away from Microsoft continues, open source vendors will need to incorporate stronger measures to keep users updated and secure else risk loss of market share to competing products.

Which is not to say that commercial products are becoming any less vulnerable. Take a look at B9’s top ten list of most dangerous applications in this short article from the CRN website. Topping the list – Firefox, iTunes and Skype.

All of which IS to say – Keep your firewall turned on, your antivirus, operating system and software up to date and be alert.

>> Cast your vote in our new online survey

We’re about to embark on a redesign of the SurfSafely.com online safety web portal. We’d like to know what’s most important to you in such a portal that will keep you coming back for more. Hence, this month’s survey:

What do you need most from an online safety portal?

Please visit the main site http://www.surfsafely.com/ and let your voice be heard.

>> Technology, Industry And Product News

The end for PrismIQ

Last news letter I announced that PrismIQ was ceasing operations and liquidating their inventory at huge discounts. Upon revisiting their website today, they have indeed closed up shop and the deals are gone. I hope some of you were able to take advantage of them while they lasted.

It was a valiant effort and I really did like their wireless router (which remains in service in my home to this day). Before their doors closed I acquired the rights from the company CEO Ken Goldsholl to make available for download the final releases of all of their firmware and software. I will be resurrecting the forum section and adding a topic devoted exclusively to PrismIQ in hopes of providing ongoing user to user support.

I also bought one each of their PCMCIA and USB wireless adapters to add those drivers to my future download area. Both of them could have used some refinement, especially the PCMCIA. But, they also have some very unique features found nowhere else making them a valuable addition to any wireless warrior’s tool chest. Community based support for these will also find a home at SurfSafely.

To the folks at PrismIQ, all the best.

>> Product reviews

Trend Micro PC-Cillin 2006

I’ve been threatening for months. This time I make good on the threat. Finally, my review of the latest consumer offering from Trend Micro, PC-Cillin 2006. My thanks to TM for sending me a copy to review.

You all know I’m a cheapskate. In keeping with this theme I took the road less traveled when installing the software. It’s important to read the brief installation instructions on the inside cover for the CD. It revealed some clues I might not have found otherwise. Rather than using the brand new installation key printed on the sticker affixed to the inside cover, the install tips revealed I could use my previous key for the older version. This intrigued me because my previous key, although valid, has expired for free automatic updates. I continued to update my AV software manually, for free. What interested me was to see of this old key would reset the one free year of automatic updates on the new software or if it allow me to manually update the new software for free the same way I did for the old software.

The install forces you to uninstall any previous versions before installing the new one. This is a good thing. Many users install updated products thinking they will simply overwrite the old and be just fine. As AV products go this often causes conflicts and crashes.

Installation went very smoothly. Upon entering my valid but expired key, TM popped up a warning that the key had expired but still allowed me to install and apply one initial update to make the product totally current. After that I was on my own to find a way to update manually.

This latest version has a wealth of new and useful features. Some are well refined, some not so well refined. Because it has so much built into it, expect to spend an hour or two installing and setting up your preferences. It’s time well spent.


Along the left side of the main window are shortcuts to all of the program’s feature categories, logically organized and subdivided again once you enter those areas. In the lower right of the main window are wizards that guide the user step by step. Context sensitive help is available throughout.

Antivirus has Virus scan scheduling, Real-time protection settings,email protection settings, virus outbreak warning message settings (fed to users in real time by TM) and quarantine management. Outbreak is also one place where you can enable or disable automatic updates. Mine is turned off. Otherwise TM bugs me to renew (pay to update) my expired key. HA! NEVAR!!!

Antispyware has similar settings for Scheduling, Real-time protection and Quarantine. Real-time settings can get very tricky if you’re using any third party products that monitor activity on your computer. I ran into a serious problem where it would not allow me to run a monitor program that I had used for several years from Son Media. To test, I uninstalled the monitor program only to later find I could not reinstall it because the company had discontinued it and the online S/N validation server was no longer in service. There is an “Exception list” that supposedly one can add products to for PCC to ignore but that feature simply does not work for real-time protection, only scanning. It’s very sensitive and unforgiving. The only way to use any of the Real-time Antispyware protection is to disable the spyware class entirely. Hardly useful.

Another criticism – If you do run a spyware scan and it detects anything, PCC forces the user to deal with each one, one at a time. Typically dozens of cookies are detected during the first few spyware scans. PCC builds a list of what it finds. Most are cookies set by advertising services on sites being visited. The user must then examine each and every one using the “More info” option. After you’ve identified who set it, your choices are to “Always allow”, “Always delete”, “Delete now” or do nothing. Some cookies are useful and should always be allowed. For instance, web sites requiring a logon that give you an option to “Remember you” will set a cookie. When you return it reads the cookie from your computer and logs you back in automatically. Others only remember you for the advertisers benefit. Basically, anything you didn’t expect PCC to detect is usually safe to always delete. PCC remembers your choices in the exception list where you can edit them later. The process is very similar to training a firewall after first installing it. The difference is there are usually only dozens of apps on a computer that might need Internet access through a firewall. There are literally tens of thousands of big advertisers and many fold more nefarious web sites that PCC might detect cookies and spyware from. Fortunately, you’re probably likely to encounter only a few dozen types based on your usual browsing habits. After a while it does settle down but it’s a laborious process. My usual compliment of antispyware freeware does a much better job, stopping them before they get onto the machine, usually turning up nothing during a full scan.

Antiphishing starts with a Wizard that again guides users step by step. It’s very straight forward and easy to use. Under that are Spam & Fraud filters – Simply flags email messages on the subject line of your inbox, Website filters – Attempts to classify and warn users when encountered (more about this later), Privacy Protection – Monitors and blocks unauthorized usage of secret passwords and personal information in chat rooms, online forms, etc. unless they are added to an exception list of known origins (This feature works extremely well! I like it a lot) and Vulnerability check – Examines Microsoft Windows and Office for known unpatched vulnerabilities. Another feature that works extremely well. It revealed to me that I had not updated my MS Office software in a very long time and was possibly vulnerable to attack. Realistically, my multiple firewalls and antispy software would have probably mitigated the threats but better safe than sorry.

Getting back to Website filters, one can filter sites based on their own whitelist and/or blacklist. The lists can be created from scratch or by third parties and imported. One can also filter web sites based solely on their categories. Phishing and spyware are only two. Other categories include Adult, Sex, Alcohol/Tobacco, Illegal Drugs, Gambling, Crime, Violence/Hate/Racism, Hacking, Cult/Occult, Weapons/Military, Games, Web Communications, Personals/Dating, Chat/IM, Email, Newsgroups, Shopping/Auction, Software Downloads, Streaming Media/MP3, Job Search and Web Advertisement. One thing that’s not clear to me at all is the method they’re using to classify web sites. Where is the master whitelist and blacklist? Who decides where to draw the line between news and violence? Between adult and teen? Between legal and illegal drugs? Granted, the local whitelist can be used to allow sites otherwise blocked by category but I wonder how tedious it might become. I’ll be testing this feature more in the weeks ahead and let you know how it goes.

Network Security has under it Private Network Protection – Allows one to scan and update other computers connected on a private network like home networks but requires those computers to use the same password as the local computer? Hmm. Someone didn’t give this feature much thought. Under no circumstance should every computer on any network have the same password! Period, the end. For that reason I didn’t even fiddle with it. Personal Firewall – Very strong, very stealth. If not for one very large problem I would have used it to replace my Tiny Personal Firewall entirely. The problem lies with exception list handling. There are several advanced network utilities that I use to monitor IP traffic. Most firewalls can alert the user to unauthorized traffic for on-the-fly addition to an exception list. PCC does this too but not for all traffic, mostly just outbound traffic. Inbound exceptions must be added manually. I could not figure out how to add the proper exception that would allow my network diagnostic tools to keep working. So, I had to reduce the PCC firewall protection from High to Low (which still detects network viruses) and keep my Tiny Firewall in service. Most home users would never run into problems like I do but it’s still certainly less than perfect. Lastly, Network Intrusion Detection – Exactly as the name implies, nothing more. I always wondered what this feature was about and how network intrusions were being detected. What it does is look at attempts to connect to the local computer only through the network. Attempts from unauthorized MAC addresses can be blocked until added to an approved exception list. What it does NOT do is prevent unauthorized access to the network itself. It only prevents unauthorized users from using the network to access the local computer(s) on which PCC is installed. They can still hijack the Internet connection. Best practice dictates that MAC address filtering should be enabled at the router and only known network adapters allowed to use it. All Network Intrusion Detection does is alert you if you forgot to do this and someone did attempt to gain access. Useful but not as useful as the hype might suggest.

General has under it Update settings, Registration, Event Logs andPreferences – Where passwords are managed to control access to program settings.

Testing

In a leap of faith, I disabled all of my anti-spyware and firewalls except one, SpywareGuard, which prevents browser hijacking in real time. It also alerted me to any changes PCC was making to Internet Explorer. After a couple of weeks I rescanned for spyware using Spybot S&D. It turned up a number of tracking cookies that PCC allowed that Spyware Blaster would have otherwise silently blocked. Not dangerous, just invasive of privacy regarding online usage.

Final thoughts

Previously noted problems not withstanding, I am generally happywith the program. However, I will not be using PCC’s native spyware tools. My favored collection of antispyware below prevails. Nor will I be using the built in firewall in anything but the low protection mode in conjunction with Tiny. As stated in reviews of earlier Trend Micro versions, either more attention should be paid to the add-on features or TM should pull back slightly and focus more on the core feature, AntiVirus. If they can’t do it well, they shouldn’t do it at all.

Overall, more disappointing than expected. PCC 2006 earns 4.0 stars out of 5.

Add a Comment

Your email address will not be published. Required fields are marked *