Discussion in 'other anti-virus software' started by waters, Aug 21, 2005.

Thread Status:
Not open for further replies.
  1. waters

    waters Registered Member

  2. RejZoR

    RejZoR Polymorphic Sheep

    Yeah well... they refer to VB100% awards ( and to a very very small comparison sample base. Test could be better though...
  3. Brian N

    Brian N Registered Member

    Although I agree on most what this guy says, it's really not a 'test'.
    Yup I'll wait just like everyone else on :)
  4. SDS909

    SDS909 Registered Member

    I would be a mistake to put so much stock into one testing place like av-comparatives and to assume "Everyone else" is waiting for it like you.. I think the best method is to look at the "Overall" results from a variety of tests, then form your conclusions based on the interface/features/performance/resources of the product - you know - the things that some consider more important than another 1% detection.

    There is far more to choosing a product than a single test, especially given how products can get better, or worse, during the lapse between tests. Which is why I recommend to my clients to PICK A PRODUCT, be happy, and stick with it, and stop the insanity of switching AV's every other month.
  5. Brian N

    Brian N Registered Member

    Picked and sticked 2 months ago, just want to see a real test instead of these home tests which are useless.
  6. notageek

    notageek Registered Member

    This was posted over at Broadband security forums. (by me) I still find it funny how the guy claimed AVG found more viruses than Avast but like he said layer up on protection. ;)
  7. ErikAlbert

    ErikAlbert Registered Member

    I agree with the home tests, they are worthless.
    I wouldn't even waste my time on doing a home test.
    Let the cobbler stick to his last.
  8. Ned Slider

    Ned Slider Registered Member

    OK, now we've all decided his tests are useless, I have to say his conclusions are probably spot on. Shame you don't really need to conduct any testing to figure that out though.

    But I am interested in discussing the concept he raises - namely using multiple products. I often have to clean badly infected machines and thus need to run multiple scanners over them. This normally takes the form of continuing until no more nasties are detected and can require as many as 6 different products - 2 from each camp covering AV, AT and spyware/adware. Sure it would make life a lot easier if one product would reliably detect everything, but I know that's never going to happen. Even using class leading products I regularly find a disturbing amount of stuff that gets missed by each product. At what point do you stop and have confidence the machine is truely clean from infections?

    I'm left wondering if this posses another wider question that maybe the traditional definition-based detection isn't the way forward?

  9. ErikAlbert

    ErikAlbert Registered Member

    Alot has to do with your
    1. personal experience/knowledge of computers/internet (from ignorant user to security expert)
    2. discipline on the internet (dangerous behaviour on the net or not)
    3. discipline on your computer
    4. computer capacity (bloatware or not)
    5. wallet (freeware or payware)
    6. degree of paranoia
    7. personal taste (do you like it or not ?)
    8. personal time for security (much time or no time)
    These points all together will influence your choice of protection (softwares and any combination of them).
    That's what I learned after reading these security forums for almost a year.
    Security is ALWAYS an illusion and a foolproof protection does NOT EXIST whatever you do.
    How far do YOU want to go ? Everybody has his own limits.

    Good question.
    IMO the traditional definition-based detection has no future, but it's still the best protection although very messy.
    Security Suites aren't good enough yet, but I hope that will change.
    HIPS softwares are too difficult for ignorant users and I'm waiting for userfriendly HIPS softwares.

    I'm also interested in the development of softwares like ShadowUser and SecurityOL (not released yet), which are closest to my dream of security, but still not good enough.
    I'm waiting ...
  10. controler

    controler Guest

    Alot of good points being made lately.

    I still think it is a good idea to keep pushing security down average users throats. The more exposer, the better.

    My guess for the future would be suites. GOOD ones.

    Not sure Shadowuser, deepfreeze ect are simple enough for home users.
    If not, they need to be easier or the users educated.

    Then again , most are targeted at public, corporate users at this time.

    I really don't see many posts on Microsofts shared computer toolkit here and still wonder why?

    With programs like these, the user doesn't have to worry about IF their protection is working at 100 %. reboot and all is back to normal except if they got hit during their session and got passwords logged.
    Even so, That would have to be done during the current session.

  11. ErikAlbert

    ErikAlbert Registered Member

    I concur. Once security suites reach the same level as the best AV/AS/AK/AT... softwares, security suites will become the most wanted security softwares and certainly amongst ignorant users, who are tired of all these numerous separate softwares.
    BUT I'm still not happy with security suites, because they are also based on definition-based detection.
    Definition-based detection isn't a good method IMO, you can't collect fingerprints forever and these fingerprint databases will grow and grow, while the TOTAL scan time will increase until it isn't practical anymore.
    Collecting fingerprints is a neverending story, because the bad guys won't stop making new ones. That's why this method can't last forever.
  12. controler

    controler Guest

    I agree

    Anti-Keylogger is one that has not used Defs for along time now and Online Armor is proving they can do it without defs also.
    I am not so sure I agree that memory watchdogs will go by the wayside since
    Nothing can run packed and must be unpacked to run in memory.
    Then maybe a memory scanner that does not depend on sigs will be the way to go as far as detection?
    I would like to see the intire suite proactive and not reactive if possiable.
    DCS prolly tried this but for home users, couldn't PG some how automaticly detect an install and go into learn mode making alot less choices for the user?
    For running Pg with windows shared computer toolkit, I also just untick block new & changed and untick block driver installs. I don't mess with the learning mode at all anymore. I have also noticed something with this setup.
    If i leave NOT alow new or changed APPS, I get alot of the handle is invalid LOL

  13. mantra

    mantra Registered Member

    avast has a low rate! :( :( :( :(
Thread Status:
Not open for further replies.