Without getting overly involved in this topic I'd just like to make 2 points:
1). Paid is better than Free- This statement speaks to the ignorance of a company's business model more than having any basis in fact. Two examples of this would be Baidu and Qihoo (no WAY I'm mentioning Comodo here). Qihoo, and to a more recent and lesser extent Baidu, use the Anti-malware application as a "loss-leader". Basically they want folks to like BAV and Q360 to draw them into using their respective browsers, which run their respective Search Engines, from which they derive the bulk of their revenue.
To put it in perspective one must look at the market cap (ie. total market value of the company as a whole) of these organizations. Using Symantec as a baseline which has a market cap of about 13.5 billion USD, Baidu is really up there at about 56 billion, and upstart Qihoo is in a virtual tie with Symantec. So one can easily see these aren't fly-by-night organizations by any means and have consistently put money back into their security products to make them better.
So instead of saying a Free Product can't compete with a Paid product, one should question how someone like AVG (market cap 1 billion USD) can compete with Qihoo!
2). A statement was made that the testing done on Malware Hub is a little value. Perhaps this would be indeed the case if occasionally 10 or so rinky-dink samples were run every now and then. But that isn't the case, is it? Since I've come on board at MT I've personally run in excess (EASILY in excess) of 10 thousand samples, all of which were D+2 or newer, on primarily Q+CF (although I always find some time to mock other products). This combination has consistently shown to provide excellent protection and I can only assure you I know what I am doing. And it is Free.
But should we dismiss this testing and instead drool over the results of things like the pathetic AV-C results? I think not.
(note to friend Jasp- my tests are on live test boxes. I'm also leery of doing any realistic tests in a VM, at least when samples are run. On demand scanning only wouldn't be an issue though if that's what others are using)
Let me address your points one by one.
1: Within the industry there is a market & business model I will not deny that, and neither will I deny that there is a fair amount of ignorance, which seems to discredit free products and runner up models from lesser companies.
I personally believe that a fair share of hostility keeps things interesting.
With regards to using Symantec as a base line is not really holding any ground because in my many posts I mentioned several vendors who have pretty much a equal status. So you can replace Symantec with any comparable vendor for example Sophos, Kaspersky or F-Secure.
One of the reasons I pointed out Symantec and Sophos for their business and enterprise endpoint & management products is simple.
They control the market in virtually everything while they do not have the biggest market share, but they only control the market at this point due to the fact that the products they do offer in this respective market provide by far the best solutions for high end companies.
Even Kaspersky does not even come close to the level Symantec and Sophos are at. Obviously on a personal note I do not pick a favorite here as I would install Symantec, Sophos, Kaspersky or even Mcafee ANY day if this would be fitting our own company and security strategy.
From a home client perspective you are partially right free does not necessary have to be less then paid solutions, however from a business point of view there is NOTHING that a free solution can offer other then a waist of time and a placebo effect.
Again this has nothing to do with the free solution as being a lesser scanner but you have to look at this is a much broader perspective.
A company does not need just a scanner, spam filter and a few gadgets. There is so much more that come into play when a company is going to sign contracts with security companies like Symantec and Sophos.
And from this perspective you can hardly say that its ignorance or that Free is just as good as paid solutions there is just no way you can even remotely compare them.
So with this in mind you are partially right from a "home" perspective but you have to agree to from a industry point of view I am spot on.
(If not then I have been sleeping for the past 15 years lmao)
Also the comparison based on market cap and share really does not hold any ground, as one security solution is perfect for company x while others are more for the masses and not tailored for company x.
And if you read my comments exactly as they are written then you understand that I draw a clear line between home and industry standards when it comes to security.
So yes let me confirm my previous statement that free does not match up to paid solutions within their respective markets.
And that's really what its all about when you talk about security.
In regards to testing I think some of you do not understand the idea behind testing in the first place, a member test or a independent lab test is a theoretical benchmark based upon various criteria and does not always take into account the full spectrum of a solution and its addon solutions, next to it it does not take into account specific infrastructure configurations.
Example if I put a antivirus program in the middle of 100k live viruses then this security product might detect 80% and lets say it would remove or block another 75% (Incl false positives)
But if I put that same security package on a company infrastructure with all the right policies in place then suddenly the same product can stop virtually ALL the malware because the system itself really does not allow the infection to take place in the first place.
Just saying.
So again from my point of view testing is a essential part but it should be taken with a grain of salt, and using the testing results as a baseline to judge if a program is good enough really is going to give you a placebo effect if you take into consideration what I just explained.
I could go much deeper into this but then I fear that we will lose track of the original context of this topic, and I fear that most others might get lost in industrial mubo jumbo.
Again I am not picking favorites and neither am I painting a wrong picture here, because most of the posters in this topic like your self made some valid points, but things need to be taken into consideration and the info must be seen from a larger perspective, rather then from a single computer & home user perspective.
Testing results and detection rates and personal experiences based upon simple idea's and low level testing and evaluating really does not stick.
I hope this explains some of your questions and ideas.
