KAV vs. TDS (continued)

Discussion in 'Trojan Defence Suite' started by dallen, Jan 28, 2004.

Thread Status:
Not open for further replies.
  1. dallen

    dallen Registered Member

    May 11, 2003
    United States

    Unfortunately, the "Guest" that started the original thread used some language that caused some of his/her thread to be censored. I don't like censoring as I'm a supporter of our 1st amendment here in America. However, I understand, and respect, the need to keep this forum clean of vulgarity. It is disappointing that the guest had to do resort to that because I felt he/she had a good point. I would like for you to comment on these statements
    I consider myself a reletively informed member and a proud supporter of Diamond CS software. I own the TDS-3 suite and am anxious to purchase the pieces of version 4 that will be coming out at an unspecified date in the near, or not so near, future (this matter is one of national security and cannot be discussed).
    However, I will admit that some of the decisions that I've seen in the recent past have raised some concern in my mind. For example:
    • The withholding of even the slightest hint of a timeframe on the release of version 4 which has been being talked about since I originally purchased the defense suite around one year ago.
    • When I purchased the package that promised the upgrade to version 4, I was under the impression that I'd be getting the whole upgrade. I realize that due to the secrecy surrounding the release that I don't have all the details (and all the details haven't been decided yet); however, through the information that I've gathered via this forum it seems that the product may be fragmented in such a way that in order to get the whole suite, or rather the "additional programs" that I will have to make additional purchases. Don't get me wrong, I like DiamondCS and all the hard work that goes into their products and I'm more than willing to support you by purchasing these products and you deserve the money, especially considering that you do not charge a subscription fee and that you keep your product more up to date with updates than Symantec does Norton. However, I see how people could perceive this decision as misleading.
    • Finally, I know that you are likely to discount the guest's claim that there was a review that showed that KAV detected more trojans than TDS by saying that it wasn't supported with facts. Even if the guest provided you with a link to such a review it could be said that the study wasn't done using proper scientific methods or that it wasn't a "creditable" source. I have two things to say about this and I'll open up to responses. One, I think that defense is a little overused not by TDS, but in general. I would rather hear that DiamondCS detects every trojan detected by KAV and more. I would rather hear that KAV was reverse engineered to discover what was detected and everything was incorporated into TDS. Two, the guest mentioned that most of the reviews indicate that TDS-3 was the superior trojan defense software, but wanted to know why this particular review said what it said. Maybe he/she made it up, but I believe the review exists. When the defense to such a claim is to close the thread it doesn't lend much credibility to the defense. When the guest sites that many reviews seen indicate that your software is #1 but has a question regarding a rewiew that states otherwise, in my opinion that guest has a legitimate question.
  2. Jooske

    Jooske Registered Member

    Feb 12, 2002
    Netherlands, EU near the sea
    The forum has a TOS, which was crossed as indicated.

    Leaving the real reaction to Wayne if more discussion is wanted.

    Generally spoken it has been said before, each av/at has their own databases and detection techniques. I can tell you i have various samples KAV finds clean and ok while they are full with nasty code TDS does detect and this are normal pieces i just got from the internet, no slef created stuff (i can't and am not interested to do so either) so just in the wild things.
    It can happen to any developer, they are also partly dependent on woth users submit, besides their many other ways to get them in.
    The one test product A will score better, the other test product B.
    I'm more interested in the technology and other circumstances behind the product.
    Fortunately many TDS users have KAV or NOD32 beside it, so do we really care which of the three finds the nasty, as long as it is located and dealt with.
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Feb 10, 2002
    Perth, Western Australia
    A bit busy to read everything here - BUT there are many points you have missed.

    AV companies receive thousands of submissions of COMMON virus/trojan/backdoor/adware/clean files. Taking a sample set of common trojans would give every AV a good result.

    The most dangerous trojans are Remote Access Trojans (backdoors) and many are still not detected by any AV. This is simply because they are created for private use, or for small communities online which dont spread them too much - and they often target newbie users who wont ever submit that SEX.EXE to an AV. Undetected forever perhaps.

    Playing the numbers game is pointless, all you know from a numbers comparison is that TDS and KAV detect different things. Sure, they might have 10000 backdoors, but how many of those are in active use, or were ever used on a lot of machines ? Some were surely used, and were submitted by a suspicious user.

    Now, how many were not submitted - and how many are in use which are not detected because they are patched to avoid KAV, or use an unknown compressor. TDS was created to attack trojans from as many angles as possible, and with any AV you have 1 thing to detect the trojan, a file signature. Due to the increased usage of patchers and unknown compressors this can be very easily bypassed. So TDS uses as many methods as possible to detect a trojan, including memory scanning. At least this way, more work is needed for an attacker to bypass detection. Included in TDS are Netstat and other tools, this is why we created Port Explorer.

    And since anything can be patched, we decided on Process Guard as an important part - it ruins their usage of all DLL injecting trojans (probably 90% of releases these days) and rootkits, not to mention stops termination and many other things. Its still part of the best Trojan Defense Suite available, its just a standalone product to do an EXACT TASK - stop process manipulation and termination. We wouldn't have it any other way

    As for what you get for TDS4, wait and see, Im sure you will be pleased. If you aren't then drop me an email
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Nov 11, 2002
    Perth, Western Australia
    Well we do know they will all be definately released this year (2004) , as has been stated before. That is a "slight" hint at a time frame :)

  5. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Jul 19, 2002
    Perth, Oz
    That poster was here with just one purpose and that was to cause trouble, discredit TDS, and waste our time (he's succeeded in wasting even more of yours and making you believe what he's saying - even though that was his first post). I'll let you guess why they're posting anonymously. We could continue talking about this but nothing would get accomplished other than wasting everyones time, and as we (unlike some it seems) have work to do and don't wish to waste any further time with such ridiculous posts, as that just helps the anonymous poster succeed in wasting more of our time.

    Our forum posts from the last half decade (and then some) should be proof enough that we're not here to "censor" anyone - we go out of our way at our own expense in our own time to answer questions from legitimate customers with real questions - consequently, we do not have time for time-wasters or trouble-makers, as I'm sure you can understand.

Thread Status:
Not open for further replies.