ConsumerReports just completed a study which tested anti-virus softwares for their effectiveness. But instead of just using the known threats and existing signatures, they created thousands of virus variants of their own to see if protective measures did any good. Of course, you have to be a subscriber to their magazine to get the results, so I’d love to hear from someone as to who won the battle, but nevertheless I thought it was a great idea.
Not everyone did.
The watchdog group is now being slammed for their approach, and I say this should serve as a warning to everyone who trusts their boxed anti-virus kit. Graham Cluley of Sophos noted:
“When I read about what ConsumerReports has done I want to bash my head against a brick wall. With over 185,000 viruses in existence was it really necessary for this magazine to create 5,000 more? It’s irresponsible behavior, and will be frowned upon by the antivirus industry. Leave antivirus testing to the independent testing bodies with expertise in the field”
Alarms aren’t designed to set themselves and subsequently go off only on designated burglar days, but anti-virus is certainly designed to trigger against known threats. That is what ConsumerReports was trying to get at – could anti-virus protect against previously unknown viruses. They even used existing signatures, varying them just slightly (like malcreants do). And I found no mention of ConsumerReports releasing them into the open, as the quote infers.
Maybe Graham wants to bash his head against the wall because his product doesn’t really protect like it should, and now he and his entire industry have been called out?
No argument from Slashdotters.