Monthly Archives: December 2013

Test Drive – Webroot SecureAnywhere Antivirus 2014

Avid readers of mine who have followed my articles over the last few years know that periodically I’ve been known to review Security Suites, i.e. antivirus programs. For those who didn’t know, well, now you do too.

Today I’m writing about Webroot SecureAnywhere antivirus 2014. This program came to my attention a few months ago. I gave it a quick whirl and was impressed on the light footprint it has and yet how it manages to have plenty of different functions. But I never put it under a formal test, like I usually do when evaluating security programs. Today, however, its turn finally came.

As many of you know, my basic test consists of installing the security program in question in my Windows-7-based test computer, and then proceeding to visit malicious websites and in general try to infect the test computer while keeping records of the security program’s behavior. The only passing grade is 100% success in thwarting efforts to infect the computer. And in this case… Webroot kind of failed. Let me explain what I mean by “kind of”.

On the plus side, its very, very light footprint makes it ideal for old and basic computers, since the average antivirus program these days will take a good amount of memory and computer processing power to operate. Not Webroot though. The claim that it doesn’t slow down one’s computer is true.

On the negative side, I was, strictly speaking, able to infect the test computer after a few attempts. But it’s not black and white, so allow me to explain what happened. I visited a couple of malicious websites that initiated infected files downloads onto the test computer. Initially Webroot caught and blocked the first attempts. But then came a particularly deceiving trojan.

I downloaded and opened the infected file without Webroot protesting or alerting me at all. Bad. But when the program tried to connect to the Internet to “call home”, Webroot did alert me that an untrusted program was trying to connect to the Internet (the antivirus has an outgoing firewall, meaning it monitors outgoing connections. More on that later). That was good. The bad part is, Webroot is designed to block any suspicious action by default while prompting the user for a decision on whether or not to let the program carry on with the suspcicious action. That’s not so bad. The bad part is that by default, after 2 minutes, if there is no response from the user one way or the other,  Webroot’s default action is to allow it (and I didn’t find anything in the program interface to change that behavior, i.e. a setting that would allow one to change the default action if there is no response from the user).

So potentially, if the user could not or would not respond to the prompt ,the malicious action would be carried out. That’s not good. Anyways, since I was evaluating, I allowed the action. Next I got an alert that a change to the registry was being attempted by this suspicious file. Again good. And again, unfortunately Webroot waited for 2 minutes for a decision as to what to do (allow or block the action) and when no response from the user, it allowed the action.

I then proceeded to ask Webroot scan the downloaded file to see if it would be recognized as a malicious file. Webroot failed to recognize the file as malicious. Then again a percentage of these malicious files get missed by the antivirus because they’re too new to be recognized as malicious, a subject I’ve covered extensively in earlier articles.

Circling back to the firewall, it is a good thing to have Webroot’s firewall in and the fact that it’s an outgoing firewall makes it a perfect complement of the firewall that comes built into your Windows computer, since that one is only incoming. So they complement each other and in fact one is normally supposed to have only one active firewall to avoid conflicts in function. But in this case, not only is it possible to have both the Windows firewall and Webroot’s at the same time – it is advised.

So all in all the program performed very well and under normal circumstances probably provides good protection at a ridiculously low resources consumption. But again, strictly talking, it did not pass the test. If, for example, you’re the type of user who pays attention to all windows pop-ups and alerts from their antivirus program, this might be sufficient, and a plus if your computer resources are somewhat scarce. If you abide by my security model, the protection provided by Webroot as an antivirus would be sufficient as well.

Microsoft’s Support for Windows XP Ending Soon, Implications for You

So Microsoft’s support for Windows XP, at some point the most widely used operating system Microsoft has ever put out,  is ending early next year – April 8, 2014 to be precise. But what exactly does that mean?

Well, let’s break it down. It means that after April 8, 2014, there will be no

New security updates: These are part of the typical monthly updates Microsoft releases to address known vulnerabilities in Windows XP that a hacker could exploit to take control of your computer or steal information from it. But in fact any Windows XP based computer that otherwise abides by the security model I laid out 4 years ago, is well protected against these exploits. However it’s always a good thing to plug the holes in the fence that might otherwise allow scoundrels to get in. It’s just an extra layer of protection that might make the difference between a computer that is more likely to be affected by malicious programs and one that is not.

Non-security hotfixes: These are also updates, but normally try to mend a performance or stability problem in the operating system and not necessarily a security issue. They, in other words, try to fix “bugs” that have been uncovered, or developed.

Free or paid assisted support options: Not much to explain here. Microsoft provides support for issues related to Windows XP, some issues for free, some for a fee. This won’t be available as an option after the April 2014 deadline.

Online technical content updates: This refers to technical publications that Microsoft publishes online, mostly for computer type guys like me, who can use them as a resource to look for solutions to issues related to the operating system when providing support to end users.

 The bottom line

If you’re still using Windows XP, it’s probably a good idea to upgrade to a newer operating system at some point in the near future, namely Windows 7. I don’t recommend Windows 8 (or 8.1 for that matter), but I do recommend Windows 7.