What good is 80, 90, 95 percent.

Discussion in 'other anti-virus software' started by trjam, Mar 4, 2010.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    We always talk about, proudly to, our antivirus product detecting this amounts. My question is, why do we not show as much importance to the remaining number, not detected. It would seem to me that would be even more important. I mean, nothing less then 100 is really nothing, isnt it.
     
  2. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    very true, i would like to see test of crap left over :D
     
  3. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    Strictly speaking; even if an AV only detects 5% in testing but your the threat you face is detected properly the end-user is still protected 100% :D

    We think it's important that a particular AV is strong in your particular region. Not everybody might agree, but we see a huge difference of effectiveness of AV's in several regions of Russia. Cloud and behavior-based technologies can fill this gap however.
     
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    That is one instance. To me that doesnt equate to the reality of what is going on in the malware world. Cloud scanning is proving to be just as open to attack as standard scanning.
     
  5. SourMilk

    SourMilk Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    630
    Location:
    Hawaii
    I don't really put a lot of faith in AV tests. If an AV keeps me infection free and has the bells and whistles I want, I'll use it even though it doesn't detect all of the test viruses (virii). That is why one should use a layered defense. Also, always keep a clean image offline just in case a 0day or polymorphed baddie sneaks through the multilayered defense so cleverly thought out by the knowledgeable user. :doubt:

    SourMilk out
     
  6. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    Detection rates (percentages) are important and I pay attention to them.
    That said, I also realize that it could very well be a zero-day threat or something in that 2% of the malware that an antivirus application which tests out at 98% detection rate doesn't detect that gets my computer infected.

    With everything else being equal, a high detection rate only lowers the overall odds of becoming infected.
    Factors such as fast and effective vendor response in the form of timely signature updates to new threats, the effectiveness of behavior detection technology, and user friendliness are equally important.
    In order for any application to be useful, it needs to be used.
    No one wants to deal with a buggy, overly intrusive, and/or heavyweight antivirus program that makes web surfing a PITA, so regardless of the numbers, it must also be easy to use.
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I would agree, the most important thing you can do today, is keep a clean image ready to go. Very true. To me, layered provides nothing more then a tad bit detection but no real protection.
     
  8. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,618
    Location:
    Canada
    As for myself I never really pay attention to those figures. I tried, as everyone on this Forum, most of the well known AV on the market and the last time I was infected was in 1996!

    So, 80% or 99.9% does not really matter.;)
     
  9. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Mm detection rates are a funny thing and your right about the remaining. Malware that is detected by an av now may just be made undetectable again by repacking.
     
  10. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    I don't care about percentage I care about how well it protects me.

    For my family's machine I would want a AV with higher detection rates but for me any AV will do.
     
  11. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Percentages of detections or non detections are useful only for two reasons:
    1. Compare AVs
    2. Have an approximate idea about a company's abilities.

    In any case...use multi layer security to make that 20% even smaller...really smaller. An AV is a piece of our security arsenal...not the only or the main.
     
  12. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    757
    I use the layered theme .
     
  13. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Since I am not too bright in this area, I continue to place importance in the percentages of detections. Protection is very important, and the ability to detect, and hopefully block, a threat would seem at first glance to be some measure of protection from threats.

    It is a sure thing that no program can be 100%, but it it lets 20% infect me because the AV did not detect the threat that is a worse situation than if only 5% could get through.

    So why is detection rate not important? Is the protection provided by an application that scores 50% as good as one that scores 90% on an average basis? Of course if a particular virus infects you it is 0% detection for that. However, the chances of that are not too great, and the probability varies with the detection rate.

    When we go somewhere we are subject to accident or violence. But by using sound judgment, and awareness I can reduce the liklihood by a large amount. The fact that some small percentage of folks get mugged in a certain area does not mean that it is unimportant where they take place. But the fact that I do not have a 100% chance of safety when I go out does not mean that the greater the percentage of safety is not important.

    Maybe I am not understanding the discussion.

    Regards,
    Jerry
     
  14. SourMilk

    SourMilk Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    630
    Location:
    Hawaii
    In a "layered" defense, antivirus plays an important role but is not as effective as the "layered" defense as a whole. Other security apps must also be considered.

    Example: Virtualization (Shadow Defender, Sandboxie, Geswall, DefenseWall, and others) are a potent weapon against stumbled upon malware.

    Firewalls with HIPS "Host Intrusion Protection System" (Online Armor, PrivateFirewall, Comodo, and others) can keep your system from becoming a bot infested malware spreader.

    Behavior blockers (Threatfire, Mamutu, Sonar [found in Norton ware], and others) can stop malware from infecting system files (mainly 32 bit) and other apps from further infection.

    Clean Up/Highly sensative scanners (MalwareBytes Antimalware, Hitman Pro, A Squared, and others) can help defend against spyware, trojans, and the like.

    All in all, an antivirus is a good tool but some would rather have a box filled with tools. ;)

    (I don't know why this thing is double spacing o_O )

    SourMilk out
     
  15. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    If you use only your AV as your protection then you put in danger your safety at a higher percent than the 20% (or x%) of the undetectable malware by your AV.

    Multi-layered security provides the safety a home user really needs. Having recent images of your OS partition, sandboxing your browsing sessions, using a software like shadow defender for your "dark" tasks etc. provide the security we need and make that 20% ( or any other % ) less important.

    Sure, check the percents (like I said in my previous post) in order to pick the strongest AV. And ofcourse, the highest % of detections an AV has the better is, but never count only on an AV for a secure setup. If you give too much importance to an AV's detection rates then you have wrong ideas and strategy about pc security.
     
  16. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Is it true that if your AV is only 80% your computer double spaces?
    From my signature it can be seen that I layer, but I would like the best I can determine for each layer.:D

    Regards,
    Jerry
     
  17. SourMilk

    SourMilk Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    630
    Location:
    Hawaii
    @Jerry

    I found out why it's double spaced. The little box for replies isn't as long as the replies in the thread. What may be single space in the reply box can be double space on the thread when the reply author separates the shorter sentences (or paragraphs) with a double space. Short answer, I did the double spacing LOL.
     
  18. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    The point is that tests are tests but the real World capability of an AV is far more important.For the end user numbers of detections and percentages are largely irrelevant,what matters is if the AV blocks the real threats they're actually encountering.A product may score 99% on a test,but if the 1% it's missing are the most prevalent,current malware then that figure is meaningless to them.
     
  19. ratwing

    ratwing Guest


    But isnt a back-up plan,such as, in the best of cases,a rollback,or reimage via something like Macrium ,or Paragon,
    or in my case just the DVDs of my important files,really just another layer?

    Layers do not need be limited to blacklisters,Behavior Blockers,HIPS,or even Sandbox's and light Virtualizatin.

    Nor do they need to contain "one of each"

    I still bet on layers.
     
  20. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Your AV and PC security is only as smart as the user so any detection is irrelevant if the user doesnt know what to do with the popups.
     
  21. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    It is in fact more important. Who wants to be a victim of statistical probabilities...

    But the funny thing is, if you think about how to fill the gap, you may easily end up without AV.
    If you manage the matter to protect a system against threats an AV does not detect, it will most likely be also protected against the threats an AV detects. :cautious:

    There is more than enough software around to fill the gap or even makes AVs redundant.
    Only drawback may be... no more posting in AV threads. :'(

    There is only one thing which would make me use an AV again.
    If I could always get the signatures at least one month in advance.
    I think then the remaining number would be significant smaller. :blink:

    Cheers
     
  22. Legendkiller

    Legendkiller Registered Member

    Joined:
    Jun 29, 2006
    Posts:
    1,052
    detection rates are just numbers and the AV-test are only an indicator of how a particular AV fared in a particular period against a sample of viruses....no matter how big the sampling pool is...

    The remaining 5 or 10% is filled by a users good surfing habit,frequent backups,system scans etc...

    In the end i will say its just an indicator and anyhow who gets bombarded by all the sample viruses anyway?
     
  23. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    80 percent is more ok for people on Wilders than in the real world.My son could get loads of virus using the same antivirus as me because of the links he clicks and lack of knowledge.Yesterday most of his mates got a virus from a link using Messenger that was meant to take you to a utube video ,now with teaching him about security he was ok
     
  24. Patrician

    Patrician Registered Member

    Joined:
    Jun 3, 2005
    Posts:
    132

    The danger witht the above is that you have so many security apps running that you slow your PC down to a crawl.
     
  25. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    You can slow it down to the same speed as an infected pc.
     
Loading...
Thread Status:
Not open for further replies.