07-28-2012 02:45 PM
Does the report answer these important questions?
Was the antivirus installed when infected?
Was it enabled when infected?
Was it an upto date version installed?
Were its components including definitions upto date when infected?
And then to compare antiviruses with each other you need to know
What is the marketshare for each vendor in those areas?
And some others but they are not as important.
07-28-2012 06:54 PM - edited 07-28-2012 07:18 PM
80% of Carberp infected computers had antivirus software installed.
That it is still possible for a PC to become infected by certain malware, despite running antivirus software, is not news. Of course, a system that is itself configured to be secure - in addition to running AV - will be much better protected than an inadequately secured system running AV alone. Unfortunately, the additional layers of protection necessary to lock down a Windows operating system are either unknown to many people, or the users simply choose to rely solely on AV products in order to avoid the inconvenience and attention to detail that is required to properly secure a system in depth. The methods that malware now uses to infect systems are often extremely sophisticated, and defending against them requires that potential attack vectors be closed off as much as possible. Security software is certainly part of the solution - an important part - but it is not the total answer. You don't leave your home's doors and windows unlocked on the assumption that the police already have all of the potential burglars under control, do you?
07-28-2012 11:30 PM
I agree with u but Norton must say about use of additional software for security and when don't do it so it's mean Norton is enough for us.
another note: If security of users are important for symantec they have to customize their softwares for high protection like contract with other companies to use thier technology.some times Norton do that but why there are some bugs on their software yet?!!!
07-29-2012 12:09 AM
07-29-2012 12:26 AM - edited 07-29-2012 12:28 AM
I don't say about deleted files or infection with risks,i say about infected computer and Norton 360 has been closed that's so different it's mean Norton's bugs.I write some codes (honestly i am cracker) and know about what you say but i agree with you only in HIPS and sandbox cases.so in this feature why Norton don't use sandbox in their products? Security is a puzzle and if you complete that then you win and you don't have risk.from knowledge till limeted user or etc must be join with each other but you must accept that Norton passed same way from some years ago till now and every year Norton said about speed (absolutely reduced from 2009) , upgrade of SONAR ( not yet effective well ) , ... and nothing is new from 2009 till now.
07-29-2012 03:50 AM
I agree with moriseif about the fact that since 3 years Norton hasn't been changed much but the malware did.
The impact of Norton on the system is just amazing, its very low on resources which is great.
Since their signature database is great and well up to date it would be easy to implement application whitelisting (blacklist by default) which is now only used in corporate security software?
If application whitelisting plus some behavor detection is done properly they could basically offer 100% security
07-29-2012 09:43 AM
<< the fact that since 3 years Norton hasn't been changed much but the malware did. >>
That's back to 2009/10 so I think that is factually incorrect. The Norton engines, coding whatever you want to call it was totally changed over those years.
But more important none of us can really know what or how they changed unless we have hacked their coding and the servers upon which detection depends.
<< If application whitelisting plus some behavor detection is done properly they could basically offer 100% security >>
Perhaps but would we acccept the consequences of such tight restrictions? My impression is that most users would not ... just as VISTA's UAC was not accepted.
In a business environment, if mangement says you may not to eg Facebook you have to accept that; if their implentation of security enforces that, you have to accept it .... or quit the job. Try to do the same to the typical "home" user and they would disable it or change products.
07-29-2012 09:59 AM - edited 07-29-2012 10:03 AM
< Try to do the same to the typical "home" user and they would disable it or change products. >
that is so mistake.companies create for people or users.users test it and have a reputation about it then company change some things to make better products.
07-29-2012 01:26 PM - edited 07-29-2012 01:31 PM
> The report says nothing about whether or not the security programs were updated so its pretty useless.
That post sounds like it could come straight out of a corporate public relations department.
1. You don't know. Yet you come up with a flawed conclusion ("it's useless") in support of Symantec.
Where are the rational, unbiased posts?
2. One reasonable assumption (if you're going to make assumptions) is that AV-Test used the _same "conditions"_ for all the products. If they didn't, a company that scored low would sue them if "tight" conditions were used for them but "loose" conditions were used for their competitors.
So Symantec was held to the same conditions as the other products. Let the scores fall where they may.
> Does the report answer these important questions? ...
You left one out. Were all the products treated the same?
> In the part of the protection test where the whole product gets tested, Norton scored better than both of them.
AV testing is like the decathlon.
You don't win the decathlon because you won the long jump event.
07-29-2012 01:36 PM
>> since 3 years Norton hasn't been changed much but the malware did
> The Norton engines, coding whatever you want to call it
> was _totally changed_ over those years.
> But more important _none of us can really know_ what or how they changed
> unless we have hacked their coding and the servers upon which detection depends.
In the first section you said that Norton "totally changed."
Then you said that "none of us can really know."
Which is it?