[ISN] Only Suckers Renew

From: InfoSec News (isn@private)
Date: Wed Oct 19 2005 - 00:02:00 PDT


http://www.eweek.com/article2/0,1895,1872416,00.asp

By Larry Seltzer 
October 18, 2005 

Opinion: If something goes up in price over 650 percent in four years
it has to have gotten a whole lot better, right? The industry has shot
anti-virus subscription prices up over the last few years hoping to
make users pay full price every year.

The price of most things in the computer industry is driven down over
time, from competition, economies of scale and advances in the
technology. But one product is up over 650 percent in the last 4
years: the annual subscription to Norton Antivirus updates.

In 2001 Symantec increased the price from $3.95 to $9.95, quite a
large increase on its own. Just recently, coincident with the release
of the 2006 versions of their security line of products, Symantec once
again increased the price of the subscription renewal to $29.99. The
new 2006 version of Norton Antivirus, of course including an annual
subscription itself, costs $39.99. Symantec's message is clear: you're
a sucker if you don't upgrade the program. The only question is
whether you're a sucker for getting the new version too.

Symantec has absolutely been the leader in this price boom, but most
other vendors have happily kept up. Many trail a bit behind. All of
them are pricing their products so that you have a strong incentive
not to renew your subscription, but to upgrade to the new version.  
 From what I can tell, McAfee has moved completely to a subscription
model for the software. The cheapest resubscription I could find was
Computer Associates eTrust EZ Antivirus at $19.95. Their new product
is only $29.95, so it too is no big savings over a full upgrade.

So the point is not to get you to pay more for your signature
resubscription; it's to move you to a model where you subscribe at
once to software and signature updates, the model to which Symantec
has moved with the 2006 products. The annual product version model is
dead, more or less. If you were to buy Norton 2006 six months from
now, and even if they come out with major updates in another 12
months, you'd get all the updates.

I guess if I were an anti-virus company I would do this too; after
all, the product actually doesn't change much from year to year, so
there's not much point in existing customers upgrading. Symantec does
claim advances in their products over the years, including the new
2006 versions - in particular a new Norton Protection Center which
attempts to explain complex issues in straightforward language. I
haven't tested the new products so I can't say whether they're worth
going through the trouble of an upgrade. And installing a new Norton
product these days is definitely a process that goes wrong for some
[1] (check out this link too [2]). Anyway, with respect to the new
features they add each year, so what? They may justify price increases
in the new versions, but they don't justify increases in subscription
cost for users of old versions who don't get the benefit of new
features.

Of course there are things that are good for the user about the
subscription model. As Symantec pointed out to me, many users are
confused about the fact that they pay for the product once, then after
a year they have to pay once again for something not exactly the same.  
Instead, with 2006, they are told from the beginning that they are
subscribing to all updates, including new features. Maybe it's
clearer, it's hard to say.

But it does clarify another problem Symantec has with respect to their
copy protection. If the real value is in the subscription and not the
initial software—and even the new software is useless if you can't
update it—then there's no point in protecting the software through
copy protection. They should give their software away and charge
whatever they want for their subscriptions. Symantec says that the
copy of the new software comes with an annual subscription and that
the copy protection therefore protects that, but this just tells me
they have an implementation problem.

Incidentally, I was curious about how these program updates would be
delivered. Right now Symantec has three different mechanisms:  
Automatic Updates, which happen without user action, deliver only
signature updates. Manually running the LiveUpdate program delivers
signatures and some program updates, such as bug fixes. And there have
been some cases where Symantec has delivered updates as downloaded
executables. I asked Symantec how they would deliver new updates
including new features, and they got vague on me. It's not clear. If
it's through manual downloads and the equivalent of an upgrade process
then most users won't do it, although they will have access to it.

It's especially galling to see Symantec increase prices for their
signatures when they are regularly one of the slowest companies to
update those signatures in response to threats. Symantec updates
regularly once a week and only goes out of cycle with updates when a
category 3 or higher threat comes along. In the last year there have
been only a handful of 3+ threats. The signature update process has
therefore become well-oiled and as regular as grandma when she takes
her Metamucil.

In fact, the 2006 versions address this somewhat. If you are running
the 2006 or future versions you will get daily updates. If you're
running 2005 or earlier versions, you're still on the old schedule.

For this they deserve a raise? Other companies release at least once a
day, many of them hourly, such as BitDefender and Kaspersky. This
usually matters little, but if you're one of the unfortunate few to
get one of the very common new threats at level 2 or 1 there could be
6 more days before Norton ponies up with protection for it. And for
keeping you at the old, embarrassingly slow schedule, they do you the
favor of charging you almost as much as they do for a full new copy.

Maybe anti-virus vendors figure that their time is limited and that
they better suck whatever money they can from customers before
something supplants them. We've been looking at products like Panda
TruPrevent that don't rely on signatures for detection; they're not
perfect, but they're getting a lot better. One day if they get good
enough the great Norton Cash Cow will moo its last.

-=-

Security Center Editor Larry Seltzer has worked in and written about
the computer industry since 1983.

[1] http://blog.ziffdavis.com/seltzer/archive/2004/11/18/3338.aspx
[2] http://blog.ziffdavis.com/seltzer/archive/2005/08/28/27160.aspx




_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Wed Oct 19 2005 - 00:10:15 PDT