AOL’s Active Security Monitor has some big problems

AOL released a new program called Active Security Monitor, which is supposed to help find problems with the security settings of computers. It scans the computer, provides scores in various categories, and suggests ways for improving the security where the score isn’t perfect.

A nice thing to have, if it works. Personally I’m quite good at dealing with my computers’ security by myself, but a tool like that can be useful to point less experienced people to, and for getting a quick baseline.

Except that it doesn’t work well at all. And yes, I know, it’s from AOL, what should I expect, right? It’s a shame that they really don’t do much to improve the reputation they have in these regards, and blew this great opportunity.

So far I ran it on one computer. The computer runs a fully patched and updated Windows 2000 professional, has a fully updated Avast! 4 Home as an anti-virus, no firewall since it’s connected to a small network protected by a properly configured external router, using Firefox 1.5 and Opera 9 for browsers, And with both Spybot S&D and Ad-Aware SE Personal installed.

I downloaded and installed the Active Security Monitor program, and let it scan the computer.

ASM comes with an option to register it for a home network, in order get status on multiple computers at the same time. I didn’t do this, and will run a comparison on a second computer separately later on. No need to create an account for a tool when I don’t know I’ll use it.

After a few seconds of scanning my computer received a total score of… 53. Out of 100. Not a pretty sight.

Let’s start with the good thing first. It detected both Ad-Aware SE Personal and Spybot S&D, and detected that their signature files were not updated. This was all true. I usually keep the computer clean to begin with, and so didn’t run or update any of them for well over a month.

So I run both, updated the data, and repeated the scan. My score in the “Spyware Protection” category jumped all the way to Excellent, and the total score climbed to 57. Still not very impressive.

I also suspect I would have gotten the Excellent score with only one of them installed. Which isn’t enough, since the overlap between what they catch isn’t complete. They’re better together.

On the “Firewall” category my computer is ranked as Poor. Which is totally justified, it doesn’t have a firewall installed. But I took a quick look in the details, and was surprised to see that “A firewall is detected but is not enabled on this PC”.

This is wrong. I don’t have a firewall installed. And since it’s not installed, there is obviously no way to turn it on. Worse, ASM is extremely unhelpful in that it didn’t tell me which firewall it thinks I have and how it thinks I can turn it on.

Instead, the recommendations page had links to pages with general firewall explanations, some marketing hype on how the AOL service comes with full firewall protection (This AOL marketing hype exists on all details pages, whenever there is any sort of a problem, as far as I could see), and a non-detailed “To enable a firewall: Click Start, point to All Programs, and select your firewall”.

Yep, that’s going to be real helpful for anyone who actually needs this tool to know if they have a firewall or not. All those people, the ones who aren’t even sure what a firewall is, would have no problem at all finding it by themselves and running it.

Especially if, like me here, they don’t even have one. That could be a long long search.

It did say that if I would enable my firewall (The one I don’t have installed) it will raise my overall score to 79 (That’s a 22 points improvement).

Next, on the “Virus Protection” category my computer is ranked as Fair. Why just Fair? Because according to it “The anti-virus (AV) program on this computer is not enabled”.

I double-checked just to be on the safe side, and I can assure you that my copy of Avast! was working perfectly. So if ASM did find Avast! (Though I can’t be sure, maybe it found some phantom AV program, like the firewall) it should also know it’s running.

ASM also claimed that the signature files for my AV program are out of date. Which also wasn’t true, they were updated almost just before running ASM.

The details page contained the same list of not so useful suggestions, such as saying what a great AV protection the AOL service gives, and providing an explanation on how to turn on my AV program. A generic explanation, that is, which was identical to the one on how to turn on my firewall. Nowhere did it say even the name of the AV program it found.

It stated that turning on the AV program would raise my score to 70 (That’s a 13 points improvement). Personally I’m more concerned about why it thinks my Anti Virus protection deserves a Fair score if it believes my AV program isn’t even enabled. A not-running AV program should be just as good as a totally non-existent one.

Next is the “Windows & Browser” category. On this one I received a Good score, with two complaints.

The first was that “The Windows System Restore feature is not turned on”. And it was potentially useful about it, giving detailed instructions on where to find it in order to turn it on… Except that, well, this computer is running Windows 2000, and not Windows XP. And System Restore is a feature of Windows XP. It does not exist on this computer, and so cannot possibly be turned on. And all the places it directs me to go to in order to turn it on, well, they just don’t exist here. Totally dumb, and very unprofessional.

The second complaint it had in this category was that “Internet Explorer (IE) is not configured with encryption”. First of all, I hardly use IE, and as I said the computer has both Firefox and Opera installed on it, something which didn’t interest ASM in the slightest. And second, well, I never disabled any encryption option in IE.

So I went to the recommendation to see how ASM thinks I can turn it back on. Seems like I needed to “Enable Secure Socket Layer (SSL) technology on your browser”, and the way to do it is to go to IE‘s Internet Options, the Advanced tab, and there… to click on the Restore Defaults button.

Let me get this straight… In order to change an encryption setting, they want me to restore all the customizations I did there? Even ones entirely not related? Even ones that actually improve security beyond the defaults? Are they kidding me?

Plus, I checked my settings, and SSL was of course enabled. All settings that had something to do with encryption were right as they should be.

ASM stated that fixing the above two problems would increase my score to 63 (a 6 points increase).

On the “Wireless Security” it didn’t give a score, since the computer isn’t set for wireless access. That’s actually correct, so good job here on at least not thinking I have wireless access but need to turn it on, or something.

It also has a “P2P Software” category. On which I received an Excellent score. Why was it Excellent? Because “A peer to peer (P2P) file sharing program is not detected”. This is wrong on two entirely different levels.

The first one is conceptual. Having a P2P program installed is not a security risk by itself. Some of them are problematical, even very problematical, true. But not all, and not by the definition of being a P2P program. The risk is in what files are transferred with them.

But marking a P2P program as dangerous because you can pass bad programs in it is akin to saying having an email program, a web browser, or a CD drive, is bad for security. All true, but I didn’t see ASM complain about any of those.

The second one is that this computer actually had P2P programs installed. It’s not my main computer, so they’re old, and haven’t been used in many many months. But it has both KLT K++ and SoulSeek installed. Both are P2P programs.

I can forgive it for not finding SoulSeek, it’s not very mainstream. But missing a Kazaa Lite variation? Kazaa is one of the most problematical (from the security and privacy point) P2P programs out there.

And then it has the “PC Utilities” category, where I received an Unknown score because it didn’t find any PC Utility it cared about. Already questionable, since if not having them isn’t a cause for a bad security score, then they shouldn’t improve the security score when they’re there.

It had two points to mention here.

One item on the “PC Utilities” category was that “A PC optimization program is not detected on this PC”. What does that have to do with security? Actually, what is a PC optimization program supposed to do? There are tons of various optimization programs, doing totally different things, and many of them entirely not useful anyhow.

So I clicked their “Lean More” link to see what are they referring to. On the page they mentioned the built-in Windows utilities such as Disk Defragmenter, ScanDisk, and Disk Cleanup. All of which I have, of course, since they come with windows. And mentioned that there are better third-party tools for that.

True, but not relevant for security. This is supposed to be a security tool, so commenting on people not buying expensive programs (and programs most people usually don’t need) is out of place.

The second item in the category was that “A file backup program is not detected on this PC”. Here I can accept the security angle, since having backups is also good security. But the claim is nonsense. Especially considering their added explanation that they basically refer to anything used to backup files in a different location.

I have two different FTP programs installed on this computer, FileZilla and an older copy of SmartFTP. Both can be used, were and are used, for backups. I also have SyncBack installed on this computer, mostly for some test purposes, but it’s there and there’s no way for ASM to know what exactly is the usage pattern. So not finding any backup programs (Hey, ASM, listen up! Just copying files to a remote computer over the network is also a backup!) just indicates that it doesn’t pay attention. I do have backup programs installed.

Worse, one of their recommended solutions to the backup problem is to use “Xdrive: the most trusted provider of secure online storage”. Xdrive was acquired last year by AOL, so their incentive is clear. What’s also pretty clear is that Xdrive is far from being a trusted storage provider.

If I’ll add all the points I didn’t get the security score is an impressive 98 (57+6+13+22=98). Which is a good score. But, well, if I compensate for everything wrong, then why 98 and not a full 100?

I have two more general notes. One is that ASM decided I’m from a roaming location. I’m not. It’s a fixed desktop computer, with a fixed network, and a single active user. No roaming. At all. But since it doesn’t say what makes it believe I’m roaming, I can’t get it to change its mind.

If it can’t get this detail right, why should I trust it to get anything else network related right?

The second general note is that ASM uses IE to open all these additional information pages. It has them installed as HTML files on the hard drive, which is fine. But my default browser, and the program set to open these files by default, is Firefox. Which means ASM runs IE explicitly and on purpose.

Why would a security tool choose to intentionally run the least secure of my three installed browsers?

All in all I’m really not impressed.

I’ll run it again later on, using a second computer with Windows XP Pro, a different AV program, different P2P programs installed, and somewhat different settings. But I don’t count on being surprised by a sudden improvement.

On the bright side, the uninstall program seems to work perfectly…

13 Responses to “AOL’s Active Security Monitor has some big problems”

  1. Mileen says:

    Windows update 2 comes with a firewall When you install windows update2 you install a firewall. It’s up to you if you turn it off or on. I don’t think you have an option of not installing it, only turning it on or off. Also some antivirus programs interfer with your internet provider. Do you use aol? I’m trying to find a reaon not to install this. I don’t want it to conflick with another program like Norton does. Aol has Mc Afee, Norton and Mc Afee don’t get along in the same computer. When I buy a computer I usually delete Norton.

  2. Post author comments:

    Hi Mileen, thanks for the comment.

    I don’t use AOL, no. I have an AIM account, but nothing by AOL installed on my computer. And the Anti Virus program I was using (Avast) did not have a firewall component. Avast does have a module for checking network traffic, which was running. But it’s not a firewall, so shouldn’t be detected as one. And it was running, so if ASM confused it for a firewall it should have also noticed it was running.

    And this was on Windows 2000, as I wrote, not Windows XP. No firewall came with any of the service packs.
    Though, for reference, Windows XP came with a firewall from the start. The change with Service Pack 2 was to make it enabled by default. Again, not relevant to this case since it wasn’t done on XP, so Windows did not have a firewall.

    As for Norton Anti Virus, Norton Internet Security, or whatever else they have there, I’d recommend against it as well, yes. It’s decent as an AV program, but it’s terribly heavy and cumbersome. AVG and Avast are good free alternatives, and the prices for a home (5 computers) license to F-Prot is very low as well.

  3. Yahya says:

    Hi there!

    I’ve been using AOL’s Active Security Monitor (ASM) for several months now, and I’m glad I have. While not blunting any of your, quite proper, criticisms of the package, I have found one feature helpful: the periodic (weekly) downgrading of my security score because I have neglected to search for updates to my anti-spyware programs. So each Saturday, I get a reminder to do so. Unfortunately, Spybot S&D (my first-line anti-spyware) doesn’t seem to have an update scheduler. How hard could that be? My anti-virus program, AVG, lets me schedule both tests and updates. And contrary to many others, I think that an automatic update from a trusted provider is a fine thing, if that provider can’t be spoofed because of firewalls. So ASM is useful to overcome a weakness in a fine free package.

    My four main beefs with ASM are:
    1. No scheduler for updates and tests.
    2. Never recognises my file backup software (Backup, VersionBackup) as such.
    3. Never recognises my PC optimisation software (TweakUI, X, TweakNow, clean My PC Registry Cleaner) as such.
    4. Doesn’t let me remove (“unregister”?) a PC from my home network, so that the laptop I removed ages ago persists in the report, still contributing its old – and totally irrelevant – score to the network average.

    All told, I’m pleased that AOL has made the tool available. I do understand they’ll want to insert advertising and self-promotion in their Help pages, but I’m a skilled skimmer when it comes to reading. Nevertheless, I do hope they will listen to users, so they can improve it and make it a Really Useful Tool. Failing which, perhaps some other enterprising developer will give us a viable alternative that learns from these experiences?

    Best,
    Yahya

  4. Laz says:

    How do i get my P2P up i have a poor, i have limewire pro ( reason of poorness), duh, but how do i get my score up

  5. Post author comments:

    @Yahya – It’s true that Spybot S&D doesn’t come with an auto updater program, but it’s very easy to set it by yourself.

    If you regularly run it to scan the computer, there’s an option in the settings page to check for updates on every program run. That may be enough.
    Alternatively, it has command line switches that can tell it to run in the background, and to automatically update. And most versions of Windows, including XP (which I assume you’re using) have a general task scheduler. So you can schedule it to run Spybot every week/n-days/whatever, with the command line parameters of “/taskbarhide /autoupdate /autoclose” . That way it will just update itself in the background automatically.

    I’m not sure if there is, or will be, other similar tools, because the premise is very hard to deliver. You yourself say that it doesn’t recognize you backup and tweaking software. There are a lot of software tools out there which are useful for system maintenance, and it’s hard to keep one program up-to-date on all of them. It is of course doable, I’m just not sure if anyone else makes the effort.
    It’s good that AOL does keep such a tool, but since it doesn’t quite recognize all of what it should as well…

    @Laz – Are you asking how to make the AOL ASM program to ignore the fact that you have Limewire installed when it makes its assessment?

    Why does it matter to you? You know that it removes points from the P2P score over Limewire, and you know that you have Limewire installed intentionally. So just ignore the P2P score.

  6. chi says:

    i was so excited for this program but after installing it, was very very disappointing. i have komodo firewall and antivir up and running but they were only detected but were said not to be activated. and also some other ridiculous notions you mentioned.

  7. norise says:

    aol should take it off the market it suuuucks!!!!!

  8. PCSecurityExpert says:

    AOL was offering a simplified version of Kasperky, but ceased to provide it due to some reason.

  9. Ellen Downard says:

    I was fairly satisfied with the Active Security Monitor, until recently. All of a sudden, it doesn’t recognize my spyware program. I have the McAfee Special Security package, including spyware program, from AOL itself. The ASM says a spyware program is not detected, and therefore, gives me a low score. How can I get it to "see" my spyware program??

  10. Post author comments:

    Ellen, with all the problems the ASM software has, I would consider getting rid of it rather than trying to placate it. In any case, I don’t have any ideas for you beyond trying to check if it has an update.

  11. Thomas says:

    [Edited by blog owner: The site linked to in this comment is a scam, and probably the program is a trojan in itself. Stay away. I leave the comment otherwise intact so this could potentially still serve as a warning. Also please don't confuse the excellent Spybot - Search & Destroy freeware application, with this scam site.
    It's also interesting to notice that the response starts by apparently trying to agree that AOL is a good free anti-virus, despite the fact that it isn't (they provided a simplified Kaspersky for a while, and stopped), and nobody here claimed it was. Also, the quote marks seem to indicate someone didn't write this directly, by copied the text from someplace else. Not nice.]

    "Yep, Aol is one of the the best free anti virus. I am utilize www . search-and-destroy . com i am surprised with performance of this software it is working like a expert man..i am really satisfied customer of this anti virus software.

    Thank You."

  12. Free Virus Protection says:

    Interesting stuff. How can we know which protection to choose, when it’s so much available? Some old good ones, are not good today anymore.

  13. how to get rid of spyware says:

    AOL has always seemed to have problems with their software. Malwarebytes.org is mych bette rfor finding spyware.

Leave a Reply

You must be logged in to post a comment.