Why is my cloud better than your cloud?

Discussion in 'other anti-virus software' started by Pleonasm, Jul 6, 2009.

Thread Status:
Not open for further replies.
  1. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,631
    Location:
    Sneffels volcano
    Dumb me.
    I should have expected this when I chose instant email notification :D

    By the way, by now this thread should be renamed to "Why is my post better than your post?" o_O
     
  2. JasSolo

    JasSolo Registered Member

    Joined:
    May 9, 2007
    Posts:
    414
    Location:
    Denmark

    :thumb: Very good point, Mac :D


    Cheers
     
  3. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    Stuff like this comes to mind....

    http://it.slashdot.org/article.pl?sid=07/09/15/1623230
     
  4. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    I don't know if you're referencing KL, but they made a blog post in 2006 saying they had no plans at that time to remove detection for old boot/DOS viruses.
     
  5. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Nah, I just dunno how Symantec approaches this, and since the heat has been quite high when it comes to Symantec during this discussion, well... :rolleyes: :D

    That's not saying I'm sure that's what Joe meant, but I made a simple guess. ;)
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    While I understand their position, we're looking to protect the most users with the least overhead and fastest/smallest product possible. To them, "less than 5% faster" may be insignificant but that is significant to us.

    We will probably end up making a separate optional download to protect against DOS malware but honestly, the infinitesimal chance of getting infected with a virus from the 1980s isn't worth much focus when there are real world threats infecting many millions of people every day.
     
  7. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Perhaps the “missed threats” statistics on the Prevx website should display a separate count for DOS-based malware? Hey, inquiring minds want to know! ;)
     
  8. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    If the general consensus seems to be that there's hardly any DOS-based malware these days, there's unlikely to be a need to display statistics for it surely.
     
  9. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    TonyW, my prior post was made in jest. :)
     
  10. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    I would respectively disagree with your statements on being offline. Believe it or not there are many times within a day, in a time where laptops are so popular, where a user is offline.

    It may only be here and there but to say it is a rare event is IMO an inaccurate statement. There are quite a few people who may download things for later offline use, including emails.

    Besides this the risk of malware infections while offline is quite possible, email attachments previously downloaded could be executed, shared USB drives with others can easily be accessed offline which could potentially infect them.

    Also saying a dedicated Non-Cloud based AS would be equally ineffective offline is also not truly the case if the product uses advanced heuristics, even without updated definitions it could generically detect the threat. This statement is also not realistic.

    I expressed my opinions of your statements here only to convey my thoughts as to other points of view so I sincerely hope you don't interpret my reply as any kind of attack on you. I mean no harm or disrespect in any way, just that I believe your incorrect.
     
  11. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    I hadn't seen that article before but between you and I, personally I take any article from a magazine site with a grain of salt.

    To me real worl results on my system is what convinces me of a products worthiness not articles. I learned this lesson the hard way over the years. No don't get me wrong I'm not trying to knock nortons or anything, I'm just saying that any product can be marketed beyond what it really is.

    I had NIS2009 running on a laptop for about 9 months, on my system is slowed it down noticeably, not as bad as previous releases but definitely not as light as it is being marketed to be. I had a few quirks with it but nothing major and overall it seemed to be a decent product. I started having some quirky behaviour on the machine and suspected I had been infected with some type of malware but NIS scans showed clean. I loaded my Vipre license and did a scan which found two trojans on the machine, these were missed by NIS and not FPs either. After cleaning the machine and removing a few registry keys, the laptop was unbelievably faster and without and crashes.

    No please don't take this reply as a bash to nortons because it is not. I am just trying to point out that NO single product is an end all be all when it comes to security and detection. No matter what hype is being spewed on the net about any particular product, they all have their weaknesses where thay can miss something. This is another point I feel is important to illustrate the need for layered products.

    I just can not see the logic in a single suite approach, where you are depending on the performance of a single vendor. Which may be a great product 99% of the time but certainly not 100%.
     
  12. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Perhaps the next version of the software will allow that group of users the option of downloading a subset of the database onto their machine to work with while offline.

    As long as the layered approach doesn't slow your system down. We often see people asking in these very forums if their layered setup is adequate, but often they have too many of the same kind of applications installed when two or three will suffice.
     
  13. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Atomic_Ed, any single product review should simply be considered another “data point” in the evaluation of the effectiveness of an anti-malware solution. I think all such well-conducted reviews (as is this one by PC Magazine) are credible and are useful, but no one review is the “definitive word” on the subject. A different methodology might have produced a different result, or the same methodology conducted on a different day might have altered the findings. If, however, we see multiple reviews from several sources all converging upon the same conclusion over time, then the collective findings gain considerable merit.

    It is noteworthy to mention, however, that Prevx continues to tout itself as the “Editor’s Choice” of PC Magazine based upon a May 31st review (i.e., note the presence of the ‘endorsement’ in the upper-right corner of the Prevx website). While the statement is still true from a narrow ‘legalistic’ perspective, I personally find this marketing practice to be intellectually insincere and disappointing, because the source they are quoting has since found their product to have been surpassed by Norton Internet Security 2010 (setting a “new record” for malware blocking and “trumping” Prevx -- see here).

    P.S.: I am not ‘attacking’ Prevx. The company should be proud of their product and should promote it -- but, should also try to be as plainspoken and candid as possible (in my opinion).
     
  14. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Atomic_Ed, you may be interested in this thread, which explores the subject of “suites” versus “best-of-breed.”
     
  15. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    One of the fascinating possibilities of Norton Internet Security 2010 is that the early reports of its effectiveness may grossly underestimate the eventual power of the tool. It is speculation on my part at this time, but it is quite possible that NIS10 will grow substantially more effective in detecting and blocking malware in the months after its release, even if there are no modifications to the underlying architecture. Why? Because the ‘classifiers’ built in the cloud and used by Symantec to score the likelihood of a sample as “good”/”bad” may grow increasingly powerful as NIS10 is deployed on more desktops across its large userbase. These ‘classifiers’ are predictive mathematical models, and I am guessing that Symantec is using neural networks and genetic algorithms. If true, then it may be the case that “the best has yet to come.” Time will tell . . .
     
  16. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Thank you for your inputs, very good responses and for the link I did find it interesting!
     
  17. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Good points, that downloading some type of data for offline protection would make the whole concept alot more robust and minimize the Achilles heel of the whole cloud thing in reference to overall effectiveness of such a solution. However it still wouldn't address my concerns for privacy with any specific vendor, some of which have historically been less than truthful in their personal info collection methods.

    Your also correct about the system slowdown pitfall, however with a little effort and research there are now seperate product offerings today that together can be much lighter than any suite I have tested.
     
  18. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Atomic_Ed, can you kindly elaborate -- e.g., which vendors and what methods?
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.