Advice Request I am head of research at Emsisoft. Ask me anything! :)

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

bjm_

Level 15
Verified
Top Poster
Well-known
May 17, 2015
714
I think there is an AVLab.pl test being released soonish if it hasn't already. In general, testing is incredibly expensive (buying a pimped out Tesla 3 expensive) so we tend not to do it unless we actually have a good reason for it.
Hmm, can you elaborate why testing is expensive. My naivete thought third party independent testers were not financially dependent on, for example, Emsisoft. I thought third party independent tests were not vendor sponsored tests.
Correct me?
 
Last edited:

Bleak

Level 4
Well-known
Sep 5, 2017
149
It's a mix of Delphi (most of the UI and "business stuff"), C++ (most of the core detection components), C (drivers and parts of the behaviour blocker), assembly (some parts of the behaviour blocker). Server-backend uses C# and Python. There's also some PHP somewhere, but that one system is about to be replaced - thankfully. We also have and use our own domain-specific programming language for our signatures by the way.

What's your take on Delphi? has it really died?
Is it worth in your opinion to start new Windows Desktop projects with it? (assuming that it'll be fit for such a task, and an alternative is C#)
 

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,083
I would also, as a suggestion, tell you to create a basic version of EAM. A lot of users would choose the free version of their program and the company would grow even more. Well it's a simple suggestion. Thank you very much in advance for opening this topic and providing answers. Best regards.
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
Are you a gamer? If positive, what do you like to play?
I do game occasionally, yes. I enjoy MMORPGs a lot. At the moment I am playing Black Desert Online. I am also a huge Nintendo fan. My team also has a table top evening once a week where we play online board games together. Stuff like D&D, Secret Hitler, Cards Against Humanity, Broken Picture Phone, stuff like that.

How many developers Emsisoft has?
16 developers.

What's your take on NextGen AVs? (Yes, I had to ask :p)
In many cases just a huge marketing smoke screen.

Hmm, can you elaborate why testing is expensive. My naivete thought third party independent testers were not financially dependent on, for example, Emsisoft. I thought third party independent tests were not vendor sponsored tests.
Correct me?
Most testing cooperations are for-profit. Since there are only two noteworthy ones whose results everyone copies, they can dictate the price.

What's the best way to learn to code a basic malware detection app?
Learn a programming language first. Any programming language is fine. Then try to be creative and figure out as many ways as possible you could identify the file with relative certainty. It's as easy as that. There are also some books that can give you ideas. Example: Art of Computer Virus Research and Defense, The: Peter Szor: 9780321304544: Amazon.com: Books.


Emsisoft have many customers in Latin America? As an example, Brazil?
I don't work in sales, so I don't have access to that data, sorry.

What's your take on Delphi? has it really died?
Pretty sure it's only alive because of legacy code bases. Especially the banking sector has a lot of them.

Is it worth in your opinion to start new Windows Desktop projects with it? (assuming that it'll be fit for such a task, and an alternative is C#)
Just don't.
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
I would also, as a suggestion, tell you to create a basic version of EAM. A lot of users would choose the free version of their program and the company would grow even more.
The problem in those cases is monetisation. We do need to make money somehow. In general, if the user doesn't pay us, the user becomes the product that we sell to other third-party companies. Either directly, by gathering data, creating a user profile and selling those to advertisers, or indirectly, by using the large installation base and the data collected through it to turn it into threat intelligence we can capitalise on. In general, neither of those is particularly appealing to us.
 

Scorpion Illuminati

Level 2
Verified
Apr 14, 2017
73
Learn a programming language first. Any programming language is fine. Then try to be creative and figure out as many ways as possible you could identify the file with relative certainty. It's as easy as that. There are also some books that can give you ideas. Example: Art of Computer Virus Research and Defense, The: Peter Szor: 9780321304544: Amazon.com: Books.
Is that how you got into malware detection and removal coding? Is that how you got your job at Emsisoft? Eventually I wanna work for you guys. :)
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
Is that how you got into malware detection and removal coding? Is that how you got your job at Emsisoft? Eventually I wanna work for you guys. :)
Nope. I am too old to have learned it that way. I didn't have fancy books or tutorials. I didn't even have a GUI most of the time when I started. My first programs and AVs were written for good old MS DOS.
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
Thanks.....had no idea vendors paid for independent testing. Um, what are the "two noteworthy ones"?
AV-Comparatives and AV-Test are what probably 90% of all press relies on. There is also VB100, which is actually free. But their testing is somewhat limited.

Don't get me wrong, I understand that companies, who do elaborate tests, need some way to pay the bills as well. They have employees who need to get paid for example. But I think different price tiers that buy you more frequent testing or the ability to withhold test results (Matousec used to do that) or the ability to buy the performance data of the other participating products, for example, goes a little bit too far.
 
F

ForgottenSeer 72227

The problem in those cases is monetisation. We do need to make money somehow. In general, if the user doesn't pay us, the user becomes the product that we sell to other third-party companies. Either directly, by gathering data, creating a user profile and selling those to advertisers, or indirectly, by using the large installation base and the data collected through it to turn it into threat intelligence we can capitalise on. In general, neither of those is particularly appealing to us.

Thanks @Fabian Wosar for setting up this thread, I think it's a fantastic idea and a great way to engage your customers and other members of the public. (y)

While I am currently not using Emsisoft, I do have to admit, with the announcements of the console, BB and engine updates, you have successfully peaked my interest. I will for sure be checking these out once they are available.(y)

I don't really have a question for you right now, I am sure one will come soon, hehe, but I just wanted to comment on your post, as I think it's spot on. I think this is the biggest issue with free products in general, is that nothing is ever truly free and you will be paying for it other ways, just like you've mentioned. While I understand that everyone works hard for their money and always wants the best value for it, I am always still fascinated how many people expect so much from a company and sometimes expect to get things for "free" because other's do it. Like you've said, someone still has to pay the bills and while it would be nice to have a free version of EAM, I am sure you need to feed yourself as well.;) I think this is the one thing that gets forgotten sometimes, the people that make these great programs also have lives and also need the company to survive in order to make an income. Sure you can have ad's and such, but that ends up doing away with your core values as a company.

With that being said, would you be willing to offer more sales through out the year? I know you have some here and there, but maybe having a few more sales may help people get it at a price that is more accessible to them?

Well I guess that is a question after all.:ROFLMAO:
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
With that being said, would you be willing to offer more sales through out the year? I know you have some here and there, but maybe having a few more sales may help people get it at a price that is more accessible to them?
We see Emsisoft Anti-Malware more as a service than a product. That is one of the reasons why we don't hide behind Indian call centres or make it overly difficult to talk to us. We don't think that once we managed to get the sale, we can forget about the user or that we need to squeeze the last bit of money out of them by asking for extra fees for support cases or for helping them remove malware if they ever get hit for example. It's one of the reasons we don't do a lot of promotions, because special sales and promotions for services never really feel right, and to a degree it's also why a wholesaler like Flipkart probably won't get a good enough deal from us to make it worth it for them to stock our product. Because doing that, would mean we would have to cut costs at other ends: Maybe not allow you to talk to an actual Emsisoft employee every time you shoot us an email or enter the live chat on our website or maybe trying to squeeze some extra money out of you at the time you are most desperate.

That being said, I am sure there will be some kind of promotion available again. We always kind of tend to do something around our anniversary around the end of the year for example or on special occasions like Black Friday or Eastern. But hey, it wouldn't be a special offer if it was available almost all the time, right? ;)
 
Last edited:

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
What programming language and GUI does EAM use?
I think I mentioned that before. Here it is again:
It's a mix of Delphi (most of the UI and "business stuff"), C++ (most of the core detection components), C (drivers and parts of the behaviour blocker), assembly (some parts of the behaviour blocker). Server-backend uses C# and Python. There's also some PHP somewhere, but that one system is about to be replaced - thankfully. We also have and use our own domain-specific programming language for our signatures by the way.
We used to use VCL as a UI framework with lots of self-developed components but recently migrated to a framework called Sciter, which essentially allows us to design the UI using HTML and CSS. There are still some bits that are based on VCL, but we are working hard to replace them with Sciter as well and make steady progress on that.
 
F

ForgottenSeer 72227

We see Emsisoft Anti-Malware more as a service than a product. That is one of the reasons why we don't hide behind Indian call centres or make it overly difficult to talk to us. We don't think that once we managed to get the sale, we can forget about the user or that we need to squeeze the last bit of money out of them by asking for extra fees for support cases or for helping them remove malware if they ever get hit for example. It's one of the reasons we don't do a lot of promotions, because special sales and promotions for services never really feel right, and to a degree it's also why a wholesaler like Flipkart probable won't get a good enough deal from us to make it worth it for them to stock our product. Because doing that, would mean we would have to cut costs at other ends: Maybe not allow you to talk to an actual Emsisoft employee every time you shoot us an email or enter the live chat on our website or maybe trying to squeeze some extra money out of you at the time you are most desperate.

That being said, I am sure there will be some kind of promotion available again. We always kind of tend to do something around our anniversary around the end of the year for example or on special occasions like Black Friday or Eastern. But hey, it wouldn't be a special offer if it was available almost all the time, right? ;)

Thanks for a great post!

I agree whole heartedly and thats one of things I like most about Emsisoft. IMHO (and I am not just saying this because you are here), I honestly believe that Emsisoft has probably one of the best, if not THE best customer service available out of all the security companies around. (y)
 

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
I agree whole heartedly and thats one of things I like most about Emsisoft. IMHO (and I am not just saying this because you are here), I honestly believe that Emsisoft has probably one of the best, if not THE best customer service available out of all the security companies around. (y)
Thank you. We are really quite proud of it and I will make sure Dave and his team (Kevin, Arthur, and Thomas) are aware of your kind words. :)

210175
 
Last edited:

Scorpion Illuminati

Level 2
Verified
Apr 14, 2017
73
I think I mentioned that before. Here it is again:

We used to use VCL as a UI framework with lots of self-developed components but recently migrated to a framework called Sciter, which essentially allows us to design the UI using HTML and CSS. There are still some bits that are based on VCL, but we are working hard to replace them with Sciter as well and make steady progress on that.
I know PHP, yet stated your intent to leave why? Also learning Go for backend, do you think that is better then C#?
 
  • Like
Reactions: show-Zi

Fabian Wosar

From Emsisoft
Thread author
Verified
Developer
Well-known
Jun 29, 2014
260
I know PHP, yet stated your intent to leave why? Also learning Go for backend, do you think that is better then C#?
PHP is just horrible. It doesn't scale particularly well compared to DotNet Core or even Python for example. Go is really interesting and definitely a good pick. Especially if you want to go into orchestration and devops. :)
 
Last edited:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top