Security News SE Labs Consumer protection June 2018

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Bottom line... To test a product, whether it be software, hardware, vehicles, you name it, you have to design the test around the design of the product to cover all variables. Not one of these sites do this.

As stated elsewhere in this thread by Lockdown, a vendor can commission a test. They pay for the test, and they set all the testing parameters. So obviously, when companies commision tests.... they often perform pretty well. Usually, they score highest in the test and beat all their designed competitors. Of course.... the vendor commissioning the test tries to design it that way. All the variables are accounted for by the design of the test by the vendor.

Look at the test that Webroot commissioned. First, they elected to only test against Windows Defender, which was the punching bag of AVs at that time. So they set up a joke of a test.

And then they didn't even do that well in their own test which they designed.

https://www.mrg-effitas.com/wp-content/uploads/2016/06/Webroot_vs_Microsoft_report.pdf

Here it is discussed here:
Webroot vs Windows Defender - MRG Test June 2016

Bonus: Check out this last place dismal Webroot finish from 2014. Last place of 18 vendors. Webroot got Under 20%. The majority got over 90%.
Mac Antivirus Test Reveals Winners, Losers


OK You guys have convinced me, I'm headed to Best Buy, to purchase Webroot.

Yes. Webroot is perfect for you.


It's good to see the end of the Webroot Kool-Aid days with Triple Herxheimer even throwing in the towel over there.

Webroot is and always has been smoke and mirrors...

If anyone is shocked that Webroot is junk hasn't been paying attention - for years - and needs to lay off the green kool-aid.

Yep. Yep. And the Green Kool-Aid days seem to be thankfully waning.
 
  • Like
Reactions: Brie and vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,448
(y) i did not click on anything dangerous or new. i did not download anything.

I believe you @Brie , but you've been here awhile and know when you make a statement as openended as your previous post, you may take some heat. :confused:
 
  • Like
Reactions: Burrito
I

illumination

You are engaging in mindless test bashing. Yes, tests have constraints and limitations. But if you read the methodology from multiple test organizations... it's not that bad. Talk with Andreas from AV-C offline. He'll give you an education.

Mindless, no Sir, just the opposite. I do hope you have an understanding of the thread, as you basically just called me mindless for doing the very same thing @cruelsister said, and @Lockdown and the others that agree with what i have stated here.

Will this change anything, no, it will not, they will continue to pump out those revenue making tests, as it certainly helps the companies of the products when they are seen to score so high with old samples...

This brings me to knowledge... Why on earth would an average user take time to learn anything, when propaganda such as this exists. It is gospel because someone labeled professional says so... All of this at the expense of the consumer... The average user sees a product claiming to protect them no matter what and scoring this high, it must be true, i must be good to go, simply install it and continue with my risky behavior and habits...

This posting i have done here, is to help inform those that know no better...


Next time you climb on a soap box and start calling people mindless, maybe you should take a long hard look in the mirror first...
 
F

ForgottenSeer 72227

This brings me to knowledge... Why on earth would an average user take time to learn anything, when propaganda such as this exists. It is gospel because someone labeled professional says so... All of this at the expense of the consumer... The average user sees a product claiming to protect them no matter what and scoring this high, it must be true, i must be good to go, simply install it and continue with my risky behavior and habits...

This is the one thing that drives me crazy about these tests, everyone just looks for that magical 100% and buys/uses the product that has those so called results. Meanwhile they still have the mentality that well, x product keeps getting 99-100% hence I can do whatever I want with no consequences as the product will save me every time. Move forward to a time in the future...."this product sucks, I got infected...", meanwhile if they would have not been clicking every link, ad, opening every email attachment, etc... this may not have happened in the first place.
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Mindless, no Sir, just the opposite. I do hope you have an understanding of the thread, as you basically just called me mindless for doing the very same thing @cruelsister said, and @Lockdown and the others that agree with what i have stated here.

Will this change anything, no, it will not, they will continue to pump out those revenue making tests, as it certainly helps the companies of the products when they are seen to score so high with old samples...

This brings me to knowledge... Why on earth would an average user take time to learn anything, when propaganda such as this exists. It is gospel because someone labeled professional says so... All of this at the expense of the consumer... The average user sees a product claiming to protect them no matter what and scoring this high, it must be true, i must be good to go, simply install it and continue with my risky behavior and habits...

This posting i have done here, is to help inform those that know no better...


Next time you climb on a soap box and start calling people mindless, maybe you should take a long hard look in the mirror first...

Nope.

I did not call you mindless.

I called your uninformed attacks on AMTSO testing mindless.

And those attacks are mindless.

If you would like to be informed, you could start here:

AMTSO

In actuality, you can go ahead and get off your soapbox which is based on a fallacious assumption.

All That aside.... have a look at where Webroot was still brand new.... and got absolutely crushed here:
Webroot SecureAnywhere Complete review
 
  • Like
Reactions: vtqhtr413

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Green Kool-Aid has made everyone crazy.

On that we call all agree. Or... at least most of us...

1533581486590.png


Oh Yeaahh!
 
D

Deleted member 178

I was using Webroot many times in the past as a beta tester since its first release; and i admit i never fully relied on it for my protection, i used to use it as companion AV.
And to be honest , since Win8, i used it mainly to get rid of Windows Defender and not having a red cross on its tray icon LOL
However, Webroot has some nice feature like its ID shield which is quite good and its outbound connection control which is also ok.

Webroot will never get high score on lab's tests or youtests because as @Lockdown said , it revolves heavily around its cloud and rollback features.

i tried yesterday to install it, but for some unknown reasons, it refuses to appears in my web management console...
 
  • Like
Reactions: cruelsister

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Umbra- the problem with the SE Lab test results was not that WR was trashed, but that other products that are equally questionable excelled utilizing the same malware set. This should make one question the diversity of the malware used in the test.

It's one thing to just run malware against products; it's quite another thing to actually understand the malware that are being run.
 
D

Deleted Member 3a5v73x

And i also wonder where and when they get the malware set... and that most labs are quite secretive about it.
They probably stack massive packs of outdated malware to bump up detection ratios for most AV products up to to 90% +. Webroot cloud crashes after seeing that much malware (conspiracy theory). :)
virusshare.PNG
 
Last edited by a moderator:

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
U- No, actually this is the one thing they were upfront about. They use the Real Time Threat List malware packets from ATMSO. The issue her is twofold:

1). The packet will have many, many morphs (Pro Blackhats will morph the original malware q8-12h in order to keep things FUD. So, for instance, you have 3 Pro outfits morphing a WannaCry every 8 to 12 hours you can have from 180-270 samples of the exact same thing, just differing in File ID.
2). Although the list will have true zero-day stuff, do they actually run these things across all the products tested on an hourly basis (as if...)? I get fun stuff all the time from former Homies, but if I don't have time to play with them the Zero Day will quickly become a D+3.

M
 
D

Deleted Member 3a5v73x

U- No, actually this is the one thing they were upfront about. They use the Real Time Threat List malware packets from ATMSO. The issue her is twofold:

1). The packet will have many, many morphs (Pro Blackhats will morph the original malware q8-12h in order to keep things FUD. So, for instance, you have 3 Pro outfits morphing a WannaCry every 8 to 12 hours you can have from 180-270 samples of the exact same thing, just differing in File ID.
2). Although the list will have true zero-day stuff, do they actually run these things across all the products tested on an hourly basis (as if...)? I get fun stuff all the time from former Homies, but if I don't have time to play with them the Zero Day will quickly become a D+3.

M
Are you in that chosen one "Individual Member" list to access RTTL system ? :D

EDIT: If I understood right, for Individual Membership in ATMSO you have to pay.

INDIVIDUAL MEMBERSHIP - ANNUAL FEE
  • $1,000 - Individual
  • $500 - Full-Time Academic in Relevant Area of Study
  • $150 - Full-Time Student in Relevant Area of Study
 
Last edited by a moderator:

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Honestly I don't know as I was never in Data Acquisition. My former Masters utilized our own plus other private Honeypots, and unique samples were provided to us (and if a morph was seen the person bringing it would be a Greeter at Walmart the next day).

But I have seen such "HoneyPot plus Researchers please send us samples" packs. They are full of morphs and incomplete malware code files. One really has to try each one in comparison to the others to strike true Gold. That's why I have to chuckle when places like AVTest say they see 350,000 "new" malware on a DAILY BASIS. Yeah, right....
 
F

ForgottenSeer 58943

As a quaint reminder of how trash Webroot is. Our malware team is cleaning up an organization this week which their IT was using Webroot Business. The average system has between 1,000-4,000 malware threats and/or traces of malware on it and gobs and gobs of PUA/PUP activity. This is the worst case of a failed security product we've seen to date.

I'm sorry but anyone using Webroot is committing IT Suicide.

koolaid.png
 

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
As a quaint reminder of how trash Webroot is. Our malware team is cleaning up an organization this week which their IT was using Webroot Business. The average system has between 1,000-4,000 malware threats and/or traces of malware on it and gobs and gobs of PUA/PUP activity. This is the worst case of a failed security product we've seen to date.

I'm sorry but anyone using Webroot is committing IT Suicide.

View attachment 194937
Sure it's trash.But refering to pups and pua only,it's in the same road with BitDefender and Kaspersky.
 
F

ForgottenSeer 58943

Sure it's trash.But refering to pups and pua only,it's in the same road with BitDefender and Kaspersky.

I agree, it's utterly useless against riskware/pups/pua. But also in most cases, we're finding it's pretty useless against a lot of malware.

24% on this test doesn't surprise me based on what we've seen but whatever. I'm just glad less people are drinking the green kool-aid.
 
  • Like
Reactions: Nestor

artek

Level 5
Verified
May 23, 2014
236
That scan makes malwerbytes look really good. 661 items, even the folders are malicious. People at Spiceworks generally look on the product favorably. Webroot is not bad if you have a novice user. The IDshield will protect them from having their bank details stolen, and the remediation is typically good enough that I don't have to take a trip over there to fix their PC.

What is that organizations IT team doing? Why were their users able to install that stuff in the first place? Are they really paying you to run over and do a malwarebytes scan? That's not a webroot problem it's a policy problem.
 
Last edited:
F

ForgottenSeer 58943

That scan makes malwerbytes look really good. 661 items, even the folders are malicious. People at Spiceworks generally look on the product favorably. Webroot is not bad if you have a novice user. The IDshield will protect them from having their bank details stolen, and the remediation is typically good enough that I don't have to take a trip over there to fix their PC.

661 isn't the worst by far. The last one I was shown was 1,309. Adwcleaner pulled another 265. Zemana 22. Etc. Needless to say - every machine is basically damaged goods and Webroot did a wonderful job.
 
  • Like
Reactions: Burrito and Nestor

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top