Petition for CIS to be Tested by NSSLABS

Hi guys

I would like to ask anyone who is interested fro CIS to be tested by NSSLABS to sign this petition by posting his or her approval on this thread. Melih always said that he is waiting for an AMTSO dynamic test. Lo and behold that dynamic test is upon us and it is being provided by NSSLABS.

Melih at first did not believe that NSSLABS provided an AMTSO approved dynamic testing since that test was not reviewed by the AMTSO review board. However, when I showed him that the president of the NSSLABS Rick Moy is a member of such a review board as well as representatives from Kaspersky, Eset, Panda Security, and TrendMicro are all members of the review board, Melih just stated to let nature takes its course, without a definite yes or no.

All members of the AMTSO review board have an in-depth knowledge of the requirements of dynamic testing. Consequently, if Rick Moy president of NSSLABS conducts a dynamic test I must agree that such a test would fulfill the AMTSO requirements. Moreover, if the NSSLABS test was not dynamically legit other members of the AMTSO review board, whose products have been tested such as AVG, TrendMicro, Panda, and Kaspersky, would have protested and they did not.

So guys if we want CIS to be measured with other industry leaders, for the moment NSSLABS is it. And I would like to urge everybody to sign this petition.

References:

http://nsslabs.com/host-malware-protection/consumer-anti-malware.html (Please register to view the report, if you have not done so already.)

http://www.amtso.org/amtso---boards---review-analysis-board.html

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comparative_dynamic_testing_from_nsslabs-t45889.0.html

Peace.

Mod edit : Poll added to make it easier for users to express their opinion on this topic.

Thanks.

If Melih says wait, a petition isn’t going to force him to do anything…

Actually he did not say wait, he said let nature takes its course. However, he always wanted an AMSTO dynamic test in that context he just got his wish. By the way, posting your own approval on this thread might just change his mind in the case he had indirectly said no.

Peace.

I think Melih said lets nature have its course since this site is not yet confirmed AMTSO compliant. So far it just claims to be AMTSO complaint:

The site needs to get reviewed by AMTSO (Give it some time)… You are probably correct when stating that this site preforms AMTSO compliant tests… Especially with this high guy from AMTSO working there… But it needs to be done the right way and get official, when it does Iam sure Melih hand them CIS and let them preform those tests! :-TU Peace…

It is extremely complex to set up an AMTSO test environment - that’s why it’s taking so long for them to gain traction.

It’s only my personal opinion, but I suspect a 99% AMTSO compliant test is about as useful as a 1% compliant one. It needs to be 100% compliant, and it’s not simple to achieve.

Ewen

Sure sounds like wait to me…

I don’t know which way to vote. I would like to see CIS tested, but only if the test is fully compliant. I will leave this up to Melih’s judgement. On the other hand, I am from Florida, so can I vote both ways? ;D

Sure it is a complex matter however, if there is someone to do it, well then it is Rick Moy President of NSSLABS and member of the AMTSO review board. The review board exists to make sure an organization dynamic test is compliant to the AMSTO dynamic guidelines.

Peace.

Really, wait for what. I would have understood had he said CIS is not ready and that he is waiting for CIS v4 that will provide greater protection and detection, but he did not say that. What Melih asked first was where did NSSLABS made the satement that their test is AMTSO dynamic?

When I showed him where, then he asked a completely different question. The content of that question was whether or not that test was approved by the review board. In reply, I showed him that one of the members of such board is Rick Moy president of the NSSLABS and other members of the security industry, whose products have been tested, like AVG, Panda, Kaspersky, are all part of the review and none of them have denied the AMSTO dynamic merits of the NSSLABS test.

Only then he resorted to say to let nature takes its course. If Melih’s argument holds any water I would conclude that some if not most members of the AMSTO review board does not have an in depth savoir faire when its comes to the AMTSO dynamic guidelines.

If Rick Moy President of NSSLABS is not qualified to perform an AMSTO dynamic test then how could he be part of a review board that will review prospective dynamic tests in order to make sure that they fulfill the AMTSO guidlines?

In conclusion, until proof to the contrary is provided, the consumer product dynamic test that NSSLABS conducted was indeed AMSTO compliant.

Peace.

Jaki

Count me in for a Yes for AMTSO compliant test!

I don’t want to get a test done that claims to be AMTSO compliant and then gets rejected by the review board! Simple as that.

Has the NSS test been approved by the review board? If so, I am more than happy to pay for the test and be the first one!

Believe me when I say, I want this more than you do! This is whats going to show true power of CIS to the world! But the test has to have credibility.

Melih

Yes it is fully complaint :-TU. Nonetheless, since you are a Floridian you can even vote twice ;D, just kidding.

Peace.

So if I understand what you are saying Rick Moy could reject his own company test and other members of the board whose products have been tested would reject Mr Moy’s test as well. One such person could be Alice Decker from Trend Micro the winner of that dynaimic test ;D.

Consequently, I expect consternation from the review Board. Why would Rick Moy perform such a test? A test that he knew the AMTSO review board could reject. Moreover, why is it that AVG, TrendMicro, Panda Security, and Kaspersky allowed their products to be tested when they were already aware that there was a possibility that the review board could reject it outright; beside, they should have known better, their own employees are members of the board ;D.

Peace.

Hi Melih

You said something on the other thread that just caught my attention:

Jaki

FYI: We have been talking to NSS already, before you even started this thread Smiley

Let the nature take its course…believe me when I say I want AMTSO compliant test more than you do Smiley

Melih

Now if you you’ve been talking to NSSLABS therefore, you already knew they made the claim that they are AMTSO compliant. And yet you still asked me where did they made such a claim? Why?

I do not know what transpired in your conversation with them; however could you tell us, CIS users, what actually happened.

You always said nobody wants CIS to be tested than you well, that may be true nonetheless, as a user I have a stake in it too. I want CIS to succeed, to me it’s the best invention since slice bread ;D. I even nicknamed CIS as the unselfish security apparatus since CIS could directly protect a process from termination for example because of D+.

I would like CIS to prove itself in testing, we as users have nothing to fear.

Peace.

Jaki Thanks very much for this thread.
I voted YES.
Surely comodo doing best in this test will show to all that comodo does best in it.

Comodo should get a certificate at least 1 certificate.

I voted YES

;D ;D ;D
;D ;D ;D
;D ;D ;D

I would like to thank Devenroy, Petit and Lewis Hamilton for your support. However, I really do not think that Melih was utterly honest with us all along, here is why: I created a thread called “Comparative Dynamic testing from NSSLABS” on reply #3 Melih asked the following question:

Where do they mention they offer amtso compliant tests pls?

thanks
Melih

and on reply #4 I stated:

Hi Melih

Please check the following link and scroll down to the very bottom of the page:

http://nsslabs.com/anti-malware

From NSSLABS:

“NSS Labs is an active member of the Anti-Malware Testing Standards Organization (AMTSO). All testing is conducted closely following the AMTSO guidelines.”

Peace.

Now on reply #49 Melih still said he is wating for an AMTSO compliant test, behold:

Like we said…we are all for AMTSO compliant testing…

Melih

He said this even after I showed him where NSSLABS made such a statement. Moreover he still insisting the same question on reply 51:

Is it AMTSO Compliant?

Melih

and on reply 53 I answered him:

Yes indeed. Melih Have you read the first page of this thread? I showed you where NSSLABS made that statement.

Peace.

Please dear readers please bear with me for a moment and this where Melih started to trick me when he asked the following on reply #55:

Can you show me confirmation from AMTSO accepting this as AMTSO Compliant test?

Thanks

Melih

Now Melih does not ask me anymore where NSSLABS made the statement that they complied to the AMTSO dynamic requirements, he changed his question completely to another angle and he knows very well for such a question I would not be able to provide an answer. The odd thing here is that as Comodo is an AMTSO member, Melih would have been able to provide an answer to his own question better from someone, like me, in the public at large.

And eventually he asked whether or not the NSSLABS test has been reviewed by the AMTSO review board; and here is another trick from him: Melih already knew that the AMTSO review board would not on its own review a dynamic test unless someone reported such a test for not fulfilling the AMTSO dynamic standards.

In the end here the kicker trick from Melih from reply #65:

Jaki

FYI: We have been talking to NSS already, before you even started this thread Smiley

Let the nature take its course…believe me when I say I want AMTSO compliant test more than you do Smiley

Melih

Now we all remember reply #3 where Melih asked where did NSSLABS make the claim that their test is AMTSO compliant. For a minute or two guys think of it; if Melih has been talking to NSSLABS before I created that thread would not you think that he already knew where NSSLABS made such a claim. If for example he had communicated with them by e-mail I’m sure that NSSLABS would have directed him to their website and point him to the section where they made such a statement. So why did he asked such a question when he already knew the answer?

If he does not allow CIS to be tested then I presume that Melih does not believe that the NSSLABS test was AMTSO dynamic in that case he must report it to the AMTSO review board for a complete review and Melih does have the right since Comodo is a paid member of the AMTSO.

I would still urge whoever did not have the time to sign this petiton to do so and ask Melih to be honest with us and allow CIS to be tested.

Reference:

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comparative_dynamic_testing_from_nsslabs-t45889.0.html

Peace.

has the AMTSO review board approved NSS test as an AMTSO compliant test yet? If they did I would like to get it tested asap.

thanks
Melih

As Comodo is a member of the AMTSO please tell me Melih how does the AMTSO work, especially its review board? I was told that the AMTSO will not initiate any direct review of an AMTSO dynamic test; that test must be reported to it as not fulfilling the AMTSO guidelines, then and only then it will review and eventually approve or reject any reported dynamic test after its findings. Is it true or is it false? If it is true don’t you think think you should take it upon yourself as an AMTSO member to report the NSSLABS test to the AMTSO review board for a review. Then after Rick Moy (president of the NSSLABS and member of the AMTSO review board), Alice Decker and other members give their seal of approval, then there should not be anymore tricks nor excuses.

Peace.