06-23-2011 11:11 AM
In their test, a free product (CIS) is rated number 1 and got a rating of 100%.
It's difficult for me to believe that any product (i.e., CIS free) would _ever_ get a 100% rating (CIS free). Ever. If it happens it means that the test was not rigorous, and therefore useless.
Their results surely challenges both logic and common sense. Note that I didn't say that they're "wrong" (exactly), but it sure looks peculiar.
NIS is in their lengthy "not recommended" category, which is about 2/3 of all the products that they tested.
I've never heard of these guys (Matousec). From Wikipedia:
"founded in March 2006 by Czech IT security researcher David Matoušek with a small group of university students _(mostly)_"
Ahhh, students. It's an age old tradition that often means that large quantities of "cold beverages" are consumed while BS-ing about things that they have little experience with. (Not always, but often.)
"In April 2009 the group and project were acquired by _unknown_ Internet and software-related company Difinex (Different Internet Experience) Ltd."
Well, that certainly instills great confidence in their expertise and results.
"Matousec has also been criticized on the basis of conflict of interest, due to being paid by security software makers for re-testing."
How much does it cost to get a grade improved?
06-23-2011 11:53 AM - edited 06-23-2011 11:54 AM
Matousec's scoring method has its critics:
06-24-2011 12:03 AM
Interesting writeup. It seems to me that the logic is just a little fuzzy. If the firewall failed to do its job after a certain level, why test it further? It is inadequate in some way.
It likely has to do with the default allow or default deny concepts. One believes that the antivirus need not be perfect if the firewall is good enough to stop anything. I can see problems developing among those users who must allow things without thought.
On the other hand, there are those developers who believe that the firewall does not have to be perfect, so long as the antivirus is completely effective 100% of the time. Unfortunately, we know that is simply not possible.
The best we can get is a program with the strongest elements of firewall, antivirus, and educated and suspicious users.