What is the informative value of consumer tests in non-real world conditions? Every car vendor publishes fuel consumption. Every consumer knows these values will never be met in real life (commuter driving) conditions. Every smart phone vendor publishes battery life. Every consumer knows that you have to charge your phone earlier. What is the rational of your critism against real world test conditions? In what paralel (non real) world are you planning to use an antivirus?
Of course real-world. That's not what I was getting at. There was no criticism of real-world conditions.
You tell me what samples they used. Their description is as vague as and ill-defined as anything. The samples could be a couple of years old. LOL. Nobody outside the lab really knows. And sampling varies from lab to lab, test to test.
What does "representative" mean. It could mean anything. If you take a critical look at that the supplemental notes and methodology, you start to ask a lot of hard questions. But there are no answers.
The labs aren't exactly going to spell it out or hadn't anyone figured that out yet ?
The point I was making is that the labs do not test true "zero-day" malware. They are using old malware. Because old malware is "representative" malware. Day-to-day malware is run-of-the-mill malware that has been around for days, weeks, months and years. To me, that is "representative" malware.
And you can plainly see that the AVs are still missing "representative" (old) malware - even with the Ai\machine learning and other gizmos.
When you have the CTO of Emsisoft openly state that detection suxx, then you know it is endgame for the protection model. People know this rationally, but keep using antivirus. EDIT: Let me restate what I recall Fabian saying before I get falsely accused of something. What I remember that he said here or on Wilders was "yeah, signatures suck."
That is simple, any result of the standard 0-day test can be incorrect for AVs which use post-infection signatures on the fly.
If a system is infected, it is too little, too late. Post-infection signatures are great for the guy who isn't infected, but not the guy who is infected - Ebola just blew out his eyeballs.
Last edited by a moderator: