new results from AV-Test.org (Q1/2008)

Antony Petrakis has ZERO affiliation with AV-test.org and Andreas Marx. Guaranteed

Secondly, the numbers of malware that are being described by Marx do not seem erroneous to me if we consider the fact that the F-Secure blog article was referring to a different thing (plus 1 signature may cover thousands of infected samples) and that there are many "variants" (repacked versions) of the same malware.

The test is at least moderately valid IMO. This time they covered more aspects than just the detection rate on-demand which is a good thing. The only real standout for me this time was AVG (which was better than KAV and I was not expecting this); others remained pretty much as they should

 

http://sunbeltblog.blogspot.com/2008/01/latest-antivirus-test-results-from.html

 

*Maybe* this post and the thread in which it was posted (which contains a few more quotes from Marx) might put some insight into this:

https://www.wilderssecurity.com/showpost.php?p=1011379&postcount=102

 

@Paul: source -> powerpoint presentation about dynamictesting from marx, page 4 ("Our AV lab is receiving about 2,000 to 2,500 new unique malware samples per hour!"). That paper is not yet on marx website (but he usually puts the papers on his website after some time), but i read this also on some german magazine website at the begin of january (but dunno remember yet the url). i only state what i read and hear, for details or interpretations of what someone means i am not the right person to ask, as i am not related in any way with marx.

 

Yep, but

In a scientific world your test method is as important as your test result. So scientifically Paul is right. But this is a very aesthetic and old school thinking.

In daily practice popular TV programs do not even bother to mention their test method anymore. They do not provide observations and evaluation criteria in depth, only their interpretation/personal opinion. The problem with interpretation is, you either believe the source or not (who says so). This is common practise and one of the reason why PCMag test/reviews for instance are bashed by enthousiasts at Wilders, but noob readers will take their opinion as true, because they trust the source.

Now in the latest years the consumer feedback reports are very popular. When you are looking for a new digital camera, you can find sites which rate them based on results in tests and personal experiences of individual customers. They just reflect the consumer opinion.

Now Paul, instead of behaving old school with a (scientifically) correct argumentation, face the way the internet changes consumption and information handling: go new age.

Provide some stickes/polls with Antivirus and HIPS (all sort of security aps) where posters are allowed to enter an opinion. When you look at www.twekers.net people can only post evaluations when they earned good vibes (for instance posts at wilders). Tweakers has found a nice mechanisme to keep negative trolls out (not able to evaluate a supplier).

Paul you are right, but it ddoes not going tochange the way test organisations are publishing test results of security aps. They need air time, scoops and headline references. They willl become less scientific, So let's innovate Wilders FORUM (with consumer evaluations: for instance you got an infecton using AV of the brannd 'nuts' or brand 'monkey'

Lusher already propsed a poll, https://www.wilderssecurity.com/showpost.php?p=1164955&postcount=62

 

Correct. Let's continue with your example. Just assume that someone who was using a Canon Powershot A<number here> gets his hands down on a Canon Rebel Xti (400D). I can gurantee you that he will write that this is the best camera on earth. (Because he compared it directly to his previous one) Does his opinion make that the best camera for a professional photographer? For sure not, because if he goes Canon Line then he'll pick a EOS 1 with some proper L-Lenses (The red ones). The difference is here: *THIS* guy knows already exactly what *HE* needs, because he's working in that field. HOWEVER; all the readers with no "clue" will start telling their neighbors there's nothing better than a 400D with standard lenses until they see some "better" results. Got the message?

 

Yes, but therefore you should make it like who saved your (censored), what package did not protect you from infection.

Dear inspector clouseau this is correct. Pshychologist have proven that before you are buying something you might rate A versus B as 49% to 51%. Shortly after the purchase this will shift to 43% to 57% and three months later it will be 30% versus 70%. So even taking this distortion into account, people are seriously looking at those user experience sites.

So although I just told a arguments against my statement (meaning user experience are unreliable and only related to their own previous experience), daily practise add prrof to my statement: lets innovate wilders security with experience polls (like lusher suggested)

 

It goes even more beyond this... Let's ask a very straight forward question. Would you admit to other people that you bought crap? (Besides Family Members...) Ofc you try to avoid that because it makes you look "stupid" 'coz they assume u were not evaluating/researching it before you bought it. Thus, you try to "promote" your PERSONAL selection even with the fact that you know it is NOT perfect as you would like to have it. I'll tell you something...

*IF* i would ever believe in PUBLIC made (by different, unknown people) tests i'd be driving around with a "LEXUS OWNERS CLUB" sticker on my car, even if it's not a lexus.

 

BTW - Looks like a Subaru.

 

good to see you back posting IC,

so are you in agreement of Paul or not?

and whats your general idea about such huge tests?

 

Could be, i found that picture in some discussion where they wrote that this sticker attracts womans. As long as the windows are black and no door opens there is for most of the drivers quite a good chance that this actually might work for a few sec.

 

How about viagra?

Back on topic, even though my F-PROT was not on the ++ side, it sure is improving. Keep up the good work!

 

YES, I once bought new oversized pitons in my racer. It just did not work out. Because I shared this info, my dealer found a few cheap race exhausts, which might be a solution but were of a different model. I bought them and I am very very very very very very very very happy now,

NOOP, and it does not work that way in general. There is a satisfaction threshold which turns dissatisfied consumers into real trolls and determined product bashers.

There is applicable formula which skips out the average bandwith and only takes the very very satisfied users and the disapointed users into account. When a 10 was great and below a 6 is unsatisfactory. The 5 to 8 ratings should be skipped on average.

But let's switch to a consumer behavioral forum where marketeers and psychologist take part in the discussion, not on Wilders Security.

 

As you prolly noticed paul is still alive and posting that means i didn't have my argument with him *yet*.

But i can confirm (or lets better call it backup) that you can easily reach such number of samples within 6 months. Sure, you will have huge amounts of the SAME or at least VERY SIMILAR virus group (example: Tibs) *BUT* (and that is the important point (!) they are from a point of binary DIFFERENT from each other (poly layer etc). There are hundred thousands of new backdoors (technical note... we shouldn't call them *NEW*, but "Variant") of all "RMPITB" Trojans/Backdoors such as Hupigon's. To give you some idea... Last month alone 1820 DIFFERENT Password Stealers for the Online Game LINAGE. Go figure. One Game - 1820 malwares in ONE month. All chinese binaries.

 

Ok If these test are totally Honest and accurate, How does avast score a higher percentage then nod or drweb with no heuristic In place other then there email scanning? and If these test where all repeated again with all the Exact same settings and procedure would the test reveal the exact same results.Please dont get me wrong I have always liked avast and thought of it as a quality well rounded program and always seems to be getting better.I am Just curious How such strong heuristic scanners as nod and drweb can fall behind Avast pecentage wise.

 

i really do question the 99% or whatever AV's, about what they are really adding to their database.

 

And "RMPITB" means what? Thanks and I'm glad to see you posting again