Let telemetry be your guide, a proposal for security tests…

Discussion in 'other anti-malware software' started by ronjor, Jul 19, 2009.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Microsoft Malware Protection Center Blog
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Re: Let telemetry be your guide, a proposal for security tests…

    This idea could pretty much completely change the way we see tested products, I completely support it, and hope it hits off too.

    To summarize, they want to break all malware into categories using "times seen/last seen" telemetry from all AV vendors to assign points to that specific malware. AV's gain points according to the points designated, so it shows that AV's scoring top marks are detecting the popular threats. Good ideas from Microsoft I must say.

    Gotta love how they so openly admit they share samples, shows they really want to protect the user, not just make money (which we all know they want to do :p). :thumb:
     
  3. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    No change in the paradigm - no paradigm shift, please nothing against our Wilders fellow Paradigmshift ;).

    Looks like the never ending target is to be good in the reactive area. This telemetric stuff just refines the analysis.

    But what about the proactive area? What about security? The antivirus scanners are merely a tool scanning the secured areas to ensure nothing passed through. They are a so small part of security and they take such a huge part of our discussions...
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Good point Lucy but you have to remember there are millions of people using these anti-malware programs. :)
     
  5. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Well Ronjor,

    I guess we both know security needs a shift in the mind of the vendors, as well as in the mind of the customers. For the latters, I am not so sure; that's why vendors will need to be creative, inventive even more than ever and shouldn't hesitate to try new roads.
     
  6. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    giving different detections different weights depending on how often the malware is seen in the wild sounds like a good thing, but when that data is coming from vendors it winds up being a bad thing because it opens the door to abuse by less scrupulous vendors as well as an inherent bias (more weight will only be given to the widespread threats they can detect, not the widespread threats they can't detect).

    if the telemetry came from an independent source it would be better.
     
  7. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Re: Let telemetry be your guide, a proposal for security tests…

    I would assume it will only come from the popular vendors, i.e. the ones in the negotiation deal.
     
Loading...
Thread Status:
Not open for further replies.