AV-Comparatives: Whole product dynamic test

Discussion in 'other anti-virus software' started by Baz_kasp, Dec 18, 2009.

Thread Status:
Not open for further replies.
  1. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Yes, I agree -- and encourage the company to fund participation in (or a replication of) one of the recent dynamic real-world tests (e.g., Dennis Technology Lab, AV-Comparatives, or AV-Test) that includes Prevx, so as to allow an objective assessment of their claim that “Prevx 3.0 with SafeOnline is the World's strongest, fastest, most powerful security solution for those who want to be safe online.” My own guess is that the Prevx product would perform well in such a comparison--how well, however, is yet to be determined.
     
  2. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    I dont know.:) But on the german forum everybod asks for HIPS and sandbox and i agree with them.

    But on the other hand i think G Data 2011 improvements will be similar to Avira 10... not big changes but there will be changes.

    Maybe G Data will improve the proactive detection and make the software lighter. It will use less RAM or something like that.

    What i hope is because of G Data uses Avast and BitDefender engine, they will put the upcoming Avast 5 improvments in their software. But this has very little chance.
     
  3. Patrician

    Patrician Registered Member

    Joined:
    Jun 3, 2005
    Posts:
    132

    Why does it matter to you so much? Do you have shares in Symantec or something?

    Symantec is doing well in the latest round of tests (We'll ignore Dennis Labs because of bias) and that is good for them. However, previous versions of Norton have been bloated, buggy and with dire detection abilty. *This* version is working well but I'll never, ever, let a Symantec product anywhere near any PC that I have anything to do with; nor will I ever advise somebody that Norton is a reliable product. I lost all faith in Symantec products more than five years ago and will never use them again.
     
  4. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    There seems to be a high degree of hate of Norton. As a result the AV will be criticized and claims made of pay offs.
    But I don't see how anyone can ignore the fact that Norton is one of the absolute best AVs in protection. Surely all tests are not "fixed."

    When I first got a computer in 1999 it came with Norton, and I used it for 4 - 5 years with complete satisfaction. It never caused me any problems, and if it was bloated I did not know or care. I just used it and it protected my system from a couple or three attempts at infection.
    The reason I left it was the cost of renewal licenses, so I went to others. I did not have any problem removing Norton.

    I do accept that it is hard to remove, but so is Kaspersky at times, hence removal tools.

    Norton is available on ebay for small prices, and I have bought a few with no problems.

    So one may hate Norton, for whatever reason I don't know, but if one denies that Norton today is one of the absolute best AVs he is just not paying attention to the facts.

    Regards,
    Jerry
     
  5. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    404
    Location:
    France
    Whatever the results, and the winners:

    If somebody believes this has anything to do with reality is mistaken. I followed from far the recent moves to this so called dynamic testing (I give full credit to av.comp. to write it down explicitly: this is not a zero-day test):

    But one thing I am sure of is it is BS. Anything (test) from now on (even from the past 5 or 10 year) which is close to 95+% is and will be BS, as long as the tested programs rely mainly on signature.

    Sorry but this test is flawed by the very reasons,of its own existence. This is too much done in accordance with the industry standards (sorry, industry marketing).
     
  6. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Folks - time out and get a grip!

    The unsupported (and virtually unsupportable) innuendo being flung about with all too casual abandon simply needs to stop.

    Don't like a product? Fine, that doesn't mean someone who either likes the product or is a bit of a public advocate for that solution is on the payroll of said company.

    You like a specific product? Great, but don't feel compelled to respond to every criticism with a return volley of barbs.

    Sometimes a users bad experience is precisely that, a bad experience, and not a conspiracy to subvert your preferred solution. By the same token, a good experience can happen. Really..., it does on occasion and some readers do like to hear about it as much as the bad experiences. A favorable opinion does not mean the poster is a paid shill for the vendor.

    Sheesh....

    Blue
     
  7. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Can you please elaborate? I’m interested in better understanding your perspective that the methodology employed by AV-Comparatives doesn't reflect “real-world” malware protection performance. What are the flaws? What would constitute reasonable alternatives?

    Thank you.
     
  8. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    I was actually hoping for something similar
    Something like a HIPS or a strong behavior based protection :rolleyes:, AND also as you said at least some features of the new Avast 5 :D
    Damn, i want BIG changes for 2011 :p
     
    Last edited: Dec 19, 2009
  9. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    404
    Location:
    France
    The first flaw in my opinion is this one:
    One first needs to engage as much investment in collecting, understanding malwares as the anti-malware industry to ensure one has the most complete picture possible. This would be the ultimate way to avoid any bias, and, of course, is impossible.

    The second thing is that objectively speaking, a retrospective test gives a 60% to 70% result at best (when signatures are becomming useless). So expecting much more than this in such a test for a "pure" signature based AV (signature and heuristics) looks simply ridiculous. I am thinking of products like microsoft, avira as a proof. The sentence: "the test was not designed to test 0-day threats" is a way to avoid the real problem:

    One should ask first: Why do I need an anti-malware? To catch obvious and/or old and well-known malware? to protect me when I really need it?

    Today's antimalwares are good for the first answer and bad on the second. The test realised will give a false sense of security to users while saying:
    well, with a non-updated OS, running as admin, and browsing to bad URLs, I am protected at a 99% level. Fair enough.

    I simply can't believe it. I played several times on malware domain list, or malwareURL, with different antimalwares (avast, avira, Kaspersky, Norton). Some day they would stop all, some they would simply fail most.
     
  10. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    FYI Jerry, speaking strictly for myself, I bear no hatred towards Symantec. My decision to never give them another single penny of my money was a decision made with all the emotion one invests in turning off a light switch. To spend my time "hating" them would be giving them a part of me. And as I commented to someone else on this thread, it matters not to me how great you or others believe them to be. It simply does not factor into my decision to never use their software. That shouldn't be a mystery to anyone. And words like love and hate, when used in regards to security applications, always leave me wondering... as do people (not necessarily you, Jerry) who can not stop defending a software. :)
     
  11. Billy Blaze

    Billy Blaze Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    79
    Location:
    Vorticon VI
    Your comment above is similar to that of Rick Moy's response to AV-Test.org most recent Real-World Malware Test, and I wonder if you make those comments taking into account that antivirus suites are being tested and not just the antivirus themselves?

    To me the argument that most antivirus by themselves can not achieve 90%+ detection of zero day threats seems to have some degree of merit (though like you mentioned it is difficult to prove), as this is also the argument given by cloud, behavior, hips, etc based anti-malware programs.

    I have not personally tried many antivirus suites but from my understanding of what others say about them, they seem to have additional components that may enhance detection/protection capabilties. And ive been wondering myself just how useful these components are or if they are just smoke and mirrors.

    So if your comments take into account this, are you saying that these additional components in suites can not make up the gap we see from the 60%-70% detection (that you and others suggest are reasonable for retrospective testing) and the 90%+ detection/protection we are seeing from the results in such tests?

    Because recent retrospective tests conducted by AV-comparatives... the results are in line with your 60%-70% detection. The only major differences I can see are that suites are being used and the test sets. Which I was also wondering if you call into question more the testing methodology (particularly the test sets) or the effectiveness of suites or both or neither?
     
  12. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    Speaking strictly for myself, I neither love nor hate software companies. Maybe you are applying your own emotions to this discussion more than you think.
    Aside from the fact that now that you mention it, you do behave an awful lot like someone who is affiliated with Symantec, I was not implying that when I said,
    I was using the collective "you", meaning that my non-use of Symantec products is only unfortunate for Symantec.
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I really dont know if detection rates are correct or not, to me I just look for ones that always finish near the top. I to use to be no-Norton fan, but the reality is, their products are better, a lot better. The best? That is a term that is relative. I have grown not as fond of specialty products, even though I am sure they are very good. But being old fashion, I still feel safe with any AV that consistently finishes near the top.
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I also agree with Blue in using and trusting your OS to assist with providing protection.
     
  15. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    Hi Page,
    thanks for the reply, and I take your comment at face value. As for me I don't think I defend any software unless my own personal experience indicates that necesssity. As I posted I used Norton some years ago with satisfaction.

    My own problem is that when some folk's favorite do well then that is a legitimate test. If their favorite does not so well the test is seriously flawed.
    I am pretty well convinced that some would never accept any test, and might say "Test it yourself."

    I have no capability to test any software. I just install it and if it works it is OK, and if I don't get infected I have been protected well enough. I understand that maybe I never had an attempt so who knows.

    Over the years I have been here at Wilders I have gained a lot of confidence in AV Comparatives. I have never detected any bias in IBK or his tests.

    I am not wedded to any software, and if Kaspersky, for instance performs sub-par I have no hesitation to dump it. I don't sway with every breeze, but several recent tests have been germane and I have done some changes.

    It is alright with me if someone does not like a company or its products, but when the statements that something that unbiased tests have demonstrated is excellent, I have little regard for some of the garbage that is spouted against the products. I think Norton is near the top in that regard.

    If someone expects to be respected for their expertise he must show impartiality as to results. Otherwise his own bias makes his comments and work very suspect.
    Thanks again for the post, and I did not take it as directed at me.

    Regards,
    Jerry
     
  16. HJO

    HJO Guest

    Interesting result.
     
  17. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Anyway, i think the main obstacle now is samples.
    How do you increase the number of samples and let IBK eat and sleep?
    Does this 'new' method imply that they need to do this every day, with fresh samples (from that day), and update results as time passes?
     
  18. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    IMHO Rick Moy's comment was related to the rates of zero-day detection, which was one part of the test, the other was the blocking test.

    However, both testers, AV-C and AV-Test, come up with implausible results.
    But who bites the hand that feeds one.
    AV-C generates its revenues directly from the vendors of the tested products and AV-Test generates its revenues as quasi-monopolist for magazine tests in Germany.
    But both are of course completely independent. :rolleyes:

    Cheers
     
  19. codylucas16

    codylucas16 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    267
    Is Symantec's Endpoint Protection just as good as its Norton products? Just curious
     
  20. Billy Blaze

    Billy Blaze Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    79
    Location:
    Vorticon VI
    I think the detection AND blocking rates found in the test conducted by AV-Test.org and AV-Comparatives are still considerably higher than what he (and others who share his viewpoint) believe "should" be for detection/blocking of "real-world/zero-day" malware and exploits.

    While I am some what lead to believe the same...
    I wonder why these results seem so "implausaible" to some? Are the other components of an antivirus suite really seen as not being capable of making up this large gap in detection/protection? Is there legitimacy to why some question the testing methodology and test set? And if so, exactly what aspects of the test are seen as flawed? To me I can only think of maybe the test sets as being rather small.

    Is it just me that think these results contrast quite greatly with what cloud/behavior/hips type programs are leading people to believe? The one argument that all these types of programs bring up time and again are that antivirus technology is not capable of responding to today's threats in a timely manner and they essentially fill in the gap or make up for these short comings. And with these tests it makes that "gap" seem rather small (or at least a lot smaller than what I think they would like us to believe).
     
  21. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    In the UK Japanese cars when they 1st imported basically rusted away in next to no time:-the manufactureres learned from this and the cars nowadays last as long as any other and are in general the most reliable cars you can buy,if the motoring public had taken your attitude:-once/twice bitten never trust a product again,we would not have now the cars they make today,there are lots of products that today are excellent made by companies which in the past have produced rubbish and now produced good even superb products,its the companies that don't learn from past mistakes you should steer clear of not ones such as Symantec who appear to have,you could perhaps be missing out on something that does all you want better than anything else
     
  22. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    In my opinion, there is no one software that stands out as so vital and so superior to all the rest that someone would, by your dfinition, be "missing out" if they did not use it. In our ever-changing world of security applications, the way I see it, the competition is great and the differences between products is in many cases, not so great. What leads the pack today can very easily be out of favor before you know it.
     
  23. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Amen, to that.;)
     
  24. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    That is a very reasonable perspective, in my opinion. It was not my intention to suggest that the quality of a product should be the only factor considered when making a purchase decision. The character of the company can also be important (e.g., corporate social responsibility) for many individuals, for example.

    However, one’s perspective on the company should not unduly impact an objective assessment of the company’s products. Stated differently, the insights from the tests by Dennis Technology Lab, AV-Comparatives and AV-Test need to evaluated on their own merit, and not exaggerated or discounted simply because one “likes” or “dislikes” a particular anti-malware company due to whatever reason.

    I think you’re reading far too much into my choice of the words “love” and “hate” (which were enclosed in quotations in my original post, to indicate a colloquial usage of the terms). Substitute “satisfied”/”dissatisfied,” if you wish, for a less emotionally laden version of the same point.

    Thank you for the clarification. No offense taken.
     
  25. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Yes, the differences among the top-tier products as identified in the most real-world tests conducted on the globe to-date (i.e., Dennis Technologies Lab, AV-Comparatives and AV-Test) are “not so great” (e.g., Symantec and Kaspersky).

    However, the differences between the top-tier products and the remainder are, in fact, very substantial. These differences should not be ignored by anyone interested in obtaining the best possible protection against malware.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.