Matousec`s Tests (2011-06-20)

I'm impressed with Privatefirewall's 91% score, considering how unobtrusive it is on my computer.

 

I'm certainly no apologist for Matousec or their business model but you have to know that if you got up in the batter's box 1,000 times it wouldn't make you the batting champion.

You might get lucky now and again and hit a home run (or two) but you won't nail a battery of 148 (or so) tests without actually remedying deficiencies. It's clearly not just a matter of repetition.

My experience as well. (Plus it's done well on the limited testing I have performed myself thus far.)

 

Subsequent to Matousec's test of PFW version 7.0.23.4, PFW issued version 7.0.24.4. That update to PFW expanded anti-logger protection, driver load attempt detection, & code injection monitoring.. Also improved leak, general bypass, spying and termination defense performance.

Ergo, PFW's latest versions (7.0.24.x) offer even stronger protection than did the PFW version tested by Matousec.

 

Bill, I've been advised of the expectation that the next version of PrivateFirewall submitted for third party testing should be ~ 99%.

 

Seeing the changelog seems that they have an active development, do you known if private firewall HIPS pass the spyshelter test?

 

Nice article :
-http://www.techsupportalert.com/content/matousec-personal-firewall-tests-analyzed.htm-


Private firewall is small and yet very powerfull plus its free

 

Just a question regarding the statement that Matousec charges all companies to have their products tested. Is this really true? Look-N-Stop has been included in these tests for years even though it has no HIPS, so is destined to totally fail. Does it make any sense to anyone that Frederic would pay year after year for such testing?

 

Matousec update the whole test for free 1 time a year or every 2 years, if you want your product to be retested before you have to pay.
I think he updated it when he started the test with 146 (i think) exploits, before of that there were like 60 exploits.

Probably he should remove all the products that does not have an specific HIPS or doesn't have any kind of program control according to their websites, but is not that bad to know how good is the program control of different security software even if they don't specifically say that they include an HIPS.

 

Coming from this result, some opinions and from the fact that some bad guys made it impossible for me to use my lovely OA I decided to install Private Firewall. I will not comment on GUI because nice GUI doesn't guarantee good quality. But the first thing I did I started CLT and I've got 100/340 (pure Vista provides 90/340). What I did wrong? How it can be possible to score 91% at matousec and almost zero with CLT (it really disappointed me because I hoped to find replacement for OA)

 

We were looking for the same? https://www.wilderssecurity.com/showpost.php?p=1893316&postcount=207

Did you put private firewall in the "manual control mode" with the process monitor in high?

Take a look to the help file, also you can ask in the link above, the pf Thread.

I scored 240/340 but maybe the test tool is obsolete, I don't know what to think.

 

This is a summary of the settings you may want to check that you are using.

 

I have just tested it with this settings on win7x64 and the score is 240/340

With spyshelter 290/340 (and does not have a firewall)

 

I did nothing special, I just installed, rebooted and run the test. OK. I'll try again and report. But if I fail I'll come back for advise

 

I hate when you need to tweak the settings to achieve security. Why I cannot get it with default settings?!!

 

Because the vendors configure the HIPS to be user friendly.

About CLT may be possible that does not work well on win7? the test is from 2008

 

Did you suggesting that if you want maximum security, you must score perfect on CLT?

 

I'm just not sure I understand what is max/middle/low security. It is either secure or not -- nothing in the middle

 

Sry if my question is not clear enough
So if you want to be secure, you must score perfect on CLT?

 

This is not only requirement, but this requirement is mandatory, yes.

 

Thx for the answer

 

NP

Actually, CLT is very good test which mimics the ways real malware uses to compromise security. I must admit it despite of the fact, that I have not too kind feelings toward this company and especially toward its CEO

 

i think lot of people miss the main point of these tests being opensource and freely available ...

so it has some weight and as You can see some products (btw. lot of the products with good score are also quite stable laterly)
take it seriously

hell even some who usually got 0% now have 10%

so no matter how much hate goes against the paid portion of the test, i use the test as measure of quality of additional coding

 

Vista/32 and recommended max settings, still 120/340. Sorry, guys, this does mean I would be already infected if I was attacked by real malware

 

BTW, What score you get on win7/64 without third-party security. I just have a feeling that win7/64 is pretty secure by itself.

 

Hi,


I have yet to see a computer security product that fully protects a PC/laptop at its default settings. I ain't seen none.

Almost all software developers in the security industry left some settings unchecked to either avoid annoying pop-ups or to avoid performance issues on the PC where the product is installed.

Example: It's not a secret here that my AV is ESET NOD32 v4.2 but, at default settings, Advanced Heuristics for file access is unchecked. You could tick it manually if you want to but, you risk a performance hit on your PC. It's a balance between performance or being more secure. Which one would you choose?

The same for McAfee VirusScan ENTERPRISE v8.7 patch 5 [which our IT Dept has deployed on all 5000+ workstations throughout our company]. If during the installation of McAfee Enterprise, you select MAXIMUM PROTECTION instead of STANDARD PROTECTION, you will not be able to install any legitimate application needed [Office, Pdf readers, etc] without having to disable McAfee first or call IT Help Desk so they can disable it for you...But, Maximum Protection is safer than the default Standard Protection.

Had our IT Dept. installed McAfee with MAX. Protection settings we probably wouldn't have so many calls from employees to Help Desk asking for help on removing FAKE AVs which in the majority of the cases, disable McAfee services on the local PC because it's set-up for Standard Protection.


As you can see, DEFAULT SETTINGS provide a “balance” where you sacrifice a little of Security for more compatibility, less pop-ups and less impact on performance.

Again...which one would you choose?


Regards,



Carlos