I do not think all has been said regarding TDS-3

People are disappointed to see TDS discontinued, everyone who uses that product has that right, and I don’t think there are many here who blame Wayne and the DCS team for this discussion, but they are simply disappointed to see their favourite software being discontinued.

Wayne and the DCS team has done the right thing, no question there, to follow their dreams and not run dry of food being placed on the tables, but I still think the manner which they had went about it was somewhat disappointing.

I suppose it could have been far worse, just count yea lucky stars for that.

 

I don't think that some of you understand what Wayne is trying to say. The days of the scanning by definition and signature recognition are over and have been for a while. The decision to stop development of TDS must have been an awful one to make on personal level. I have read pages of anger and disaffection. Whatever DiamondCS's reasons were, they were technically based not money oriented.

Most of the vituperation I have read is about money. I run two high end 64 bit Windows computers and two slightly lower spec'ed on other operating systems. The cost of the operating system and protection software on the Windows machines exceeds the cost of the machines. Allow that I build my own machines in that. That is without any applications for actually using the machines. I pay for all the software that I use, unless it is genuinely free. I use Nod32 Network, Kerio, TDS, PG, PE, WG on both machines. You keep paying (I assume) for and using Windows and Office. Do you subject Microsoft to this level of spite? Try it!! All this security software is essential to protect Windows from attacks. Microsoft could do that.

When the early viruses and trojans were circulating, years ago, they were identified as they were found and recognition signatures were developed. On top of that removal tools were developed which were also viruses and trojans, by definition, to effect the removal. That used to work.

A massive and very wealthy antivirus industry developed on this model of recognition and detection which has been reinforced over the years by the fear induced in users by clever marketing and poor journalism. It works by recognising the threat and preventing action but only after the threat has been identified.

Years ago we had no rootkits for Windows in circulation.

Years ago we didn't have an entire ADS file system that Windows provides no way of seeing.

Years ago most viruses and trojans were provided to the 'security' industry for free by the voluntary developers who got their thrills by releasing the code and seeing what happened while they ate pizza and slayed Red Dragons or hacked into the local real estate agent's network.

The major opposition is now professional. They are commercial software development companies with commercial or criminal intent. Many are listed on the stock exchange. Many are operating over national boundaries and are protected from any sort of action from the few laws that do exist. The law that does exist was written for the situation that prevailed in the 'back-room geek' days. The major law enforcement effort is devoted to pirate music and movies NOT protection of computer users' machines.

To find, identify, issue updates and removal tools requires huge resources. Even those resources can't close the time gap between the release and installation of the malicious code and the development of the recognition and removal tools. This latency period can be several days or weeks. It can be hours for a simple virus but not for a well-coded trojan or rootkit. That can take weeks. It can take weeks for them to be found to work on.

Read through the HijackThis logs in any of the spyware forums. Over 95% have 3rd party security software installed, lots of it very expensive. It didn't work or was disabled by the infecting code or was overridden by the user. The Microsoft+Antivirus+firewall model of security is no longer going to protect any user.

Your antivirus or antitrojan software can provide a layer of protection against most threats from outside your system. They will not provide any protection from a threat they don't recognise, a threat already in your system or your own actions. They provide little protection from internal hacking and only some protection from external hacking.

On the current model of security software, a computer running Windows is going to be almost unusable in two years. By the time DEP, DRM and all the other extremely intrusive 'protection' software and hard-coded protective' firmware is running, a top end machine is going to be crippled. You may be better off with a 486-100 running Windows 3.11 - it will be faster and less prone to attack. It might BSOD occasionally.

An alternate model has to be developed that responds to the real threats that are out there now and the potential threats that we don't know yet. While no-one is psychic, the writing has been on the wall for some time. Read it!!

An entirely new approach to protection has to be developed. It is gradually becoming available. It is being developed by small companies like DiamondCS and even amateur volunteers, not the giant, slow-moving, non-innovative security corporations with huge marketing budgets.

 

Hi Peter,

I really like DCS as a company. I can't help but like a group of guys who have helped me so much in the past. In this group I include Pilli and Jooske, who have been fabulous over the years.

However, I think that this incident, and the way, it was handled (before and after the announcement) will greatly hurt DCS in the very competitive, new IPS marketspace. It will be difficult enough to differentiate the products (ZA Pro, for example, already has lots of IPS in it), but competition will surely take advantage of the way DCS handled the termination of the TDS-3 product - i.e., suddenness of the announcment (left users high and dry), unfair treatment of new customers (from their perspective), etc. These are very strong "talking points", and there will be plenty of unhappy former TDS-3 users who will be there to attest their general unhappiness. One bad comment can overshadow ten good ones.

I think that the "bad taste" in people's mouths will last for some time. This will be the period of rapid growth of IPS products such as Online Armor, Safe 'N' Secure, PRevx, ZA 6, etc. Solid recommendations (as Online Armor is trying to put together) will certainly go a long way, particularly among users who are totally new to the market (currently only using standard AVs and ATs) and never heard of any of these products or vendors.

I believe that there is time for DCS to repair some of the damage, but as time goes on, so will old customers and they will never look back. I have been involved in the PC software business, in various capacities, since the early 80s, and have seen extremely large companies (do you remember Ashton-Tate?) implode because of poor customer relations.

It may turn out I am very wrong. But the risks of me being correct are quite substantial, and I very much hope that DCS finds a way to rectify the situation. I really like the guys and owe them alot.

Regards,
Rich

 

I agree, prevention is the way to go, but I don’t think it is ready for us to trash our Anti-Trojan systems and such just yet, and how about those who’s machines are currently infected? I guess discontinuing Anti-Trojan systems and such is putting across, ‘If you aren’t advanced to identify and remove infections, tuff luck, reformat and install windows and purchase prevention software and hope for the best.

Another disadvantage of no-signature usage is, threats that executes aren’t identified, or identified easily, I guess there be some disadvantages whatever the way.

 

I think most of what will determine how DCS will fate is taking place outside these forums. It is how each individual is treated one by one as they contact DCS to explore options.

A lot of people are angry by initial reaction. If Wayne/Gavin responds to their individual concerns in a way the end-user feels whole then they will be OK, if not then they will have problems. It is all in the percentages....if 5 0r 10% of the people walk away unhappy, then DCS will be in good shape because they might be able to win some malcontents back (although no matter what they do they will always have a few annoying pests
no matter what they do).

If however their dis-Satisfaction rate is like 50% or 60% then this company is going to have problems. No one knows how it will play out....this is something that will play out over the course of the next few weeks and months. People may indeed see the bigger picture as Wayne says within a month or two with the release of new products or things might go in such a way that inflame people's "conspiracy theories".

I don't think no one knows...that is why I am not going to comment on this any more. Also, I personally don't have a beef with DCS. If they put out a good product, I'll use it. I might look more critically at any "promises" or "claims" and I won't quite buy into the hype as much but if the "under the hood" part of the software takes care of a need of mine then I'll use them. If not, I won't.

Good luck to everyone, no matter what your situation.



Starrob

 

Truly I think people are over-reacting ... How exactly does one decision erase the great track record DCS has in terms of customer service over the years? It takes time and repeated abuses to cause any significant damage ... folks are venting their frustration/disappointment and nothing more. Eventually people will see the light, like many us already do. The fact is that they produce excellent products and deliver great support - which is all we really want.

Life's tough and filled with tough decisions, we all face them. Put yourself in DCS shoes for a minute ... Would you have the guts to make a decision like this? Leaders lead, plan and simple. It takes courage to make a big change of course like this and not follow the sheep, whether it's over a cliff or in into a beautiful sunset. The DCS company are leaders in their field, they were when they began and they continue to be today, as they lead us to this revolution/evolution. I'm sure the other sheep will eventually follow, because to me this is the right course. It is where it's at, or where it will be shortly. I think DCS greatest strength is it's innovation. They continue to display these traits with this change in direction. I'll be there along the way - Why would anyone abandon ship because one product is discontinued? - When we will benefit from the development of new products and enhancements of current offerings. I personally see a great future for DCS ... I hope in a couple of years, Wayne and Gavin have the opportunity to say "See ... we were right" to all the naysayers.

Being that we as a group are all so security conscience, how can we not be behind this move? Rich, you for one, always use the term 'pro-active' protection ... isn't this the new world? Isn't this where we want to go? We should encourage DCS and be supportive, respect and admire their guts. People are too emotional, think with your head not with your heart ... We are all a little sad to see TDS go, and I'm sure no one more than Wayne (it was his little baby) ... but do we really wish to just maintain the status quo in protection, while malware grows in leaps and bounds? I don't think so.

Lead on Wayne

Regards,

Steve

 

I think recent buyers have the right to over react in dcs desicion and the way they have been treated.Which ever way its glossed over ,the lack of prewarning about tds3 future ,and allowing people to buy it on false hopes and promises is rather shallow.If the desicion to discontinue WAS made on the spur of the moment(which is hard to swallow), the termination of updates should still have been held back at least for a few more months ,and also the website should have been altered to explain what was happening so that no other unsuspecting buyer was going to be bitterly disappointed.I just wonder what all those that think its no big deal would say if every other developer behaved the same way....there would be chaos.I dont think most users have an issue with the desision to stop development of tds3 ,thats dcs perogative, but the way in which it was done is (imo) very amateurish and with very little forthought for the customer ,and certainly not the way which Wayne would have us believe.
ellison

 

Steve,

I, and with me a whole bunch of others, are thinking something else.

I have TDS licensed from almost the first day it exists, I'm always very well treated by DCS all those long, long years untill today.

But to say the people are over-reacting: that's too simple.

 

Perhaps, we must start a new thread about when the first new DCS prog
will be released, it would be nice if DCS could give us a date when this is expected.

(This is a joke of course).

I think they made the right decision, this is the only way to make an even better product for them.
And of course DCS has already decided on what they are (going) to work, otherwise they would not made this decision.

I think that the time for AT-only's is history, and complete malware prevention is going to be hot.

DCS has always made best-of-the-best products,
so i am going to wait, when i can buy the next product.

No hard feelings here.

But of course i am very old, and have seen more tough decisions made.
And have seen what the results will be.

If there is something negative to say, i don't hasitate to post something about that, but in the end, you'll see, this is a positive decision for us, (their customers).

 

There appears to me that lots of decisions were made, not just one:

1) To shut down all development and support for TDS-3.
2) To shut down all development of TDS-4.
3) To stop all updates immediately and without any warning (lots of users depend upon TDS-3).
4) To immeidately cease operation of the update database.
5) Not offer any refunds to new customers, some of whom may have had the product for a very short period of time.
6) To offer a customer a limited set of products, which may or may not be desirable from a customers point of view, and in some cases these products were already owned by the customer.
7) Not to offer a discount on future product which apparently is going to use TDS-4 technology (I believe that this is what was stated by DCS).
8 ) To create a new product out of existing TDS-4 technology.

There were probably others. So, in order to have a conversation, we have to agree on what we are talking about. I am sure there are customers that can take a position on either side of the above decisions.

Cya,
Rich

 

Hi Richf,

First of all, understand that English is not my first language,
so i have to translate this all..

When i wrote this i refered to ending TDS-3 and the development of TDS-4,
as i wrote in previous posts, i really think that adding > 100 items to a TrojanDatabase A day NOW (perhaps 1000 a day in a year) is not
a way to handle this problem.

And to be honest, the last year, (as i also wrote before) the AV's could find Trojans faster (they do not only depend on on-demand) and find more.

So TDS-3 did not help me the last years, on my pc for cleaning up trojans.
but NOD32 and Kaspersky did.

But about the other things you've mentioned, i meself am not very happy
with the fact that bought licenses for ALL the DCS progs and can now
get a 2nd Port Explorer or Process Guard to put it in a drawer.

And i can see no reason at all, why you could not get a let's say a ONE_TIME_ONLY $ 20 Discount in their members area?
----------------------------------------------------

And i simply find it logical that customers that bought a license this year
or (less then a year ago) must get a refund.

But the decision to stop the TDS product line (i've mentioned it when
Jason left DCS) is logical, it just was not something that could continue.

And of course you can't say that you will stop TDS over 6 months or so.
That is not possible, that doesn't work that way.

A few months ago, i made a post that i found it strange that TDS-3
and WormGuard where not available for resellers.
And asked why this was the case, i think i'll know by now.
It was as i expected/predicted.

Wormguard will be replaced by another product (i guess/expect) soon.

The only way to create antimalware progs without maintaining a large database is creating software that PREVENTS malware.

Another thing is that i think that there is only a market for
complete prevetion suites in the near feature.

This nis of course what Microsoft and a lot of others are also working on.

DCS has the knowledge an technology to create this kind of software,
and now they also have the time.

So i think they made a good decision to stop the TDS-line
but i have said nothing in the previous post about
how they handled / took care to inform in solve the problems now created
for their customers.

I for one am very happy that i did not advise my largest/mot important customers to use TDS-3 the last 10 months or so ...

 

I have no problems with the actions of DCS, I feel they have done what they need to do to survive and go forward. Yes its always upsetting when a loved one/pet dies, but life goes on..it has too. If DCS feel the time has changed to let TDS slip, and move onto a new approach then so be it. The program itself was peanuts to buy when compared to the programs the major security software houses of the World produce, so lets move on.

Personally I have full faith in DCS, and their quality programs they produce at very reasonable prices.

Kentish

 

Sad that there will be no TDS-4... and even more sad that there won't be any longer updates for TDS-3. I really liked it.

But what worries me more is what will happen with the malware database that is behind all those signatures? I bet in that database is plenty of malware that isn't detected by other scanners.

Therefore I kindly ask you to submit the malware database to some of AV vendors, e.g. Kaspersky or Eset. I think that would be a wise decision to protect the community.

- wiz -

 

Assuming gets me in trouble sometimes....but one would assume Wayne and thu Gang will be using that info for the up and coming programs Wayne mentioned in the TDS software line discontinued thread.

 

Hi tuatara,

Yes, I believe many current users understand DCS's decision to move on an concentrate on HIPS type software - particularly with the marketplace beginning to heat up with many new competitors. What there seems to be lots of disagreements about are the other decisions that DCS made. From your message, it appears that you understand these grievances. I certainly do.

Regards,
Rich

 

got home, made myself comfortable and I see this is still going on...

wtf...


let's see forward and then make any conclusions...

just my 0.000099

 

I'd just like to say that i find it very hard to believe that scanners will be become obsolete. You really believe that there can be a 100% proactive prevention? So what if something gets through. What's going to help? What's going to detect and clean it? I totally agree that proactive is the way forward. But i can't help but be skeptical that there is no such thing as the perfect prevention. There will always be a scanner of some kind that cleans up what got through. Am i wrong? Or is there really the holy grail of security software just around the corner. Something that stops every new malicious piece of code? Sorry, but i just can't help but not believe it's possible. The baddies always seem to find a way...

muf

 

Let's be sure and correct the below important decision you mentioned before starting this conversation.

"5) Not offer any refunds to new customers, some of whom may have had the product for a very short period of time."

https://www.wilderssecurity.com/showpost.php?p=516796&postcount=244

 

Most likely anything with the ability to get through some of the more advanced proactive prevention would also elude the small time operation scanners too.

A big operation like Kaspersky might be able to keep up for a unspecified period of time because they have the resources to hire more people as malware analysts but as time goes on the smaller operators are going to miss more and more malware.

The death of the small time operators scanner is near because it will soon reach a point that the scanner will miss so much that it will become worthless.

I think even KAV is starting to move away from strictly having definitions. They are developing their own heuristics and behavior based software. If even KAV realizes they can't rely on exclusively signatures, how in the world are smaller players going to keep up?

Within several years many scanners might be missing so much that they are virtually useless. I think other solutions must be developed.....even beyond HIPS software. We shall see........


Starrob

 

As i said, i totally agree that proactive is the way forward. But if something does get through and your pc was acting suspiciously like it is infected then if there are no scanners left alive then how do we get clean? Format and reinstall the OS? I'm looking forward to proactive protection but can't get my head around the thought that they'll be no-one to help us if we ever do get infected. Looks like the future of software security is going to be the following:
1. Proactive software.
2. Hard drive backup software.
3. Spare hard drive to back up to.
4. System startup disk to perform a format.

Does that sound about right?

muf

 

I think we would have to be Nostradamus to know exactly what will happen. Everything is speculation. Pro-Active software is all the rage these days.....next year it maybe a different solution or maybe even someone will invent some type of solution to make scanners viable again. Sometimes people invent stuff that others say is impossible.....so maybe scanners do have a place in the future....I don't think anyone knows for 100% sure.


Starrob

 

so am i correct to assume that it is OKAY with you that he just abruptly ends TDS-3?

i understand Wayne's decision why he needed to discontinue TDS-3 but the way he did it is very unprofessional... he should have issued at least a months notice before ending it and continue to update it for at least xx amount of time...

issuing a forewarning is easier than issuing a refund for those who bought recently...

 

Starrob,

See the image below. It's is semi-logarithmic plot of primaries in the TDS database against time over the past few years. The data was pulled doing a quick forum search here. Look at the trends, they are stable and rather alarming if you look to pure scanner technology as a solution.

The doubling time prior to Sept 2004 (that's where the break is located) was 15.8 months. That has shortened to 8.8 months since Sept 2004. Remember, that is geometric growth, not linear growth. Do the math, something has to give. To me the only question is whether there will be additional accellerations, whether it will be stable, or (all odds are against this) the rate will decline.

To me the major surprises were:

• The raw magnitude of the growth rate.
• The apparent stability of the trends
• The significant accelleration that occurred rather recently (Sept 2004 was not too long ago)
• The current absolute growth rate ~ 2000/month

Regardless of your take on the ultimate meaning of these trends, they are derived from objective historical data. They provide an objective snapshot of the current circumstance.

Blue

 

Hi Bubba,

Yes, you are correct. DCS offered an exchange or a "discussion of a refund".

Rich

 

All good things do come to an end... Nothing lasts forever...