Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can You Trust Anti-Virus Rankings?

Posted by CmdrTaco on from the of-course-not dept.

Slatterz writes "It seems nobody can agree on a universal set of tests for rating anti-virus software, with Eugene Kaspersky the latest to weigh in on the topic, criticizing the well-known Virus Bulletin 100. Kaspersky is one of several big anti-virus brands to fall foul of the VB100 tests, reportedly failing to pass a recent test of security software on Windows Server 2008, along with F-Secure and Computer Associates. At Kaspersky, bloggers have pointed out that they don't focus on detecting PoCs, calling it a 'dead end,' and saying their anti-virus database focuses on 'real threats and exploits.' 'I don't want to say it's rubbish,' Kaspersky told PC Authority. 'But the security experts don't pay attention to these tests. It doesn't reflect the real level of protection.'"

7 of 258 comments (clear)

  1. Re:I'm with Kaspersky by AioKits · · Score: 3, Informative

    I'm with you on this one. I have had good experiences with Kaspersky in the past and got the package with three user licenses for like $50 or so off the website (this was back towards the beginning of 07). Two licenses for me and one for a friend who just runs around all day with his laptop.

    The real fun tho is when I run WAR it detects 'keylogger like behavior' from the software. Heheee.

    --
    "Quote me as saying I was mis-quoted." -Groucho Marx
  2. Tests need to evaluate _something_ by PhYrE2k2 · · Score: 5, Informative

    Take crash tests on new vehicles. Name me one that doesn't have a 5-star crash rating? The rating system is too easy, and needs to constantly be moved to achieve a new level of betterness. Not everybody should get A's. Once the majority of players reach a standard, the standard should be moved to motivate advancement in the field and show the better of the pack.

    For example, the 5-star front-impact crash rating is par for the course now... but nobody seems to advertise the offset crashes, such as the right half of your bumper hitting the left half of your 'opponents' bumper. Why? Because it's sad in comparison. It's also not pretty to watch.

    So all the power to making the standards hard to achieve. Yes this may not be the 'real world' threat, but it's a threat nonetheless. They're basically saying "Since England isn't going to declare war on the USA, any preparedness for receipt of an attack by the USA shouldn't be considered in overall military preparedness". That's of course rediculous. Protect only against the popular virus and the unpopular virus will begin to spread.

    --

    when you see the word 'Linux', drink!
  3. Re:No more.... by SatanicPuppy · · Score: 3, Informative

    Norton is itself a virus. It hogs resources, causes errors, and can't be removed without killing the host.

    For what you pay, you should get something that is better than cheaper or free products available on the web...I usually replace Norton with AVG, and while I'm not a huge fan of AVG, I've never had anyone complain.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  4. Re:No more.... by Welsh+Dwarf · · Score: 5, Informative

    Correction:

    The reason Norton is on any PCs is because Norton pays PC companies to install it by default AND IT IS ALMOST IMPOSSIBLE TO REMOVE.

    Cleaning viruses off by hand is easier than uninstalling Norton.

    --
    Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
  5. Process - Not Product by Exanon · · Score: 3, Informative

    Call me a Schneier fanboy, but I practice security on my home network like a process, not as in buying a product and be done with it.

    Security for me begins with sensible configuration of the router and the PC's on the network, then it moves to access rights and regular patching of said computers.
    This includes regular checkups and glancing at logs every three days or so to look for obviously suspicious traffic. Finally, after all of these steps, I use Kaspersky (since I had heard good things about it) together with rootkit detector. (Oh, and Firefox with NoScript)

    All of this prevents pretty much all the scriptkiddies from getting in (I hope), but then again, the best thing you can do is to not download anything you don't know what it is.

  6. Re:No more.... by jimicus · · Score: 4, Informative

    May I recommend the Norton Removal Tool

    It shouldn't need to exist in the first place, of course - the uninstall should work - but IME it works pretty well.

  7. Re:No more.... by Anonymous Coward · · Score: 3, Informative

    >6. Open the registry and go to the RUN key and delete all the Symantec entries
    >7. Reboot

    Norton likes to hook into stuff like the ATAPI drivers. If you kill all of the Symantec registry entries, neither Windows XP nor vista will be able to start. Easy fix with Vista, but on XP you're just boned. I know this from personal experience.

    Just use the Norton Removal Tool provided by Symantec. It works really well, assuming your Norton isntall isn't completely FUBAR. If it is, well, you were probably due for a format anyway.

    On another note, when Norton is uninstalled or the subscription runs out, it sometimes completely destroys the computer's ability to network. As in you can't even get an IP address. I can't count the number of times that a PC had mysterious network problems that were solved by Norton Removal Tool. And this is in addition to NIS blocking legitimate traffic like Windows file sharing. There really is no excuse for running Norton anything, let along Norton Internet Security.