Is difference in protection offered really worth worrying about?

Discussion in 'other anti-virus software' started by steve1955, Apr 19, 2008.

Thread Status:
Not open for further replies.
  1. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    I'm coming to the conclusion that the difference in protection offered by the best AV products is getting so small it's really not worth bothering about,the top ones seem to be consistently the same products in most tests and the results for these seem to be so near each other as to be not the criteria which a product is chosen on,am I alone in thinking this way?
    Protection seems to be more influenced by how a product is configured than which product it is!
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I tend to lean in this direction as well.

    Obviously we all see instances in which one product either lags or exceeds the performance of the pack, but it does appear to be a transitory situation and isn't necessarily germane to most of us.

    Extremely simple extensions (LUA/SuRun, one's preferred approach to managed/controlled execution (HIPS, etc.) or simple partition virtualization) would seem to cover the bulk of the remaining issues that could emerge and which are best characterized as very infrequent, which only reinforces your point.

    Blue
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    My take is that security vendors as a whole, are taking the needed steps to combat malware on a new front. It is obvious they could not sit on their tails when it comes to their own survival. I see things taking a 360. First we had AVs and suites for protection. Based on a variety of reasons, some self induced by the vendors, layering came about with a host of specialty products to fill the gap. I now feel that the majority of the first group are making their products in a more rounded fashion and are rising to the top again. So the thought of suites and/or AVs losing their place in todays world of protection, at least to me, is not as real as some leading professionals would lead you to think.
     
  4. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    But putting all one's eggs in one basket is inviting trouble. That is true whether it is computer security or many other things in life. I don't like Suites. I will stop using any antivirus if they all get gunked up with unnecessary features. I prefer layering. I think the AV vendors are headed in the Suite direction because of the ignorance of most users who mistakenly think Suites are the ultimate solution to their problems so they clamor for the Suites not realizing that it is education regarding the safe operation of their computer that is most important and secondly layering albeit not in an excessive manner, but layering properly and that, of course, goes back to the issue of ignorance and lack of education regarding computer security.
     
  5. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    I agree with the original poster and BlueZannetti.

    A lot of people will be quick to jump on the bandwagon when say product 'A' misses some malware, and fails some 'latest test' which product 'B' didn't. (Product 'A' might have even passed the same test which product 'B' previously didn't.)

    In all honesty, when product 'A' achieves 97 per cent and another achieves 97.3 per cent, what are the chances of picking up that 'malware' that was missed? If a user is using one of these products, are they really concerned that the missed 'malware' will appear on their machine? Do people lie in their beds at night, shaking uncontrollably, 'I bought product 'A', what am I going to do?! Trojan zundo/zaphas/fukus' is going to get me!'

    I agree people without any protection, who practice clicking/downloading every email attachment going around, downloading zipfiles through P2P without looking at the file, they will be infected, with spyware, and viruses, and trojans. Most of it will probably not even shutdown their machine, just slow it down to a snail's pace and transfer/steal their data.

    But the leading products that are discussed on here, all provide excellent protection for everyday users. It all comes down to which graphic interface you prefer, which one is faster on your machine, which one has the options you feel comfortable about. All the slagging that goes on is just plain nonsense. :)
     
  6. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    I think it all depends on what your internet surfing/computer usage habits are.

    For instance, if you are a careless daredevil websurfer, i know by own experience (in-house 'tests' ;) ) that some of the well-renowned AVs won't work for you.
     
  7. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    no av product claims to be able to protect against supidity!
     
  8. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    973
    Location:
    Paris
    AV tests are about the only tests that present data without any margin of error. They all seem to post percentages out to 1 or 2 decimal places as if this data is the Word Of God. Unless they are testing every piece of malware in every category this is impossible (and unscientific). So basically depending on the amount of samples tested, and the quality of these samples you may have a product testing out at a 95% rates actually being superior in the real world to an AV with a 99% rate. There's just no way of telling.

    Everyone here by now knows the top 5. My advice is to pick the prettiest.
     
  9. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    Right you are. Among the products that I use, there is a minute gap in detection. My concerns revolve around features that I'll actually use, and the overall 'feel' of a program on my system
     
  10. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Personally i don't worry about the differences, my focus is on what works best for my particular setup.
     
  11. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    My main dertermining factors nowadays is customer support,or lack of it,and how a product runs/feels to use:-the latter being a subjective thing and cannot be measured quantitively,but it does matter!
     
    Last edited: Apr 20, 2008
  12. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    I agree with the OP. Amongst the top tier the main considerations have now become compatibility and price.

    However, I believe the industry is at a crossroads where signature based detection (including what is now called heuristics) is mature, but behavior based detection is not yet ready for prime time. Unfortunately the situation now is dominated by malware authors who understand how AV programs work and are designing to avoid detection.
     
  13. ggf31416

    ggf31416 Registered Member

    Joined:
    Aug 20, 2006
    Posts:
    314
    Location:
    Uruguay
    I guess most AVs really detect +97% in real life :rolleyes:, so there is no reason to use firewalls, HIPS, behaviour blockers, safe hex :rolleyes:
     
  14. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma

    That might be pushing it just a bit.
     
  15. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    973
    Location:
    Paris
    No such thing as safe surfing anymore with legit sites being hijacked.
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I was worried about the differences, but even more about the fact that a detection rate of 100% didn't exist at all. Nowadays my worries are over and I sleep better. :)
     
  17. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    to quote a wise man,

    do you know there is a virus, that ZERO antivirus can detect?
     
  18. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    yes, the make-it-yourself. :D
     
  19. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    nope, one that is on the internet....... and no antivirus can do anything, zero detections for it. (apparently....)

    scary huh?

    lol

    still, i wouldn't be too worried using just an AV, its all ive used since about 6months when i also added HIPS and ive never been infected, and ive had licences for alot of them over the years.
     
  20. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Is that real? Nothing can cure it? I can. Delete the file, kill the process, if it fails, format your drive :D :D

    I am worried about using a single AV, and CSJ, how do you know if you haven't been infected if you only use Dr and HIPS?
     
  21. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    because i always keep my machine at a fresh state,
     
  22. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I do the same, I keep my system partition in a "fresh" state.
    Since September 2007 I also added the "unused" state and now I have not only a malware-free system partition, but also history-free and junk-free.
    In the past I had such a clean system partition 2 times a year, now I have it after each reboot, that is more than one time a day. :)
    I still have to find the first scanner, that detects something on my computer.
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Theres now source of great power and inginuity with the latest security inventions but the mots important of all safeguards that i consider the most vital of them all is a very dependable backup strategy that no user should ever take likely nor discount because if all else happens to fail you, a backup duplicate image is your absolute fnal measure for safe recovery.

    I would make that my top priority above any and all others as your chief preservation strategy.

    Worry is an emotion and in the computer world that possibility is a real potential.
     
    Last edited: Apr 20, 2008
  24. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's how I keep my system partition in a permanent "fresh" and "unused" state : Immediate System Recovery and Image Backup.
     
  25. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    Agreed. As I have said many times, my major strategy is to image (Acronis or any other) as the ultimate fail-safe in the event of infection. You simple restore your machine to the pre-infection day. I make a complete image each day just before I quit, and if something happens the next day- very easy to restore. I have restored twice in the last four years- once on a hard drive failure and the other when an AV installation trashed critical Windows files.
     
Loading...
Thread Status:
Not open for further replies.