Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: humble on March 03, 2008, 04:48:58 PM
-
different kind of antivirus (http://www.threatfire.com/)
Thought it was worth putting up...
-
Originally posted by humble
different kind of antivirus (http://www.threatfire.com/)
Thought it was worth putting up...
At first glance maybe snakeoil for some products. Specifically it sounds like it's doing a lot of stuff McAfee (Corporate) already does around typical vectors virus's and malware hit or come in on. I assume other products such as symantec do the same.
IE, if you have good AV this product will do little. But if you have crappy AV it might help.
-
1st, the best antivirus on the planet is free (AVG). *** (for normal use)
2nd, no AV program protects against zero day threats.
3rd, this one appears to actually be better then any other similiar program (pay or free) out there.
Mcafee is probably about the worst AV program in the world BTW IMO....basically junk. Norton isnt much better...
For some general 411 on current AV stuff...
NOD32 is probably the only AV program really worth buying...
Kaspersky would be #2...
The simple reality is that many people who get dinged have a AV program installed and most viruses are written to spoof the best selling AV software. Almost all major AV programs do a good job regarding known threats very quickly. Its the "day zero" threats that cause the most damage.
VB100 is probably the most definative source for true rankings and many programs earn the "VB100" each year and a few sweep all the catagories.
If we look at other sources like checkvir (which Cnet relies on) you'll find most of the top AV programs not even mentioned...basically rubberstamps for the big sellers.
To be safe you need a firewall, AV, malware and "day zero" type program. You can get all 4 for free and have 99.5% (IMO) of the best protection you can buy and 1000% better protection (sadly) for some of the stuff you can buy.
AVG (antivirus)
Comodo (firewall)
windows defender (malware)
Threatfire ("day zero")
Hijackthis (registry/process log)
Will give you a versital (and free) multilayered defense against sudden meltdown.
This isnt ment to say that paying for protection is wrong or that "free" protection is superior (it isnt, in fact its not as good as the top 5)...but when you realize that mcafee is #2 with like 13% and norton #1 with a huge edge...less then 1% of the folks worldwide are actually buying something worth paying for (again just 1 guys opinion).
-
I'll let Vulcan elaborate on the perfectly silly suggestion that AVG is a good antivirus program, but I would certainly NOT recommend ThreatFire for a gaming machine.
It does an admirable job of blocking malware *behaviors,* but it does so at the expense of CPU cycles, and at times it inexplicably consumes a lot of memory.
Put it on your Mom's computer, but leave it off the gaming rig.
-Llama
-
Whats more silly is stating that either Norton or McAfee is actually worth paying for. I'd add bitdefender to the two above but beyond that and maybe Fsecure you wont find anything worth actually paying for.
Further there is no AV program that can actually run on a gaming rig well. McAfee is probably the biggest resource hog there is but all of them can unexpectedly bog down your system.
I've delt with literally hundreds of systems that have been completely hosed while protected by either McAfee or Norton but have never come across a single one corrupted while running an up to date version of AVG. As I stated above that doesnt make it the best thing out there but its head and shoulders above what most people pay for...
A good overview (http://www.techsupportalert.com/review-security-guards.htm)
The link above provides a pretty good overview on the current realities. No one (including me) is going to agree on the specifics but this is a well done, well rounded article. He throws Norton in as a distant #6...
Here are a few intersting comments that pertain to this taken from the article above.
AVG free is one of the most popular products out there, so the poor performance of the commercial version was another surprise, most of all in the pro-active tests run by AV-Comparatives. AVG users would do well to add a second product that offers strong heuristic detection, a HIPS program like Threatfire for example
I dont entirely disagree with his thoughts on AVG in the context of the "big 5". As he noted its primary flaw is in heuristic detection not in the detection of "known threats"...
That MTP’s security pieces aren’t in the top rank won’t make much difference in real-world use, I suspect. Since the performance hit is so slight, users can easily add a HIPS program to enhance their protection without adding significant overhead.
Again the general consensus is that a program like threatfire has minimal overhead.
Suddenly, that few per cent difference takes on distinct shape. What F-Secure didn’t mention was that its product still missed a bunch of malware. That’s where the theatre comes in: all these vendors claim to keep us safe, yet none can keep out all of the malware – even that which ‘is known and can be identified with traditional signature-based virus scanning.’
Even the best AV program is relatively inefficient against even "known threats".
I’m inclined to believe them, and here’s why: I’ve run half a dozen different AVs on my PCs over the years, among them poor performers like Trend Micro and AVG. I’ve never had a single infection
Now here is the cunundrum, I have no arguement that AVG (free or otherwise) is lacking compared to a true topend "suite". However not only is it free, but if you actually go to literally dozens of forums that specialize in helping "normal folks" deal with malware AVG is easily the #1 most recommended program (in conjunction with others in a layered defense). Further if you read the pleadingd of the aflicted you find no one with AVG free afflicted (at least I haven't) while numerous examples of affliction with current norton/McAfee/TM etc are evident.
So before you decide to get in a pissing match with me on this make sure you know a bit about the subject...I do.
Gizmo and others have shown that combining different layers of security tends to produce better results overall, and this even holds true when the individual layers are free products like AVG and Threatfire, a HIPS product. Their combined footprint is much smaller than that of the twin-engine machines.
This is the common consensus of a large segment of the professional community and supported via hundreds of "help sites" that try and help the tremendous number of folks who blindly put there faith in substandard products with alot more money spent on marketing then R&D and development. Do me a favor and dont add to the problem.
-
Most 'for profit' a/v review sites don't think much of AVG Free, but it is the most popular a/v out there, despite what they say. My clients are running AVG free in the real world, not some lab, and it works great for them. The commercial, (ie; for profit) review sites can say whatever they want. I'll stick with AVG Free. It's never let me down.
I agree, that if you feel you HAVE to, then NOD32, is the only 'pay' program I'd recommend.
I don't trust a company that first tried to buy a malware company, and then after that was discovered, and failed, they downgraded the warnings for that company in defender. I would never recommend windows defender. Frankly, my dear, I just don't trust them to protect me...
-
Guys,
I was just at my accountant's home this morning. This is a freebie in my capacity of a professional computer consultant since 1988 and professional reviewer of AV software for Windows Magazine, then PC Magazine, and now CPU Magazine, since 1996.
Their kid's new PC is infected after only 45 days out of the box. It has the latest version on AVG free (which they installed, since they remembered I used to recommend it) and AOL's McAfee-based freebie AV tool. I didn't even know they bought this new PC, but at least they tried to protect it.
AVG isn't even complaining about the system being totally owned - it thinks everything just just peachy. McAfee is at least complaining about locating infected files that are starting every 90 seconds, but it can't clean them. I'll have a million laughs cleaning this box off over some evenings this week, but it's what I do. Professionally. For a living.
This is very typical of AVG free, which is why I've not been recommending it for the past 6 months, especially if the user doesn't have firefox which this machine doesn't.
You say you don't recommend any AV software for a gaming rig. To me, this nonsensical statement only proves to me that you really aren't testing these things very closely, are you?
One of the things I do when I review AV software, in addition to letting it try to deal with my virus zoo with more than 8500 active viruses, (with about 100 unique variants being added every month - the joy of running my own mailserver), is to run benchmarks, which get published with every review.
My standard test machine finishes booting XP in 29 seconds, and runs a Disk/CPU benchmark in 8:30 seconds, repeatably. Going from the notes I have in just this laptop, here are the following measurements for a few AV programs:
Norton AV 2008: boot: 49, Benchmark: 19:30
Norton Internet Security 2008: boot: 56, Benchmark: 22:40
CyberDefender Complete: Boot: 2:41, benchmark: DNF (stopped after 4 hours)
Eset NOD32: boot 31, Benchmark: 10:21
AVG Free 7.5: boot: 44, Benchmark 14:50
Kasperski 7.0: boot: 40, Benchmark 20:10
Eset NOD32 increases boot time from 29 to 31 seconds and increases the benchmark time by about 20%, sometimes less than half the load of other programs, all while doing very well my personal zoo (these stats are on my home machine - sorry) , as well as those from AV Comparatives foreground scan results (http://www.av-comparatives.org/seiten/ergebnisse_2007_08.php) and zero-day heuristic results (http://www.av-comparatives.org/seiten/ergebnisse_2007_11.php).
The AH framerate drop when running Eset Nod32, which is also on of my tests but it goes unpublished, is NEGLIGIBLE, being within statistical error (especially since there's no good, totally repeatable framerate benchmark in AH like there is for HL2 or UT for example). It isn't negligible for some other products, but I don't have those notes with this machine either.
I'm not trying to get into a pissing match either, but let's at least have some measurements and facts to back up our opinions - other readers are counting on this information being good.
Should anyone be interested, I'd be happy to report back here with what bugs I found on the kid's machine, and what versions of what programs let them slip through.
-Llama
-
Again, if your going to by a AV program (and I never said you shouldnt) then NOD32 is the best choice IMO (as I said above). Recognizing that the AV world always alters and nothing is ever written in stone the vast majority of "professionals" I know are going to recommend a suite vs a single app and recommend staying away from Norton, McAfee and TM period.
I dont care how well a program boots or benchmarks if it cant do the job well. Less then 35% of current norton users give it high marks on any survey I've seen anywhere. As for McAfee its not very highly regarded or well represented on any major independent benchmarks I've seen.
Again, as I stated the true "big 5" are certainly better then any free product (neither Norton or McAfee is in that select group) however a good suite of products and a well configured machine will match up very well with a "big 5" product as well.
My original comment was simply a heads up on a good free additional layer of protection thats readily available. I never said a gaming machine shouldnt have AV protection, simply that any AV program can cause resource issues. You said that threatfire shouldnt be on a gaming machine, I've got no evidence it has a significant footprint and would cause an issue.
The simple reality is that very few commercial AV programs are worth what they cost...NOD is easily the only one I'd but or recommend if/when my livelyhood is on the line.
Wabbit I dont disagree with you on defender at all, but as part of a "Suite" it can be a valuable component. Live care is another fleece job IMO but its done suprisingly well recently (they've raided just about everyone for talent) so I dont see defender as a real dog, simply an incomplete solution like AVG or threatfire.
To me the single biggest component to a defense suit is hijackthis. Anytime I've built out a system for a friend or family the 1st thing I do when ita fully done is take an acronis image and run a hijackthis log for future reference.
My brother is a high level professional involved in internet security for realtime high security DoD applications (think homeland security, nukes, radiation detection etc) and the company he contracts for makes millions of dollars a month off vendors who think they know what they're talking about or bid/bought/installed something because a third party said it was the best...
He just spent a week or so at Moffett (at $400/hr) because the original vendor was finally told they had 3 days to clean the mess up or lose all similiar DoD programs as well as being docked for non performance issues.
All I did was offer a quality free utility and then comment that anyone relying on Mcafee (and norton to a lesser degree) was simply wasting money while still having a high threat potential. I also never said that buying AV software was not appropriate simply that regardless of your personal opinion over the last 6 months AVG is widely considered to be a very effective AV solution (especially as part of a coordinated suite) that offers equal (and many times better) protection then many "brand name" alternatives" available.
Now looking at what you posted above it seems typical of "for profit" reviews. While Bitdefender is an internationally known well regarded clear "top 5" AV program "Cyberdefender" certainly isnt, in fact I cant find where its a got a VB100 or any similiar certification. Sorry but I dont consider a big thumbs up from eweek or USA today a qualifier (certainly correct me if I'm wrong here)...
Like wabbit I have yet to ever have (or am I aware of) a single machine where AVG was ever comprised other then thru user error.
-
Originally posted by humble
I dont care how well a program boots or benchmarks if it cant do the job well. Less then 35% of current norton users give it high marks on any survey I've seen anywhere.
A survey to determine the effectiveness of an AV product?
Really?
You don't vote on facts. They are, or they aren't.
Look at the links I provided at av comparatives. THOSE are facts. They weren't voted on. They simply "are."
False Security can be worse than No Security. False Security lets people think they can open up whatever attachment they get in the mail, or the latest serial number generator for Adobe Illustrator CS3 they got from BitTorrent, because their flawed AV program says there is no virus.
When there's No Security, a user isn't being told if something is infected or nor, so the user would be wise to treat it as though it was.
AVG Free is False Security, plain and simple. It catches 3 of the 12 tested polymorphic viruses. It catches less than 30% of the zero day threats. Why even bother with it, with numbers like that, because it's free?
And finally, I get paid the same whether a security program tests good or bad, but I have a lot more fun when it tests bad. Why should I care one way or another? There are many market segments where a free or open source product is significantly better than its commercial counterparts, and I take special joy in informing readers when this happens, such as with Comodo Firewall being so much better than ZoneAlarm it isn't even funny. Unfortunately, the AV market is not such a market.
-Llama
-
Pardon me but what "facts"...I dont see a single fact just a chart.
You seem to want to twist stuff. A survey measures customer satisfaction, which may be related to performance, ease of use or a combination of factors. A program only works if its on and properly configured, a difficult or cumbersome product suite often is comprimised by the customer out of frustration...
As for testing well Norton isnt really at the top of the list there either.
So far you seem to agree with me on Comodo & NOD32 great. As far as AVG...well I am unaware of any widely reported issues on any of the various forums. Again please feel free to point me to some. It may at this very moment be the best "free" solution or it may not. It is clearly inferior to the top end commercial products. I stand behind my recommendation that its a better solution then most and perfectly suitable for a normal user when installed properly as part of a layered defense and the fact that the options mentioned above will as a unit outperform most of the pay "suites" offering similiar protection.
Again does cyberdefender have any VB100 or similiar independent certifications. All I see is them talking about a one time success back in 2004.
-
I'm not really sure what your issues are now.
I never once suggested on this thread that Norton was good.
I never once suggested that anyone use CyberDefender. This is just another commercial product for which I have my review and benchmark saved on my notebook's hard drive. It is illustrative of a different level of performance.
Customer satisfaction is a silly metric to measure effectiveness. What viruses are users exposed to in these surveys? Did the viruses get blocked, or were they allowed on silently and now the user is infected but doesn't know it? What program do they run that need to keep running? What version of norton are they talking about: AV, NIS, 360? What version: 2003, 2004, 2005, 2006, 2007, 2008, Corporate? How much did they pay for their software, and now are they trying to justify their choice?
As for the facts I keep speaking of. First, there are two tables, not one. One measures Zero-day threats (the full explanation of how they do this without a time machine ; is on the main site) and one is foreground scans. They show you fact after fact if you just freaking read it: number of false positives, number of polymorphics caught, what exact versions tested (and any beta versions used, if necessary), breakdowns of the different classes of viruses caught (macro versus something else, for example), scanning speed, and on and on.
And as for looking for forums, just google "AVG missed" and you'll find more posts than you'd ever want to read. You might think I'd believe this proves my point, but actually I don't think so, since you'll find similar pages for "Norton missed" "NOD32 missed" "mcafee missed" and "kaspersky missed." Looking at people complaining about what stuff missed on forums is almost as pointless as surveys about which AV products users are satisfied with.
-Llama
-
I dont want to escalate this at all...
I typed in "AVG missed" and mostly what I get is comments on what AVG picked up that other stuff missed. Yes there are a few bashers but I didnt find a single thread on an actual user with a problem....
typical result (http://forum.notebookreview.com/archive/index.php/t-151408.html)
Now buried in that link is "the truth"...
What you are referring and unlawfully linking to are the retrospective or proactive test results which is based on detecting malware without definitions based on generic and heuristic techniques. In simpler terms, detecting new viruses before the definitions are updated to include them specifically.
Now, AVG is known for having a poor heuristic system in comparison, but it does a very good job at on-demand scanning. It actually scores a bit higher in on-demand tests than Avast! if you would take the time to check. Even in the retrospective tests Avast! doesn't perform amazingly. I'm surprised that you aren't talking about AntiVir as it scores higher than both and there is a free version. All three of these programs and their free cousins do excellent jobs. So, stop giving blind praise and criticism over something you clearly know little about. If you want to use one program over another that is fine, but don't throw out wild statements and go against the wishes of another site.
When you run that google you get the real world, thousands of positive reponses + a vocal minority spouting about speciific texts in an out of context reality inconsistant with the real life application of the product.
Here is a second thread...
thread #2 (http://www.gripe2ed.com/scoop/comments/2005/11/14/84736/358/9)
It's actually started by a McAfee employee bashing AVG...here a just the 1st few responses...
After running McAfee, Norton etc. for any length of time, run AVG, Kaspersky, etc. and see what you find! I did & that is why I no longer have AV from Symantec. It misses as many viruses as the small companies offerings, it just costs a lot more to miss them.
I had McAfee on 45 desktops at a client law firm. I was rewarded by all of my shared printers being rendered non-functional, having to pay tech support $25.00 to have them blame Microsoft and after getting past the first tech guy, being told that they were aware of the problem and were working on it (I found out a few days later that they had been saying that for 6 months). So every hour or so I had to have the users go into their printer spool folder and delete any temporary files that caused the problem. But final straw was that 3 months before my site license expired, the users were getting pop-ups several times a day asking for a credit card number to renew the virus subscription. Nice try on the Fear/Uncertainty/Disaster ploy for going with a "small" company, but AVG's product has been flawless on the 10 servers and 300 desktops I support.
Now further down this is a download site with 700+ reviews and a 4/5 overall rating. A few of the 1st are bad, reading them i'd say ax grinding but with a few that highlight potential issues but not enough detail...
#3 (http://fileforum.betanews.com/detail/AVG_AntiVirus_Free/1028312263/1)
As normal some of the 411 isnt completely correct. One 5/5 review has AVG free getting a VB100 in 12/2007 when I believe it was the professional version not the free one.(http://www.virusbtn.com/images/vb100/awards/Grisoft_small.jpg)
But it did note correctly that Kaspersky, Avast, Panda, Antivir all FAILED the latest VB 100 award.
You can always find "reviews" that state that I switched from product X to Y and this result shows that X blows and Y is great. Again I found not a single thread with a 1st hand account of an AVG caused system failure. None of the reviews that "pummel AVG" offer any specific. Those that respond mirror my comments...sure you'll find some cookies etc..afterall AVG is not a malware/spyware detector...but please show me a real high danger threat that got thru...
By and large I'd say the pro AVG comments run 20/1 or higher on every thread I looked at...
Here is the 2007 results overall...
(http://www.av-comparatives.org/seiten/overview04.gif)
Now this is not the free version but its fundementally the same program, especially with regard to the definition updates. From everything I can find AVG does a good job for what tis designed for....scan for known threats...
Now looking at the polymorphic viruses (which have been around for close to 20 yrs now) there is no question that AVG suffers...
However AVG beats bit defender, F-secure, McAfee (by a wide margin), NOD32 amongothers and is within less then 1% of Kasperskey and 1.05% of Norton....yet not 1 program is 100% effective. Which goes back to the value of threatfire (or similiar) programs as a "day zero" element of overall protection. AVG will work just about as effectively as any AV program against known threats and a dedicated product like threatfire is equal or better for unknown threats as the equivelent components found in the commercial "suite" products.
link to data, look at 8/07 comparative tests (http://www.av-comparatives.org/)
-
As a final thought if you actually go look at the PDF report for the november 2007 tests the actual graphs are quite helpful...
The graph on page 4 shows the overall detection for what are essentially "new" threats. Clearly AVG is lacking...but looking graphically its bunched into the broad midrange of roughly 40-25% (and its the low value)...but only a few programs really bomb (3) and a few stand out (3) with the other 11 more or less in a cluster.
If we go to flase positives (page 6) we have 3 that stand out exceptionally well and 3 (they shade 5 red) that suffer with the rest grouped again.
If we go to the scanning speed test AVG is once again solidly in the middle (page 13). Looking to the summary page (14) only 2 products were given the advanced+ rating [ Kaspersky, NOD32 ], 7 got advanced {including AVG} while 8 faired worse. So out of 17 products tested only 2 got higher marks then AVG for the area where AVG is clearly the weakest as a product.
Again looking at the data I simply see no rationel for your conclusions in a real world, real threat enviornment for using AVG in the context I outlined above.
-
There is a new kind of a rootkit, mebroot, that can infect your computer just through visiting a website and not even accepting/loading anything from it. The rootkit hides in the first boot sector and is invisible to any antiviruses which load through harddrive. It can only be detected through boot cd or other boot media which doesn't use the infected boot sector.
http://news.yahoo.com/s/pcworld/20080304/tc_pcworld/143105;_ylt=Am5y457TaIWrfeAFofIUrhUjtBAF
-
1st, the best antivirus on the planet is free (AVG). *** (for normal use)
2nd, no AV program protects against zero day threats.
3rd, this one appears to actually be better then any other similiar program (pay or free) out there.
Mcafee is probably about the worst AV program in the world BTW IMO....basically junk. Norton isnt much better...
For some general 411 on current AV stuff...
NOD32 is probably the only AV program really worth buying...
Kaspersky would be #2...
The simple reality is that many people who get dinged have a AV program installed and most viruses are written to spoof the best selling AV software. Almost all major AV programs do a good job regarding known threats very quickly. Its the "day zero" threats that cause the most damage.
VB100 is probably the most definative source for true rankings and many programs earn the "VB100" each year and a few sweep all the catagories.
If we look at other sources like checkvir (which Cnet relies on) you'll find most of the top AV programs not even mentioned...basically rubberstamps for the big sellers.
To be safe you need a firewall, AV, malware and "day zero" type program. You can get all 4 for free and have 99.5% (IMO) of the best protection you can buy and 1000% better protection (sadly) for some of the stuff you can buy.
AVG (antivirus)
Comodo (firewall)
windows defender (malware)
Threatfire ("day zero")
Hijackthis (registry/process log)
Will give you a versital (and free) multilayered defense against sudden meltdown.
This isnt ment to say that paying for protection is wrong or that "free" protection is superior (it isnt, in fact its not as good as the top 5)...but when you realize that mcafee is #2 with like 13% and norton #1 with a huge edge...less then 1% of the folks worldwide are actually buying something worth paying for (again just 1 guys opinion).
Wow, humble, just wow.
1) no way
2) shows your lack of knowledge
3) same again
First of all check the 2006 and 2005 AV comparitives and see how AVG does across all of those.
Secondly have you ever used the corporate version of McAfee?
Sorry I can't spend a lot of time on this reponse, you see I'm training up a bunch of securfity professionals today (subtle hint that you better come other something better than yahoo news stories and that I agree 99% with lllama on most security related things).
-
I have some great screenshots of my accountant's kid's PC.
The first screenie is AVG's scanning results. Number of threats found by AVG: 0. That's Zero.
The second is of NOD32's scanning results. Number of threats found by NOD32: 6.
Both were using definitions updated as of yesterday.
I'll post the screenies onto this post tonight, so anyone can see the identified threats for themselves, but the results are pretty dramatic in terms of PC usability: it was still unusable after AVG's scan, and usable after NOD32's scan. Now I can get in there with the manual tools and start scraping out the hard stuff.
This is typical of AVG's performance these days. This is the third computer this year that AVG has let get owned that I've taken care of - the usual MO is the owner refuses to pay for AV so I set them up with the best that was available last year and cross my fingers.
Nowadays I know this isn't realistic, and I'm going to have to get forceful in getting those AVG hangers-on to switch to something else.
Amazing though - I get hundred of dollars per visit and they wince at spending $25 a seat per year for something good...
-Llama
-
I got NOD32 on my PC now , thanks for that info .
I did have AVG and did get the one worm that directed me to a web site to pay to get it off my pc . Was
my last game box that got that , I was getting it ready sell and was downloading the Microsoft updates when
I got bored and started to surf some . Soon very soon I had a big problem .
Oh ys AVG was on the machine with all there updates , it did tell me I had a problem but couldn't stop it , I
always thought that was mainly because of the Microsoft updates not all being done yet .
Wat a pain it was to get that off .
Anyway nice post , learned quite a bit .
Thanks
-
There is a new kind of a rootkit, mebroot, that can infect your computer just through visiting a website and not even accepting/loading anything from it. The rootkit hides in the first boot sector and is invisible to any antiviruses which load through harddrive. It can only be detected through boot cd or other boot media which doesn't use the infected boot sector.
http://news.yahoo.com/s/pcworld/20080304/tc_pcworld/143105;_ylt=Am5y457TaIWrfeAFofIUrhUjtBAF
The important point about this threat is also listed almost at the bottom of the article:
"Hackers are now creating Web pages that, if visited with certain browsers with security vulnerabilities (Llama's emphasis), will automatically infect a PC with Mebroot-- a technique known as a drive-by download."
Now here's the thing: most of these browser flaws are for pretty old versions: think IE6 pre-SP2 in the vast majority of cases. If you have Windows Update turned on, or are using an alternative browser like Firefox or Opera (which also have autoupdate features), you're pretty much covered.
If you're really concerned, I know Symantec's NAV2008 has drive-by download protection that works well even if you have an unpatched browser (in fact, it really only does anything useful when protecting an older browser, IMHO. I base this on interviewing Symantec engineers at their San Francisco offices last November, inside one of their labs with a few test machines running different things. I covered this earlier too.) McAfee has something similar, but I've not tested it.
And though I haven't said anything about it in this thread yet, Symantec's Norton AV 2008 is also quite good, both from a security standpoint and a lightweight footprint standpoint. Their "Norton Internet Security" is somewhat bloated and "Norton 360" is substantially overbloated, and I don't recommend them for gaming systems at all. I think NOD32 is better for most users, but for a customer who likes a familiar product from a big company (quick, has your Mom heard of Eset or NOD32? I bet she's heard of Norton Antivirus though), NAV2008 is worthy.
I know enough people have been burned by earlier versions of NAV or bloated Norton products that I understand why people would be wary, and might even question my experience by suggesting it. So be it. I was wary until repeating tests two or three times too.
-Llama
-
I'm not too impressed with NOD finding 6 things that AVG didn't.
Not unless you tell us WHICH things.
I like spybot as well, but it returns the stupidest things as high urgency threats to security, like the cookies on your hard drive (including ones used on this forum) and like the file use history on applications (like you click the File menu and it has your last 4 files).
There's also some really stupid reports on totally inoccuous items, but I can't recall off the top of my head.
You go by some of those "threat report" webpages and they tell you Nvidia drivers are a major trojan threat.
:rolleyes:
-
Krusty,
A program like NOD will potentially find and/or prevent real threats that AVG or similiar program can miss. Primarily since NOD (and others are integrated suites and a program like AVG isnt {free version or otherwise}). I'm not going to bother getting into this with folks unable or unwilling to address the real core issues here. Within the scope of what AVG does it performs exceptionally well (the test results are there for anyone with a brain to review). It is however limited and is not a complete solution (and neither are any of the best commercial products).
The simple reality is that it is not possible to protect a system 100%....end of story. What we're dealing with here is defining and implementing both a measured level of security and a reasonable recovery plan. The real issue here is incomplete or improper deployment of resources, correctly configured a household PC can be safeguarded by a suite of "lesser" products with equal protection to anything but a few top of the line commercial products.
Not only are McAfee and Norton generally inferior to the top end solutions but many malicious programs are written specifically with them in mind...just like everyone tries to hack the windows OS more then MAC. Its not that MACs are inherently less hackable, just that the threat index is lower. As Llama said many people buy Symantec because its a "name". Even more sadly many consultants recommend it for the same reason even though its an inferior product. Now in fairness sometimes you can only sell a customer what he wants, but to a suprising degree often the vendor honestly thinks it is the best product.
Regardles of what else is here the realities are really simple. A well configured layered defense is your best bet. A truely topend commercial product like NOD is clearly the best solution. However you can get roughly 99% of the protection from a suite of free products that will in turn clearly exceed the capabilities of an integrated suite from an inferior commercial source. Not having any type of AV is stupid, relying on a single product is risky (any single product). The key is in a quality layered defense of some flavor. Simply buying the best marketing hype isnt going to protect you any better then a well configure free system will. One of the toughest lessons to learn in software procurement is that you can often spend alot more....and get alot less. As mentioned commercial products often have complex and contradictory feature sets that leave the average end user frustrated and confused. Most security failures are the result of improper or changed configurations or improper "workarounds" triggered by an end users need to circumvent a security feature he cant understand/control. If we look at the verified independent testing we'll see variations in qualifying products (those that earn certification {and yes AVG does}) are measured in fractions of a %. Yet losses to major corporations with professional IT staffs are in the billions of dollars...why...
Two simple reasons...
1) most IT staffs are staffed to the lowest common denomonator...
2) most programs are misconfigured or end user altered in the quest for productivity...
So if the biggest corporations with the best staffs are constantly compromised how can you be safe....
KISS
-
So here's the screenshots. AVG is first:
(http://www.iamthellama.com/avgscan.jpg)
NOD32 is next:
(http://www.iamthellama.com/nod32scan2.jpg)
The difference in PC operation is actually a lot greater than the list would suggest. When infected, the box was basically unusable in standard mode, and something was trying to run every 90 seconds. At this point, after NOD32 has done its work yet before I manually clean stuff, the system is actually usable.
-Llama
-
Not only are McAfee and Norton generally inferior to the top end solutions but many malicious programs are written specifically with them in mind...just like everyone tries to hack the windows OS more then MAC. Its not that MACs are inherently less hackable, just that the threat index is lower. As Llama said many people buy Symantec because its a "name". Even more sadly many consultants recommend it for the same reason even though its an inferior product. Now in fairness sometimes you can only sell a customer what he wants, but to a suprising degree often the vendor honestly thinks it is the best product.
Can you please answer my question, have you ever used or deployed the corporate version of mcafee (specifically 8.5i), or even used products like ePO?
-
The real question with AV is not only how well it protects but if it also slows your system down to a crawl while doing it. If the AV is heavy the damage is already done without viruses. The finnish f-secure is infamous for crippling workstations, sometimes to a completely unuseable state.
I had a client with 256mb ram and XP, his computer took an hour to boot and e-mail etc. took 30 minutes to start after f-secure update came. Turned out F-secure had 10 processes and 120mb memory consumption effectively killing the workstation. I switched it to Nod32 with a 12mb or so footprint and the workstation became workable again. Not only that, the workstation worked faster than it ever had done with f-secure in place.
So 'secure' and 'crappy' can fit in the same sentence if you ask me.
-
The real question with AV is not only how well it protects but if it also slows your system down to a crawl while doing it. If the AV is heavy the damage is already done without viruses. The finnish f-secure is infamous for crippling workstations, sometimes to a completely unuseable state.
Agreed 100%. I am regularly surprised that I am basically the only AV reviewer in a major magazine that publishes computer performance data that's unrelated to the effectiveness of the product: i.e.: how fast does it boot and how does it affect running games and other programs. If I had more than 335 words a product, there would be a lot more.
These things can't be reviewed in, or live in, a vacuum.
-Llama
-
Can you please answer my question, have you ever used or deployed the corporate version of mcafee (specifically 8.5i), or even used products like ePO?
ave they actually worked the bugs out on 8.5, last I saw they were on patch 4 and still having "issues". IMO 8.5 isnt the "best" mcafee let alone the best "corporate" AV...
In fact since you want to go here lets look at the realites involved. When the program was intially released it had some serious major flaws which cost early implementors or converts significant time, money and headache. One example of this is the "conflict" between 8.5i and a relatively common business application Lotus notes. Obviously http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&dc=DB520&uid=swg21252429&loc=en_US&cs=UTF-8&lang=en&rss=ct475lotus (http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&dc=DB520&uid=swg21252429&loc=en_US&cs=UTF-8&lang=en&rss=ct475lotus)IBM diligently worked to solve this solution...by recommending that users either disable Mcafee or roll back to 8.0. Do you even both to read what other people post?
2) most programs are misconfigured or end user altered in the quest for productivity...
What types of issues do you think I was talking about. When your other vendors are instructing you to disable your security tools what type of issues do you think occur?
As I mentioned earlier there are alot of entities that buy crap because someone told them to or because its a "safe" option. Mcclunky falls into that catagory in my opinion.
EPO had similiar significant early issues with major flaws in the initial versions that created very serious issues. Both products are typical of a "1st to market" mentality that constantly see mcafee bringing flawed untested products to the marketplace.
At this point I'm going to bow out of this thread....
All the Best
-
So you haven't used either McAfee 8.5i or ePO and the best you could come up with was some vageuries about epo causing problems (probably googled "epo problems" right?).
As I thought, clueless :) , probably the best time for you too bow out.