Rowan Trollope is the vp of consumer engineering at Symantec. We’ve been informally exchanging some emails recently on the state of security and he was kind enough to answer some questions I posed to him.
You have a new product coming out, Genesis. How is it coming along?
Genesis is coming along very well. We are targeting a public beta before the end of summer. We’ve been working on Genesis for almost 2 years now, and the features and functionality are looking very good. There is a lot of anticipation in the market for the product, and the team is working many late nights and weekends to get it ready.
When you see Genesis, it will be immediately apparent how we rewrote the functionality under the covers. Unlike other suites and offerings in this space, we did not just throw everything in the kitchen sink together and call it something “new”, we really went back to the basics and rebuilt stuff from the ground up. The benefits to customers will be that the product is faster, more lightweight, and better integrated than any other product on the market.
We’re very interested to see the public reaction to Genesis, which is why we’re so focused on getting the Beta out. Look for more comments on Genesis on the Norton Consumer blog here.
What’s your feeling about Microsoft OneCare?
I think it is great that Microsoft are continuing to focus on the security of the operating system. Its a big job, and the more folks we have working on it the better. That being said, there is nothing new or innovative in OneCare itself. Onecare offers yesterdays technology to solve last years problems. For example, there is a Virus scanner, firewall and a local backup. These have all been available to customers for many years.
The real threats to be solved are phishing and crimeware (keyloggers, trojans, screen scrapers). These threats require a new approach to security. Our approach has been to increase our investment in behavior based security technologies, as evidenced by our acquisition of WholeSecurity last year.
Symantec has recently announced Norton Confidential. What will this product do for consumers?
First, let me give you some background on changes in the threat landscape, which precipitated the introduction of a brand new security product, Norton Confidential.
Many users are aware that over the last 18 months, there has been a significant transition in the threat space, from hacking for fame, to hacking for fortune. Coincident with this shift we have seen the threats changes dramatically — from Viruses and Worms, which spread internationally over days and weeks, to phishing and pharming, which are very targeted attacks, and which come and go within hours.
To combat these new threats, we realized that we had to invest in behavior based systems, and heuristic detection technologies, which is why we purchased Whole Security. Whole Security was the market leader in anti-phishing technology, and this is being directly included into Norton Confidential when it is released.
Also unlike Viruses and Worms, there is no simple remedy or perscription, such as “don’t open attachments”, which will keep you safe. Phishing attacks can be so devious, they fool even the most savvy users. I almost got fooled last week by a phishing attack which was spreading through IM. It was very crafty. Its kind of funny when someone in the engineering team gets fooled by these, as they can almost never live down the taunts that will follow from their peers.
So what does it do? Norton Confidential protects users confidential information, and keeps it safe. How does it do that? First, it integrates into the browser and provides an easy “Red/Green” signal light for every page that a user browses to. Second, it has special hueristic based scanning technology which can detect “unknown” threats, based on their behavior and characteristics, instead of a threat fingerprint, in the manner of traditional AV products. Finally, Norton Confidential scans ALL outbound channels, looking for telltale signs that your identity is being stolen, and will alert you instantly.
In my estimation, these features will make Norton Confidential the most important new security product to have on your system going forward.
Tomorrow, Rowan’s thoughts on some other technologies and new threats.
Alex Eckelberry