Discussion in 'other anti-virus software' started by waters, Aug 21, 2005.
Yeah well... they refer to VB100% awards (#we.care) and to a very very small comparison sample base. Test could be better though...
Although I agree on most what this guy says, it's really not a 'test'.
Yup I'll wait just like everyone else on av-comparatives.org
I would be a mistake to put so much stock into one testing place like av-comparatives and to assume "Everyone else" is waiting for it like you.. I think the best method is to look at the "Overall" results from a variety of tests, then form your conclusions based on the interface/features/performance/resources of the product - you know - the things that some consider more important than another 1% detection.
There is far more to choosing a product than a single test, especially given how products can get better, or worse, during the lapse between tests. Which is why I recommend to my clients to PICK A PRODUCT, be happy, and stick with it, and stop the insanity of switching AV's every other month.
Picked and sticked 2 months ago, just want to see a real test instead of these home tests which are useless.
This was posted over at Broadband security forums. (by me) I still find it funny how the guy claimed AVG found more viruses than Avast but like he said layer up on protection.
I agree with the home tests, they are worthless.
I wouldn't even waste my time on doing a home test.
Let the cobbler stick to his last.
OK, now we've all decided his tests are useless, I have to say his conclusions are probably spot on. Shame you don't really need to conduct any testing to figure that out though.
But I am interested in discussing the concept he raises - namely using multiple products. I often have to clean badly infected machines and thus need to run multiple scanners over them. This normally takes the form of continuing until no more nasties are detected and can require as many as 6 different products - 2 from each camp covering AV, AT and spyware/adware. Sure it would make life a lot easier if one product would reliably detect everything, but I know that's never going to happen. Even using class leading products I regularly find a disturbing amount of stuff that gets missed by each product. At what point do you stop and have confidence the machine is truely clean from infections?
I'm left wondering if this posses another wider question that maybe the traditional definition-based detection isn't the way forward?
Alot has to do with your
1. personal experience/knowledge of computers/internet (from ignorant user to security expert)
2. discipline on the internet (dangerous behaviour on the net or not)
3. discipline on your computer
4. computer capacity (bloatware or not)
5. wallet (freeware or payware)
6. degree of paranoia
7. personal taste (do you like it or not ?)
8. personal time for security (much time or no time)
These points all together will influence your choice of protection (softwares and any combination of them).
That's what I learned after reading these security forums for almost a year.
Security is ALWAYS an illusion and a foolproof protection does NOT EXIST whatever you do.
How far do YOU want to go ? Everybody has his own limits.
IMO the traditional definition-based detection has no future, but it's still the best protection although very messy.
Security Suites aren't good enough yet, but I hope that will change.
HIPS softwares are too difficult for ignorant users and I'm waiting for userfriendly HIPS softwares.
I'm also interested in the development of softwares like ShadowUser and SecurityOL (not released yet), which are closest to my dream of security, but still not good enough.
I'm waiting ...
Alot of good points being made lately.
I still think it is a good idea to keep pushing security down average users throats. The more exposer, the better.
My guess for the future would be suites. GOOD ones.
Not sure Shadowuser, deepfreeze ect are simple enough for home users.
If not, they need to be easier or the users educated.
Then again , most are targeted at public, corporate users at this time.
I really don't see many posts on Microsofts shared computer toolkit here and still wonder why?
With programs like these, the user doesn't have to worry about IF their protection is working at 100 %. reboot and all is back to normal except if they got hit during their session and got passwords logged.
Even so, That would have to be done during the current session.
I concur. Once security suites reach the same level as the best AV/AS/AK/AT... softwares, security suites will become the most wanted security softwares and certainly amongst ignorant users, who are tired of all these numerous separate softwares.
BUT I'm still not happy with security suites, because they are also based on definition-based detection.
Definition-based detection isn't a good method IMO, you can't collect fingerprints forever and these fingerprint databases will grow and grow, while the TOTAL scan time will increase until it isn't practical anymore.
Collecting fingerprints is a neverending story, because the bad guys won't stop making new ones. That's why this method can't last forever.
Anti-Keylogger is one that has not used Defs for along time now and Online Armor is proving they can do it without defs also.
I am not so sure I agree that memory watchdogs will go by the wayside since
Nothing can run packed and must be unpacked to run in memory.
Then maybe a memory scanner that does not depend on sigs will be the way to go as far as detection?
I would like to see the intire suite proactive and not reactive if possiable.
DCS prolly tried this but for home users, couldn't PG some how automaticly detect an install and go into learn mode making alot less choices for the user?
For running Pg with windows shared computer toolkit, I also just untick block new & changed and untick block driver installs. I don't mess with the learning mode at all anymore. I have also noticed something with this setup.
If i leave NOT alow new or changed APPS, I get alot of the handle is invalid LOL
avast has a low rate!
Separate names with a comma.