Complete Transcript of Interview - Andrew Lee - ESET
Let’s Talk Computers Radio Talk show
Host Alan Ashendorf
November 24 2007
Alan: When it comes to threats against our computers, they seem to be coming from everywhere. To talk about how we can have complete protection for our computer system – our guest, today is Randy Abrams, Director of Technical Education with ESET. Welcome back to Let’s Talk Computers, Randy.
Randy: Thanks, Alan. It’s great to be here.
Alan: It’s no longer just viruses that we have to worry about. And it’s no longer just email. We are seeing threats from everywhere.
Randy: Actually, viruses are a smaller part of what we are seeing. We are seeing a lot more spyware and we’re seeing a lot of BOTS, adware and a variety of different threats. You’re right; they’re not just coming in email, anymore. They are also put into booty-trapped web pages. Even a well respected website that you go to can have an advertisement that has JavaScript in it that is want to try to compromise your computer. The reason we’re seeing this is because of money. The “Bad Guys” know how to make money by infecting your computer.
Alan: Basically, it’s all about money. They’re paying big bucks to try to trick us, so are they getting some kind of return for their investment?
Randy: Well, they’re paying big bucks to get control of our computers, because once they control our computers, then they can rent our computers out. They can also steal confidential off our computers.
Alan: Now, we don’t even have to click on something; it’s just that we have to be in the vicinity and they can attack us.
Randy: Recently the Alicia Key’s MySpace page was hacked and what happened was that if you went to that page it would run a JavaScript. Then it would try to download software to your computer and infect your computer.
Alan: Is this because we’re not patched or is this because we haven’t turned on all the security that’s built into Windows? Is this just a lax on our part?
Randy: There are a variety of contributing factors. Definitely, if you’re not patched, you make it 10-20 times easier to get infected. Now, when I say, “patched”, I’m not just taking about patching Windows or patching the Mac Operating System or Linux, but also your applications. You’ve got to patch things like QuickTime, Real Player, and Windows Media Player. Windows Media Player generally gets patched with the operating system. Adobe Acrobat had a really bad vulnerability in it and if it is patched then no one’s going to take advantage of it.
Keeping patched is a huge part of helping to secure your environment. Also, saying “no, don’t run that program.” helps a out a bunch.
Alan: We always need to have a firewall and we also have to have anti-threat, anti-virus software. When we try to get two complete packages, sometimes they really fight each other, don’t they?
Randy: They potentially can. It’s important that you have high-quality products. If you have a discreet anti-virus and a discreet firewall – both companies want their consumers to be able to work with the “best of breed” products. Sometimes that’s still not a guarantee for success. There are a variety of approaches to insuring compatibility. Some companies take a “Frankenstein” approach – they grab an arm off one shelf and a leg off another shelf and throw it all together and call it a “Supermodel”, when it’s really just a monster!
Alan: You have now just released a new Product, called ESET Smart Security that has all these built-in features, the anti-threat, the anti-malware, the firewall and everything in this one package.
Randy: We have; ESET Smart Security is a pretty unique approach to combining features. Unlike some companies where they go out and purchase technologies from a variety of different places and then either bundle it together or write a few lines of code to make it all works together and call that, “integrated.” We’ve fully integrated a firewall, anti-spam and our award-winning anti-malware engine into one, seamless package.
Alan: Being president of the PC User Group in Nashville, Tennessee – one of the things that we hear all the time is, “My anti-threat anti-virus program or my firewall is getting in the way. They’re not going to bother me; I’m going to turn it off.” If it starts owning the computer, that’s what the consumer does, isn’t it?
Randy: Oh, yes, definitely. You can’t have a security solution if the consumer turns it off, then there’s no security. We’ve worked very hard to make sure that ESET Smart Security offers among the highest performance available in any kind of security product. Most users don’t even notice that it’s even on when they’re running their computers.
Alan: Well, I know here at Let’s Talk Computers and Total Solutions; we’ve been testing ESET Smart Security ever since it first was first in beta. It’s a brand-new Product; you’re still using your NOD32 engine behind the scenes, but everything else is completely brand new, isn’t it?
Randy: We did not before, offer anti-spam or the firewalls. The good thing about anti-spam is that it deflects a lot of shotgun goals. It might not know that there’s malicious in the email. It might not know that the link that is in the mails will lead you to something really bad, but it knows that it looks just like Spam, so it blocks those threats from even beginning to attack you. With the combination of the firewall and ESET’s award-winning Nod32 anti-malware engine, it offers a much more comprehensive protection package than the competition offers.
Alan: Well, anytime that you’re using a package, you have to make sure that it is as has the lowest footprint using CPU time, as possible, because this impacts your whole computer experience, doesn’t it?
Randy: It certainly does. So we’ made ESET’s Smart Security so it uses approximately 40 megabytes of ram, so it’s a very small amount. But more importantly, it’s not using a lot of processor time, either – because that’s what you really notice, is when the processor can’t get the work that you want done because it’s busy doing the anti-virus work.
Alan: You need to have an additional firewall and Windows already has a built-in firewall.
Randy: The unique thing about the firewall with ESET Smart Security is that it’s able to communicate with the anti-threat engine. I think for a lot of people, the Windows Firewall is excellent because it never asks any questions. You don’t notice it, so people don’t turn it off. And that’s a good thing.
With ESET’s Smart Security, we actually have two modes of operation. We’ve got the standard mode, which works very similar to the Windows Firewall in terms of being quiet and the advanced mode, where you can actually configure inbound and outbound going traffic and have a ton of technical functionality and options.
But in either mode, you’re taking advantage of the integration with the anti-threat engine, which is something that Windows Firewall doesn’t do. And the result is that we’re able to offer you much better proactive detection and protection to help prevent threats from getting in, in the first place.
Alan: With Vista, the Firewall is more robust than it is in the XP version, but now it nags you to death, doesn’t it?
Randy: Oh, Vista tends to nag you for quite a while until you get it set up, but the key thing is that the Vista Firewall doesn’t tell Windows Defender, their anti-spyware, anything about what it knows. And often with these threats, it’s not just about blocking it from coming in or blocking it from going out, but understanding more the behavior so that you can tell whether or not you should be alerting that there might be something bad on the system.
If you’ve only got the Firewall part of the picture and not the anti-malware part of the picture, you don’t see enough to tell as comprehensively and as quickly if there is a problem.
The fact that we’re able to attack data between our Firewall and our anti-threat engine is huge.
Alan: Plus the fact that anti-threat, anti-malware writers are getting to be so sophisticated that they don’t have to put the whole threat package on your machine at one time. They can actually put it together in piecemeal and then you become part of a BOT network, don’t you?
Randy: Once they get a downloader component on your computer, then they can add all kinds of stuff in little bits, even. It can be very complex and very difficult to detect what’s going on.
Alan: A download component can masquerade as some actual, good program, like Internet Explorer or QuickTime or Windows Media, anything that is on your system that normally accesses outside of your computer system – out to the Internet. And you’ve got Browser Helper Objects that every time you launch Internet Explorer or whatever browser you have, these little objects get launched at the same time and each one of those is capable of accessing the outside world and bringing in that it shouldn’t be bringing in.
Randy: That’s why it’s really important to be very selective about what you’re installing on your computer. I almost never install any toolbars; I almost never install add-ons for my browsers. I’m very selective about what I install and for me to install it. I have to understand what it’s doing and have a lot of confidence in the company that’s publishing and believe that it’s going to offer me significant usefulness – it’s not just something that I think that looks cool – it’s something that I’m going to use all the time and it’s going to actually going to actually make my life better, or else it doesn’t get installed.
Alan: Yeah, but you are in the minority. We know enough about computers to know how dangerous they can actually be if we just put the wrong programs on there. But a lot of people go out and buy a brand-new computer and it’s already got tons of programs already loaded. And they have no idea what they’re doing.
Randy: That’s where Google can actually be pretty helpful. You see the stuff on your computer and you search for it on Google you’ll find all kinds of information about what it is. When I get a new computer and I get one that’s got all this pre-installed, I usually uninstall a bunch of the stuff that’s on it.
Alan: Any kind of firewall that you get has a tendency that you have to either 1) put it in automatic mode or you have to train it in some way and that takes a lot of time. You can run ESET Smart Security right out of the box and know that it’s protected.
Randy: And we have both the Automatic Mode and the Interactive Mode, as well as the Policy Mode, that’s going to be for the business product, where you can use Group Policies to configure the Firewall.
But, for your standalone Home User, for the person that doesn’t understand firewall technology, the Automatic Mode is generally perfect for them. It just does its stuff, protects you and it doesn’t have to have questions.
However, for us Techies, the Interactive Mode is very nice because it gives us a lot of insight into what is going on in our computers and we’re able to say, “Okay, this program can go out and this program can’t.”
Alan: To what extent can we customize ESET Smart Security? I want to see exactly what is going on and I’ve got different ports that I need to open an some I need to make sure are closed. How can I do that?
Randy: With ESET’s Smart Security, with the Firewall, pretty much every port, except for port 80, (your browser), is closed to begin with. When you go into the Advanced Mode and Interactive Mode with the Firewall, you can get very, very granular in terms of what programs are allowed to go out, what ports they can use.
You can even say, “Okay, I want you to treat Microsoft Word like it’s an Internet Browser,” because Word can go out onto the Internet and download data. You can tell it which programs you want to include packets or protocol filtering. You can say, “I want you to filter all the data coming in from the Firewall using ESET’s Anti-threat Engine, as well” – which is where that tight integration comes into play.
Alan: I know this is brand-new, but what kind of feedback have you gotten from ESET Smart Security?
Randy: So far, the feedback’s been very positive. The Virus Bulletin just gave us a raving review and they’re pretty tough critics for anti-virus software.
Alan: Oh, they gave you a page, after page review of this new Product, so they’re impressed.
Randy: They were very impressed with the Product. Then, I think we’ll be seeing some other reviews in the coming days from a variety of industry magazines, as well.
Alan: Well, what are we looking at as far as the price of ESET’s Smart Security?
Randy: For ESET’s Smart Security, we start at $59 for the first year. And of course, if you want to upgrade to ESET’s Smart Security and you’re already a NOD32 customer, then we make that extremely easy for you. You can upgrade to the Smart Security for the renewal price and that gets added on to the end of your existing license.
Alan: And where can we find more information about the new ESET’s Smart Security?
Randy: Come to our website at http://www.eset.com . Take a look around and go to the Products page and you can get some information and on the Download page, there’s information. And if you go to the Threat Center, you can check out our Blog and even weekly Pod casts that I do.
Alan: Randy, we’re out of time. We’ve only scratched the surface, talking about your ESET’s Smart Security and we didn’t even get a chance to talk about your Version 3 of NOD32 and I look forward to having you back on the air, continuing this conversation, real soon.
Randy: I look forward to talking to you again, Alan and thanks so much for having me, as your guest, today.
Visit ESET on Facebook
Follow ESET on Twitter