Mac users attuned to security issues know that there are many types of threats to their computers: in addition to viruses and hackers, one of today’s biggest threats is phishing, or attempts to get users to enter their credit card numbers or passwords on bogus Web sites that look exactly like those of major online vendors, banks, and auction sites. Norton Confidential 1.1 addresses this threat by examining Web sites while you are browsing to see if they are legitimate sites. When installed in its default mode, a toolbar displays at the top of your Safari or Firefox window and warns you when potential fraud is detected by displaying a large graphic in place of the dangerous Web page.
The program also tells you when certain sites have been verified as authentic: this includes such sites as eBay, PayPal, and Amazon.com, as well as the Apple and Symantec Web sites; the program uses Symantec’s regularly updated database of URLs to accomplish this. For some questionable sites, it displays a
Possible fraud detected
alert. However, when the program is not sure, it merely reports
No fraud detected
. Users might become complacent when seeing this and assume that such sites are safe to visit. While software like Norton Confidential is helpful, the only tried and true way to prevent phishing attempts comes from educating Internet users; you should
click a link in an e-mail message that asks you to enter your credit card or password on a commercial Web site.
Norton Confidential offers several other features, such as blocking security holes in certain Internet programs like browsers and media players; unfortunately, of the more than 800 such vulnerabilities the program lists, only a dozen or so are relevant for Mac users, and most, if not all, have been corrected in recent versions of the software they affect.
Information Guard, a feature offered by Norton Confidential, prevents your computer from allowing protected data to exit. You must manually add such data—your credit card number, social security number, passwords—but by default the program only protects sending by Web and e-mail; you must manually set additional blocking options (for chat and file transfer) or choose total protection for Internet services.
File Guard protects files in much the same way that Information Guard protects data. But, in addition to preventing protected files from leaving your computer, by default it also prevents you from moving files in the Finder. This feature is unreliable: it asks for authorization when you try to move files, but you still cannot always move them. You can enable the
Allow Mac OS X access
option, but this doesn’t resolve the problem. Symantec recommends manually turning off the feature when you want to move a file, but this seems onerous at best. You also need to enter a password whenever you want to save a protected file. I found this feature annoying. Symantec is investigating ways to make the Finder operation go more smoothly for future versions of Norton Confidential.
Macworld’s buying advice
Some of Norton Confidential 1.1’s features work well, but others are less polished; in addition, the program’s manual is cursory at best, leading users to guess about what protection some features actually offer. The application doesn’t seem to slow down Web surfing or other activities, but it seems superfluous. Its features probably belong in a more comprehensive firewall program, and most users won’t see the need to spend money on such a limited security program. While its phishing protection works very well, education works even better: just don’t click those links asking you to enter your credit card number or password.
EDITOR’S NOTE: This story was reposted to reflect the fact that version 1.1 of Norton Confidential no longer makes Firefox the default browser. This change did not affect the product’s mouse rating.
Kirk McElhearn is the author of many books, including
The Mac OS X Command Line: Unix Under the Hood
(Sybex, 2004). His blog,
Kirkville, talks about Macs, iPods, and more.
Norton Confidential’s control panel shows the status of its four security modules and lets you access each one to change settings.