That's where I'm at. I don't dispute her videos or conclusions only the amount of threat a ransomware file that has only infected less than 200 computers on the whole planet represents.
A Bitdefender Internet Security test
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Aug 22, 2013
- 822
- Aug 30, 2012
- 6,598
Nothing near that I controvert her videos. I appreciate her work, but people need to realize the marketing agenda. No vendor will put a commercial on their page like "We will catch most of the ransomware but some may slip through". I don't say AV Test companies are lying, they just test the product with certain number of samples, and if it detects it all, in that case it reached 100% certification, or award. Tomorrow, it might be a totally different story. And there's nothing special about it. Anyone can find a sample that Product X will catch and Product Y will miss. And in next couple of days it can be vice versa.
It is always more productive and more profitable to educate people. Total lockdown may be a securer way to stay protected but it lowers down the system usability and user's productivity and in the end, again, it is you who need to do a final click for Yes or No. That's the bite I will not swallow.
- Mar 15, 2011
- 13,070
Plot Twist:
One of the possible reason why some products managed to got 100% rating is because of very common infection vector?
A) Downloads a malicious file from URL (either in archived or not)
B) Executes the program
C) Detect by AV if signatures or behavior is available.
Most of the time it can detect within high percentage (that infection vector) however if you are developer of an AV product then consider different outlook.
You can have a balance protection on web shield, file shield and even behavior analysis; no matter how and where the malicious file came.
It's like you are putting CCTV cameras everywhere to ensure the monitor. not on the entrance or exit.
------------------------------
The problem nowadays where some companies take advantage on mentioning such colorful description when actually rely on signatures most of the time.
Yes it can detect but in mediocre performance.
One of the possible reason why some products managed to got 100% rating is because of very common infection vector?
A) Downloads a malicious file from URL (either in archived or not)
B) Executes the program
C) Detect by AV if signatures or behavior is available.
Most of the time it can detect within high percentage (that infection vector) however if you are developer of an AV product then consider different outlook.
You can have a balance protection on web shield, file shield and even behavior analysis; no matter how and where the malicious file came.
It's like you are putting CCTV cameras everywhere to ensure the monitor. not on the entrance or exit.
------------------------------
The problem nowadays where some companies take advantage on mentioning such colorful description when actually rely on signatures most of the time.
Yes it can detect but in mediocre performance.
Definitely I agree, if we consider the human infections, the bacteria are increasingly resistant to antibiotics, and researchers have always to look for new molecules.
Speaking of malware, no vendor can guarantee 100% detection because a simple function in a variant of malware code can make the difference between detected and undetected.
It is necessary to implement actual and new technologies by adapting them to the old and new malware.
A simple javascript downloader that downloads a ransomware can be FUD simply because the code is obscured and AV has to work in code emulation trying to process the malcode, or it contains only one line of malicious code, a little relevant.
That's why people's security education is a must to have, otherwise it is a lost war
- May 9, 2015
- 625
Neither, the post he wrote is flawless! I read the post and became stunned!Well well well said. Can't say it better
- Apr 13, 2013
- 3,148
Actually most of the recent videos have shown different Locky variants getting through, and Locky is really common. Although the original malware may be an exe or JScript or hta, or the extension is Locked or aesir, it still is nothing but Brand New Same Old Thing. That's what really troubles me- a truly smart security application would view these as Same Old Thing, but sadly most are dumb and see them as Brand New (when they see them at all!).
As an embarrassing sidenote, most of the really new and obscure stuff I don't include as a rule in my videos, but run them for pleasure privately. And as I am also either on the phone or watching Mr Robot reruns while doing this I have a tendency to be distracted. Distraction is not good when running malware! The other day I ran a new Vaultlocker (which encrypts in seconds) on my production system instead of the VM (it was a REALLY good phonecall). Thank God for Comodo which rendered it harmless.
As an embarrassing sidenote, most of the really new and obscure stuff I don't include as a rule in my videos, but run them for pleasure privately. And as I am also either on the phone or watching Mr Robot reruns while doing this I have a tendency to be distracted. Distraction is not good when running malware! The other day I ran a new Vaultlocker (which encrypts in seconds) on my production system instead of the VM (it was a REALLY good phonecall). Thank God for Comodo which rendered it harmless.
Similar threads
