Which makes prevention a much better thing than just detection.
…which many people yet don’t understand / agree with, they still think in the old pure AV way. Thus I’m looking forward to complete security comparison between different products. 8)
Melih we misunderstood each other:
Missing 1% with a database of 1.7 million is 17000, but that’s the WHOLE database that an AV company managed to create in months or years ! It doesn’t mean it misses 17000 a month.
Missing 1% out of 20000 is 20 samples missed and 30 missed out of 30000
If an antivirus would miss 85 % of malware each month, that would be a disaster and nobody would use them.
Yes, AV’s is all about reaction time.(heuristics might help and might not). But companys do have bots scanning the net, experts and users submiting the malware.
Pure antivirus technology is obsolete, there’s no doubt about it, but we STILL need it, because other technologies are too young or too complicated for massive use.
Hi DarkButterfly…I mean m00nbl00d 
I didn’t get your example about compromised Kaspersky’s trial. HIPS won’t prevent such a trial from installation, because a user would install it in installation mode and set it’s AV as trusted. Okay, fine. Would another AV prevent this ? Why would a user install Kaspersky’s trial without uninstalling it’s previous AV in the first place ? I don’t get it. ???
Why HIPS ? Just because D+ is HIPS ? There are also Behaviour Blockers, Sandboxing technologies and other things.
AV’s are the thing of the past, but I agree that we need them at the moment (as I said in my previous post)
m00nnbl00d, I was talking about PURE Antivirus defense, where a user relies only on his AV and nothing else ! This method is obsolete.
behaviour based technologies are glorified signatures…it still tries to find a signature, in this case a behaviour is a signature… it still is a reactive security not proactive…so I do not think current AV providers are changing the way they protect end users from security model point of view.
Melih
A guy at symantec Per Hellqvist wrote on his blog (about signatures):
"I argue with a lunatic obstinacy, that signature files are the best. Why? Well, for all IT Security guys, I talked to agree that it is a million times better to get the report that “Trojan.Rustok.B” has been found on a computer rather than “Possibly an unknown trojan”. If you know that it is Rustok you can take proper action! you can read exactly what it has does and then do the right things. (translated from swedish)
I agree that signatures might be the best in some cases.
But its always behind, thats why there should be more than signatures in the fight against viruses, spywares and so on. But signatures are good too…
The very same Per Hellqvist wrote some tips of how to protect you from the serious IE vulnerability in December. None of them included software against BO attacks (though he wrote that you can disable scripting, which on the other hand restricts useful things).
- Use another browser - Update AV and intrusion protection. They should be updated now. - Turn off Active Scripting (but then many sites won't work) - If you write your own IPS signatures you can include the word "gh0st" - Block access to these domains: [i]-snip-[/i]
Right now we can just update, be careful and hope that Microsoft released an additional update like they've done in the past in these situations.
(source)
My bottom line: We need prevention in addition to detection! We need CMF!
Hi Melih
Any news/updates about this online security testing suite?
Hi there,
any news on this
regards,
PSchuetz
we launched Comodo Cloud scanner as a Diagnostic tool…
Melih
Hi Melih
Are there any plans to continue / enhance COMODO Leaktest Suite (maybe new methods of exploiting your system) as a standalone app?
Bump ;D.
Please consider developing such a tool. This would be the ideal tool for converting users away from their Norton, McAfee internet security suites.
Will people believe in the independence of the tool and the results? ???
I believe so :). It’s all good saying that CIS is a better product than McAfee, Norton, etc but I think you need a tool to prove the weaknesses of these products which will then (I believe) make them reconsider.
I’m sure many users on these forums work in organisations where they support “x” number of computers/users and therefor are able to influence the users choice in security software.