WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    Yup. The 3.0 beta now has HIPS and an IP firewall.

    WVSX is game-changing, indeed.
     
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    17,718
    Location:
    UK
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    The developer hasn't told us his plans but on the MT thread he did observe changes in Windows driver certification are going to force a wait.

    When that's done, maybe the product will move out of the beta. We'll see.
     
  4. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    895
    Location:
    The Netherlands
    The MT-post:
    https://malwaretips.com/threads/wisevector-free-ai-driven-security.87965/page-84#post-961555
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,777
    Location:
    U.S.A. (South)
    Microsoft curve ball. It is encouraging however that @WiseVector is aware of exactly what manner of their own changes is identified and needed to return compatibility again.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I'm sorry but do you guys think that a detection rate of 87.5% is good for a tool like WVSX? It's not bad indeed, but this still means it's probably a good idea to combine with another AV.
     
  7. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    R- Remember that WVSX is not just a "dumb" (sig based) product, but an AI. When doing an accurate test one does NOT run a script that will run many malware samples over a few minutes and expect a relevant result (note on the videos the time lapse over which a bulk of the malware was run). Such testing will invariably result in overwhelming the AI functionality and also is hardly a real world scenario.

    In my personal testing I coded true zero day stuff for which WV had a 0% initial detection rate, but when these malicious files were run WV stopped them, although sometimes with a 30 second or so lapse while WV was "thinking". I hope you will agree that taking the time to understand how a product works, testing accordingly and not attempting to impress by gang-banging a flock of samples will yield a more accurate result.

    (ps- CF + WV 2.73 is a wonderful combo)

    m
     
  8. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    With the 2.73 CS is right. With the 3.01, you get HIPS and an IP firewall and CF becomes redundant.

    I can only imagine what the paid version will be like for the features in the free will be the same but lack configuration options.
     
  9. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    87.5% but what are the samples are they tested with other avs at the same time, can we download them to test them ourselves? I swear AV testing industry is the most unclear and hidden stuff there is out there. All u see is like 175/200 samples and ure like "87.5% SO GOOD" like an absolute brainless monkey (and by you i don't mean you i mean most people), u never ask what the samples are, u never ask how would other AVs do against the same samples at the same time, u never ask to inspect them to make sure it's not some ******** filled with a few real samples, u never ask so many other questions. I can go on and on. But u can make LITERALLY ZERO conclusion from a random youtuber guy that gives 0 details or anything. And even if he did you can never be sure until they are checked by people who know what they're doing (not me i don't have much knowledge in this area). I cannot even begin to start explaining just how useless this test is. From the guy's point of view MAYBE it's legit (but then what if Kaspersky gets 100.0%, 87.5% is not good when u factor in the small sample size. Now try testing billions of malware and watch kaspersky be like 99.8% with all its modules while WVSX goes lower and lower as u increase the sample), but from our point of view it's absolutely useless.

    Also btw it's 87.15% not .5, plus that's just FOR THE STATIC TEST. So what does this mean, it means 87.15% of malware were (likely) already marked by signatures ("fresh malware" ******). This is why I think avs should be tested without file scanning module. Because a true 0 day would NOT be detected by this module. So if they got detected THEY are not 0 days, and to me the definition of Fresh is that. So really the REAL test only begins AFTER WV has already detected and deleted the marked malware. Then only the unmarked ones remain and NOW the real test of protection can begin. Not test of "how many of these malware have been detected before and marked as malware".

    So out of nearly 900 samples that passed the test, 40 (39) were detected as malware by Hitman Pro. So AT LEAST about 8% of malware managed to pass through. But likely many many many more, because chances are if WV's signatures couldn't detect the samples, then the 2nd opinion's scanners wouldn't be able to either. So nearly 900 malware executed and based on part 1 video u can tell A LOT more than 40 showed stuff on the screen. So yeah, if u ignore all the malware samples detected likely mostly by the sigs, u can see in the real test that, well we don't know how many of the 900 were able to harm the system, but u can see that A LOT of them managed to harm it. So this is a pretty big fail imo.
     
  10. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Maybe the AI should not let a file get executed before it's done scanning? Just like VS does. It's WV's fault it lets the file execute. So it counts as a fail.
     
  11. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Lol u wish
     
  12. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    I agree with you about the shortcomings but people are going to run an AM in conjunction with a AV. Its not going to be their sole security software and what's missed by one will be detected by the other.

    Even with world class security software, there will never be 100% protection, that's unrealistic. At best they will be your second line of defense if your SRP, anti executable and firewall don't stop malware first.
     
  13. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    This is the whole point People expect 100% protection and that is unrealistic if you connect to the internet. Look at all the agencies, defense companies being hacked.
     
  14. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    946
    Location:
    Canada
    Their being hacked (businesses) because there is money to be made. 98% of people do not have to worry about that type of attack. Malware attacks on home users is getting rarer, its social engineering they have to worry about now, emails trying to trick you into giving financial or account details etc. No program is going to protect you from that. A decent AV and brain.exe is all most need.
     
  15. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    Exactly my point. No AV or any security program is 100%...Brains and backup is the only solution..
     
  16. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,011
    Location:
    Canada
    I need that for my kids computer:D
     
  17. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Don't remember microsoft or google being hacked. U only hear about the **** ones that don't know about security.

    AVs are AM nowadays

    Yeah but the closer u can get to 100% the better.

    I feel like the only way for home users to get malware is to download random **** like cracks or activated programs or "ruby generator" etc. from unverified sites. If u type ANY game that is unreleased in google there will be pages and pages of sites where u can "download it" but obviously u can't cuz it's not released yet, many of them are actually surveys or it's a zip with a password or u have to go through 15 shortening links so they can get money from ads
     
  18. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    So defense companies are ****? yeah ok, like you know more than them lol...
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,777
    Location:
    U.S.A. (South)
    Points very well taken. Also in this world of immediate expectations developers aren't exactly seasoned sages. It takes intense R&D stamina and I found WVSX while in something of initial infancy has mastered criteria some AV's have not. To their credit WVSX is been quite enthusiastic and forthright as humanly possible with stellar results so far. And courtesy members and user's alike have contributed to it's improvement without doubt. AI is something of a bonus for all of us depending on it's actual real world results. Even @cruelsister's home grown projects seem to offer some testament if AI is up to task :isay:

    It's a TEAM effort that produces the most positive outcomes which i might add at record pace.
     
  20. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,370
    Though backups won’t protect you against everything either
     
  21. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    well idk but i haven't been infected with malware so
     
  22. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    a trusty firewall will
     
  23. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    With ransomware, offline backups will keep valuable data from getting lost.

    And yes, the most important form of prevention isn't software but human smarts in knowing what do on the Internet and not blindly clicking on links and downloading untrusted software.
     
  24. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,234
    Location:
    Europe
    Also by the way this thread is really getting off-topic and i don't mind one bit but i'm sure the developer does when he has to read 10X as many messages not related to WV so maybe the mod can come in to scold us

    Paging @stapp
     
  25. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    I think its relevant and of course WSVX is a great software but we were talking about what it can't do. It can't protect users from themselves. Its a tool to safe computing practice, nothing more.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.