Security Vendors Aim For Standard Spyware Testing

Discussion in 'privacy general' started by ronjor, Jan 30, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    Story
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Does that mean they all are going to have the VERY SAME definition database for adware/spyware ?
    If not, I don't see any significant improvement for the USER.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    I guess we will have to wait and see Erik. :)
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    IMHO only after reading the pdf file they have made available on their Spywaretesting website that's mentioned in Ronjor's link would a user have an understanding of what they are attempting to accomplish.

     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    IMHO, this won't happen, otherwise the competition doesn't exist anymore if they all have the very same definition database, except for ram usage, cpu usage, scan speed, GUI, support, userfriendliness, realtime, ...

    For the user it would be a big improvement of course, because they would have to run only one scanner of their choice, which would lower the total scan time significantly.

    What they are trying to accomplish is also VERY GOOD ... mainly for the security industry, but not for the user, which is a pity.
     
  6. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    So far there has been no mention of mirroring databases Eric. They are coming together in a collaboration similar to the AV industry in regards to the Wildlist and CME.

    from the PDF file:
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Well let's hope that mirroring definition databases will be the NEXT step.
     
  8. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    are you serious? I surely hope not Erik! it's always better to differntiate then to generalise I suppose...

    yep, let's all scan with TrendMicro to kill the malware lol c'mon...let's wait for further development but mirroring databases is not the best thing to do imho:thumbd:
     
  9. fully agree

    fully agree Guest

    I fully agree with those statements Infinity. It's good to have variety.
     
  10. Happy Bytes

    Happy Bytes Guest

    I just downloaded the PDF file - which states "This paper is intended for security professionals" and what i see is only a amateurish writeup without any sufficient facts - could have been written by everyone. There's no fact how to verify that the malware is actually able to run. There's not even one line that maybe not all parts of the malware should be detected - EVEN IF SOME AV DETECTS IT. Hey common, i mean that's a paper for the self educated home user, but not for a "security professional" as it claims - that's an insult, that's it.
     
  11. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    the way I see it is they try to make one big team (like Bubba already stated) .. like the Anti-Spyware Coalition (ASC)/Coast but nothing good went from that in fact maybe not 100% accurate info now but I believe it was then that multiple antispyware vendors began to change some of the rates of several adware/spyware to make it less dangerous for us, that was with claria and some others...
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I'm dead serious about this.
    All AV/AS/AT/AK scan grosso modo for the SAME threats, only the differences makes them special.
    So the first AS scanner will detect/remove most threats, while the second scanner will only find a few and the third scanner won't probably find nothing, but the total scan time of the three scanners, remains the same, whether the threats are found or not.

    If all definitions are collected in one database and each scanner has the same database, than you need only one scanner of each kind with a much shorter scan time.
    It doesn't need to be Trend Micro, it can be any brand, because they all have the same database, detection/removal method and naming method. That's standardization.

    Variety ? On the contrary, that's why these people want standardization, because the variety caused a big mess. :)
     
  13. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    IMHO, it is always about the money and never about the customers...
     
  14. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Like the communists I guess ... everybody the same ... :doubt:

    they aren't talking about mirrorring databases Erik, if that is ever the case .. I'll purchase ShadowUser and ditch my AV ;) but that will never happen ... they want to make clear the various differences between the terms spyware/trojans/virii/malware in general...

    a lot of trojans are labeled as spyware and vice versa and that's what they are trying to do ... to clear that up

    let them do it, I applause for that but not exchanging databases...I don't think it would be that easy I guess e.g. Nod32 and his heuristics signatures and let's say Norton, cause I would only hope that they work on a different manner...
     
  15. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    At work, we standardize our data for years.
    Each data has its name, its code name, its length, its definition, its validation, its context, etc. and they are all collected and organized in one Data Dictionary Database, available for each analyst and programmer.
    This has nothing to do with communism, that is creating ORDER in what was a big mess in the past and everything that has to do with computer requires ORDER.
    The same can be done for malwares.

    Frankly, I'm quite surprised that it took sooo long for the security industry to get organized. Now they start something, what should have done years ago.
    Mirroring databases won't be easy, but in my experience NOTHING is easy, if you want to do it right.
     
Loading...
Thread Status:
Not open for further replies.