AV-Test boss dismisses Microsoft criticism of malware test results A war of words has broken out over security testing, with Microsoft and the AV-Test Institute going head-to-head over Redmond's failure to qualify for the last round of certification from the German testers. On Tuesday, AV-Test announced its December round of security software evaluations, and both Microsoft's Security …
"But Norton is malware or atleast it used to be, ..."
Yes, Norton has improved. I guess the computer makers that pre-install it realized that the bugs Norton used to cause cost way more money and cost too many customers than the money they got for pre-installing it were worth. So Norton improved a fair bit.
But I prefer Kaspersky. Look for sales, the #1 or #2 AV (depending on month and platform) at $20 for 3 machines if you spend 15 minutes looking around web stores.
@WatAWorld: Yes, I could. Most zero days aren't actively exploited and certainly on Vista/7/8 and probably XP as well basic sensible behavior on the Internet will prevent you being compromised. I have never been infected by a zero day, I only know a couple of people who have and they tend to be the sort of people who will download commercial software "for free", which I think is "asking for it."
"If you were responsible for 10 computers at a business, or if getting your PhD degree depended on your computer could you still live with zero day hazards?"
Ideally no, however if the alternative is a massively increased probability of those 10 computers/PhD degree being out of action due to a false positive then I'm likely to take my chances with the zero day hazard to be honest,
It is true that i have not used norton for many years due to all the stability issues that it came with, but then at the same time i also found norton ghost absolutely wondeful to use
It just gets to the point where a product burns all the good will your willing to give the company.
It doesnt matter how good they maybe now, the damage to their rep for me and many others has already been done and there are many av products out there which havent had the same issue
The moral of the story is if you release shoddy product after shoddy product, no matter how good the next one is people will always remember the bad ones and avoid it like the plague
AN ALARMING ITEM TO FIND ON YOUR PREFERRED SOFTWARE PROVIDER'S QUALITY ASSESSMENT:
"94 percent of the malware samples not detected during the test didn't impact our customers"
This means:
1) Hide how many malware samples were deteced, how many were not.
2) Of the ones not detected (alarming), a full 6% impacted the customers (very alarming). What did the rest do? Probably just hoovered the disk and pumped it to russian servers will not delivering pornpopup(tm) to "the customers" who were just presenting an Excel(tm) sheet to unsuspecting underage pupils.
Good job.
"So the 6% of malware samples affecting MS customers but not detected by MS is acceptable??? That makes no sense."
It's not 6% of malware samples, it's 6% of the 22% of 'unknown' zero day samples. Most of which will never, ever be seen in the wild.
AVG - bloated, slows machine to a crawl, wants to install toolbars you don't need.
AVAST - increasingly bloated with annoying messages
Comodo Internet Security - was good, but wtf have they done to the latest 64 bit version?
All three protected me handsomely over the years and no malware ever made it past them.
But when I tried MSE, my PC was infected within a few weeks. MSE had great pleasure in telling me the PC was infected, but was incapable of removing the file. In the end I used Autoruns to prevent it running at start up and removed it manually.
Back to Comodo for now.
Microsoft doesn't have a clue.
I have McAfee at work, and have used Norton at home. The former is a resource hog and I hate it. The latter is even more of a resource hog and naturally I hate it even more.
I'm prepared to accept a 0.003% risk, assuming I don't often click on dodgy links, if it means I'm able to actually use my machine as I want without the AV getting in the way. That is why I love MSE so much.
So screw the AV test. I don't trust it.
Seems to be a reasonable programme for corporate use as covers AV, malware and website filtering (one route to block malware before it arrives) but it's central configuration is a pain - strictly computer based, can't set exceptions ffor web access on a per-user basis.
And the web filtering seems to be set up by US Neo-cons with little human interaction for fixing false positives. (had a problem with Marks and Spencer website, you could browse the site all you liked while in http:// but once you swapped to https:// for buying something it blocked on the grounds that the site included "intimate apparel"ie pants and braspointed this out to the robot in charge of reclassification but it didn't help) Blocks local restaurants too becuase they haveserve alcohol - madness!
Bit of an overestimate: 33 per million, not 3,300 (unless you're French and were going to 3 decimal places :).
It's not so much that MS is "okay with [33] of them getting hit with malware"; they've chose to prioritise protection against malware that's out in the wild and actually has an impact, which seems more sensible to me than tightening up heuristics to the point of making a machine unusable and false-positives common.
Aha! A while ago the Avast developers added a really obnoxious heuristic that blocked any application which was obscure or new from running. This explains it - if you block 100% of new and obscure code, you're guaranteed to block nearly all exotic or zero-day malware. Of course, you also get a really obnoxious amount of false positives which will cause most users to just automatically allow everything or even turn off the feature altogether - so it's completely useless as an actual security feature - but AV-Test don't care about that.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
