CNET Editors' Choice awards for 2012 security suites

Editors’ Choice awards for 2012 security suites
As in years past, CNET awarded one for a paid suite, and one for a free suite. Did your favorite come out on top?

http://download.cnet.com/8301-2007_4-57395900-12/editors-choice-awards-for-2012-security-suites/

I wonder why COMODO was not even included in the test…

Marketing…

Cnet Never Promotes Comodo or test it
maybe because they get money by selling paid products

I don’t put much trust in surveys from organizations who maybe have a conflict between their commercial interests of gaining large revenue from advertising the same products they promote in reviews and surveys; and their ‘supposed fair & honest’ journalism reporting to readers (us lot, the potential customers).

This CNET Editors’ Choice seems to me just another ‘churning’ over their favorites, and any survey that includes Norton and not Comodo is clearly a joke.

Skeptical?, ME! - No!

For someone who doesn’t know a lot will take cnet.com’s advice in consideration. As you say they are joke. Norton is not to bad but there are better out there and if the person inquestion is willing to learn then they won’t mind CIS.

I’m very happy with AIS 7.0.1426 on my XP SP3 PC but there are indeed some funny things about CNET’s assessments.
e.g. What is ‘Avast 2012’. They’ve “Nortonized” the name. ;D

Quote:“(Note that Microsoft Security Essentials and Panda Cloud Antivirus did not release major updates in the past year, so they’re not included in our chart.)”

1/. So what! Does their release date mean they are automatically not worthy of comparison?

2/. Avast 7 (or “2012” as CNET call it) wasn’t released in the past year (i.e. 2011) either. Or do they mean the 12 month period prior to their latest review?

AIS 7 is better against zero-day malware which is nice. Avast said that the user never should interact… what happend in AIS 7? they follow similar path like comodo does with unknown file; unknown file get sandboxed, requires an action done by the user.

Hi Valentin N

If Avast were following a similar autosandbox path to Comodo - I’d probably still be using CIS! :wink:

Apparently Avast 6 autosandbox logic was like an interim measure. Now that they’ve better integrated the existing techniques and added file reputation, the plan is to pass even less decision making to the user.

Time will tell how well it works out.

Avast sandbox doesn’t sandbox every unknown file. It is more like behaviour blocker & sandbox only the suspicious file.

But I dont understand one thing. Avast autosandbox is full virtualization, right?

But I tested Avast with default settings & when it finds the suspicious behvaiour it autosandbox the file & analyzes & after the analyzes completes it terminates the sandboxed app & give the option to sandbox or normal open nextime.

The prob is if you choose to select the app to open next time sandboxed, it again does the same thing & terminates the apps. So this means you can only open the app normally & not sandboxed, right? Then whats the benefit of full virtualization of Avast autosandbox?

Hi Naren

The term “full virtualization” might be useful when comparing one implementation of something labeled a “sandbox” or “autosandbox” with another, but it is really an oxymo ron (see note below).

Sandbox = virtualization.
Therefore the “benefit of full virtualization of Avast autosandbox” is that it is what it says it is.

Now, as to why the Avast autosandbox behaves the way it does, did you follow my 2nd link?

Retail versions of Avast include an on-demand sandbox and “Safezone” virtual desktop/browser but
autosandbox is intended to be a “safe” place for Avast Free to run, analyze & terminate suspect apps. The default setting is now “auto” rather than “ask” (see pic). I believe the plan was to remove the “ask” option altogether but they seem to have pulled back from that.

(Note to Mods: What gives? Why can’t I type ‘oxymo ron’ without a space without it becoming ‘oxyhunk’ :o ??? :o ??? Isn’t this an English language forum?)

[attachment deleted by admin]

What I meant was if Avast AutoSandbox in Free Version is Full Virtualization then at least those apps should be able to run in Sandbox which Avast decides is suspicious. Offcoz to run selected apps sandboxed Avast Pro is there.

Technically still possible (as was allowed in v.6) but ruled out by design choice.

Yes, default autosandbox terminates the apps.

But set to ask, the apps open in sandbox with red border. I tested this.

Do you have ‘Pro’, ‘IS’ or ‘Free’?
It works exactly as you describe for me with ‘IS’ 7.0.1426 but I would be surprised if ‘Free’ behaves the same way.

Free

If I had ‘Free’ installed I’d try it myself but it looks like an unexpected bonus feature.
Set it to ‘Ask’ and you get the option to always sandbox.

I meant

Default AutoSandbox - After analyzing terminates the apps & gives the popup with options, run next time sandbox & run next time normal. If you select run next time sandbox it again does the same thing next time. So with default autosandbox the apps cannot be run sandboxed.

Set to Ask - I didn’t got analyzing popup. I think got a popup with options, run in sandbox, run normal & cancel. If run in sandbox is selected the apps runs in sandbox i.e with a red border. But I think you cannot select remember this with the option run in sandbox as it is greyed out. And you can select remember this only with the option run normal.

Hope this clears more clearly.

Hi Naren

Got a chance to ‘play’ with Avast 7 Free and compare with Avast 7 IS today.
It is exactly as you describe.

The ‘Remember my answer for this program’ option that adds the program to ‘Virtualized processes’ in AIS when ‘Open in sandbox (recommended)’ option is chosen, is greyed out in Avast Free, because that component/interface is not included in the free version.

[attachment deleted by admin]

Was just going through Avast blog & found something about autosandbox in Avast.

Michalvanek, I think is related to Avast i.e staff.

The blog on Avast autosandbox is by him.

He replied to one of the comments & mentioned

“If you want to install new software to sandbox just switch autosandbox mode to ask.”

Link of the blog AutoSandbox - why are you annoying me?