Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Windows Defender vs Ransomware
Message
<blockquote data-quote="Andy Ful" data-source="post: 856806" data-attributes="member: 32260"><p>[USER=85559]@Lokki[/USER],</p><p>The video is OK, but could you ask yourself what information about the "tested" AV you got from watching it?</p><p>We already know without any test that :</p><ol> <li data-xf-list-type="ol">For any AV there exists undetected malware.</li> <li data-xf-list-type="ol">If the AV has the anti-ransomware feature, then it is obvious that the ransomware detection will be even worse (see point 1) without this feature.</li> <li data-xf-list-type="ol">Testing one AV on one pule of samples can be hardly compared with testing the second AV on the second (different) pule of samples. It would be possible and reliable only on the tenth of thousands of malware samples.</li> <li data-xf-list-type="ol">You can perform tests on a smaller number of samples, but then the AVs must be tested on the same samples at the same time. If you will do it, then you will get something like that:<br /> [URL unfurl="true"]https://malwaretips.com/threads/se-labs-home-anti-malware-protection-january-march-2019.92970/post-818506[/URL]<br /> Because of the very small scoring differences, several thousands of samples have to be tested to avoid statistical errors.</li> </ol><p>So, such tests cannot say much about the AV protection, except when the result is very poor (for example below 80%), but this will depend on how many true 0-day samples are in the pule of all tested samples. If most samples are 0-day, then 80% protection can be very good.</p><p>Furthermore, if a million YouTube testers will "test" the best AV, then after some time one of them can get a poor result for it.</p><p>While testing, one should bear in mind that the pule of the tested samples is an eagle in the haystack of all samples living in the wild, so one test usually means nothing. Only several tests with consistent results can mean something.</p><p></p><p>Edit.</p><p>It seems that the purpose of this video was demonstrating the difference between WD detection with the Internet connection as compared to WD detection without Internet connection. See also:</p><p>[URL unfurl="true"]https://malwaretips.com/threads/windows-defender-vs-ransomware.98128/post-856932[/URL]</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 856806, member: 32260"] [USER=85559]@Lokki[/USER], The video is OK, but could you ask yourself what information about the "tested" AV you got from watching it? We already know without any test that : [LIST=1] [*]For any AV there exists undetected malware. [*]If the AV has the anti-ransomware feature, then it is obvious that the ransomware detection will be even worse (see point 1) without this feature. [*]Testing one AV on one pule of samples can be hardly compared with testing the second AV on the second (different) pule of samples. It would be possible and reliable only on the tenth of thousands of malware samples. [*]You can perform tests on a smaller number of samples, but then the AVs must be tested on the same samples at the same time. If you will do it, then you will get something like that: [URL unfurl="true"]https://malwaretips.com/threads/se-labs-home-anti-malware-protection-january-march-2019.92970/post-818506[/URL] Because of the very small scoring differences, several thousands of samples have to be tested to avoid statistical errors. [/LIST] So, such tests cannot say much about the AV protection, except when the result is very poor (for example below 80%), but this will depend on how many true 0-day samples are in the pule of all tested samples. If most samples are 0-day, then 80% protection can be very good. Furthermore, if a million YouTube testers will "test" the best AV, then after some time one of them can get a poor result for it. While testing, one should bear in mind that the pule of the tested samples is an eagle in the haystack of all samples living in the wild, so one test usually means nothing. Only several tests with consistent results can mean something. Edit. It seems that the purpose of this video was demonstrating the difference between WD detection with the Internet connection as compared to WD detection without Internet connection. See also: [URL unfurl="true"]https://malwaretips.com/threads/windows-defender-vs-ransomware.98128/post-856932[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top