AV-Comparatives Results - Nov 2007 Retrospective/ProActive Test

Discussion in 'other anti-virus software' started by C.S.J, Nov 30, 2007.

Thread Status:
Not open for further replies.
  1. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    It is called a knee-jerk response which is an emotional manifestation of the lack of awareness that there are some on this board whose posts are designed to send users "scampering about like mad men"---and they have succeeded. I watch monikers changed frequently to reflect new AV installations (which they admit in some cases) and back again. It is getting very tiresome.
     
    Last edited: Dec 3, 2007
  2. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    No you don't, but that doesn't make them junkware, the same way how I don't need VMWare doesn't make it junkware.
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Again, just because some peoples avatars change, doesnt mean their software did. Some people have more then one computer, amazing, and some people have licences to more then one software. Amazing.

    The way I see it, is, if they are your own computers, and your licences are paid for, then you are entitled to do whatever you wish. Crazy? I wouldnt say that but, maybe borderline obsessive.;)
     
  4. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Its really hard for me to understand how anyone could become a a fanboy of an AV. Such a total waste of time. The entire blacklist concept is on the verge of collapsing as malware writers do 250,000 new variants per year and test their warez against popular AV's before releasing into the wild. In some cases they cut off distribution after a few thousand infections in hope that the population is too small to be reported back to any AV vendor. Not to mention that zero day attacks stick for a long time because of rootkit cloaking. The future is OS hardening and behavioral analysis.
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Its the mirrors.:)
     
  6. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I you wish to publicly condemn a product class, shouldn't you really base it on your own experience. I've done precisely that prior to recommending some of these options. I've taken them for extended rides. They are quite easy to use, there is virtually no learning curve, and that's because they are not a complete virtualization, such as VMWare.
    How about performing some genuine due diligence before making this type of shoot from the hip comment. If you haven't used the products, feel free to mention negative comments out there - although it would help if you provided at least one source so people could judge for themselves - but there really isn't a need to label them "junkware" when, by your own statements of lack of use, you don't have a clue as to whether that's correct or not.
    Actually, the real answer is to provide realistic options for users that can be readily implemented. The experiment on educating users on computers/computer security/safe hex (I really dislike that term - it doesn't give one a clue as to what to do) has been run and has been an abysmal failure. A more robust solution that is a little less dependent on the user is what is needed. I'm not saying this is it, but it's going more in the right direction than some of the other options out there.

    Blue
     
    Last edited: Dec 3, 2007
  7. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Just because one uses an AV doesn't mean we're all fanboys. It's just a tool and one with a reasonable track record to date.
    Given that it is still possible to use this approach without bringing older machines to their knees, this implies that it's not "on the verge of collapsing". I would agree that the influx in malware has had a significant impact on many vendors and the smaller ones who use this approach will shake out since they simply cannot keep up.

    Blue
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    I think there's a limit to the kind of misinformation one is allowed to spread around. You don't have the slightest notion of what you are talking about: Returnil is junkware? ShadowUser? "... Already there are lots of malware that is virtual machine aware." Are you going to mention the the killdisk virus as an exemple? That would be really original you know: Any AV can be bypassed by thousand of viruses, some sandboxes can be bypassed by Killdisk. I don't even expect you to do the simple math.
     
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Why is there no "reply to"? I don't want to quote Blue. I'm sick of the choppy, hard to read posts here now. It appears almost no one knows how to write anymore...only how to lazily chop up, thus missing the intent and misleading, and then answering one part of a post instead of composing a coherent answer to the entire post.

    The ONLY solution is the one I gave. Users will be forced to learn about the computers they use ...sink or swim and quite frankly I'm rooting currently for the bad guys. They need to teach the average user a vicious lesson so that either they give up computing altogether or get off their duff and learn something. I had to learn...I knew nothing when I got my first computer. If I could learn at my age anyone can learn ...IF motivated (and our government should force licensing, compulsory courses in security and testing just as we do for the right to drive a vehicle). As for practicing "safe hex", that is easily understood. I got it the first time I saw the term years ago and thought it was a great way of describing what a RESPONSIBLE user needs to do.

    As for my not having test driven software virtualization programs (other than full virtualization) ...first of all, you can't be a little bit pregnant and you can't virtualize a little bit. You virtualize or you don't. I think those programs are deliberately misnamed. Right there, I don't respect them for that. VMWare and Microsoft's Virtual PC and a handful of minor free virtualization programs are the only REAL virtualization programs out there. These you advocate are more sandboxes than virtualization programs. They don't give you a virtual OS that you can start up whenever you want and that is just like how you left it but has lots of snapshots you can revert to if you want for whatever reason. These programs you recommend are poor imitations of the real thing.

    It seems a little out of place for me to try any of them. I certainly would never risk trying any of those on my main machine. I'd have to try "virtualization" within virtulization...what is the point? It seems absurd to me.
     
  10. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    More than maybe borderline...
     
  11. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    But not that easy ;-) Except norton, looool. But one thing from Symantec is really good: No false positives, lool.

    Just a modern sentence for a quiet common phenomenon called emotion overkill. So are we not all a little echo of emotions ;-):D :D .. more or less..
     
  12. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    6,555
    Location:
    New York City
    Most security programs can easily be bypassed... if one knows how. So what?
     
  13. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    Yes, .. also getting disinfection tools and help from a vendor in a situation where infection has already occurred is also a part which seems to get forgotten when all these percentages and numbers are on display. :ninja:
     
  14. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    BlueZ

    I did not say everyone was a fanboy, but there are always quite a few fanboy posts in this AV forum.

    I don't know why there is a fight over virtualization. Different products do different things well. I have used many of them but not Microsoft's. Parallels, VMware and Virtual Box all work well.
     
  15. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    During these discussions I often see the statement that all AVs are easily bypassed. While I do not have the knowledge to argue technically, it that were so why are not more people infected?
    Based upon the fact that I do not know anyone who gets infected, I have doubts that all AVs are easily bypassed.

    The folks I am talking about are not as security wise as those on this forum, and use pretty much 100% either AVG free, Norton, or McAfee. It just follows, logically, that if AVs are easily bypassed then why are not more infected? I have never been infected.

    Regards,
    Jerry
     
  16. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    The answer is that they are not being infected to a large degree. A lot of what you read here is bs. I have many hundreds of clients with multiple computers, and none of them has ever had an infection. This is not a small sample size, so this statistically significant number of people argues that AVs are not easily bypassed- contrary to the absurd statements you might read here. In addition, I have never been infected and I have been on line from the beginning.
     
    Last edited: Dec 3, 2007
  17. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    6,555
    Location:
    New York City
    Agreed. When one or more AVs perform well on a given test(s), it is easy to say they can be easily bypassed, WITHOUT PROVIDING PROOF. Unfortunately, I've seen this a lot, not only within this thread.
     
  18. interstate ron

    interstate ron Registered Member

    Joined:
    Mar 20, 2007
    Posts:
    65
    Location:
    over the hill from West "By God"
    Best I've read for awhile. It's true,including me,but I'm getting smarter I think!
     
  19. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Quite right, and rereading what I wrote this morning, it could be taken that way. I agree that product fans do seem to come out of the woodwork when evaluations like this appear. On the other side of the coin, I've seen people indiscriminately labeled a fanboy for simply having an opinion and voicing it. Neither situation is healthy for rational discussion or learning.
    Yes, different things do different tasks well. I'll extend that a bit by noting that the most comprehensive solution is not always the most appropriate.

    I don't see a fight over virtualization, I do see some disagreement with comments made above by Mele20 regarding a handful of products which she classified as "junkware". I don't agree with that assessment. These options don't seem to be junk in my hands, appear to work as claimed, have not posed stability problems in my hands, and seem to provide an expedient solution to some issues regarding potential malware exposure.

    Blue
     
  20. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    people can give their comments about anything though, even if it doesnt even matter, thats the life of a forum. :)

    fact is, for this test.... all AV's, maybe the exception of Nod32, still need improvement in my opinion, and thats a sad tale in itself. :blink:
     
  21. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    :thumb: :thumb:




    There are billions of computers connected online.
    So the "hundreds of clients with multiple computers" that you refer to, (no offense) statically means a drop in the oceaan.
     
  22. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    HI De Hollander,

    [There are billions of computers connected online.
    So the "hundreds of clients with multiple computers" that you refer to, (no offense) statically means a drop in the oceaan.]

    While that is true, if Avs were easily bypassed would it not follow that at least a percentage of those clients would be infected?
    Is that not as reliable as most or all statistical surveys which only survey a thousand or so people in a nation of over 300,000,000?

    It just seems logical to me that if AVs were easily bypassed that at least 50% of users would be infected at some time. I have only owned computers since 1999. I have never been infected, although I have been alerted of malware trying to infect my system probably 3-4 times. My AV caught them without a problem.

    I freely admit that I have very little understanding of such things, however, I do understand that "The proof of the pudding is in the eating."
    It seems to me that the results speak for themselves.

    Regards,
    Jerry
     
  23. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    You believe you have refuted my point, but you actually have reaffirmed it. If there are billions of computers connected and AVs are easily bypassed, then a very large number of them (60%?) would be infected. But they are not. Ergo, AVs are not easily bypassed and those that claim they are, have no empirical evidence to support such an erroneous statement. And, you know nothing about population sample sizes. You do not need to survey millions of computer users to draw a statistically valid conclusion.
     
  24. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    so true, and i come under this category aswell.

    think its time to sell. (...something)
     
  25. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    You assume you have never been infected, there is stealth malware outthere that you don´t see with no scanner the only things you may be able to see are crypted packets in your network sniffer. If the malware is able to shift your whole OS in a matrix then you live in your illusion of a healthy system. .. and beside probably you forgot that windows is a huge backdoor itself, I refer e.g. to advapi32.dll as ultimate backdoor.
     
    Last edited: Dec 3, 2007
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.