AV-TEST certificate Windows 8 Jan/Feb 2013

If they did it's typical behavior by the Dr. Web people.

 

What do you mean?

I asked because before these tests were published, I think I saw Dr.Web in the list of vendors, and then when the test results came, no Dr.Web (except in Android tests).

 

I mean that Dr. Web avoids scrutiny by testing organizations when possible..

 

The hell is up with Dr.Web?

http://www.pcmag.com/article2/0,2817,2411350,00.asp

This suggests they actually passed the test; but still the results are not out there for the public to see....

 

They probably barely squeaked in. I suspect they had problems with one or more of the test sub-categories as well. All their hide and seek nonsense probably makes you want to substitute them for your soon to be defunct PC Tools.

 

Are you positive? Sandboxie works completely different as of version 4. I'm not sure Identity Shield is compatible with the new Sandboxie. I will have to ask Joe about this.

 

Not sure about the new version. I was talking about current version. version 4 is still in beta. it works in 3.76.

 

Yes. ID-shield is broken again with version 4.

https://www.wilderssecurity.com/showpost.php?p=2211190&postcount=2

 

It works for anything that escape the sandbox (version 3.X). Inside the sandbox? No, not that I know. Per design sandbox is an isolated environment, if not... we would talk about an alarming security hole in the sandbox architecture

 

So, if a keylogger somehow infected me, and I start the browser sandboxed, ID-shield will still protect me inside the browser? I thought Sandboxie prevented those hooks.

 

Infects you inside the sandbox? Then it's the domain of the sandbox. Outside the sandbox? Then WSA is on duty

 

SBIE doesn't block keyloggers inside the sandbox from capturing keys system-wide.

 

Doesnt matter.

it will not be able to transmit any data.
Either the sandbox or your firewall will stop it.

 

Of course, I never said otherwise.

 

Word from Kaspersky....
http://eugene.kaspersky.com/2013/05/09/av-test-certification-devalued/

 

Well, if we take the approach by Kaspersky then also AV-comparatives file detection and real-world protection tests are near to useless as they do not include the REPAIR test (cleaning up existing infections).

 

Not really: what he critizieses mainly is the award/certification system - not the test himself.

As for AV-Test there is (at least until now) the all-in-one award where they pass to account many different things (apples and pears): Protection, Repair, Usability. Now repair falls out, and usability should consist only from a FP test, which they really could include into protection test (like AV-C in file detection test). Summary: Don't rely on the certification only, cause it's easier for everybody to get them (even if they don't analyse samples themself and only include results of others...an often seen phenomenon) and so worthless. But look at the tests in detail.

As for AV-C there are different awards for different tests, and a more flexible system (statistical clustering instead of simple points to reach)