Author Topic: The DonationCoder "Superior Antivirus" Award/Certification (Read 51173 times)

superboyac · « **Reply #25 on:** December 03, 2009, 01:06 PM »

anyone want to try to make a nice fancy professional looking graphic logo for the page?
-mouser (December 01, 2009, 06:33 PM)

I can make a logo.

superboyac · « **Reply #26 on:** December 03, 2009, 01:48 PM »

How's this?

The DonationCoder "Superior Antivirus" Award/Certification

mouser · « **Reply #27 on:** December 03, 2009, 01:56 PM »

Thanks AC! but i think we may need something a little more polished and slick and unique looking in order to make the pr people at these companies drooling to have the award image on their page.. this is one of those cases where the award image really has to be something crave-worthy. no offense meant, just this might be one of those things that few people can really pull off perfectly outside Nick Pearson and a few of the top designers who hang out at DC. Well at least if we're going to make a real go of this. In the same vein, we should probably de-emphasize the "DonationCoder" part -- we're not trying to advertise ourselves here, but rather make something that anti-malware companies would want to put on their pages. Also i might add that my title for the award may be a bit lame.. i wonder if we can't come up with something more appealing "Honest Antivirus Award" maybe? but it lacks punch.

JavaJones · « **Reply #28 on:** December 03, 2009, 02:11 PM »

The focus stealing issue is an excellent one. Far too many apps do that, and with AV apps it's all the more critical to not accidentally confirm a default action without reviewing it first.

- Oshyan

superboyac · « **Reply #29 on:** December 03, 2009, 03:41 PM »

Thanks AC! but i think we may need something a little more polished and slick and unique looking in order to make the pr people at these companies drooling to have the award image on their page.. this is one of those cases where the award image really has to be something crave-worthy. no offense meant, just this might be one of those things that few people can really pull off perfectly outside Nick Pearson and a few of the top designers who hang out at DC. Well at least if we're going to make a real go of this. In the same vein, we should probably de-emphasize the "DonationCoder" part -- we're not trying to advertise ourselves here, but rather make something that anti-malware companies would want to put on their pages. Also i might add that my title for the award may be a bit lame.. i wonder if we can't come up with something more appealing "Honest Antivirus Award" maybe? but it lacks punch.
-mouser (December 03, 2009, 01:56 PM)

I still might be able to pull it off. If you want, let me know what it is you're looking for, and I'll try to do it. The reason why i attempted it is because I've been learning Illustrator and doing a lot of art lately. So just let me know.

mouser · « **Reply #30 on:** December 04, 2009, 06:20 AM »

Let's come up with the right name for this award/certification ("Superior Antivirus Award" or "Honest Antivirus Award"? must be something better!) then we can create a standalone website for it and focus on creating a nice logo.

SKA · « **Reply #31 on:** December 04, 2009, 07:18 AM »

DC Hall of Fame Antimalware Award

DC Best Antimalware Design Award

SKA

mouser · « **Reply #32 on:** December 04, 2009, 07:33 AM »

i dont want to make this about DC -- it should be something that other sites can get behind and support.
i think it should convey a kind of Certification, rather than just another meaningless web site award.

Carol Haynes · « **Reply #33 on:** December 04, 2009, 07:57 AM »

Clear Speaking (or Info) Security Award

Then it could be broadened to suites, firewalls etc. You could have subclasses for the different app classes

How about a Crystal mark (Crystal clear security) - see http://www.plainenglish.co.uk/

The Plain English campaign really came alive when they started issuing Crystal marks. The whole point is to remove legalese and obfuscation especially in official documents.

cmpm · « **Reply #34 on:** December 04, 2009, 12:41 PM »

"Secure Security Points Aware"

Or something that you can check the points it will do or not do, listed here in this thread. Like checking a box that 'Yes' or 'No' is covered.

mouser · « **Reply #35 on:** December 05, 2009, 03:21 PM »

I think another feature that all antivirus/antimalware programs should support is the ability to install them alongside other antivirus programs and use them only in an ondemand scanning capacity. Most antivirus programs may already do this, though most warn you not to install them in combination with other such tools.

Josh · « **Reply #36 on:** December 05, 2009, 03:27 PM »

Why install more than one AV? That is just asking for problems. I laughed when my security+ instructor told me he used 3 A/Vs on his PC at one time and then later in the class complained about how slow his system was.

mouser · « **Reply #37 on:** December 05, 2009, 03:33 PM »

That's sort of getting at my point -- installing an antivirus and being able to configure it ONLY for ondemand scanning should be doable without leaving any resident processes running, without causing any slow down at all.

The value of it is being able to get second opinions about possible threats, without slowing down your system.

But the problem is, as you described -- that even when antivirus programs have an option to disable background scanning, they often seem to eat up resources and conflict with other background scanners.

So i am proposing that a high quality antivirus program should be configurable to install without any background processes running and without any impact on the system when not being asked to scan.

JavaJones · « **Reply #38 on:** December 05, 2009, 04:03 PM »

I like the idea of that Mouser, but I don't think it should be a requirement or anything. Maybe a separate award or just a check list item that isn't necessarily scored on.

- Oshyan

mouser · « **Reply #39 on:** December 05, 2009, 04:16 PM »

fair enough -- it is sort of outside the scope of the other requirements.

Stoic Joker · « **Reply #40 on:** December 06, 2009, 01:29 PM »

fair enough -- it is sort of outside the scope of the other requirements.
-mouser (December 05, 2009, 04:16 PM)

I'm not so sure...as it falls heavily into the user friendliness category. Many installs/updates require or at least strongly suggest that the AV software be temporarily disabled while they are running. If the AV software can not be disabled (uninstalling doesn't count here), then the AV software is basically begging-for-a-fight with what ever may innocently need its draconian iron glove out of the way for a moment. Who suffers? ...The user.

Proactive vs. reactive scanning mode availability is directly related to that central (key) point.

JavaJones · « **Reply #41 on:** December 06, 2009, 03:13 PM »

Most AV apps I've ever seen or worked with can be temporarily disabled. That's different than being explicitly friendly to co-existing with other AV apps or having a mode where they're easily installed but have all "active" scanning disabled, and only available for "on-demand".

Something I forgot to mention also is that an increasing number of AV vendors now have scan-only (i.e. "on demand") solutions in the form of web-based (though in many cases not really web-based) on-demand scanners. BitDefender, Kaspersky, TrendMicro, Panda, NOD32, and more. So maybe these are the solution?

- Oshyan

longrun · « **Reply #42 on:** December 10, 2009, 06:47 AM »

I think this discussion misses the point to some extent: the goal is to eliminate false positives, not explain them. Given a choice between product A, which produces almost no false positives but offers no explanation, and product B, which produces reams of them but explains them perfectly, I'd choose A.

mouser · « **Reply #43 on:** December 10, 2009, 07:55 AM »

I think this discussion misses the point to some extent: the goal is to eliminate false positives, not explain them.

Well sure, but the problem is that it's hard to think of concrete "regulations" or guidelines that would reduce false positives. In addition the antivirus companies are scored based on number of detections and rarely if ever on the number of false positives so they have little motivation to reduce them.

So I think this award is a recognition that we can't get rid of "false positives" but instea is an attempt to make sure that when an antivirus does alert, it is honest with the user about the assessment of the situation.

In my opinion, I would rather have an antivirus pop up an alert to me saying that it found something that *might* be problematic, and give me enough information to decide if it is, than to keep quiet or scream that the house is on fire.

EDIT: One thing that would reduce the number of false positives is if antivirus benchmarking sites evaluated and scored and reported on the number of false positives in antivirus products. I'm not sure how our award could address that though.

DocSavage · « **Reply #44 on:** December 10, 2009, 08:26 AM »

RANT!
probably off the true topic, but I often wish for an AV UI that is understandable to non-experts. (me). i wish there were some agreed on naming convention. What in the world is "Resident Shield" anyway & do I need a "Network Shield, P2P Shield, Standard Shield or Web Shield" also? Am I going up in smoke without a "Link Scanner" or a "RootKit" warning? Is "Defender" enough? Do I need "MS Security Essentials" also? Or will all these guys fight each other & send my machine up in smoke?
Oh Well. I guess I have stumbled on a good mix since I don't seem to get Virus or Trojan infections. (that I know of!?)

dk

longrun · « **Reply #45 on:** December 10, 2009, 08:53 AM »

One thing that would reduce the number of false positives is if antivirus benchmarking sites evaluated and scored and reported on the number of false positives in antivirus products. I'm not sure how our award could address that though.
-mouser (December 10, 2009, 07:55 AM)

AV Comparatives AV-Comparatives prominently displays a false positives rating which seems accurate, based on my limited experience.

I agree with the goal of the certification, but it can result in recommending an otherwise lousy product, particularly one that produces lots of fully explained false positives.

JavaJones · « **Reply #46 on:** December 10, 2009, 04:33 PM »

Certainly this "certification" would be just one of the criteria a program is rated on. I would never make a recommendation to anyone *solely* on this factor. But it is a useful idea not yet handled well by most AV soft I've seen.

- Oshyan

RedPillow · « **Reply #47 on:** December 19, 2009, 05:33 PM »

I have used F-secure for couple of years now, I like it because it has this "File could not be removed, file renamed" function, which is really REALLY great.

Maybe you should add something like that to it?

Also, scanning at startup-function is very good too.

sciagent · « **Reply #48 on:** December 19, 2009, 06:21 PM »

During the recent years I used F-Secure Internet Security. Mainly because it was reliable (one should check this from time to time as it is seen now) - it uses few databases from different suppliers including Kaspersky.

That continued till last spring when I got a free copy of Advanced System Protector Pro, which found plenty of threats in my PC running F-Secure.

A bit later I came through this info:
http://www.finjan.com/MCRCblog.aspx?EntryId=2237
and gave a careful look to AVG free. First run after installation - ant it found many more threats - just on a PC running both, F-Secure, and Protector Pro. F-Secure has even "informed" me of some viruses as soon as AVG located them - but after that. Why not before?

Now I use AVG free on all my Windows-based PCs and do not have any problems as it is seen from occasional tests with different AVs or that kind of software.

housetier · « **Reply #49 on:** December 20, 2009, 12:06 AM »

The award could only go to a company that does not try to sell "security". They should be honest about what their product really does: attempt to lessen the likelihood of catching a worm, virus, or whatever. When they "guarantee 100% security" they are making fools of their customers.

But if they do educate their customers and try to raise their awareness about those "dangers" without resorting to panicking them, I think that should have a positive impact on the uhm awardiness(?).