Comments on: Kaspersky, Virus Total, and Unacceptable Shortcuts

By: Optimus Prime

Optimus Prime — Mon, 17 May 2010 03:20:59 +0000

FAIL

By: Hidden Peak

Hidden Peak — Tue, 23 Feb 2010 14:36:15 +0000

Bontchev's point ov view is understandable. Tests => PR => user's attention => sales => profit (which is the main reason why all security firms do exist).
But let's not forget primary goal of any AV-product – protection of user's computer. And it has nothing to do with magazine's tests. Any clean object detected as malware = false positive. Messages about such pseudo-malware scares common users (ones who's not an expert or even advanced) as much as detection of real virus.
Let's look at the other side of this story. Now we know the approach of some AV-vendors. Got a sample => look at virustotal => positive result from 'big vendors'? => add to databases without own analysis. Nice, isn't it ? In case of real virus it's nothing but stealing of intellectual property. 'Big vendor' put it's efforts, time and money to detect this malware, and some others just used the result in fastest and easiest way. But in case of 'fake malware' those vendors looked like clowns. And is't a reason for their users to think about the question: "Do I use antivirus or pseudo-antivirus ?"

By: David Harley

David Harley — Tue, 16 Feb 2010 14:10:33 +0000

Yes, they did. And it’s not funny. But let’s not lose sight of the real issue. Actually, maybe the best summary was made by Vesselin Bontchev, commenting on the Register’s article:

“If we implement detection of some sample based solely on the fact that XYZ’s scanner detects it, we’re being accused of not doing proper analysis and copying other company’s detection. If we don’t detect the sample because our analysis has shown it is obviously not malicious, it gets into the testers’ test sets and our detection rate in the tests is lowered. When we protest, we’re being told that ‘but half a gazillion other products already detect it’. Welcome to the world of anti-virus research, where your only choices are bad ones and worse ones.”

By: Hidden Peak

Hidden Peak — Tue, 16 Feb 2010 14:02:09 +0000

>In fact, several vendors only detected one or two of those files
In fact, several vendors detected all 10 fake samples, guys. And it's not funny.

By: ZM

ZM — Sun, 07 Feb 2010 18:09:09 +0000

What version of NOD32 is used in Virustotal ?

By: MinDokan

MinDokan — Sat, 06 Feb 2010 19:41:35 +0000

PWNED!!!!!!!!1111111111111111111111111111 eleven!
Rico is calling Chamuyeros to Eset or Kaspersky, but I don't know why. Who is Chamuyero? (Chamuyero = liar)

By: Juan Carlos Calderon

Juan Carlos Calderon — Fri, 05 Feb 2010 03:05:11 +0000

Big surprise, if you copy not learn… , Congrat! ESET…

By: Randy Abrams

Randy Abrams — Wed, 03 Feb 2010 22:49:31 +0000

I’m not sure if Rico is calling us liars or Kaspersky, but he is welcome to his opinion

By: Rico Rico

Rico Rico — Wed, 03 Feb 2010 22:00:59 +0000

Chamulleros….

By: Gyllen

Gyllen — Wed, 03 Feb 2010 15:27:22 +0000

FAIL.

Eset rulz for not fall in that.