Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Hopes To Deliver Anti-Virus Online

Posted by Zonk on from the no-more-delivery-media dept.

daria42 writes "Symantec today said it will slowly move towards supplying its consumer applications online as services." From the article: "Sykes also said there was the possibility that tiny pieces of an application or a single virus scan could be resold by organisations such as online banks, which may choose to ensure their customers are not infected with a virus or spyware before they log on to their account ... This could be paid for by the customer using their credit card or by adding it to their mobile phone bill by sending a text message, said Sykes, who warned that banks could decide not to provide access to anyone with an infected computer."

16 of 148 comments (clear)

  1. Sometimes online isn't a good idea by Anonymous Coward · · Score: 2, Insightful

    Thankfully I've already moved away from Symantec products. There are some situations where offering software as online services is not necessarily the best idea. I would put critical system utilities in that category.

  2. I don't want to by NotoriousGOD · · Score: 4, Insightful

    What if I don't want to pay my bank for a stupid virus service. My bank should be a BANK. What, is Norton going to help me save money in a high interest bearing account now? Businesses should stick to what they do, so they do it best, instead of trying to be "user friendly".

    --
    Where all think alike, no one thinks very much.
    1. Re:I don't want to by Nikker · · Score: 3, Insightful
      The only reason I could see this as a GoodThing(TM) is for keyloggers. As a bank I wouldn't care if your computer ran or not because that's completely on your side of the fence. To give a warm and fuzzy feeling to you more than anyone that your not being jacked for the data your entering to what ever PC your using at the time.

      That brings to my mind additional questions, would I want to pay additional money evrey time I use the banks services? By paying this will it insure as in insurance that if I do get snooped that I will be fully covered for any damages that may occur if they were wrong or missed a baddy or two? And how high would they cover? These are banks we are talking about here they will NOT spend money that does not make them money, period.

      This would bring attention to the people who are using friends, family's or public computers for these transactions, it would probably wake them up. What I think would really work is a sandbox using encryption based on a one time password sent to your cell phone. It would be a website password, not unheard of but much more streamlined then scanning an entire computer for bad apples.

      I would think it would work like so...

      1. Goto web site and click on "View account" or something like that
      2. You enter your cell phone number or an alias you have set up with them
      3. Bank responds with a one time code to a personal device which is reasonably secure (wireless hand set)
      4. You enter the code into the app and use only the app for interacting with your account
      5. The bank is sent a checksum of the app on each transaction to insure integrity

      If Symantec is going to use the same method and be sure there will be no infection then using that application to interract would be just as good, no? I may be the only one but I would not want to be waiting at a computer while it goes through the possible millions of files just to do a transfer or check my balance. In that case I would just want the bank to send me a SMS with my balance or a cheezy wap interface to transfer between 2 accounts.

      I guess you can't blame Mr. Norton for trying but I don't think its gonna fly with banks. It does bring about a new method of accesssing the data that should be looked at. Possibly if it works well enough we could use this method for sending other types of confidential data or stuff you just don't want anyone else to see.
      --
      A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
  3. No guaranties by BentSorenDahl · · Score: 3, Insightful
    "... which may choose to ensure their customers are not infected with a virus or spyware before they log on to their account."

    Just because the antivirus scanner doesn't find anything doesn't nessesarily need to mean that there are none.

  4. Uh, no thanks... by maillemaker · · Score: 5, Insightful

    Every time I see a pop-up advertisement that says:

    "YOUR COMPUTER COULD BE INFECTED WITH SPYWARE - CLICK HERE"

    It sends up huge red flags for me, and I always shut them down without clicking. I've seen so many of them (wanting to optimize my Windows, etc.) that I'm now gun shy of any such remote scanning application.

    I'll be thinking long and hard about letting anything scan my system through my firewall.

    Steve

    --
    A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
  5. Whoa there nellie... not such a hot idea... by Akardam · · Score: 4, Insightful

    Maybe I'm a bit jaded at having been in the computer support industry for too long, but with the proliferation of nasties these days that disrupt internet connectivity in one form or another, I'm skeptical as to whether this is going to actually work. Hell, a good percentage of infections these days, be they viruses or malware, require manual cleaning, often from safe mode or self contained non-volatile bootable media. Even Symantec overwhelmingly recommends booting to safe mode to clean infections in most of their AV DB articles.

  6. Web Based Scanning Won't Cut It by knight37 · · Score: 3, Insightful

    Who cares? Who even uses this crap? If you don't have an active virus-shield style app scanning all the time you're just asking to get infected these days. I can't count the number of times that AntiVir Personal Edition virus shield (free for individual home use) has saved me from a virus or trojan while browsing. If I had to rely on a web-based scanner I'd be infected FIRST before I knew about it later.

    --
    Knight37 - Once a Gamer, Always a Gamer
  7. Re:Broken Internet by exclusive_lock · · Score: 2, Insightful

    Additionally, I guess we might expect a whole slew of bogus "Symantec Anti-Virus check online! Click here!" that actually propagate trojans and whatnot to unsuspecting users.
    You could get really paranoid and wonder if they are keeping a record of all you filenames, folders, etc. And if you're a repeating offender, will the bank ban you or (OMG!) even file a lawsuit against you?

  8. Bad idea by Anonymous Coward · · Score: 1, Insightful

    So, in order to access my bank account, I have to agree to let the bank install software on my computer that will examine all the files and programs running on my computer and report back to the bank. If I don't agree with their policy, I don't get to have a bank account? Whatever happend to unreasonable search an seasure laws?

  9. 4 hours to do online banking? by sckeener · · Score: 3, Insightful

    Are they only going to scan active processes running? My virus scans take forever.

    I can imagine trying to connect to my bank and waiting for the virus scan. I will getting bored and wander off. Then the bank would kick me off due to inactivity because it finished the scan while I wasn't looking.

    --
    "Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
  10. I think your missing the point people.. by msimm · · Score: 2, Insightful

    What interest is it of the banks to purchase such a product? Everything comes down to the bottom line, hows this going to help?

    Just because some exec comes up with a snassy (new?) idea and starts talking it up doesn't mean it will find its home in the marketplace.

    To me this sounds annoying, plain and simple. As a bank exec I'd really be scratching my head trying to figure out how my customers win (which makes me win).

    --
    Quack, quack.
  11. Re:Let me add another concern... by nuremon · · Score: 2, Insightful

    Yes, look at how effective the tech-savvy population has been in affecting other online institution's practices... Oh wait, the average dumb computer-user still outpopulates (and breeds quicker)

  12. Re:Linux? by MankyD · · Score: 2, Insightful
    Will banks assume we're clean...?
    I hope not. Not for fear of linux viruses one way or the other, but because of browser (http header) spoofing. There's no sure fire way of knowing someone's browser and os. You need a plugin or extension that provides authentication (a feature I'm sure these AV services provide.)
    --
    -dave
    http://millionnumbers.com/ - own the number of your dreams
  13. Quite worrying... by Bert64 · · Score: 3, Insightful

    If consumers get used to allowing their banks to execute code on their systems, then they become even more vulnerable to phishing scams... Phishing sites will have their own "virus checking" tools, just like the real banks, except these tools will install malware instead of trying to remove it..

    Also virus checkers will be useless against more targetted attacks which are being seen more often nowadays, small attacks against customers of a particular organisation which don`t become widespread enough to get noticed by antivirus vendors..

    And finally those of us not using windows systems or not using ie may get turned away since we're not able to run the virus checker (and most likely wouldn`t need to in any case).. I don`t think firefox provides a way to execute code with access to your local filesystem (for obvious security reasons) in the same way that activex does.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  14. "Symantec Hopes" by multipartmixed · · Score: 2, Insightful

    Symantec Hopes this, Symantec Hopes that..

    Symantec has been *hoping* to deliver something worthwhile ever since they stopped developing for DOS-mode.

    Face it, the Norton Utilities used to be *great*. Now they suck! Norton Anti-Virus has never been spectactular. Norton Ghost.. Well, Norton Ghost is pretty good; at least the version I have; it still runs under DOS4GW with a non-MS GUI.

    --

    Do daemons dream of electric sleep()?
  15. Educate rather than give a false sense of security by TheGazelle · · Score: 2, Insightful

    There are going to be risks no matter what security products a bank provides to its customers. After a year and a half working as a malware analyst, I know well that a "Clean" Virus Scan will provide customers with nothing but a false sense of security. Sober for instance has currently has 20+ variants that are known. You can bet there are plenty of malware variants in the wild that have no signatures. What the banks need to do is provide their customers with adequate computer security and let the customer decide which products are best for them.