The growing problem of identity theft is a key focus of the 2008 versions of Symantec's Norton Internet Security and Antivirus programs, released on Tuesday. The Cupertino, California-based company said that the packages, designed for Windows XP and Windows Vista, feature enhanced protection against identity theft and other online security threats.
A new Norton feature, Identity Safe, allows users to control what information is shared with a Web site. It stores and encrypts passwords and other confidential data until needed, and automatically fills in passwords and Web forms. This feature is designed to protect against keystroke loggers -- hidden malware that secretly captures keystrokes, then transmits the data to a remote attacker.
Identity Safe embodies some of the ideas in Symantec's Identity Initiative. First announced in January, the Initiative is an attempt by Symantec to address what Forrester analyst Natalie Lambert called the "huge problem" of identity theft. According to Symantec, 53 percent of Internet users no longer give personal information to Web sites because of identity theft fears, and 14 percent have stopped paying bills online.
The Identity Initiative's eventual goal is "to create a universally accepted identity system" across the Web, a Symantec official said in a January statement, with an online identity client that would operate like a passport or driver's license does in the real world.
Protecting Against Unknowns
In addition to identity theft, another growing problem is "zero day" malware that strikes before Symantec and other antivirus companies have had time to determine its signature. Both the Internet Security and the Antivirus programs use Symantec's Sonar behavioral detection technology.
Essentially, Sonar is designed to protect against malicious code before it has been defined. Symantec said that Sonar "will run a full scan every time an application attempts outbound communication," helping to improve the firewall's effectiveness against unknown threats.
This behavioral detection technology has been a key selling point for enterprise security applications, and lately has been marketed more prominently in consumer-grade security applications. Behavioral detection is a necessary component of security software as malware writers have been "moving away from vast, spreading viruses" and toward more targeted, faster-moving viruses, said Forrester's Lambert. (continued...)