Does PCTools Threatfire Boost Security?
I've seen magazine ads for a security tool called PCTools ThreatFire, but I don't quite understand what it's supposed to do. Will it replace my anti-virus software, or do I need both?
Adding PCTools Threatfire to Your Security Arsenal
You don't need to know a burglar's name to know that he's a threat to your home security. Likewise, you shouldn't need to know a computer virus' name in order to stop it before it does damage to your computer or sends your bank account password to some felon on the other side of the planet. But that's exactly how some anti-virus programs work.
PCTools Threatfire anti-virus software works differently, and can significantly boost the virus detection rate of your existing security software.
Some anti-virus programs rely on digital "signatures" of known malware programs for identification and blocking purposes. A signature is often a "checksum," a single, relatively short number that represents a theoretically unique characteristic of a program such as the sum of zeroes and ones in a program's bits. When a program is downloaded to your computer, the anti-virus program calculates its signature, compares it to its database of known viruses, and if the checksum is found in the database an alarm is sounded and the program is quarantined. There is an obvious shortcoming in this approach.
Signature-based virus detection won't detect viruses whose signature isn't in the database. All the Evil Hacker has to do is change one bit and his malware has a new, undetectable signature. This is why your anti-virus program downloads an updated database of signatures frequently; there is a never-ending war of changes between malware writers and anti-virus software developers.
ThreatFire - A Behavioral Approach to Virus Detection
You don't really care about the fingerprint, signature, or shoe size of a piece of malware. What you care about is what a downloaded program is doing. PCTools' Threatfire monitors the behavior of all programs running on your machine, and sounds alerts when a program does something that might be harmful.
When a program acts suspiciously - say, attempting to open a password file that it did not create - Threatfire blocks the potentially dangerous activity and attempts to verify the program's identity against a database of signatures. It tells you, in effect, "This program is up to something, and we have/haven't identified it as a known piece of malware." Then it's up to you to decide whether to block the suspected software or let it continue what it's attempting to do.
It should be noted that this breed of behavior-based security software has its own shortcoming. It sometimes blocks the running of perfectly legitimate software based upon "suspicious" behavior. Such "false positive" alerts are like being stopped by the police and questioned because you are carrying a violin case. Violin cases are known to carry machine guns sometimes, so the cops stop you even if you're just carrying a violin. It's annoying but harmless.
PCTools' ThreatFire consumes very little computing resources and does not conflict with traditional signature-based anti-virus programs' operations. Therefore it is a good complement to signature-based protection. In other words, if you're using AVG, Avira, McAfee, Norton or some other well-known anti-virus protection, adding ThreatFire will provide even more protection.
In its basic, free-for-home-use form, PCTools' Threatfire does no more than actively monitor running programs and block suspicious activity. An enhanced Pro version ($29.95/year) will also scan your hard drive for known threats based upon their signatures. You also get telephone support with the paid edition; the free version comes with email-only support.
Do you have something to say about ThreatFire or other behavior-based computer security tools? Post your comment or question below…
This article was posted by Bob Rankin on 23 Nov 2009
|For Fun: Buy Bob a Snickers.|
Free Alternatives to GoToMyPC
The Top Twenty
Should I Buy an HD Monitor?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Does PCTools Threatfire Boost Security? (Posted: 23 Nov 2009)
Copyright © 2005 - Bob Rankin - All Rights Reserved