PCADVGRV.RVW 910906
Antivirus Product Comparison Review
Company and product:
Advanced Gravis Computer Technology
7033 Antrim Avenue
Burnaby, B. C.
V5J 4M5
604-434-7274
Telecopier: (604) 434-7809
Advanced Security for PC (also available for Mac)
Summary:
File encryption and hard disk access restriction. Virus checking is performed
through a program which tests itself for changes in similar fashion to early
versions of Victor Charlie.
Cost
Rating (1-4, 1 = poor, 4 = very good)
"Friendliness"
Installation2
Ease of use3
Help systems2
Compatibility1
Company
Stability3
Support1
Documentation2
Hardware required3
Performance1
Availability2
Local Support1
General Description:
FSECURE is a file encryption system, VSECURE is a "bait" viral detector and
HDSECURE is a software system for restricting access to the hard disk apart
from a password verified boot from the hard disk. Not recommended for
antiviral protection.
Advanced Gravis has had an opportunity to respond to the contents of this
review. The company representative stated that, although the promotional
literature states that the product will "[detect] the intrusion of harmful code
(viruses)", the HDSECURE product is not intended for that purpose.
� Comparison of features and specifications
User Friendliness
Installation
The programs are shipped on protected but writable 360K disks. In the case of
the unit received for testing, the write protect tab had been displaced prior
to receipt. The manual recommends copying the original disks and using the
backup for installation.
Both "automatic" and manual installation is available. Review of the manual
procedure suggests that installation is restricted to copying of the files to
the hard disk and some additions to the AUTOEXEC.BAT file.
The HDSECURE program apparently alters the partition boot record in order to
deny access unless the computer is booted from the hard disk and the password
is entered. Numerous restrictions on this exist in terms of bootable disks,
multiple disks and partitioned disks. Unless the system is limited to a single
logical hard disk, the "Technical Support" section of the manual should be
thoroughly studied before installation is performed. Also, the documentation
does not sufficiently stress the danger of loss of access if the program fails,
although it does note that the hard disk should be backed up prior to
installation.
Ease of use
The programs are easy to use and well prompted. Use of the program would
appear not to require reading of the documentation. However, the manual should
be read thoroughly and completely before using any portion of the program. A
number of points regarding non-standard installation are mentioned only in
obscure portions of the manual.
Help systems
Online help is mostly in the form of "warning" prompts.
Compatibility
Installation requires that the system be free of certain types of background
software. The installation process can detect disk caching software and other
conflicting programs, and will abort with a message.
Detection of viri with the VSECURE program appears to be limited to memory
resident, non-stealth, COM infecting viri.
Company Stability
Advanced Gravis is well known and established in the field of specialized
peripheral hardware products.
Company Support
No one is available after 4:30pm PST. The company does not have an answering
machine or voice mail.
Documentation
The documentation is clear and readable, but certain important pieces of
information are "buried" in appendices.
Hardware Requirements
A hard disk is required for the operation of HDSECURE.
Performance
While the consistent operation of the encryption portion of the program may
detect infection of executable files, and prevent execution of file infections,
the use of HDSECURE cannot be recommended for virus protection, and is
recommended against in any situation where boot sector virus infection may be
possible.
HDSECURE replaces the MBR, and uses some form of "stealth"-like programming to
make this change transparent to the system. According to the documentation,
this change makes the hard disk "invisible" unless properly booted from the
hard disk with the proper password. Casual testing confirms this. However,
the very common Stoned virus is able to completely bypass this security and
infect the hard disk.
Having infected the hard disk, the virus is resident in memory, and actively
infectious, on all subsequent booting of the hard disk. However, because of
the stealth programming involved in HDSECURE, antiviral programs, although able
to find the virus in memory, are unable to find any trace of the infection on
the disk, and are unable to remove it. Far from protecting the disk from
infection, HDSECURE now protects the virus from disinfection. (Use of the
DSRPART.COM program produced from Padgett Peterson's DISKSECURE package was
able to remove the infection.)
In addition, infection by the virus appeared to affect the HDSECURE program
itself. Although the hard disk protector would still recognize the original
password for access to the disk, HDSECURE would no longer accept the password
in order to change passwords or remove protection. Thus, the program was
protecting the infection from removal, and could not be removed itself.
Having removed the infection, and in doing further exploration, a simple
copying activity appeared to damage portions of the FAT, and rendered the disk
unbootable. Again, combined use of DSRPART and the Norton Disk Doctor program
was able to salvage the damage. I hope. Minor changes are still apparent.
Local Support
None provided.
Support Requirements
In terms of virus removal, the documentation states that "the best and surest
way to remove a virus infection is to re-initialize all ... disks including
your hard disk ..." It should be recognized that this process is neither
necessary nor sufficient for viral disinfection. Advanced support is therefore
required in any cases of detection of viral infection.
General Notes
Advanced Security appears to be effective as a means of restricting access to
information on a hard disk. The package cannot be recommended as a protection
against viral infections.
copyright Robert M. Slade, 1991 PCADVGRV.RVW 910906
======================
roberts@decus.ca rslade@vcn.bc.ca slade@freenet.victoria.bc.ca
"If you do buy a computer, don't turn it on." - Richards' 2nd Law of Security
Author "Robert Slade's Guide to Computer Viruses" 0-387-94663-2 (800-SPRINGER)