Advice Request Emsisoft static detection - is it getting worse?

[Der.Reisende]

Pretty much sums up the whole argument. The last 2 pages can be summed up to this: people telling Antivirus and developers how to do their jobs and how their product works, though they do not even work in the field, nor do they know how the product really works.

Also, the most ridiculous argument I've seen in this thread so far: I'm willing to test products the right way if the company behinds it pays me for it. But because they aren't, I'll just keep testing them using unreliable and random methods and if it fails to detect a sample, blame the product for it. Tell me, how is that helping the customer (and the company) exactly?

What hinders you to show us some real testing? Feel free to join the HUB, with your level, you for sure have the 100 posts needed to view the download links.

And for the ridiculous argument I'd test as @Fabian Wosar suggested - I need to make my living out of something. I need more than just to breathe air, and insurances, supermarkets, gas stations, clubs only accept hard dollars unfortunately.
Just as @LabZero stated, testing isn't done in 5 minutes, as Emsisoft does not have signatures for the malware we test, and so doesn't Bitdefender, whose signatures come late but great.
For that, in more than one case I had a FUD pack to test thoroughly on our "low" level, which most of the time takes me 1 hour+, with uploading all the stuff while 2nd opinion runs.

Unfortunately I cannot access the PM I sent Fabian some time ago asking how he likes our tests. Because I never got a reply, and being p***ed of by the thread on the Emsisoft forum which started all the trouble here, as users were worried about the bad results in the HUB, kindly asking on Emsisoft forum for an improval of BB and not being kindly answered, continuing here once that thread was shared here (I knew about it thanks to another tester before someone posted it here), I left the PM yesterday, so it is gone. Once Fabian responds to it, I can share it here, as I left the option to reply open (or maybe @Jack can restore it?).

@Lucent Warrior summed it up well in his reply above (post #118).

If it is wrong to show off the capabilities of a product, then something is completely wrong.
I never said Emsisoft is bad, nor do I suggest anybody to switch. It's everybody's own decision, but we are no idiots. If the customer service is rude, it's your good right to find your luck elsewhere.

And we testers do not demand much but improval of the faults we detect when testing the product for the company we support. We don't need a thank you, but we also think like customers if we get treated rudely.
And if a company does not want our support (having a product without any flaws), why continue supporting it?

P.S. Long day is waiting tomorrow, starting early, so will answer on further replies tomorrow.

 

[DardiM]

the peace is here in this thread , the love ( and respect )a representative of this company has for MT av - testers is sub zero. a healthy coversation is good. it's a shame to see that our fellow member av testers do not get the respect they deserve....there are other companies who have a deep respect for their beta testers and do apreciate each and every input , thats the way it is supossed to be.

I am not talking about "Peace & Love" with a person who said so bad words about our testers on one post on its forum, but I mean between us with this mind => "Peace & Love" here

 

[silversurfer]

Pretty much sums up the whole argument. The last 2 pages can be summed up to this: people telling Antivirus and developers how to do their jobs and how their product works, though they do not even work in the field, nor do they know how the product really works.

Why a developer can not say thank you for your efforts, but your (non-professional) tests are not necessary to improve our product ?

 

[Fabian Wosar]

Just knowing he enjoys watching his product shine in youtuber tests with old samples over viewing a test where the whole product is tested with fresher lower detection samples tells me plenty.

It is just amazing how much you got hung up on this. Let's look at what I said:

I don't mind being tested to be honest. The more the merrier really and data is always interesting. I even like YouTube reviews.

"I don't mind being tested to be honest." It means that I really don't mind being tested to be honest, even here, even when the methodology is bad. I further that point by adding "The more the merrier really and data is always interesting." So yes, I enjoy looking at all tests, even flawed ones, because I find it entertaining seeing what happens, even if the objective value is questionable. I am weird like that. To drive that point home, I picked the most ridiculous and flawed testing methodology available, YouTube reviews, and stated that I even like looking at those. Not that I only like looking at those. Not that I hate the tests here. Nothing. Just repeating your mistaken interpretation of what I said over and over again, doesn't make it less wrong.

Im quite tired of hearing how these "Money in hand" organizations are the professionals, and all of us are basically idiots, and that from the view points here, we should rip down the Hub and close MT as we know nothing.

Just for the record, the "idiots" bit is your word. Not mine. I never called anyone an idiot. Did I say that you are amateurs? Yes. But that is hardly an insult, given that most of you are happy to admit you are.

But with an infection at least once a week, with about <100 samples being processed in 7 days, we're far from being allowed to show a conduct like that.

Well, 100 samples out of the 2.1 - 3.5 million that we collected during that time, is still not a lot. But in general, I want to direct your attention to my original statement and also the context in which I made that statement:

Someone requested that we introduce a, for the user, highly disruptive feature that is in addition highly invasive to all our user's privacy, because of your test results. They take them as gospel, when in reality even here everyone is aware of their limitations and how they may paint a wrong picture about the effectiveness of a product. Do you honestly want to blame me or any other company for taking such a stance?

I spent enough time trying to perform those tests as perfect as possible, with on some days results in stress, and unlike as from your customers which should be most important as they pay your wages, Emsisoft (better Fabian Wosar) has nothing better to do than telling me that everything is crap.

I am pretty sure I only called signatures crap, which they are in my opinion. Can you please show me where I told you "everything is crap"? In addition I also think that people pay my wages, because when it comes to it, they trust me to make the right decisions to protect their system, weighing all their interests. I am not sure they would appreciate knee jerk reactions that have large impact on their daily usage of the system and their privacy because of tests, that even the testers who performed them, agree to be flawed.

I don't care about one more message popping up as long as the software manages to protect my files by a bulletproof BB / HIPS (or picks it up with signatures). And I think most of the users here will agree.

Here, yes. But we don't create EAM for MalwareTips. We create it for a lot broader audience and different people have different expectations. To get an idea:

Security and Usage Surveys - AV-Comparatives

 

[Ana_Filiz]

@ all testers in the Hub: guys, haven`t you thought about the fact that Emsisoft maybe doesn`t want to be tested at all in the Hub? Seeing the reply done here, don`t you think maybe it`s time to not test it anymore?

 

[TwinHeadedEagle]

After reading all of these posts and finding myself in the same position as Fabian sometimes, I had to write this post just to support other security companies and to make some things clear.

This has become a tendency on many forums that people try all kind of programs and having a plenty of free time they do nothing but trying to find all kinds of nonsensical complains e.g. why is it using so much ram memory (that is big only to them) without comparing program with other popular software. If program detects malware they will find a complain, if it somehow doesn't detect malware dozens of people will start complaining and spamming about it. All of this without enough knowledge based on their beliefs.

Why I am saying all of this? Because people clearly do not understand that people behind any popular software know the job they do perfectly and they do have a good plans. If it is so easy to create good antivirus/antimalware software why don't you create it? Because it takes a team of many people to spend 10 or more hours per day during several years to create something able to compete and to actually make some results.

Let's return to malware analysis. All of you know have seen many reports about amounts of unique malware that emerge every day and everything is true. To remove only a single infection properly it takes time to find a working sample to test it and then to create good signatures making sure not to have false positive detection. Sometimes it takes minutes, sometimes hours. When we found Yeabests WMI hijacker several months ago, it took us 3-4 hours only to see how it recreates itself and where is it hidden. Then couple of hours more to write a code and release software. And it is only one infection. Today you create a detection thinking you're done and already tomorrow bad guys bring something else more difficult to target and properly remove.

Malware removal and prevention is simply and most accurately said the game of cat and mouse. The same thing refer to testing security products. Today it will be perfect score and in few weeks it won't.