Matousec`s Tests (2011-06-20)

[flaubert71]

http://www.matousec.com/projects/pro...ge/results.php

Best regards,

Flaubert

[lordraiden]

Quote:

Latest news

2011-06-20: New results have been published for:
Kaspersky Internet Security 2012 12.0.0.374

93% score for Kaspersky Internet Security 2012 means 1 % improvement over the previously tested 2011 version. Kaspersky Internet Security confirmed its position among the best products tested in Proactive Security Challenge. Excellent result.
2011-05-29: New results have been published for:
Avira Premium Security Suite 10.0.0.608
Malware Defender 2.7.3.0002

Malware Defender finally reached the Excellent protection level. 91 % for today, very well done, but still some space is left for improvements, especially a protection of system COM interfaces is missing.

On the other side of the result table is Avira Premium Security Suite. With its 3% score there are just few products that finished even worse.
2011-05-06: New results have been published for:
F-Secure Internet Security 2011 10.51.106
Panda Internet Security 2011 16.00.00

The 2011 versions of the products tested this time performed just as their previously tested 2010 versions. For F-Secure Internet Security this means 9% score, for Panda Internet Security it is only 2 %.

He could have updated also the test of Outpost using the version 7.5

[Noob]

Interesting
Seems that Matousec isn't as active as before

[Kernelwars]

pc tools internet security did very good.. anyone using it? please share ur experience..

[SweX]

Quote:

Originally Posted by Kernelwars

pc tools internet security did very good.. anyone using it? please share ur experience..

Tried it 2010, it was the heaviest suite I had every used

But if you don't mind waiting 1-2 seconds for every task you want to perform, then you can try it out

[Kernelwars]

Quote:

Originally Posted by SweX

Tried it 2010, it was the heaviest suite I had every used

But if you don't mind waiting 1-2 seconds for every task you want to perform, then you can try it out

lol no go for me then.. Thanks

[xxJackxx]

I must say I really have no idea of how to interpret this test. It makes it look like Comodo, Outpost, and Kaspersky are the greatest suites ever and the likes of Norton and ESET suck tremendously.

[Hungry Man]

Feels good to be using Comodo I guess lol


edit: Avast! did surprisingly poorly. Their report even notes that they only passed because of an alert but the alert was too vague.

[Cutting_Edgetech]

Quote:

Originally Posted by lordraiden

He could have updated also the test of Outpost using the version 7.5

They have probably been working on those test for some time. I would say Outpost 7.5 was not available during the time of testing.

[Hungry Man]

I find it interesting that Avira And Avast!, two of the top recommended AV suites, are given such low results.

Makes me question the validity of the tests done by either Matousec or the av-comparatives site.

[Corno]

It amazes me that so many people take these tests seriously. Remember, you have to pay to be certified by them.

[Hungry Man]

What's your point? I don't know Matousec's reputationi. But they give individual reports showing that some of their test malware bypasses the products.

[Cutting_Edgetech]

Quote:

Originally Posted by xxJackxx

I must say I really have no idea of how to interpret this test. It makes it look like Comodo, Outpost, and Kaspersky are the greatest suites ever and the likes of Norton and ESET suck tremendously.

Unless the product tested has a HIPS then that product is going to have poor results everytime. Its not just a firewall test. Its more about testing the HIPS capability of a product than a traditional firewall or AV. Eset should start testing much better once ESS V5 is released since they have finally developed their own HIPS.

[Nekromantik]

I too was shocked to see ESET score so low.
I have never been a fan of Norton however, they used to be really bad and bloated but from recent reviews it seems like Norton have improved quite a bit.

[Hungry Man]

@cutting
Basically. That's why, I assume, Comodo did so well. Automatically sandboxing ALL unknown files/ programs is definitely going to boost its score. And then there's the firewall too.

[trjam]

Most firewalls that dont incorporate a HIPS, well, thats a working HIPS, are no better then the windows firewall you already have, with a few tweaks.

[alex_s]

Quote:

Originally Posted by xxJackxx

I must say I really have no idea of how to interpret this test. It makes it look like Comodo, Outpost, and Kaspersky are the greatest suites ever and the likes of Norton and ESET suck tremendously.

After matousec started to test products with the max security settings instead of default the results became very hard to interpret. To interpret them you need to know how many people run product with the highest security settings (actually, everybody knows that it almost nobody, which renders results to be almost useless).

[lordraiden]

Quote:

Originally Posted by alex_s

After matousec started to test products with the max security settings instead of default the results became very hard to interpret. To interpret them you need to know how many people run product with the highest security settings (actually, everybody knows that it almost nobody, which renders results to be almost useless).

At least you know what a product is able to do, maybe is useful for those who enjoy popups

HIPS=popups if you like HIPS you will be interested in this test. If you are using a HIPS with low or standard settings you are not controlling many things, so the HIPS layer is not important to you.
Anyway some products has considerable wishlist that avoid many popups.

[alex_s]

Quote:

Originally Posted by lordraiden

At least you know what a product is able to do, maybe is useful for those who enjoy popups

I don't think you'd feel better being infected, knowing that with the max settings you would not be

[lordraiden]

Quote:

Originally Posted by alex_s

I don't think you'd feel better being infected, knowing that with the max settings you would not be

So where is the problem? use one of the 100% score products with the max settings if you want to control everything.

Quote:

HIPS=popups if you like HIPS you will be interested in this test. If you are using a HIPS with low or standard settings you are not controlling many things, so the HIPS layer is not important to you.
Anyway some products has considerable wishlist that avoid many popups.

[alex_s]

Quote:

Originally Posted by lordraiden

So where is the problem? use one of the 100% score products with the max settings if you want to control everything.

Problem is I don't want to control everything, I want that it was both, usable and secure. But instead of and/and I'm proposed or/or.

Another question is, if default mode is not secure, what is it intended for? (marketing aside).

[Blues7]

Quote:

Originally Posted by alex_s

I don't think you'd feel better being infected, knowing that with the max settings you would not be

I agree.

I even contacted the folks at Matousec to verify that my own settings for PrivateFirewall were the same as theirs used for testing the product.

I'd rather deal with a few days of pop-ups than the alternative.

And though PFW is not at the top of the test (at 91%), I like the fact that it's not a huge suite of features which I am forced to either accept or disable. I find it to be a fairly intuitive and user friendly security app that works well with the others in my layered approach.

[lordraiden]

Quote:

Originally Posted by alex_s

Problem is I don't want to control everything, I want that it was both, usable and secure. But instead of and/and I'm proposed or/or.

Another question is, if default mode is not secure, what is it intended for? (marketing aside).

The default is to protect against the most important ones or the most used by malware, I'm sure that some of the exploits are not even used by malware nowadays.

For example spyshelter is an HIPS designed to protect against malware not to control the system, if you find a malware able to bypass it you send it to the developers and they fix it in a couple of days, and the HIPS has less rules than the famous ones but still the malware is not able to bypass it. Also most of the actions controlled by HIPS are not dangerous alone for example a malware need to make 3 modifications in the system to work, if the HIPS is able to block at least one of them, you are safe, with some junk in the computer but safe.

Matousec test the product against 146 "exploits"

If you want protection against all of them you get a popup against all of them, 146 popups, there is not any intelligence in an HIPS, you get a popup for every action controlled.
If with any HIPS, oa, private firewall, COMODO D+ or any other you get less popups is because of the whitelist, or the "installer modes".

If you want less popups you can configure the Comodo HIPS manually or using a preset.

Comodo has a huge whitelist, in the proactive (a profile better than the default one) mode you will not see more than a couple of popups a week.
http://help.comodo.com/topic-72-1-14...ctive_Security

You can also use the paranoid mode if you want more control and a few more popups http://help.comodo.com/topic-72-1-15...-Settings.html

My personal experience with OA default and Comodo in Proactive mode is that Comodo has a biggest whitelist and produces less popups.

[Blues7]

Quote:

Originally Posted by lordraiden

Doesn't make any sense.

Perhaps not to you but it works for me.

To each his own. I'm not trying to convince anyone that my way is the right way.

I ordinarily don't get a lot of pop-ups after a few days unless I've made some changes or significant updates to apps on my system.

I'm okay with the pop-ups. I'm not okay with the alternative nor am I comfortable giving over too much control to whitelists whether from Online Armor, PFW, Comodo or any other reputable security vendor. I like to know what is running and/or connecting out whether it's one of the "good guys" with a certificate or not.

[Hungry Man]

I use Comodo defense. After a day or two you don't get many popups at all.