Security Vendors Aim For Standard Spyware Testing

Does that mean they all are going to have the VERY SAME definition database for adware/spyware ?
If not, I don't see any significant improvement for the USER.

 

IMHO only after reading the pdf file they have made available on their Spywaretesting website that's mentioned in Ronjor's link would a user have an understanding of what they are attempting to accomplish.

 

IMHO, this won't happen, otherwise the competition doesn't exist anymore if they all have the very same definition database, except for ram usage, cpu usage, scan speed, GUI, support, userfriendliness, realtime, ...

For the user it would be a big improvement of course, because they would have to run only one scanner of their choice, which would lower the total scan time significantly.

What they are trying to accomplish is also VERY GOOD ... mainly for the security industry, but not for the user, which is a pity.

 

So far there has been no mention of mirroring databases Eric. They are coming together in a collaboration similar to the AV industry in regards to the Wildlist and CME.

from the PDF file:

 

Well let's hope that mirroring definition databases will be the NEXT step.

 

are you serious? I surely hope not Erik! it's always better to differntiate then to generalise I suppose...

yep, let's all scan with TrendMicro to kill the malware lol c'mon...let's wait for further development but mirroring databases is not the best thing to do imho

 

I fully agree with those statements Infinity. It's good to have variety.

 

I just downloaded the PDF file - which states "This paper is intended for security professionals" and what i see is only a amateurish writeup without any sufficient facts - could have been written by everyone. There's no fact how to verify that the malware is actually able to run. There's not even one line that maybe not all parts of the malware should be detected - EVEN IF SOME AV DETECTS IT. Hey common, i mean that's a paper for the self educated home user, but not for a "security professional" as it claims - that's an insult, that's it.

 

the way I see it is they try to make one big team (like Bubba already stated) .. like the Anti-Spyware Coalition (ASC)/Coast but nothing good went from that in fact maybe not 100% accurate info now but I believe it was then that multiple antispyware vendors began to change some of the rates of several adware/spyware to make it less dangerous for us, that was with claria and some others...

 

I'm dead serious about this.
All AV/AS/AT/AK scan grosso modo for the SAME threats, only the differences makes them special.
So the first AS scanner will detect/remove most threats, while the second scanner will only find a few and the third scanner won't probably find nothing, but the total scan time of the three scanners, remains the same, whether the threats are found or not.

If all definitions are collected in one database and each scanner has the same database, than you need only one scanner of each kind with a much shorter scan time.
It doesn't need to be Trend Micro, it can be any brand, because they all have the same database, detection/removal method and naming method. That's standardization.

Variety ? On the contrary, that's why these people want standardization, because the variety caused a big mess.

 

IMHO, it is always about the money and never about the customers...

 

Like the communists I guess ... everybody the same ...

they aren't talking about mirrorring databases Erik, if that is ever the case .. I'll purchase ShadowUser and ditch my AV but that will never happen ... they want to make clear the various differences between the terms spyware/trojans/virii/malware in general...

a lot of trojans are labeled as spyware and vice versa and that's what they are trying to do ... to clear that up

let them do it, I applause for that but not exchanging databases...I don't think it would be that easy I guess e.g. Nod32 and his heuristics signatures and let's say Norton, cause I would only hope that they work on a different manner...

 

At work, we standardize our data for years.
Each data has its name, its code name, its length, its definition, its validation, its context, etc. and they are all collected and organized in one Data Dictionary Database, available for each analyst and programmer.
This has nothing to do with communism, that is creating ORDER in what was a big mess in the past and everything that has to do with computer requires ORDER.
The same can be done for malwares.

Frankly, I'm quite surprised that it took sooo long for the security industry to get organized. Now they start something, what should have done years ago.
Mirroring databases won't be easy, but in my experience NOTHING is easy, if you want to do it right.