NSS Labs says Antivirus is falling behind

Discussion in 'other anti-virus software' started by fsr, Oct 19, 2010.

Thread Status:
Not open for further replies.
  1. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,530
    Location:
    St. Louis, MO
  2. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    667
    F-Secure is, like myself, from Finland :cautious:
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    The company was founded in 1988 in Los Angeles by Steve Chang, his wife, Jenny Chang, and her sister, Eva Chen. Shortly after establishing the company, its founders moved headquarters to Taipei.

    In 1992, Trend Micro took over a Japanese software firm to form Trend Micro Devices and established headquarters in Japan. It then made an agreement with CPU maker Intel under which it produced an anti-virus product for local area networks for sale under Intel’s name. Intel paid royalties to Trend for sales of LANDesk Virus Protect in the United States and Europe, while Trend paid royalties to Intel for sales in Asia. In 1993, Novell began bundling the product with its network operating system. In 1996 the two companies agreed to a two-year continuation of the agreement in which Trend was allowed to globally market the ServerProtect product under its own brand alongside Intel's LANDesk brand.
     
  4. rolarocka

    rolarocka Guest

  5. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    1st with sandbox you can pass virus test alone without anti virus but still its not 100% security .....firewall antivirus hips.....etc also play very important role.

    2nd no antivirus is 100% protect against zero day attack yes true but even its 97% then 3 % will be taken care by hips and sandbox ....etc

    3rd tweaking all features make the results different which we all do most of review sites test A vs B in default mode or tweaking A vs default B which is not good.

    4th depend on firewall/router/gateway/utm the most how much traffic is filter by them before reaching your real computer i like to put utm example here .........by default most of good utm if setted properly block 97%-100% infection before reaching your real computer making zero performance impact on it.

    5th 100% security depends on user surfing habits (ie if go to 100 undergrounds sites p2p downloads .....etc then i have to open ports things for java scripts ...etc..... for them and then its me not vendor responsible for my pc infection)

    most of reviews are funny stuff to read

    for example

    http://www.pcmag.com/article2/0,2817,2366773,00.asp#

    now for example astaro by default block all .EXE files so game over before even triggering my antivirus now why would i enable it.

    from sites i use to download like Kaspersky microsoft updates.....etc i can put them on exception list with antivirus scan from astaro same for site like download.com which are quite reliable for clean software

    or we hardly download .EXE not more than 5-50 sites which is not hard job to put on exception list to download under antivirus inspection.

    same with java active X........in MIME type and content filter for block bad and unverified sites. sites like youtube in exception with scanning on...etc

    also putting IPS...icmp filters packets filters tight rules many other features on and tweaked with best of your eligibility.

    please check

    https://www.wilderssecurity.com/showthread.php?t=284339

    and last most important my surfing habits.


    with this i can achieve 100% results with astaro only and many of you tech guru's agree with me.

    same results can get with any good antivirus + firewall + sandboxie or kis NIS ...type software only if you are a good boy(safe surfer):p

    but if you are bad boy you can also get 100% results but how long i cant say not even with astaro or other type of security (ie. Itchy habit to go to every bad site just you test your security.) :D

    please note that i put astaro as example to making my above point
     
    Last edited: Oct 20, 2010
  6. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    Eset received a caution..:mad: :blink:
     
  7. qakbot

    qakbot Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    380
    I just ignore all these NSS Tests. They are in bed with Trend.

    How much of a coincidence is it now that Trend has bumped up its Web-based protection and now NSS says Web-based protection is the most important piece of protection.

    How come NSS does not do its "real world tests" with malware arriving as:
    1. Downloads from P2P networks
    2. Email attachments
    3. Other non-HTTP based protocols

    I know why.. its because Trend has ZERO reputation on anything that doesn't have a URL. Trend is blowing smoke up everybody's a@s.
     
  8. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    Quite agree with kwismer
    Using Metasploit framework does not reproduce real drive by download infection which are client/server threats and not only client side!
    More over theses exploits are known,documented and patched and can't be as effective as zero day ones
    Of course in the cloud AV are more reactive against zero day malwares as pointed out by the result of Trend Micro.
    At last where is really the "plus" in publishing av tests: does it show which one to choose? does it prove by A, B C that AV X is better than av z ( :) ) ?
    Unfortunatelly no.
    Av testing is corrupted by default with the black list concept demonstrated as NP complete.
    The plus is maybe an oppurtunity to join "the café du commerce"/agora" to discuss about the results...
    Rgds
     
  9. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Sad but deserved. I loved them in the days of 2.5 to 2.7. Last years renewal for me was more of a donation than anything as I have barely touched it this year. This will be the first time in 6 years I won't renew.

    The state of all AV at this point is pretty much like the thread title says. Falling behind. It will get worse before it gets better. I hope they come up with a better solution before I quit paying for any of them.
     
  10. Syncman9

    Syncman9 Registered Member

    Joined:
    Jul 28, 2004
    Posts:
    113
    Location:
    UK
    It's always been heading in this direction, and now using kits to generate malware for criminal purposes has substanially increased the volume and number.

    The question is when does it reach a point when the overall risk sours the milk.
     
  11. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    av companies have always had to react to threats after they are released because even the best proactive/heuristic defences have ALWAYS been relatively poor(still are),so this test is just stating what most people know,so why the big discussion on this?If you want a PC that is totaly safe don't switch it on and if you do switch on do not,I repeat do not access the web!
     
  12. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    Norton 2010, AVG 9 and F-Secure 2010 were tested while MSE2 was tested.
     
  13. danieln

    danieln Eset Staff

    Joined:
    Jan 7, 2009
    Posts:
    112
  14. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Thanks for sharing the paper – it is worth reading for all who are interested in anti-malware testing practices.

    From my perspective, the main point of the paper focuses on the concept of ‘variability’ – i.e., a malware detection rate is an estimate based on a sample from the population of all malware. As such, there exists error around that estimate. I have always found it surprising (and disappointing) that the anti-malware comparatives do not report confidence intervals for the malware detection rates. It is encouraging, however, that the most recent Whole Product Dynamic Testing report by AV-Comparatives discusses this concept – but, as of this time, has not yet actually included confidence intervals when reporting the malware detection rates. Hopefully, that omission will soon be addressed.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.