Trend Micro to withdraw from VB100 tests

Discussion in 'other anti-virus software' started by Oldjim, Jun 9, 2008.

Thread Status:
Not open for further replies.
  1. Oldjim

    Oldjim Registered Member

    Joined:
    Sep 7, 2005
    Posts:
    99
    If this is correct i wonder if other products will do the same.
    http://www.channelregister.co.uk/2008/06/09/trend_vb_test_criticism/
     
  2. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    This statement is very, very interesting:

    Does it mean that vendors consider removing old signatures from the database simply because they are not "current malware" and hence no longer a threat?

    That doubt aside, and ignoring whether the arguments against VB are valid or not, the real reason for the withdrawal is quite simple:

    Thing is, they'd have pulled out a long time ago had the methodology been flawed since then...Strikes me very odd to see that they use this reason to pull out only when their product is not doing so well.
     
    Last edited: Jun 9, 2008
  3. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    431
    Location:
    The Netherlands
    Interesting quotes from the article:

    So security companies do remove older threats from there current signatures, and also I've yet to see a security company that adds 21000 samples a day to there signature database.
     
  4. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    977
    Location:
    Paris
    Av's have been removing obsolete signatures for a long time now. Very few will still have signatures for DOS viruses for example.
     
  5. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Of course, it would be useless to keep signatures of viruses of very obsolete OS, like, let's say, Windows 3.1.

    I personally would like to have those old signatures in my antivirus, you never know what would happen, IMO.
     
  6. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    expected,

    when i heard that drweb was one of the AV's not able to access the 'test-list' (answers - before the test), when most of the others were,

    straight away... this test went out of the window. :rolleyes:

    it wasnt, and probably still isnt... equal for all participants.
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    That's a pretty big statement. Are you sure?

    http://www.virusbtn.com/vb100/about/100procedure.xml
     
  8. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    hey Ron,

    Drweb told me, they did not have access to the test-list like others, but were trying really hard to.

    do they have access to it now?.... i dont know.

    still, if this was the case, it should not have been tested.

    no av should have an handicap compared with the rest, and be tested in a similar/same fashion.
     
  9. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    there are certain antivirus vendors that wont remove detection for older threats such as drweb,kaspersky etc. im sure most wont.
     
  10. fred128

    fred128 Registered Member

    Joined:
    May 21, 2006
    Posts:
    152
    Antivirus Vendors Gripe

    http://www.pcworld.com/businesscent...rus_vendors_gripe_that_test_isnt_current.html

     
    Last edited by a moderator: Jun 9, 2008
  11. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Re: Antivirus Vendors Gripe

    Hi,

    why should AVs which are only compatible with XP and Vista contain signatures for malware which can only run with Win 3.11, Win95 or Win98?
    And if an AV vendor likes to palletize outdated signatures, who cares?

    But if testers to not consider about which AV runs with which OS, their results are just pretty useless.
    Seemingly like most AV testing results.

    Cheers
     
  12. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    i hope not... old viruses never die, they just become too rare to keep track of...

    that's because the number of samples and the number of variants are not the same thing... they get lots and lots of samples but most of them are generally duplicates of ones they already have...
     
  13. tiagozt

    tiagozt Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    Re: Antivirus Vendors Gripe

    I don't believe in VB tests and I think it doeasn't represent the reality.
    On the other hand, TrendMicro and MCafee are making bad products and both have poor detection... Both AVs detect less than 10% of real malware that we found/receive every day...
    It's my opinion and I won't discuss it here again... If anyone wants to use MCafee, TrendMicro, UNA, Ahnlab or other poor AV... good luck!
     
  14. saffron

    saffron Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    82
    That is total CRAP!

    It most definitely is!

    NO AV company gets answers before the test, OR a second chance, with Virus Bulletin.

    Being a Dr Web fanboi doesn't excuse your ignorance of the facts.
     
  15. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Re: Antivirus Vendors Gripe

    I don't believe in ANY tests and i don't think ANY of them represents reality. :D

    I believe in ALL tests serving one purpose though...

    "The marketing value of the logo is high"

    :D
     
  16. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    I wouldn't have expressed exactly like that but I agree. Do you have a proper source to substantiate that? What you are suggesting is quite a big deal.

    Removing zoo malware is probably a good idea to speed up performance. However trend micro seems to be suggesting that some of the malware in the Wildlist is total irrelevant and dont belong in signatures. Is this true?
     
  17. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i dont think removing old threats from the database will really improve speed.
    just optomize the database like all the other vendors do without tossing out the old threats.
     
  18. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    You really don't think so? If you have a bigger signature database, you will have to check each file against more patterns.
     
  19. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    im not sure tbh. i would rather wait to see what one of the antivirus experts that come to this forum think.
    i dont think removing old threats from the database is a good idea. but trend micro saying thaat keeping old threats in the database slows down performance imo is BS they can definatly lighten there products. other companies have rewritten there program recently and are definatly alot lighter without needing to resort to such stupid ideas as to remove old threats from the database.
     
    Last edited: Jun 10, 2008
  20. kinwolf

    kinwolf Registered Member

    Joined:
    Oct 19, 2006
    Posts:
    271
    They don't need to add 21000 signatures though, generic signature usually catch many variants.
     
  21. Oldjim

    Oldjim Registered Member

    Joined:
    Sep 7, 2005
    Posts:
    99
    This gives a slightly broader view including this
    http://sunbeltblog.blogspot.com/2008/06/wildlist-battles.html
     
  22. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    I guess that all av editors should stop their participation in av tests which are simple marketing masquerade.
    AV testing is currently technically and ethically corrupted.

    -technically: there is no signature extraction for the correlation and detection verification.
    Test done with a few samples malware only like vb100, Wild List means nothing: there is no kind of extrapolation and conclusion that can be made from these results: these tests do not tell me if the product (its database in fact) is reliable or not.
    If we consider that there's about 800 000 known malwares, 100 of them only represents 0.0125 %...
    So i'm afraid that the certifications logos are pure marketing bulls++t...

    -etically corrupted because some organizations have financial deal with av editors: i'm sorry, but Money and interest conflicts are incompatible with Truth and Independence.
    Or i really need to change the definition of what is independent test.
    Ethically corrupted because some testers are suspected to be very close from av editors (Sophos, Kaspersky, and F-Prot in particular): an independent tester must be free to say what he wants about an av editor, and should not be subjectively limited by any kind of relationships.
    And the worse example of etical av test corruption is AMSTO, coached and managed by the av lobby.

    The rule of an av test organization is it to be neutral and independent and then helping the end user to choose the appropriate av?
    Or is it to help av organizations in selling more and more licenses?

    Do you want to be marionettes "ad vitam eternam" ? I say no, noho, nohoo...

    regards
     
  23. tiagozt

    tiagozt Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    Re: Antivirus Vendors Gripe


    You understand me... ;)

    About old signatures, if Kaspersky and other AVs can keep old signatures and still be light to system I think all can do it... It's not an acceptable reason for poor results...
     
  24. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,786
    i have TREND MICRO IS and the main thing is that sometimes it will not clean right away a virus but this is very rare.The overall opinion is very good
     
  25. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    Trend is heavy on memory/resources. The 2008 AV only edition brought my customer's P4 2.4GHz 768MB system to a crawl. I can only imagine how the IS pkg. would have performed. :thumbd:
     
Loading...
Thread Status:
Not open for further replies.