DAFVI, the future French AV vs ESET

Hi,

DAVFI is an antivirus project launched by a consorsium of private companies and the French government: http://www.davfi.fr/
It is currently only concept based antivirus as there is no alpha version expected for 2012, but ESET is the first antivirus editor to launch the Anti-Davfi marketing campaign:
http://www.eset.com/fr/revue-de-presse/

http://translate.google.fr/translat...rus-davfi-eset-est-le-premier-a-reagir-a10691

Motivated by the fear of market share impact, i will not discuss point by point of these criticisms.
The Microsoft antivirus is more reliable each year, there is regularly new products/AV on the market ( no time for a complete list ), and some governments (China, Russia, France, Iran etc) do not want to be external and proprietary softwares dependent...
More dynamic and competitive is the market, more large is the choice, better are consumers rights...

rgds

 

Companies that complain the very instant they see some kind of threat to their business are not worth anyones time imo. I really have no clue why ESET is making fuss out of it. If you know you can't beat someone in current form, adapt.

 

so what did director or marketing say

from google translated link
"..
editor Eset, the only officially communicate through the press at the moment. If the editor present on the European security market for 20 years his address "wishes of success to this new actor", he questioned the ability of Davfi to do better than their own antivirus.

Rodolphe Bouchez, the director of marketing said that Eset antivirus companies have long since developed proactive security devices (note: detection / blocking viruses before attack). On the other hand, he worries about what is Davfi Open source: "An open source allows anyone, possibly malicious, identify and exploit potential vulnerabilities. Too many everyday examples are, alas, we present for remember. " He concluded: "In view of the first elements given by DAVFI, we are puzzled about the viability of this project and its ability to offer a truly innovative technology."
.."

 

It could offer innovative technologies to address current problems in the industry, but I really doubt about the consistency of that quality over time (as some current AVs still do)

 

In my personal view this translation does not show fear of Eset that certain market targets are being stolen away.
To me, personally, all it shows is that there are some real concerns about DAFVI being open source. So that even questionable persons/organisations have "easy" access to how a AV product is operating and then act upon it by circumventing succesful solutions or cures that DAFVI gives.

This is just a very personal view and I must admit I don't have any good arguments that this would be so.

I hope my comment is not perceived as negative, that was not my intention. If DAFVI will be a product that is competitive with current AV products then I hope that it will do good and have success.

 

ClamAV is open-source and that doesn't seem to bother anyone. Why should DAFVI ? We already know security through obscurity doesn't work. It just delays the inevitable.

 

The same can go for other software also (Linux, Firefox, OpenOffice...). Most of them are not known for being exploited because their source code is open. IMO, if more people are checking the code (or part of it), more bugs will be fixed, less chances for bad guys to exploit them...

 

Exactly. Just imagine, one company has i don't know 30 QA testers. Open source stuff can have several thousand testers world wide. Sure source code helps exploiting software faster but more testers also mean there is smaller chance for such exploits to even exist. So things sort of even out.

 

hi

I was quite surprised to see first critisms loading from Eset (and not by Symantec, McAfee or Kaspersky): traditionally highly appreciated by French advanced users, Eset is on the list of respected and serious editors with Bitdefender, DrWeb and Avast (no blah blah marketing and scandal but more R and D).
But finally it is quite normal and logical if we consider that Monsieur Bouchez job and religion is Marketing ... far from this religion, any neutral and serious opinion would be: wait for the first release, check, audit the code, test and talk after...
Open source vs closed source is an old debate and no side can get the palm.
For my concern i suggest to R. Bouchez to read Bruce Schneier articles ( http://www.schneier.com/blog/archives/2011/06/open-source_sof.html ) and he will admit that the open source vulnerability criteria is a totally lapsed argument.
More over, several antivirus editors have seen their code source leaked like Symantec and Kaspersky...then that which happens to one can happen to the other...
Regarding the technology, there is of course no miracle to expect. As there is no miracle to expect from Eset Endpoint http://translate.google.fr/translat...olphe-Bouchez-ESET-France,20120704,31186.html
The AV industry is a fail since the beginning because black list pattern file detection is an NP-Complete problem.
As an undecidable problem, this is then an equation without solution.
The main concept behind Davfi is the end of the signature schem matching: as pointed out by Eric Filiol, the detection will be based on malwares behavior algorithms
http://translate.google.fr/translat...iquer-vie-concepteurs-codes-malveillants.html

The corporate version will be different from the desktop version, with much more services; perhaps a more sophisticated architecture than previct ( http://www.lastline.com/previct-anti-malware.php ) or Baracuda Networks ( https://www.barracudanetworks.com/ns/technology/index.php )
In the silent cyberwar there is a need of a trusted source for critical IT and business sensitive environement.
Before choosing between DrWeb AND Kaspersky, the Russian government asked them to analyze their code source at the office and at different phase of the process.
Igor Daniloff accepted the testing process, but not Eugene Kaspersky...
Now DrWeb is the AV of the Russian Ministry of Defense and the FSB ( http://company.drweb.com/licenses_and_certificates/?lng=en ); and curiously, a very few years later, Kaspersky code source is easily found on the web...

For anyone who wants to be informed http://davfi.com/

Rgds

 

Ok, I have changed my mind about open source. Seems like open source is a very positive influence, especially when more people are involved like with Linux OS or other open source products/operating systems.
I quoted RejZoR, but thanks to all who had similar comments.

Also thanks to KarelDJAG for the info and comments, it is appreciated
Still strange that any respectable AV company will have a negative review/comment about 'new' products with 'new' approaches or solutions.

Also I hope that DAFVI will succeed and have success.

(side note: I changed my security. I no longer use Eset, but Emsisoft products. This has nothing to do with this article, I just wasn't satisfied with Eset.)

 

It is true what you are saying, on the other hand the folowing might be a reason why no one is bothered by Clam AV:

ClamAV's comparative test scores are the reason other AV companies don't bother responding.

ClamAV's market is the reason malware writes don't bother using the open source code to construct a dedicated ClamAV virus.