I recently needed to renew the anti-virus subscription on my tablet PC. Of course, Symantec popped up and let me know well in advance, and of course, I waited until the almost-last-day before I renewed.

When my renewal options appeared, there was a selection to upgrade to the shiny new Norton 360. Woo hoo! It listed all these great new security features… I don’t remember what they were… but, they sounded REALLY great (I promise).

So I went with the upgrade, instead of the anti-virus signature renewal. Okay.

It did seem like a good idea at the time. However, in addition to my overly-protective Vista popups eeeevvvvery time I want to run something, connect somewhere, or wipe my nose… Now, I have the Vista pop up AND the Norton 360 popup. Okay.

Except, the Norton pops up with flagrantly ambiguous information like “An application is trying to access your Internet.” Do I want to allow it? I don’t know. How am I supposed to know- which application wants to access my Internet? Oh, it’s not going to tell me. Okay.

Well, I guess I’ll click ‘Allow’ because I have no clue what is trying to access my Internet, but I’ll assume it’s something that I have somehow asked to access my Internet… and I’ll be quite upset if whatever I clicked on doesn’t work. So YES, ALLOW. Okay again.

And what was the point in that? One click has transformed to three, and I’m no more secure than I was before, I’m just being forced to make more clicks to earn my insecurity. So today I am the poster child of what NOT to do.

Security circumvented is quite possibly worse than no security at all. I see visions of ‘invalid browser certificate’ notices dancing in my head.

# # #

jj

Author, speaker, and recognized authority on network and wireless security architectures, Jennifer (JJ) Minella helps organizations solve technical problems and align teams.

View all posts

3 comments

  • Good post JJ. This goes to show you how Symantec products have truly become "bloatware"…add that with Vista pop-up’s and you have a useless OS. Get yourself a free bare bones anti-virus like AVG or Avast. Less "bloat" and they are just as effective. :-)

  • Hi Raffi!
    Exactly. We put two dozen security controls in place and then we do stuff like this…

    -jj

  • Not dissimilar to Windows server admins that when using IE on Windows 2003 Servers just add every site they visit into the trusted group.