Everyone above a certain age remembers Laplink. Back before PCs were easily networked, you copied files from A to B by connecting serial or parallel cables and firing up the Laplink DOS agent. The firm has come a long way since then, and its range of data management and migration tools has expanded over the years.
Laplink has more recently moved into security with the launch earlier this year of Laplink PCdefense, a suite incorporating a collection of anti-malware tools and desktop security agents. It is pitched at both consumers and enterprise users, promising to fill in the gaps between existing security products rather than replace them outright.
In practice, this means that the company has licensed a bunch of software from other vendors and stuck a Laplink GUI over it. While not an uncommon approach, it hasn’t really worked this time.
Although the suite will mainly appeal to consumers and small businesses, Laplink has tried to make it enterprise-friendly, and offers the facility to customize it, adding components in a modular fashion. Not a bad idea, but the complete lack of enterprise management tools (like centralized updates and reporting) means the product will put off corporate users unless they have existing deployment and management tools like LANDesk or BigFix.
The software itself is a mixed bag. The attractive central GUI is just a wrapper: most components fire up interfaces of their own. The documentation, provided only as a PDF, is quite good at explaining the main concepts and identifying possible areas of difficulty.
Disturbingly, while one of the welcome screens explains alert pop-ups, it advises that if you are having problems, you should just disable the protection entirely! Not the best advice, we feel.
First up is the anti-spyware agent licensed from ParetoLogic. Its scanning capabilities are good, but we had a few false positives. You can schedule regular scans, and the overall integration with PCdefense’s look and feel works well. Alerts fire when potentially unwanted behavior, such as registry edits, is spotted. If the rest of the suite was of similar quality, it would have scored much better.
Much less impressive is the anti-virus component, which is no component at all, but just a link to a rebadged web page fronting BitDefender’s online scanner. No local agent, no on-access scanning, and you can’t even schedule regular scans. On top of that, the suite’s anti-spyware component fired up a multitude of warnings when the ActiveX agent installs (the scanner is IE only) and when it runs. We actually clicked past a slew of popups before realizing it was a stack of different alerts, rather than just the same alert repeated: the old "training the user to just click yes" routine was much in evidence.
There is a rootkit detector, which checks for evidence of the standard concealment techniques used by rootkits. It found some samples we sprinkled on our test system, but also turned up a false positive. And for items it identifies as malware, we could not find a way to remove or further investigate the offending item, rendering it nearly useless.
The anti-keylogger agent is better: it warns when applications intercept keystrokes. At first this is prone to false positives, but the suite does take care to explain why. As you whitelist standard applications you use every day, the alerts rapidly fall away and the agent does its job well (although we were able to beat the detection with a custom-built keylogger).
A collection of browser security tools is provided and, useful if you use IE, it monitors cookies and browser settings, and provides basic tools for blocking unauthorized changes. However, it assumes that "browser" means "Internet Explorer" on every system, regardless of the default browser configured in the system. We were pleased to see that this (as well as the online AV scan) performed under IE7 without a hitch.
The software also monitors the hosts file, which is handy, but we would like a stricter "known-good" enforcement.
A set of tools which monitor system startup applications and current processes is perfectly adequate, but probably confusing to the average end-user. If you need this sort of information, there are better tools available, like Sysinternals’ excellent (and free) "autoruns" tool.
What looked to be the most useful part of the suite is a data backup and recovery tool, which can take system snapshots and restore them after a disaster. Given Laplink’s pedigree in this space, we expected something special, but were disappointed with what turned out to be a very basic tool with no facility for incremental backups, schedules, volume spanning or much of anything else.
Despite Laplink pitching this as suitable for consumers and enterprises, it’s really struggling for a niche. Probably way too unwieldy for consumers (that is, everyone), and far too lightweight for enterprises, it looks as if someone in Laplink decided it should jump
on the security bandwagon and plucked a number of key buzzwords out of thin air ("rootkit! spyware! virus!").
Frankly, we expected better from a company with so much pedigree. If the suite survives to version two, we hope it will be a lot better.
— Jon Tullett
