W
Wave
Thread author
Hello everyone!
I was having a talk with @Dani Santos and decided to share some personal views of my own/his, and he said I can quote him on some things... Bear in mind that everything in this thread is mine or @Dani Santos own personal view, I'm not stating that anyone else is wrong for what they are doing and I am neither hating on any other product... For example, there are many products which use other services technology which I am a big fan of.
My personal view is that it is not necessarily fair for some people to use other services technology (be it VirusTotal, MetaScan, etc.) the way they do because they make enough income to support their own technology, but also then they get all those fan-boys talking about how good this product is when there are vendors who are helping the detection rates for that company on VirusTotal getting little to no attention.
Sure, some vendors like Avast, AVG and Kaspersky are already rich as you can be so they most likely don't care about it, but what about some other not-so-rich companies that also do a lot of work on detection's?
Of course they accept the VirusTotal rules so their engine can be accessed from within the VirusTotal API but I just don't personally think it's as far as it is... Since if they do not comply and submit to VT then they won't be helping people who scan files there prior to running, but if they do then they're technology is assisting in other people making money instead of them making any money from it.
Of course there are benefits to being apart of VirusTotal, such as receiving sample/submission info, but it's just not the same...
Another point is that you have Anti-Malware products like Malwarebytes Anti-Malware and Xvirus Personal Guard, let's label them as "mediocre". Then you have a bunch of products which may have their own technology + VT assistance (or another service of your pick), but then they just label it as "next-gen" (and white-listing products come into mind here). So now you have the vendors trying to be independent and work on their own in-house engines with their limited resources getting attention but nothing compared to the ones using other peoples technology, now the ones labeling themselves as "next-gen" suddenly become famous and popular for using other peoples technology to assist in such high detection ratio's and the such...
One of my last points which I want to address is other vendors using other vendors engines... There are some which do it in a fair manner in my view, but some don't IMO. Even if you make an agreement and purchase to use another vendors technology, I still don't think it's reasonable to not put a notice anywhere or let the user know which vendor really had the detection from within the alerts or logs. Because if you do not let the user know then you're making out that your own in-house engine is necessarily better than it really is and this causes lots of misinformation for testing purposes. I won't name a vendor which does it wrong for various reasons, but I think Emsisoft hit the nail perfect for being reasonable with BD engine usage, since they mention (A) or (B) for the detection names of the engine and offer engine details from within the home-screen UI.
That being said, any vendor who copies detection's from a site like VirusTotal is absolutely useless and needs to get some real employees who are getting paid to really do their own work because when a company steals from VT for detection's it does nothing but cause misinformation in the case of FP detection's and ruin the credibility of that specific vendor. Some vendors like Kaspersky and Dr.Web already did such tests in the past and it proved that some vendors were indeed stealing detection's (adding them just because another vendor detected) instead of analyzing the threads themselves, how lazy.
Now here are some quotes from @Dani Santos since he said I could quote him for his own views also:
(just for the record say on case anyone thought I was, I am not even thinking of Crystal Security by @Kardo Kristal and I think the usage in it is very fair personally, I'm thinking of other products which generate a lot of income to the developers already, so why would they need to keep using VT? They have income so they should make their own things without using other vendors technology IMO, or they should not be allowed to sell their product with VT usage... just my personal opinion).
Now before I ask a question... Please no arguments, feel free to share your own view but I don't want to see people quoting to disagree and make out that their opinions are facts because I don't want my thread to be closed. Hopefully everyone can respect each other and freely share their own opinions!
What do you guys think?
Once again: just personal views
I was having a talk with @Dani Santos and decided to share some personal views of my own/his, and he said I can quote him on some things... Bear in mind that everything in this thread is mine or @Dani Santos own personal view, I'm not stating that anyone else is wrong for what they are doing and I am neither hating on any other product... For example, there are many products which use other services technology which I am a big fan of.
My personal view is that it is not necessarily fair for some people to use other services technology (be it VirusTotal, MetaScan, etc.) the way they do because they make enough income to support their own technology, but also then they get all those fan-boys talking about how good this product is when there are vendors who are helping the detection rates for that company on VirusTotal getting little to no attention.
Sure, some vendors like Avast, AVG and Kaspersky are already rich as you can be so they most likely don't care about it, but what about some other not-so-rich companies that also do a lot of work on detection's?
Of course they accept the VirusTotal rules so their engine can be accessed from within the VirusTotal API but I just don't personally think it's as far as it is... Since if they do not comply and submit to VT then they won't be helping people who scan files there prior to running, but if they do then they're technology is assisting in other people making money instead of them making any money from it.
Of course there are benefits to being apart of VirusTotal, such as receiving sample/submission info, but it's just not the same...
Another point is that you have Anti-Malware products like Malwarebytes Anti-Malware and Xvirus Personal Guard, let's label them as "mediocre". Then you have a bunch of products which may have their own technology + VT assistance (or another service of your pick), but then they just label it as "next-gen" (and white-listing products come into mind here). So now you have the vendors trying to be independent and work on their own in-house engines with their limited resources getting attention but nothing compared to the ones using other peoples technology, now the ones labeling themselves as "next-gen" suddenly become famous and popular for using other peoples technology to assist in such high detection ratio's and the such...
One of my last points which I want to address is other vendors using other vendors engines... There are some which do it in a fair manner in my view, but some don't IMO. Even if you make an agreement and purchase to use another vendors technology, I still don't think it's reasonable to not put a notice anywhere or let the user know which vendor really had the detection from within the alerts or logs. Because if you do not let the user know then you're making out that your own in-house engine is necessarily better than it really is and this causes lots of misinformation for testing purposes. I won't name a vendor which does it wrong for various reasons, but I think Emsisoft hit the nail perfect for being reasonable with BD engine usage, since they mention (A) or (B) for the detection names of the engine and offer engine details from within the home-screen UI.
That being said, any vendor who copies detection's from a site like VirusTotal is absolutely useless and needs to get some real employees who are getting paid to really do their own work because when a company steals from VT for detection's it does nothing but cause misinformation in the case of FP detection's and ruin the credibility of that specific vendor. Some vendors like Kaspersky and Dr.Web already did such tests in the past and it proved that some vendors were indeed stealing detection's (adding them just because another vendor detected) instead of analyzing the threads themselves, how lazy.
Now here are some quotes from @Dani Santos since he said I could quote him for his own views also:
you are either "mediocre" like Malwarebytes Anti-Malware, Immunet, Xvirus and try to work on your own engine
or you do like all "next gen" Anti-Malware and use other Anti-Virus engines... or alternatively just copy each other thanks to a website called VirusTotal
(just for the record say on case anyone thought I was, I am not even thinking of Crystal Security by @Kardo Kristal and I think the usage in it is very fair personally, I'm thinking of other products which generate a lot of income to the developers already, so why would they need to keep using VT? They have income so they should make their own things without using other vendors technology IMO, or they should not be allowed to sell their product with VT usage... just my personal opinion).
Now before I ask a question... Please no arguments, feel free to share your own view but I don't want to see people quoting to disagree and make out that their opinions are facts because I don't want my thread to be closed. Hopefully everyone can respect each other and freely share their own opinions!
What do you guys think?
Once again: just personal views