CNET Editors' Choice awards for 2012 security suites

[Guest]

[loveboy_lion]

Editors' Choice awards for 2012 security suites
As in years past, CNET awarded one for a paid suite, and one for a free suite. Did your favorite come out on top?


http://download.cnet.com/8301-2007_4-57395900-12/editors-choice-awards-for-2012-security-suites/

[w-e-v]

I wonder why COMODO was not even included in the test...

[Valentin N]

Marketing...

[loveboy_lion]

Cnet Never Promotes Comodo or test it
maybe because they get money by selling paid products

[Mipmapper]

I don't put much trust in surveys from organizations who maybe have a conflict between their commercial interests of gaining large revenue from advertising the same products they promote in reviews and surveys; and their 'supposed fair & honest' journalism reporting to readers (us lot, the potential customers).

This CNET Editors' Choice seems to me just another 'churning' over their favorites, and any survey that includes Norton and not Comodo is clearly a joke.

Skeptical?, ME! - No!

[Valentin N]

I don't put much trust in surveys from organizations who maybe have a conflict between their commercial interests of gaining large revenue from advertising the same products they promote in reviews and surveys; and their 'supposed fair & honest' journalism reporting to readers (us lot, the potential customers).

This CNET Editors' Choice seems to me just another 'churning' over their favorites, and any survey that includes Norton and not Comodo is clearly a joke.

Skeptical?, ME! - No!

For someone who doesn't know a lot will take cnet.com's advice in consideration. As you say they are joke. Norton is not to bad but there are better out there and if the person inquestion is willing to learn then they won't mind CIS.

[pc_pete]

I'm very happy with AIS 7.0.1426 on my XP SP3 PC but there are indeed some funny things about CNET's assessments.
e.g. What is 'Avast 2012'. They've "Nortonized" the name.

Quote:"(Note that Microsoft Security Essentials and Panda Cloud Antivirus did not release major updates in the past year, so they're not included in our chart.)"

1/. So what! Does their release date mean they are automatically not worthy of comparison?

2/. Avast 7 (or "2012" as CNET call it) wasn't released in the past year (i.e. 2011) either. Or do they mean the 12 month period prior to their latest review?

[Valentin N]

I'm very happy with AIS 7.0.1426 on my XP SP3 PC but there are indeed some funny things about CNET's assessments.
e.g. What is 'Avast 2012'. They've "Nortonized" the name.

Quote:"(Note that Microsoft Security Essentials and Panda Cloud Antivirus did not release major updates in the past year, so they're not included in our chart.)"

1/. So what! Does their release date mean they are automatically not worthy of comparison?

2/. Avast 7 (or "2012" as CNET call it) wasn't released in the past year (i.e. 2011) either. Or do they mean the 12 month period prior to their latest review?

AIS 7 is better against zero-day malware which is nice. Avast said that the user never should interact... what happend in AIS 7? they follow similar path like comodo does with unknown file; unknown file get sandboxed, requires an action done by the user.

[pc_pete]

Hi Valentin N

If Avast were following a similar autosandbox path to Comodo - I'd probably still be using CIS!

Apparently Avast 6 autosandbox logic was like an interim measure. Now that they've better integrated the existing techniques and added file reputation, the plan is to pass even less decision making to the user.

http://forum.avast.com/index.php?topic=88672.msg710188#msg710188
http://forum.avast.com/index.php?topic=93866.msg747953#msg747953

Time will tell how well it works out.

[naren]

AIS 7 is better against zero-day malware which is nice. Avast said that the user never should interact... what happend in AIS 7? they follow similar path like comodo does with unknown file; unknown file get sandboxed, requires an action done by the user.

Avast sandbox doesn't sandbox every unknown file. It is more like behaviour blocker & sandbox only the suspicious file.

But I dont understand one thing. Avast autosandbox is full virtualization, right?

But I tested Avast with default settings & when it finds the suspicious behvaiour it autosandbox the file & analyzes & after the analyzes completes it terminates the sandboxed app & give the option to sandbox or normal open nextime.

The prob is if you choose to select the app to open next time sandboxed, it again does the same thing & terminates the apps. So this means you can only open the app normally & not sandboxed, right? Then whats the benefit of full virtualization of Avast autosandbox?

[pc_pete]

But I tested Avast with default settings & when it finds the suspicious behvaiour it autosandbox the file & analyzes & after the analyzes completes it terminates the sandboxed app & give the option to sandbox or normal open nextime.

The prob is if you choose to select the app to open next time sandboxed, it again does the same thing & terminates the apps. So this means you can only open the app normally & not sandboxed, right? Then whats the benefit of full virtualization of Avast autosandbox?

Hi Naren

The term "full virtualization" might be useful when comparing one implementation of something labeled a "sandbox" or "autosandbox" with another, but it is really an oxymo ron (see note below).

Sandbox = virtualization.
Therefore the "benefit of full virtualization of Avast autosandbox" is that it is what it says it is.

Now, as to why the Avast autosandbox behaves the way it does, did you follow my 2nd link?

Retail versions of Avast include an on-demand sandbox and "Safezone" virtual desktop/browser but
autosandbox is intended to be a "safe" place for Avast Free to run, analyze & terminate suspect apps. The default setting is now "auto" rather than "ask" (see pic). I believe the plan was to remove the "ask" option altogether but they seem to have pulled back from that.

(Note to Mods: What gives? Why can't I type 'oxymo ron' without a space without it becoming 'oxyhunk'   Isn't this an English language forum?)

[naren]

Hi Naren

The term "full virtualization" might be useful when comparing one implementation of something labeled a "sandbox" or "autosandbox" with another, but it is really an oxymo ron (see note below).

Sandbox = virtualization.
Therefore the "benefit of full virtualization of Avast autosandbox" is that it is what it says it is.

Now, as to why the Avast autosandbox behaves the way it does, did you follow my 2nd link?

Retail versions of Avast include an on-demand sandbox and "Safezone" virtual desktop/browser but
autosandbox is intended to be a "safe" place for Avast Free to run, analyze & terminate suspect apps. The default setting is now "auto" rather than "ask" (see pic). I believe the plan was to remove the "ask" option altogether but they seem to have pulled back from that.

(Note to Mods: What gives? Why can't I type 'oxymo ron' without a space without it becoming 'oxyhunk'  Isn't this an English language forum?)

What I meant was if Avast AutoSandbox in Free Version is Full Virtualization then at least those apps should be able to run in Sandbox which Avast decides is suspicious. Offcoz to run selected apps sandboxed Avast Pro is there.

[pc_pete]

Technically still possible (as was allowed in v.6) but ruled out by design choice.

[naren]

Yes, default autosandbox terminates the apps.

But set to ask, the apps open in sandbox with red border. I tested this.

[pc_pete]

Yes, default autosandbox terminates the apps.

But set to ask, the apps open in sandbox with red border. I tested this.

Do you have 'Pro', 'IS' or 'Free'?
It works exactly as you describe for me with 'IS' 7.0.1426 but I would be surprised if 'Free' behaves the same way.

[Tags:]