The folks over at Consumer Reports have published a review of the various antivirus solutions. Now they tackled this from a much different angle for their testing. What these folks did, and managed to seriously piss off the industry in the process, was to use mutations of known viruses. And (insert deity) bless them for doing it. And thanks to Brian Krebs on his blog Security Fix I was able to learn about this story.
Well, the Consumer Reports pissed off the industry…and they wrote a letter.
More than 100 security experts and executives from companies like Microsoft and HP as well as anti-virus vendors F-Secure, Kaspersky, McAfee, Sophos, Symantec and Trend Micro signed their names to a declaration denouncing Consumer Reports’ methods, stating that it is “not necessary and … not useful to write computer viruses to learn how to protect against them.”
Well, here is a link to the letter. Hmmm, ok. So they’re pissed off because the testing managed to demonstrate the failings of the antivirus products? OK, I can see that. I don’t agree with it but, I can see why they’re pissed.
From Krebs piece again,
As I have noted here before, many malware authors are increasingly outpacing the security vendors by automagically updating the genetic makeup of their creations before anti-virus companies have time to ship updates. As a result, we have an industry whose business is predicated on 10 percent to 20 percent of its customers being successfully attacked before it can even begin to respond, according to some estimates.
Now, these numbers are only going to grow.
I can see why they’d be pissed. Being shown to be sub par would do that to most people. The arguement that you should only test with known viruses seems to me to be inherently flawed. I would want to know that my antivirus product can respond to and if possible protect ungainst the unknown threats.
And finally,
The most innovative idea I’ve seen so far came in a presentation from Paul Vixie and David Dagon at the DefCon hacker conference in Las Vegas this year. Vixie and Dagon proposed creating a massive malware repository to which all of the anti-virus vendors would automatically submit new samples.
Well, this has already been done in fact. The guys at Offensive Computing also released this idea at Defcon, and in fact it is already up and running. Check it out.
[tags]Antivirus, Offensive Computing, Consumer Reports, Defcon[/tags]