Let's Talk Computers Interview - Outsmarting Internet Threats with NOD32 Version 3.0

Complete Transcript of Interview – Randy: Abrams – ESET 
 Let’s Talk Computers Radio Talk Show 
 Host Alan Ashendorf 
 Decempber 22 2007 
 
 
 

 Alan: Anyone who has been surfing the Internet knows that Internet threats are growing at an alarming rate. They are constantly evolving; constantly changing to try to get through our defenses. And to make absolutely sure that we are protected against all these new threats, our anti-threat, anti-virus software must also evolve. Or guest, today is Randy Abrams, Director of Technical Education with ESET. Welcome back to let’s Talk Computers, Randy.



 Randy: Well, thanks, Alan. It’s great to be here. 



 Alan: Last we were talking about your brand new ESET Smart Security Package. But, you also have completely revamped your award winning NOD32, Anti-threat, Anti-virus Software. Why are you releasing two brand new Packages, this time?



 Randy: Because users have the right to make a choice. If there’s a user that thinks that they’ve got the best Anti-Spam solution and that’s what they want; if they’re using a hardware based firewall and they don’t want a software based firewall as well, they can choose our threat sense engine in our NOD32. That’s their choice and they should have that choice. 



 They shouldn’t have to pay for the extra features that they’re not going to use. However, if the user wants the simplicity and the highly integrated protection that ESET’s Smart Security offers, then we offer that option, as well. 



 Alan: This warm-fuzzy feeling that you get when you get a little pop-up box that says, “ESET NOD32 has now been upgraded to the latest definition,” that’s the only thing that I see – other than if I get attacked and then I get a message that says, “Ok, you have just now been attacked – what do you want to do?” And then you have multiple choices at that point, don’t you?



 Randy: We try to keep it pretty quiet and yet let you know that we’re still working, so you know when we’ve updated. If there is a problem that really does require your attention, that’s when we come up and that’s when we help you and provide you with a variety of technical resources for you. Of course, we always try to fix the problem as automatically as we can. 



 And with ESET’s new Products, both NOD32, Version 3 and ESET’s Smart Security, you can actually submit a support request, right from the Product itself, if you need additional help. 



 Alan: Randy, you’ve made some major enhancements to NOD32.



 Randy: Yes, we have a brand new Version of NOD32; it’s Version 3. And there are a couple of significant changes. 1- for a lot of users, our interface for NOD32 seemed overly “techie”, if you will. So, we’ve a brand new interface; it’s a dual-mode interface. We have the standard mode, which is a graphical interface that’s a lot more user friendly and very, very simple to use. 



 We also have the Advanced Mode and with the Advanced Mode, you still have the pleasing interface, but that’s where you get to those techie details that the techies have always loved – where you can completely and totally configure everything. 



 So, with the two modes of operation, we’ve managed to make it simple enough for a very unsophisticated user to be protected and understand how to use the Product, and yet, allow the techie to go in and tinker with things to his heart’s content. 



 Alan: What kind of changes have you made to the internal Engine? NOD32, Version 2 is probably the fastest scanning engine out there in the market? What have you done to make it better?



 Randy: There have been a couple of changes. One of the changes is in how the Engine actually interacts with the operating system. With Version 2.7, our last Version 2 we often times had to unload and load the Engine from memory. Even though we’re very, very fast, it does have some overhead; and we are always trying to be even faster. 



 So, with Version 3 we’ve minimized the number of times the Engine has to be loaded and unloaded, which helps with performance a bit. However, there’s not of room to help with performance with our Product, actually, because it’s already quite fast and it’s low on system impact. 



 We’ve also overhauled our cleaning routines so that we’re much better able to clean infected systems. So, there are the two big technical changes.



 Alan: And of course you’ve changed the interface, as you mentioned, so it’s less intrusive. Most people don’t even want to know that they have an Anti-threat, Anti-virus program running on their system. They just want to know that they have the peace of mind that it’s doing what it’s supposed to and, “Don’t bother me.”



 Randy: And if you open Version 3 of NOD32, the first thing that you’ll see if that it tells you either you’ve got the maximum protection or there’s a problem that you need to fix and here’s how. People can then open it up and say “oh! cool” and know that they’re fully protected and then go on their way, because it’s always monitoring to make sure that that bad stuff doesn’t come in. 



 Alan: All we have to do is to take a look at that little task bar down in the corner and you can see that little green square and if it turns red, we know that we’re not protected and we just need to click on it and find out why.



 Randy: We try to make it as clear as we can with the new, integrated help system when you’re on a topic or looking at a feature of ESET’s Smart Security or NOD32 Anti-virus. You just click on the little question mark that’s up in the right hand corner of the window; it’ll give you context relative assistance, too.



 Alan: Talking about, “always monitoring”, there are threats the first thing that they do is disable the Anti-threat Anti-malware software that is running on your system. How does the new NOD32 version 3 keep that from happening?



 Randy: There are a variety of techniques that can be used that get extremely technical when you talk where things load with the system; how they hook into the kernel, how they integrate with the operating system. But ESET’s NOD32 uses a variety of techniques to try to ensure that it cannot be unloaded; cannot be disabled. 



 Actually, it’s impossible for any piece of software except perhaps the operating system kernel itself, maybe, to be completely immune to unload attempts. But in independent testing, they found that NOD32 is one of the most resilient to attempts to unload it from memory.



 Alan: What we’re seeing nowadays is that Internet threat software doesn’t announce itself the same way it used to and as a matter of fact, doesn’t even install itself the same way. In fact, one of their goals is just to get a “loader program” onto your system.



 Randy: Once we get a “downloader component” on your computer, then they can add all kinds of stuff. It can very complex and very difficult to detect what’s going on. 



 Alan: There are so many ways that malware writers are trying to trick us to install applications or programs that we think are going to be helpful to us, but actually in fact, turn out to be harmful to us.



 Randy: A lot of users aren’t being very discriminating about what they install on their computers; and the bad guys take advantage of that. So, more often than not, they will just trick you into downloading what you they want onto your computer. 



 Alan: Have you changed your heuristics? In Version 2.7 it was the most powerful heuristics on the market. It caught anything and everything, without even having a definition file. Have you changed that?



 Randy: Our heuristics have always been changing. We’re always working hard to improve the heuristics. Any time there’s a signature update, we can update the heuristics as well; it’s not just signatures. We’ve changed them between 2.7 and 3.0 and we’ll keep on changing them in 3.0 because as new threats come out to take advantage of new functionalities, new vulnerabilities, new techniques we update our heuristics to try to keep up with them and keep a few steps ahead them.



 Alan: A lot of times I’d like to see what is going on with my machine. What kind of logging do you have available for us, so that we can actually see if we’ve had any threats; what kind of threats they are and see what’s going on with our computer?



 Randy: With ESET Smart Security, we’ve got all the logging that ESET NOD32 has, but we offer up the logging for the firewall and for the Anti-Spam. And the protection status – if you’re in the Advanced Mode, you can look at the Anti-virus and Anti-spyware protection and know how many objects have been scanned; how many infected objects have been found, (what percentage) for individual modules you can get information on file system protection, email protection, web access protection. 



 The firewall will give you a graphical view of the actual processes that are running and if they’re listening on different ports and what ports they’re talking to – upload and download and how many packets have been sent recently. It gets very, very detailed – things like what Outlook is doing if you’re on the VPN - what your VPN client is sending and receiving - things like that. 



 So, there’s a real rich reporting capability available. So, if you’re a techie and you want to see all that stuff, it’s there for you. If all this means nothing to you; it’s just “gobbledygook”, you don’t even have to see it.



 Alan: Like the ESET Smart Security, NOD32 Version 3.0 is highly customizable as to what you’re looking at, what kind of heuristics, whether you’re using advanced heuristics and you just have screen after screen of features we can turn on and off, don’t you



 Randy: Yes, in the Advanced Mode, we sure do. In the Standard Mode, you won’t even see that stuff; it won’t be in your way; it won’t be in your face. 



 Alan: You have different levels of scanning. How does that work?



 Randy: When you go to “Computer Scan”, you’ve got a Standard Scan and a Custom Scan. The Standard Scan is as easy as it gets; you just tell it to go ahead and scan and it starts scanning your computer. The Custom Scan will allow you to tell it where to scan, what drives; what files and folders and all that to scan. 



 But, then when you get into your “Scan Set-up” in the Advanced Mode, you can create profiles and you can tell it, “For this profile I want you to scan these areas and I want you to scan what with this kind of heuristics and scan these types of files.”



 There’s an incredible depth of options that you have; you can schedule scans to run at various times and even have different types of scans schedule to run. You can run concurrent scans. You can scan and run another scan on another section of the hard drive or completely different hard drive. You can tell it scan alternate data streams.



 Alan: And you can actually make it scan in the background, so that you can do multiple scans at the same time, now?



 Randy: It’s a really cool feature. You can get a lot of different tasks done, but maintain the priority for the work that you want to do, which is why you got your computer. 



 Alan: ESET’s NOD32 has won multiple awards in just about every category, hasn’t it?



 Randy: Oh, absolutely – we’re the all-time leader in Virus Bulletin 100% Awards. AV Comparative.org named us the best anti-virus product of 2006. There has been a variety of awards, both technical and for growth as a company, even. We’re number 89 on Inc 500’s Fastest Growing Companies and we were only the number 2 in terms of growth in the Technology Sector. 



 Alan: One of the things I really like about NOD32 is when you have the license for NOD32 any new Software that you get is automatically added; you don’t have to previous Versions that you have to upgrade and buy another license for, do you?



 Randy: With ESET, we never want our licensed customers to have our 2nd best technology. So, if you’ve got a valid license for NOD32, 2.7, then you can upgrade to 3.0 at no charge, at all.



 However, what’s really cool is that if you decide that you want ESET Smart Security and you’ve got NOD32, 2.7 – the way that works is you’re able to upgrade to ESET Smart Security for the renewal price of a license, which is about 70% less than the full price – and that renewal gets added on to the existing license. 



 So, if you buy NOD32, 2.7 in June and this month you decide to upgrade to ESET Smart Security, then the renewal period is from this month through November, next year, (that would be the normal renewal) – however, since your license goes to June – it gets added on from June. So, you get like a year and a half for the cost of a year. 



 If you want ESET Smart Security, we make it very affordable and for existing users, it’s like getting the rest of your license for free with the renewal.



 Alan: What are we looking as far as the price of ESET Smart Security and NOD32, 3.0?



 Randy: NOD32, 3.0 – I believe we’re still at $39 for the first year and about $27 a year for renewal. And then for ESET Smart Security, we start at $59 for the first year. And of course, if you want to upgrade to ESET Smart Security, and you’re already a NOD 32 customer, then we make that extremely easy for you. 



 Alan: And you also have Trial Versions on your Website. And these are full-featured Trial Ware; they’re not stripped down or limited in any way, are they?



 Randy: Our Trial Versions are exactly like our full function Software, our paid Versions. The only difference is that they expire in 30 days; however with our Software, if you install a Trial and we find something malicious on your system, we don’t tell you that you have to send us money to clean it. You’ve got a fully functional evaluation copy and it’s going to clean that threat for you.



 Alan: Where can we find more information about the NOD32, Version 3.0 and the new ESET Smart Security?



 Randy: Come to our Website at http://www.eset.com and take a look around. If you go to the Products’ Page, you can get some information; on the Download Page, there’s information and if you go to the Threat Center, you can check out our Blog and even the weekly Podcasts that I do. 



 Alan: Randy, I want to thank you for being our guest here on Let’s Talk Computers – introducing your two new anti-threat Products, ESET Smart Security and NOD32, Version 3.0 and we look forward to talking to you again, real soon.



 Randy: I look forward to talking to you again. Thanks so much for having me today.

Eset on the Radio

Outsmarting Internet Threats with NOD32 Version 3.0