Is difference in protection offered really worth worrying about?

I'm coming to the conclusion that the difference in protection offered by the best AV products is getting so small it's really not worth bothering about,the top ones seem to be consistently the same products in most tests and the results for these seem to be so near each other as to be not the criteria which a product is chosen on,am I alone in thinking this way?
Protection seems to be more influenced by how a product is configured than which product it is!

 

I tend to lean in this direction as well.

Obviously we all see instances in which one product either lags or exceeds the performance of the pack, but it does appear to be a transitory situation and isn't necessarily germane to most of us.

Extremely simple extensions (LUA/SuRun, one's preferred approach to managed/controlled execution (HIPS, etc.) or simple partition virtualization) would seem to cover the bulk of the remaining issues that could emerge and which are best characterized as very infrequent, which only reinforces your point.

Blue

 

My take is that security vendors as a whole, are taking the needed steps to combat malware on a new front. It is obvious they could not sit on their tails when it comes to their own survival. I see things taking a 360. First we had AVs and suites for protection. Based on a variety of reasons, some self induced by the vendors, layering came about with a host of specialty products to fill the gap. I now feel that the majority of the first group are making their products in a more rounded fashion and are rising to the top again. So the thought of suites and/or AVs losing their place in todays world of protection, at least to me, is not as real as some leading professionals would lead you to think.

 

But putting all one's eggs in one basket is inviting trouble. That is true whether it is computer security or many other things in life. I don't like Suites. I will stop using any antivirus if they all get gunked up with unnecessary features. I prefer layering. I think the AV vendors are headed in the Suite direction because of the ignorance of most users who mistakenly think Suites are the ultimate solution to their problems so they clamor for the Suites not realizing that it is education regarding the safe operation of their computer that is most important and secondly layering albeit not in an excessive manner, but layering properly and that, of course, goes back to the issue of ignorance and lack of education regarding computer security.

 

I agree with the original poster and BlueZannetti.

A lot of people will be quick to jump on the bandwagon when say product 'A' misses some malware, and fails some 'latest test' which product 'B' didn't. (Product 'A' might have even passed the same test which product 'B' previously didn't.)

In all honesty, when product 'A' achieves 97 per cent and another achieves 97.3 per cent, what are the chances of picking up that 'malware' that was missed? If a user is using one of these products, are they really concerned that the missed 'malware' will appear on their machine? Do people lie in their beds at night, shaking uncontrollably, 'I bought product 'A', what am I going to do?! Trojan zundo/zaphas/fukus' is going to get me!'

I agree people without any protection, who practice clicking/downloading every email attachment going around, downloading zipfiles through P2P without looking at the file, they will be infected, with spyware, and viruses, and trojans. Most of it will probably not even shutdown their machine, just slow it down to a snail's pace and transfer/steal their data.

But the leading products that are discussed on here, all provide excellent protection for everyday users. It all comes down to which graphic interface you prefer, which one is faster on your machine, which one has the options you feel comfortable about. All the slagging that goes on is just plain nonsense.

 

I think it all depends on what your internet surfing/computer usage habits are.

For instance, if you are a careless daredevil websurfer, i know by own experience (in-house 'tests' ) that some of the well-renowned AVs won't work for you.

 

no av product claims to be able to protect against supidity!

 

AV tests are about the only tests that present data without any margin of error. They all seem to post percentages out to 1 or 2 decimal places as if this data is the Word Of God. Unless they are testing every piece of malware in every category this is impossible (and unscientific). So basically depending on the amount of samples tested, and the quality of these samples you may have a product testing out at a 95% rates actually being superior in the real world to an AV with a 99% rate. There's just no way of telling.

Everyone here by now knows the top 5. My advice is to pick the prettiest.

 

Right you are. Among the products that I use, there is a minute gap in detection. My concerns revolve around features that I'll actually use, and the overall 'feel' of a program on my system

 

Personally i don't worry about the differences, my focus is on what works best for my particular setup.

 

My main dertermining factors nowadays is customer support,or lack of it,and how a product runs/feels to use:-the latter being a subjective thing and cannot be measured quantitively,but it does matter!

 

I agree with the OP. Amongst the top tier the main considerations have now become compatibility and price.

However, I believe the industry is at a crossroads where signature based detection (including what is now called heuristics) is mature, but behavior based detection is not yet ready for prime time. Unfortunately the situation now is dominated by malware authors who understand how AV programs work and are designing to avoid detection.

 

I guess most AVs really detect +97% in real life , so there is no reason to use firewalls, HIPS, behaviour blockers, safe hex

 

That might be pushing it just a bit.

 

No such thing as safe surfing anymore with legit sites being hijacked.

 

I was worried about the differences, but even more about the fact that a detection rate of 100% didn't exist at all. Nowadays my worries are over and I sleep better.

 

to quote a wise man,

do you know there is a virus, that ZERO antivirus can detect?

 

yes, the make-it-yourself.

 

nope, one that is on the internet....... and no antivirus can do anything, zero detections for it. (apparently....)

scary huh?

lol

still, i wouldn't be too worried using just an AV, its all ive used since about 6months when i also added HIPS and ive never been infected, and ive had licences for alot of them over the years.

 

Is that real? Nothing can cure it? I can. Delete the file, kill the process, if it fails, format your drive

I am worried about using a single AV, and CSJ, how do you know if you haven't been infected if you only use Dr and HIPS?

 

because i always keep my machine at a fresh state,

 

I do the same, I keep my system partition in a "fresh" state.
Since September 2007 I also added the "unused" state and now I have not only a malware-free system partition, but also history-free and junk-free.
In the past I had such a clean system partition 2 times a year, now I have it after each reboot, that is more than one time a day.
I still have to find the first scanner, that detects something on my computer.

 

Theres now source of great power and inginuity with the latest security inventions but the mots important of all safeguards that i consider the most vital of them all is a very dependable backup strategy that no user should ever take likely nor discount because if all else happens to fail you, a backup duplicate image is your absolute fnal measure for safe recovery.

I would make that my top priority above any and all others as your chief preservation strategy.

Worry is an emotion and in the computer world that possibility is a real potential.

 

That's how I keep my system partition in a permanent "fresh" and "unused" state : Immediate System Recovery and Image Backup.

 

Agreed. As I have said many times, my major strategy is to image (Acronis or any other) as the ultimate fail-safe in the event of infection. You simple restore your machine to the pre-infection day. I make a complete image each day just before I quit, and if something happens the next day- very easy to restore. I have restored twice in the last four years- once on a hard drive failure and the other when an AV installation trashed critical Windows files.