Saturday, September 29, 2012

Webroot SecureAnywhere 2013 – Webroot Takes the Gloves off versus other Antivirus 2013 Vendors



It has been less than eight weeks, (less than a month in many cases) since vendors have started releasing Antivirus 2013 products.  Webroot is challenging the other major antivirus vendors with a Webroot commissioned performance benchmark study,  “Webroot SecureAnywhere Cloud Antivirus vs. Seven Competitor Antivirus Products”. PassMark published this benchmark   report around September 12. 

The 2013 products in the report - Webroot SecureAnywhere, Kaspersky Anti-Virus 2013, Norton AntiVirus, AVG Anti-Virus 2013, McAfee Antivirus Plua,  and Microsoft Security Essentials.  The 2012 products in the test - ESET NOD32 Antivirus 5 and Trend Micro Titanium 2012.  Trend Micro Titanium 2013 has since been released.

The highest score obtainable was 112.  Webroot had the highest score with 103.  Surprise!  The next highest score was ESET with 62.  The lowest score was by McAfee AntiVirus Plus 2013 with 34. 

Once again, though, you have to consider the following.   Benchmarks are fine and good.  In the world of internet security, protection is the most important factor.  Everything else is secondary.  If products  have similar detection rates, costs, ease of use  and  performance benchmarks come into play. On a higher level, companies can do an  ROI analysis.  A strong argument can be made that purchasing security is like purchasing insurance. On a personal level, people don't do ROI calculations when they buy home or earthquake insurance, for example.

The performance metrics used were -  Scan Time, Installation Size, Installation Time, Registry Keys Added, Boot Time, User Interface Launch Time, Memory Usage during System Idle, Memory Usage during Initial Scan, Browse Time,  File Copy, Move and Delete,  Network Throughput,  File Format Conversion;  File Compression and Decompression; File Write, Open and Close  Scheduled Scan Time. 

Test results for SecureAnywhere 2012 are below (these organizations haven’t tested with 2013 products yet):

  • In AV-Test.org’s latest test (July/August with 2012 products), 13.5 out of 18.   www.av-test.org
  • Virus Bulletin VB100 Testing - One fail and two passes in the last twelve VB100 tests.  Webroot's last participation was in  December 2011.www.virusbtn.com
  • AV-Comparative’s on Demand Detection of Malicious Software (March 2012) -   19 out of 20 (1 star, high degree of false positives). www.av-comparatives.org
  • AV-Comparatives – Whole Product Dynamic Real World Protection Test - “Tested” (0 stars)
  • Webroot SecureAnywhere  received  4.5 stars from PC Magazine in October 2011 and scored highly in the publications malware testing. Smaller sample sizes than the test organizations, however. The Anti-Malware Testing Standards Organization prefers large samples. www.amtso.org . Two of their white papers are "Best Practices for Validation of Samples" and "Sample selection for Testing".

“Webroot SecureAnywhere Cloud Antivirus vs. Seven Competitor Antivirus Products” is available on the Webroot website.  Webroot also has  an interesting   eight question  total cost of ownership calculator for antivirus software  at http://www.webroot.com/En_US/business/land/calculator.html

Click on the below graphic to enlarge it. 

 
























To see review scores for Internet Security 2013 and Antivirus 2013 solutions (PC Magazine and CNET), go to:



About Passmark www.passmark.com

PassMark® Software Pty Ltd is a privately owned software development group with a head office in Sydney, Australia and a branch office in California, United States.

Friday, September 28, 2012

Hewlett Packard and Meg Whitman – The First Year. Turbulence and Turmoil in the Valley



The first year of Meg Whitman’s tenure at Hewlett Packard has not been fun.  Challenging?  Yes.  The company hit a 52-week low of $16.23,   in late September.  Its 52-week high of $30 was in mid February.  When Whitman took the reins of the company in September of last year, the stock was trading at just under $23.  So investors have seen the value of the stock decline of about 30% during year one.

Whitman gets a C- for year one.  Revenue, earnings, stock price, market share are all down.  Many proper decisions to turn the company around are taking place.  The numbers are not there yet.  Whitman stated when she took over the reins that this would be a multi-year project.

According to SF Gate,  Whitman is betting that refining the company's existing strategy, rather than making radical shifts, will help reverse the company’s troubles. 

Dell has been suffering over the same timeframe.  From September 22 to September 28:


  • Nasdaq – up about 28%
  • Dow Jones – up about 26%.
  • Hewlett Packard - down about 25%
  • Dell – down about 29%

With the exception of March and April, Hewlett Packard and Dell have been trending downward at about the same rate. Click on the graphic to enlarge it.














The big day will be October 3, when Whitman discusses her strategy for HP at an analyst conference.

Some Brief Observations


Autonomy - Autonomy has been a disaster for Hewlett Packard over the last year.  Jefferies analyst Peter Misek is advising investors to sell HP's stock, but is warning that HP could be heading for another huge write-off, of around $3 billion.  http://www.businessinsider.com/analyst-says-hp-may-write-off-3-billion-2012-9

The 27k layoffs –   Layoffs, retirement, attrition.  This is good for the company, ultimately. 

Continuing to lose laptop market share to Dell and Lenovo – bad.  Its share of PCs dropped to 14.9 percent in the second quarter, while Lenovo's share has increased to 14.7 percent, according to Gartner.

September introduction of “Stylish and Affordable Consumer and Business PCs”   and hoping to “Help Businesses Maximize Productivity with Powerful New AMD-based PCs” – HP is trying their hardest to reverse the loss of market share.  

Introduction of new entry-level, web-connected Designjet ePrinters - They are betting that some people will always need to be printing.  Betting on the razor blade strategy here. 

HP also had a September introduction of what they are calling the industry’s first web-connected, entry-level printing solutions for architecture, engineering and construction (AEC) students and professionals.  This strategy is to make   in-house, large-format printing accessible to more users.

The trend towards people printing less from their laptops/desktops – bad.  Cartridges are one of Hewlett Packard’s razor blades.

Announced intention to offer a mobile phone – bad.  This is a crowded market.  Hewlett Packard will be a late entrant.  "We have to ultimately offer a smartphone because in many countries of the world that is your first computing device.  You know, there will be countries around the world where people may never own a tablet, or a PC, or a desktop.  They will do everything on the smartphone.  We're a computing company; we have to take advantage of that form factor," Whitman said, according to a transcript. 

 
The on again, off again tablet -   Mixed thoughts on this.  An HP tablet may be successful only as a niche product.  They are late.  The market is crowded.  This means downward pressure on prices and margins unless HP comes up with something unique. 

Spinning off Web OS into Gram - If it is going to be successful, this was probably the only way to do it.

Additional security solutions announced in September – Excellent.  HP is betting heavily on security.  In a down market, companies slow their investment in security, they do not slash it. This included new features to HP Assured Identity, Security Operations Consulting services, a new release of ArcSight Enterprise Security Manager.  They also announced   the introduction of the HP TippingPoint NX Platform Next Generation Intrusion Prevention Systems (NGIPS).  I don’t know about that last acronym! Back to the conference room for the naming committee.

New virtualization solutions announced in August at VMWorld – Very good.  They announced that they were expanding their HP Converged Cloud portfolio with new solutions for VMware vCloud® Suite 5.1.  This is a growth sector, regardless of the different definitions people are using for "cloud".

Revenue/earnings - Bad.  Four consecutive bad quarters. Enough press.  Enough said. 

Look for major articles on Hewlett Packard, October 4.  This is the day after the analyst meeting.


PC Magazine, AV-Test, AV-Comparatives, Internet Security 2013 Mashup



The grid below is a first cut combining Internet Security 2013 products that have been reviewed by PC Magazine and by CNET.  PC World may be added later.  Also on the grid are the ranks from AV-Comparatives on their Demand Detection Test (March) and Real World Detection (August).  The two Norton products on the grid received Editors’ Choice designations. 

The  test results are currently for Internet Security 2012 products. The reviews are for 2013 products. The grid will be modified as reviews are performed and as the Internet Security 2013 solutions are tested by AV-Comparatives and AV-Test. 
















Products on the grid initially:  Norton 360, Norton Internet Security 2013, BitDefender Total Security 2013, Kaspersky Internet Security 2013, Trend Micro Titanium Maximum Security 2013, Trend Micro Titanium Internet Security 2013, Panda Internet Security 2013, AVG Internet Security 2013, and  F-Secure Internet Security 2013

Please comment if you feel this grid is useful. 


California Leader in Passing Password Privacy Laws – AB 1844 and SB 1349 Signed by Jerry Brown



On September 27, California Governor Jerry Brown signed a pair of privacy laws, AB 1844 and SB 1349, protecting the rights of individuals from having to personal account names and passwords  to schools, employers, and prospective employers.  California is the first state to enact laws protecting both students and workers.   These include passwords for such accounts as Facebook, Twitter, Linked in and personal email accounts.  Notice the word "personal". Very important.

Undoubtedly, other states that may not have these in process will follow California’s lead.  "The Golden State is pioneering the social media revolution, and these laws will protect all Californians from unwarranted invasions of their personal social media accounts,"   Brown said in a statement. Maryland and Illinois have laws in affect for workers, and Delaware, for students.

These laws    will become effective on January 1.  Kudos to the legislature for doing this and to Brown for signing the measures.   "No boss should be able to ask for this kind of personal information," said state Sen. Leland Yee, D-San Francisco.  Yee wrote California bill SB 1349.  Assemblywoman Nora Campos was the primary driver for AB 1844.

  • Under AB 1844, it will be illegal for employers  ask employees or job applicants for the user names and passwords to their social media accounts.  Five state senators actually voted no on this - Anderson, Blakeslee, Correa, Gaines, and Walters!
  • Under SB 1349, it will be   illegal for colleges/universities to ask students/perspective students for their social media account info.  No one voted against this measure.

 What this does not do (of course) is protect individuals from themselves.  While employers ask for neither account names nor passwords, there is nothing to prevent them from using Google, Bing, or any other search engines to find out information or to go onto Facebook, for example, to see what you may have posted for the universe to see.  Fear the default privacy settings! The bill don't talk about enforcement or penalties for non-compliance.


You may want to read "25 most-used passwords revealed: Is yours one of them?" There are numerous articles online on creating (more) difficult to figure out passwords. 




The text of the two bills passed and links to additional details are below.

LEGISLATIVE COUNSEL'S DIGEST
AB 1844, Campos.  Employer use of social media.  

Existing law generally regulates the conduct of employers in the state.

This bill would prohibit an employer from requiring or requesting an employee or applicant for employment to disclose a username or password for accessing personal social media, to access personal social media in the presence of the employer, or to divulge any personal social media.  This bill would also prohibit an employer from discharging, disciplining, threatening to discharge or discipline, or otherwise retaliating against an employee or applicant for not complying with a request or demand by the employer that violates these provisions.

Under existing law, the Labor Commissioner, who is the Chief of the Division of Labor Standards Enforcement in the Department of Industrial Relations, is required to establish and maintain a field enforcement unit to investigate specified violations of the Labor Code and other labor laws and to enforce minimum labor standards.  Existing law authorizes, and under specified circumstances requires, the Labor Commissioner to investigate employee complaints of violations of the Labor Code, provide for a hearing, and determine all matters arising under his or her jurisdiction.

This bill would provide that the Labor Commissioner is not required to investigate or determine any violation of a provision of this bill.

SECTION 1.

 Chapter 2.5 (commencing with Section 980) is added to Part 3 of Division 2 of the Labor Code, to read:
CHAPTER 2.5.  Employer Use of Social Media

 (a) As used in this chapter, “social media” means an electronic service or account, or electronic content, including, but not limited to, videos, still photographs, blogs, video blogs, podcasts, instant and text messages, email, online services or accounts, or Internet Web site profiles or locations.
(b) An employer shall not require or request an employee or applicant for employment to do any of the following:

(1) Disclose a username or password for the purpose of accessing personal social media.
(2) Access personal social media in the presence of the employer.
(3) Divulge any personal social media, except as provided in subdivision (c).
(c) Nothing in this section shall affect an employer’s existing rights and obligations to request an employee to divulge personal social media reasonably believed to be relevant to an investigation of allegations of employee misconduct or employee violation of applicable laws and regulations, provided that the social media is used solely for purposes of that investigation or a related proceeding.
(d) Nothing in this section precludes an employer from requiring or requesting an employee to disclose a username, password, or other method for accessing an employer-issued electronic device.
(e) An employer shall not discharge, discipline, threaten to discharge or discipline, or otherwise retaliate against an employee or applicant for not complying with a request or demand by the employer that violates this section.  However, this section does not prohibit an employer from terminating or otherwise taking an adverse action against an employee or applicant if otherwise permitted by law.

SEC. 2.

 Notwithstanding any other provision of law, the Labor Commissioner, who is Chief of the Division of Labor Standards Enforcement, is not required to investigate or determine any violation of this act.


LEGISLATIVE COUNSEL'S DIGEST
SB 1349, Yee.  Social media privacy: postsecondary education.

Existing law establishes and sets forth the missions and functions of the public and independent institutions of postsecondary education in the state.

This bill would prohibit public and private postsecondary educational institutions, and their employees and representatives, from requiring or requesting a student, prospective student, or student group to disclose, access, or divulge personal social media, as defined, information, as specified.  The bill would prohibit a public or private postsecondary educational institution from threatening a student, prospective student, or student group with or taking specified pecuniary actions for refusing to comply with a request or demand that violates that prohibition.  The bill would require a private nonprofit or for-profit postsecondary educational institution to post its social media privacy policy on the institution’s Internet Web site.

SECTION 1.

 The Legislature finds and declares that quickly evolving technologies, social media services, and Internet Web sites create new challenges when seeking to protect the privacy rights of students at California’s postsecondary educational institutions.  It is the intent of the Legislature to protect those rights and provide students with an opportunity for redress if their rights are violated.  It is also the intent of the Legislature that public postsecondary educational institutions match compliance and reporting requirements for private nonprofit and for-profit postsecondary educational institutions imposed by this act.

SEC. 2.

 Chapter 2.5 (commencing with Section 99120) is added to Part 65 of Division 14 of Title 3 of the Education Code, to read: CHAPTER 2.5.  Social Media Privacy

As used in this chapter, “social media” means an electronic service or account, or electronic content, including, but not limited to, videos or still photographs, blogs, video blogs, podcasts, instant and text messages, email, online services or accounts, or Internet Web site profiles or locations.
(a) Public and private postsecondary educational institutions, and their employees and representatives, shall not require or request a student, prospective student, or student group to do any of the following:
(1) Disclose a user name or password for accessing personal social media.
(2) Access personal social media in the presence of the institution’s employee or representative.
(3) Divulge any personal social media information.
(b) A public or private postsecondary educational institution shall not suspend, expel, discipline, threaten to take any of those actions, or otherwise penalize a student, prospective student, or student group in any way for refusing to comply with a request or demand that violates this section.
(c) This section shall not do either of the following:
(1) Affect a public or private postsecondary educational institution’s existing rights and obligations to protect against and investigate alleged student misconduct or violations of applicable laws and regulations.
(2) Prohibit a public or private postsecondary educational institution from taking any adverse action against a student, prospective student, or student group for any lawful reason.

A private nonprofit or for-profit postsecondary educational institution shall post its social media privacy policy on the institution’s Internet Web site.