PGP and Norton AntiVirus - PGP

This is a discussion on PGP and Norton AntiVirus - PGP ; Hi, now that I'm aware of the different behaviour of PGP 9.0 (thanks to all responding to my last post), I get annoying errors from Norton Antivirus 2005. It states that Norton (with automatic email check activated) had encountered an ...

+ Reply to Thread
Results 1 to 11 of 11

Thread: PGP and Norton AntiVirus

  1. PGP and Norton AntiVirus

    Hi,
    now that I'm aware of the different behaviour of PGP 9.0 (thanks
    to all responding to my last post), I get annoying errors from
    Norton Antivirus 2005. It states that Norton (with automatic email
    check activated) had encountered an encrypted mail service, which
    is not supported by Norton (I think this is PGP's email proxy).
    While the support states you can get rid of this by "ignore this",
    the referenced checkbox is not available...
    The only solution is to disable automatic email checking, now I'm
    not sure whether this is a serious impact regarding Viruses sent by
    mails no longer detected or not...

    Thanks again,
    Carlhermann



  2. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    "C.Schlehaus" wrote in
    news:de0tk8$hcq$00$1@news.t-online.com:

    > Hi,
    > now that I'm aware of the different behaviour of PGP 9.0 (thanks
    > to all responding to my last post), I get annoying errors from
    > Norton Antivirus 2005. It states that Norton (with automatic email
    > check activated) had encountered an encrypted mail service, which
    > is not supported by Norton (I think this is PGP's email proxy).
    > While the support states you can get rid of this by "ignore this",
    > the referenced checkbox is not available...
    > The only solution is to disable automatic email checking, now I'm
    > not sure whether this is a serious impact regarding Viruses sent by
    > mails no longer detected or not...


    If you do real time scanning of all accessed files (which I firmly believe
    is what should be done), you lose nothing by not scanning email (which I
    see as unnecessary redundancy).

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.0.2 (Build 2424)
    Comment: PGP FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQwRsSWDeI9apM77TAQJCSwf+KLz1tLUhqyLmfCKHpm 9V/2sM7dnCe6zq
    64M2xKgnRg0XX68GeOvQDdYSge3SgHDPy8PzUoIEUVxE2D8rXs YF09FYB5PeH15w
    kyeW0MQWCJIk6b3334frwL9gd15/W0++v26Mlx1ZAvSsGABIfUpLMwnirSvXWssm
    Vcae0iT+MoJdNn2f9auiU5Wjltd+M1AAcTkCQ0v03v80FLcv4M zRfEffV724HfKq
    J3xuffw0lTl+jPp4zWWTr9UYv/J3DsDGmYFHXSX3tvyCi1VXXkflC9Mg6t8wrHM7
    WmUeeJZXkuF+RSA6+sBUGLEDsg/Dd+bM4GObAAH66m55n7ADCMBENw==
    =nW5w
    -----END PGP SIGNATURE-----

  3. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    > (which I see as unnecessary redundancy)


    Actually, I see it worse than redundancy. When doing email scanning, I
    think way too many people start thinking that when the email scanning
    reports a virus, that they received a virus (which is probably correct).
    But after awhile, they start thinking that if the email software does not
    report a virus, that they didn't receive a virus (which is a very risky
    assumption). After awhile, the less sophisticated user is likely to
    conclude that since they didn't receive a virus (the email scanning didn't
    detect and report any), that is okay to open this unexpected attachment,
    thus contracting this new virus that is not yet in the virus definitions.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.0.2 (Build 2424)
    Comment: PGP FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQwRvC2DeI9apM77TAQJBkgf+MdOdxMNtvXHDX9S69W GStn4C+acK+uEU
    Bie4ej7yDCpKZySj31vp2rWBjobrQG27eqH9VsPhY8KU7nhLRD s4yq6w9QcDx5hh
    xsNdrA2eRH4JwjDWOmsvhzCEFVO/Kf2GzLvLPX6BKWrp4tWWM8AHeiSuslB0ApCR
    90zFWLTfuhnlEXx66nvjjitdOUqgTrq9TGbr3Sa+h8aVLvukD6 bC+YQZztfCQ39l
    q8YeaZd3ASUB4gIe6Aeu0r7pUwEofvNSAGTq2FDC9zyHHHa5Vg kKkv6ZXZ7jCcbN
    uq4MuSuLfROKYqYkIbvbSYoinLCP2aiz+A2ZTkkOHccMphHarm 4VLQ==
    =9oqx
    -----END PGP SIGNATURE-----

  4. Re: PGP and Norton AntiVirus

    Tom McCune wrote:
    >
    >>>(which I see as unnecessary redundancy)

    >
    >
    > Actually, I see it worse than redundancy. When doing email scanning, I
    > think way too many people start thinking that when the email scanning
    > reports a virus, that they received a virus (which is probably correct).
    > But after awhile, they start thinking that if the email software does not
    > report a virus, that they didn't receive a virus (which is a very risky
    > assumption). After awhile, the less sophisticated user is likely to
    > conclude that since they didn't receive a virus (the email scanning didn't
    > detect and report any), that is okay to open this unexpected attachment,
    > thus contracting this new virus that is not yet in the virus definitions.
    >


    Unless it's a good program and uses heuristics, and then it probably
    will trap even a new virus. If they don't scan the e-mail they're going
    to open the attachment anyway, so any e-mail scanning is better than
    none, and good e-mail scanning is a major safety factor.

    Regards,

    Bob



    ---
    avast! Antivirus: Inbound message clean.
    Virus Database (VPS): 0533-3, 17/08/2005
    Tested on: 18/08/2005 12:25:37
    avast! - copyright (c) 2000-2004 ALWIL Software.
    http://www.avast.com





    --
    Remove "x" from address to reply by email

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (MingW32)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFDBHF+/yGczvugYoIRAuRIAJ94xR2WtQSPMVO6V3UfahqqPLxUVACfYzl 3
    1jhzMgXe/tQ2lvQ13Y7ZMTA=
    =vxat
    -----END PGP SIGNATURE-----


  5. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Bob Henson wrote in
    news:de1rht$akp$1@bananasplit.info:

    > Unless it's a good program and uses heuristics, and then it probably
    > will trap even a new virus. If they don't scan the e-mail they're going
    > to open the attachment anyway, so any e-mail scanning is better than
    > none, and good e-mail scanning is a major safety factor.


    You have a lot more faith in heuristics than I do. I've never heard of a
    single case in which it actually caught a new virus.

    When I first heard the idea of email scanning being more likely to produce
    a virus infection, I thought it was a pretty crazy idea. However, it is
    obvious that after giving it a lot of thought, I now see it otherwise. In
    my experience, it is pretty easy to teach others to never open an
    unexpected email attachment. I admit that it is annoying for my wife to
    call me to her computer when she receives attachments, but that is proof to
    me that anyone can learn to fear attachments. :-)

    And, of course, real time scanning will protect against any attachment with
    a virus, if the email scanning would have found it.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.0.2 (Build 2424)
    Comment: PGP FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQwUa82DeI9apM77TAQLTQQf/ZH7VWpocXlSU+L/rrrRV5eQ+LbPFU4TH
    y/zXP2KYXp4UICOsXIwZjeOSqQiYisRc5SPpKY8dqpv2reTWTIAT Ax1N3RMTyjgi
    xjmRv+ffSgI3i0AkkEOrfvPixY20KtbeZAzaPzIaDgXQ3Q8bXz NUsppy3o9jtrN8
    vwhqj/dYuF5aIkG3GdBKFyRSVILmquZXOsZFvQJisEBV6SotZn/zAU+pviQqDYvE
    hcaTkLGzeOVRlhg6JqNNJiEPPhq25PoF/+Zx5ffM/WlwCsE0zuGs/fWc6JI8mwNj
    cRfvH2ZqK07YCRDc4aDsHjFNDqncLYTPem5A7dNLY8JtBzWcR9 cVWg==
    =w8KJ
    -----END PGP SIGNATURE-----

  6. Re: PGP and Norton AntiVirus

    Tom McCune wrote:

    > You have a lot more faith in heuristics than I do. I've never heard of a
    > single case in which it actually caught a new virus.


    So I have to tell you that F-Prot-Win did it on my PC in at least one
    case. In the morning I received an email with an attachment which F-Prot
    classified as "probably a virus". Although normally I erase all suspect
    files, I let it stay on my PC just being curious whether it would be
    identified later. After they issued new virus definition data in the
    afternoon, the suspect file was classified as a virus.


    --
    email me: change "nospam" to "w.hennings"
    Wilfried Hennings c./o.
    Forschungszentrum (Research Center) Juelich GmbH, MUT

    All opinions mentioned are strictly my own, not my employer's.

  7. Re: PGP and Norton AntiVirus

    Tom McCune wrote:
    > Bob Henson wrote in
    > news:de1rht$akp$1@bananasplit.info:
    >
    >
    >>>Unless it's a good program and uses heuristics, and then it probably
    >>>will trap even a new virus. If they don't scan the e-mail they're going
    >>>to open the attachment anyway, so any e-mail scanning is better than
    >>>none, and good e-mail scanning is a major safety factor.

    >
    >
    > You have a lot more faith in heuristics than I do. I've never heard of a
    > single case in which it actually caught a new virus.
    >
    > When I first heard the idea of email scanning being more likely to produce
    > a virus infection, I thought it was a pretty crazy idea. However, it is
    > obvious that after giving it a lot of thought, I now see it otherwise. In
    > my experience, it is pretty easy to teach others to never open an
    > unexpected email attachment. I admit that it is annoying for my wife to
    > call me to her computer when she receives attachments, but that is proof to
    > me that anyone can learn to fear attachments. :-)
    >
    > And, of course, real time scanning will protect against any attachment with
    > a virus, if the email scanning would have found it.


    The latter point is valid on systems that use real time scanning, but
    many systems in industry don't (mind you, they don't necessarily use
    e-mail scanning either), but rely on central servers picking out the
    problems before they reach the end users - perhaps largely because real
    time scanning would slow the terminals down so much. It doesn't work - I
    know of two big industrials brought to a standstill recently when the
    central checking failed. My other half doesn't have your faith in the
    learning ability of other users - she works in a large call centre, and
    she tells her colleagues over and over again not to open attachments,
    and over and over again they open them anyway. I think the main problem
    is the irrationally compulsive curiosity that people have - they are
    psychologically incapable of leaving an attachment unexamined and
    hitting the delete key.

    Anyway, we're a long way from PGP now, so I'll shut up on virus checking
    - but I'm sure we can agree on the fact that *any* effective virus
    scanning is better than none. Actually, continuing with commercial
    users, and to bring the topic back to PGP, using PGP/Mime (and even
    S/Mime sometimes) tends to throw them altogether. If the message
    actually get past the security checking undeleted, the staff have not
    got the faintest idea what the attachments that they see actually are,
    and if they follow their instructions and delete messages with
    attachments, PGP/Mime is more than self defeating. If they use Outlook
    Express (and they often do, of course), they can't read the messages
    anyway. It's such a shame that there is so little general acceptance of
    a system which could do so much to help stop virus and spam transmission.


    Regards,

    Bob

    --
    Remove "x" from address to reply by email

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (MingW32)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFDBYzV/yGczvugYoIRAvnUAJ93qN0W7WAG2PJu8VcYev1P8biBHwCfXGd L
    asXfcg5/F3vf8D+B1nevs6E=
    =afdm
    -----END PGP SIGNATURE-----


  8. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Wilfried Hennings wrote in
    news:402bg1pim5hjokqa56ubdig27njjv7hr6m@4ax.com:

    >> You have a lot more faith in heuristics than I do. I've never heard of
    >> a single case in which it actually caught a new virus.

    >
    > So I have to tell you that F-Prot-Win did it on my PC in at least one
    > case. In the morning I received an email with an attachment which F-Prot
    > classified as "probably a virus". Although normally I erase all suspect
    > files, I let it stay on my PC just being curious whether it would be
    > identified later. After they issued new virus definition data in the
    > afternoon, the suspect file was classified as a virus.


    That's good to hear, and I'm not really surprised that sometimes it does
    work. I do use activate heuristics "just in case." - I just don't expect
    much from it.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.0.2 (Build 2424)
    Comment: PGP FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQwW/ZmDeI9apM77TAQLl+Qf+Me44b/tQGnErvDixyqKC81438h0vMrfh
    tWKCo32VshFaHDHJi8ewOEwBt9gOr+nHDZ1hKSEO26ZBqgcaVO 2KRc+d4lVD1IO/
    T7+R+E2/XtLn63GGk5rS280S3+TszUsPT5I4oR1cTpfWD+RyTvS7mGWWMv HmKqbx
    1oAVwdbP0cJypWxiPpWGBwzdhPNKgwYq9Uxq18+7njKc9BZhL+ DflkBo64mkm8Im
    27Pamt7367i8qocHym+oFheheQAAZIScGeVNw2WX+N0wxNZZRW 9ZPMNRdRmlhEwg
    lJ2T/8abGS6JLcgKmm4PFhAACgEGGl9ZRWGHSCY7LOeFLiOE211PiA= =
    =CaYV
    -----END PGP SIGNATURE-----

  9. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Bob Henson wrote in
    news:de42ch$rjm$1@bananasplit.info:


    > The latter point is valid on systems that use real time scanning, but
    > many systems in industry don't (mind you, they don't necessarily use
    > e-mail scanning either), but rely on central servers picking out the
    > problems before they reach the end users - perhaps largely because real
    > time scanning would slow the terminals down so much. It doesn't work - I
    > know of two big industrials brought to a standstill recently when the
    > central checking failed. My other half doesn't have your faith in the
    > learning ability of other users - she works in a large call centre, and
    > she tells her colleagues over and over again not to open attachments,
    > and over and over again they open them anyway.



    Hi Bob,

    I would absolutely agree with you that email scanning is much better than
    no scanning at all. After all, the greatest virus risk does come from
    email, and either email scanning or real time scanning will find it if the
    virus defintions cover that particular virus.

    I do also agree that many people will just do what they want regardless of
    knowing better. Actually, the only virus I ever contracted, years ago, was
    for that very same reason. However, regardless of using email scanning,
    real time scanning, or both, it doesn't matter in the end result. But, I
    do think email scanning may lead to a false sense of security, and
    therefore actually increase such risk taking.

    BTW, even my employer, the State of New York, has real time scanning on all
    employee assigned PCs (at least at my facility).

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.0.2 (Build 2424)
    Comment: PGP FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQwXBhWDeI9apM77TAQIH3QgAiIL7t/spt5zDFOKFte469J96DXdDg0s1
    Py6dt0JgYojIy7c2TCtw/Jse4FgbwlZWIGyGiV6mEX8wpxDK4q0g2vaAxDCt2yc0
    T7ITqy9n/kCXhJVBFW2AAntjiBg4u3+KHlYY3SP8GBcpUX1EdcCr3R7JH9a +KuX0
    QFkpMKfvtkN3oOfqW4hDmWAGglOiptuq+U2e7irwqNuMFEU2Th KsRQMtVPgCipiw
    GYe/W4cwtQFBgYPGfYbGrUNAUVrsBI4oMRZOlB6dVjjqs2imjqAU97 VzoN8M7zvO
    Tli3Mjl2Rbw6NhzIQdVjhux8h7oPrl35mwpKDIhkPQptVGYul0 HcfQ==
    =JzVX
    -----END PGP SIGNATURE-----

  10. Re: PGP and Norton AntiVirus

    On Fri, 19 Aug 2005 11:24:57 GMT, Tom McCune
    wrote:


    > After all, the greatest virus risk does come from
    >email, and either email scanning or real time scanning will find it if the
    >virus defintions cover that particular virus.


    In the alt.comp.virus group there is a thread on the fact that
    antivirus programs cannot be fully relied on. Some of the regulars
    don't use any real time scanning, but use on-demand scanning.
    The thread is: pif files strange behaviour , and refers to the
    problem caused by Windows hiding the extensions.

    Geo


  11. Re: PGP and Norton AntiVirus

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Virus scanning on e-mails is just a waste of CPU Cycles and I/O time.

    If an attachment has a virus, guess what, it's going to get scanned when
    you open/save it.

    Just disable it
    Matt Westfall
    Owner / Operator
    FiftyPounds Internet
    http://www.fiftypounds.com

    This message is digitally signed with Pretty Good Privacy (PGP)
    Info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy



    C.Schlehaus wrote:
    > Hi,
    > now that I'm aware of the different behaviour of PGP 9.0 (thanks
    > to all responding to my last post), I get annoying errors from
    > Norton Antivirus 2005. It states that Norton (with automatic email
    > check activated) had encountered an encrypted mail service, which
    > is not supported by Norton (I think this is PGP's email proxy).
    > While the support states you can get rid of this by "ignore this",
    > the referenced checkbox is not available...
    > The only solution is to disable automatic email checking, now I'm
    > not sure whether this is a serious impact regarding Viruses sent by
    > mails no longer detected or not...
    >
    > Thanks again,
    > Carlhermann
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (MingW32)

    iD8DBQFESMxOb/8X6V5MpAURAr2bAJ9ESlxOaJyAPU+MbC8h+PMS5csQHgCghvx0
    IjQ2o2dvMi46bmVO/0zI3Rk=
    =o6rF
    -----END PGP SIGNATURE-----

+ Reply to Thread