Slashdot Mirror

← Back to Stories (view on slashdot.org)

Many Antivirus Tools Fail in LinuxWorld Test

Posted by CowboyNeal on from the survival-of-the-fittest dept.

talkinsecurity writes "In a public, side-by-side test conducted last night at LinuxWorld, ten antivirus products were confronted with 25 known viruses. The results were surprisingly disparate. Only three of the products caught all of the viruses; three only caught 61 percent, and one caught an abysmal 6 percent. The test, which wasn't particularly complicated, proves that there still are wide differences in the effectiveness of AV tools. A lot of people think all AV tools are the same — they're not!"

2 of 234 comments (clear)

  1. Re:The winners: by Anonymous Coward · · Score: 5, Insightful

    I must have missed something. How, with 25 different viruses can one catch 6%? My math skillz tell me that it should be divisible by 4.

  2. Re:Zombies by bmo · · Score: 5, Insightful

    If you suspect something is evil with your setup, you should go with your gut instincts. You are probably more right than you know.

    You should get away from antivirus. Seriously. I'm going to sound like a salesman, but bear with me a bit.

    Antivirus and anti-malware in general, on Windows machines, closes the barn door after every single horse has bolted. There is _no_ way to be sure your Windows computer is badware/zombieware free. To top this off, it often sucks up incredible amounts of cycles that turn the latest gamer machine into an XT.

    There is something that computer labs and libraries swear by and not at: Faronics' DeepFreeze. What you do is establish a "ground state" for the machine by doing a bare metal install and then installing DeepFreeze. You then have certain areas for data that are unfrozen, but the rest is basically locked up tight.

    Surf by an evil site and get a drive-by install? Laugh maniacally, and reboot. The evil bits are then...gone. The machine has returned to its ground state. To install software permanently, you must "unfreeze" the machine, install your software, and then refreeze. The refreezing can be automatic for the next reboot or specified for a certain number of reboots, like if you were doing a Windows update and have to suffer through the interminable reboots. So it also gives Windows "parental supervision" - even for the 9x machines that don't have the concept of an "administrator" account.

    Evilware in the presence of DeepFreeze is about as sticky as snot to teflon. If you insist on staying with Windows, this will let you sleep at night.

    I swear, Faronics should hire me.

    --
    BMO