Petition for CIS to be Tested by NSSLABS

[Guest]

[Jaki]

Hi guys

I would like to ask anyone who is interested fro CIS to be tested by NSSLABS to sign this petition by posting his or her approval on this thread. Melih always said that he is waiting for an AMTSO dynamic test. Lo and behold that dynamic test is upon us and it is being provided by NSSLABS.

Melih at first did not believe that NSSLABS provided an AMTSO approved dynamic testing since that test was not reviewed by the AMTSO review board. However, when I showed him that the president of the NSSLABS Rick Moy is a member of such a review board as well as representatives from Kaspersky, Eset, Panda Security, and TrendMicro are all members of the review board, Melih just stated to let nature takes its course, without a definite yes or no.

All members of the AMTSO review board have an in-depth knowledge of the requirements of dynamic testing. Consequently, if Rick Moy president of NSSLABS conducts a dynamic test I must agree that such a test would fulfill the AMTSO requirements. Moreover, if the NSSLABS test was not dynamically legit other members of the AMTSO review board, whose products have been tested such as AVG, TrendMicro, Panda, and Kaspersky, would have protested and they did not.

So guys if we want CIS to be measured with other industry leaders, for the moment NSSLABS is it. And I would like to urge everybody to sign this petition.

References:

http://nsslabs.com/host-malware-protection/consumer-anti-malware.html    (Please register to view the report, if you have not done so already.)

http://www.amtso.org/amtso---boards---review-analysis-board.html

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comparative_dynamic_testing_from_nsslabs-t45889.0.html


Peace.

Mod edit : Poll added to make it easier for users to express their opinion on this topic.

[Jaki]

Thanks.

[HeffeD]

If Melih says wait, a petition isn't going to force him to do anything...

[Jaki]

If Melih says wait, a petition isn't going to force him to do anything...

Actually he did not say wait, he said let nature takes its course. However, he always wanted an AMSTO dynamic test in that context he just got his wish. By the way, posting your own approval on this thread might just change his mind in the case he had indirectly said no.


Peace.

[commanding the celsius]

I think Melih said lets nature have its course since this site is not yet confirmed AMTSO compliant. So far it just claims to be AMTSO complaint:

Jaki

Its important to be AMTSO compliant. Not just Claimed to be AMTSO compliant. I hope NSS will prove themselves to be AMTSO compliant and as soon as they have done that, we will get it tested.

Like you said: As we are member of AMTSO, you should understand that I am asking those questions for a reason .

All I am saying is, I hope NSSLabs are compliant and there is a process within AMTSO where there is a review board that can give indication if a test was compliant or not.  I want AMTSO testing more than you do (Yes I do!) and it has to be done the right way and approved by AMTSO (as much as it can be).

Melih

The site needs to get reviewed by AMTSO (Give it some time).. You are probably correct when stating that this site preforms AMTSO compliant tests.. Especially with this high guy from AMTSO working there.. But it needs to be done the right way and get official, when it does Iam sure Melih hand them CIS and let them preform those tests!  Peace..

[panic]

It is extremely complex to set up an AMTSO test environment - that's why it's taking so long for them to gain traction.

It's only my personal opinion, but I suspect a 99% AMTSO compliant test is about as useful as a 1% compliant one. It needs to be 100% compliant, and it's not simple to achieve.

Ewen :-)

[HeffeD]

Actually he did not say wait, he said let nature takes its course.

Sure sounds like wait to me...

[Dch48]

I don't know which way to vote. I would like to see CIS tested, but only if the test is fully compliant. I will leave this up to Melih's judgement. On the other hand, I am from Florida, so can I vote both ways? 

[Jaki]

It is extremely complex to set up an AMTSO test environment - that's why it's taking so long for them to gain traction.

It's only my personal opinion, but I suspect a 99% AMTSO compliant test is about as useful as a 1% compliant one. It needs to be 100% compliant, and it's not simple to achieve.

Ewen :-)

Sure it is a complex matter however, if there is someone to do it, well then it is Rick Moy President of NSSLABS and member of the AMTSO review board. The review board exists to make sure an organization dynamic test is compliant to the AMSTO dynamic guidelines.

Peace.

[Jaki]

Sure sounds like wait to me...

Really, wait for what. I would have understood had he said CIS is not ready and that he is waiting for CIS v4 that will provide greater protection and detection, but he did not say that. What Melih asked first was where did NSSLABS made the satement that their test is AMTSO dynamic?

When I showed him where, then he asked a completely different question. The content of that question was whether or not that test was approved by the review board. In reply, I showed him that one of the members of such board is Rick Moy president of the NSSLABS and other members of the security industry, whose products have been tested, like AVG, Panda, Kaspersky, are all part of the review and none of them have denied the AMSTO dynamic merits of the NSSLABS test.

Only then he resorted to say to let nature takes its course. If Melih's argument holds any water I would conclude that some if not most members of the AMSTO review board does not have an in depth savoir faire when its comes to the AMTSO dynamic guidelines.

If Rick Moy President of NSSLABS is not qualified to perform an AMSTO dynamic test then how could he be part of a review board that will review prospective dynamic tests in order to make sure that they fulfill the AMTSO guidlines?

In conclusion, until proof to the contrary is provided, the consumer product dynamic test that NSSLABS conducted was indeed AMSTO compliant.

Peace.

[Melih]

Jaki

Count me in for a Yes for AMTSO compliant test!

I don't want to get a test done that claims to be AMTSO compliant and then gets rejected by the review board! Simple as that.

Has the NSS test been approved by the review board? If so, I am more than happy to pay for the test and be the first one!

Believe me when I say, I want this more than you do! This is whats going to show true power of CIS to the world! But the test has to have credibility.

Melih

[Jaki]

I don't know which way to vote. I would like to see CIS tested, but only if the test is fully compliant. I will leave this up to Melih's judgement. On the other hand, I am from Florida, so can I vote both ways? 

Yes it is fully complaint  . Nonetheless, since you are a Floridian you can even vote twice  , just kidding.


Peace.

[Jaki]

Jaki

Count me in for a Yes for AMTSO compliant test!

I don't want to get a test done that claims to be AMTSO compliant and then gets rejected by the review board! Simple as that.

Has the NSS test been approved by the review board? If so, I am more than happy to pay for the test and be the first one!

Believe me when I say, I want this more than you do! This is whats going to show true power of CIS to the world! But the test has to have credibility.

Melih

So if I understand what you are saying Rick Moy could reject his own company test and other members of the board whose products have been tested would reject Mr Moy's test as well. One such person could be  Alice Decker from Trend Micro the winner of that dynaimic test .

Consequently, I expect consternation from the review Board. Why would Rick Moy perform such a test? A test that he knew the AMTSO review board could reject. Moreover, why is it that AVG, TrendMicro, Panda Security, and Kaspersky allowed their products to be tested when they were already aware that there was a possibility that the review board could reject it outright; beside, they should have known better, their own employees are members of the board  .

Peace.

[Jaki]

Hi Melih

You said something on the other thread that just caught my attention:

Jaki

FYI: We have been talking to NSS already, before you even started this thread Smiley

Let the nature take its course...believe me when I say I want AMTSO compliant test more than you do Smiley

Melih

Now if you you've been talking to NSSLABS therefore, you already knew they made the claim that they are AMTSO compliant. And yet you still asked me where did they made such a claim? Why?

I do not know what transpired in your conversation with them; however could you tell us, CIS users, what actually happened.

You always said nobody wants CIS to be tested than you well, that may be true nonetheless, as a user I have a stake in it too. I want CIS to succeed, to me it's the best invention since slice bread  . I even nicknamed CIS as the unselfish security apparatus since CIS could directly protect a process from termination for example because of D+.

I would like CIS to prove itself in testing, we as users have nothing to fear.


Peace.

[devenroy]

Jaki Thanks very much for this thread.
I voted YES.
Surely comodo doing best in this test will show to all that comodo does best in it.

[Tags:]