May 26, 200718 yr How well does your AntiVirus rate on its ability to deal with near 0-day infections? AntiVirus Performance Statistics I have to admit that I was a bit surprised AND disappointed that my favorites didn't rate very well.
May 26, 200718 yr And I must say that web site does not fill me with confidence - the very minimal home page is 3 years old and have no idea of who or what they are.
May 26, 200718 yr And I must say that web site does not fill me with confidence - the very minimal home page is 3 years old and have no idea of who or what they are. have to agree, as another example the about_us link fails with 404. Admin contact is Tom Shaw {who he ed.?} Think one needs a little more surety, methodologies etc. about this. Regards /edit add info //
May 26, 200718 yr AV heuristic algorithms are the snake oil of the IT industry... That said, I don't get the statistics on this page at all?! What do these columns mean, and how can they be compared to each other? Is 17/17 better than 8453/30108? In addition it's not clear how these AV programs protect/don't protect from these pieces of malware? Do they only detect these when they come nicely in an email attachment? If so, it would be relatively useless. Or do they detect this malware when it has exploited some zero day hole in IE/ActiveX/JavaScript and is about to start up and disable installed AV programs?
May 26, 200718 yr Author A little clarification (for what it is worth)... The previous link I posted lists the real-time statistics of scans done by VirusTotal since 2 December 2006. VirusTotal analyzes suspect malware files submitted to it by the Malware Incident Reporting & Termination (MIRT) team and scans it with 29 (OITC states 36) antivirus programs. PC World listed VirusTotal as one of The 100 Best Products of 2007.
May 26, 200718 yr Outdated page that doesn't list methods or test conditions. As for what magazines recommend, they rarely test in lab conditions. http://www.av-comparatives.org/ Lab tests with methods and testing conditions listed. Look at the results over a few different tests to get an overall picture (it's always possible for a program to do really well or really bad in single tests), also, look for glaring weak spots in a programs performance (script vulnerabilities for example). As for heuristics being snake oil, that's just completely untrue. It's no coincidence that the AVs who first catch these weird local worms like godzilla and such are the ones who pay attention to heuristics. They definitely must be backed up with regular signature updates though to be totally effective.
Create an account or sign in to comment