Main Area and Open Discussion > General Software Discussion
Nirsoft's Antivirus Hall of Shame
tomos:
I'll forgive an anti-virus for false-positives if they make it easy to report them (and they do something with that info).
That's why I stopped using Avira (Pro) a couple of years ago. I wasn't sure whether to mention them here, because at least you were able to report, and they did do something about it -- and they may have improved/streamlined the process since, but at the time, the {amount of false-positives} + {the difficulty reporting} was too much for me.
Stoic Joker:
Or the typical end-user should up their game and actually grow some sense! While that would be the best direction to go, it will never happen, because of 2 reasons:1). More savvy end-users do not benefit the coffers from anti-virus vendors.2). Typical end-users either have an inability to grow some sense or worse, they don't care.-Shades (October 19, 2015, 07:22 PM)
--- End quote ---
While my reflexive cynicism makes me inclined to agree... The positively abysmal performance of AV software over the last several years have caused many of the top security companies to come up with a rather new concept called the Human Firewall. Which I'll admit is a much catchier name than what I've been calling it - Defensive Driving on the Information Highway - for years.
So perhaps play time is over, and it really is time for people to knuckle down and learn how to drive.
JavaJones:
Has anyone done any studies/surveys/etc. on how often these heuristics actually catch "0-day" vulnerabilities? You'd think this would be the kind of thing that the big AV companies crow about all the time, especially when a new vulnerability is discovered. "Dear Norton users, today you are safe from the massive BlarghNet virus outbreak because our advanced heuristics proactively detected the unsafe behavior before anyone even knew of its existence. Stick with Norton and be safe!", or whatever BS. Anyone heard/seen any press releases like that? I know I haven't. Maybe it's just not happening that often...
Even if heuristics are useful, I do think the behavior of AV products could really stand to be improved in the ways others are suggesting. 2 notable things, I think:
1: Try to explain to the user/give more info when a heuristic-based detection is made. One big improvement for at least many AV products would be clearly differentiating between something detected based on a clear, positive signature match (strong positive match) vs. a detection of "suspicious behavior" or code based on a heuristic. If a % match or degree of certainty could be estimated, all the better. Will the average user do much with the info? Maybe not. But that's not a good reason not to at least *try* to educate them.
2: Easily allow false positive reporting. Some AV apps do allow this, if I recall correctly, or perhaps just take an "allow" choice as a "vote" by their user community. But as we've seen from Nirsoft as well as some of DC's own software, the AV companies do not move fast enough on this, and are not responsive enough to the actual usage patterns of their customers.
- Oshyan
Stoic Joker:
Anyone heard/seen any press releases like that? I know I haven't. Maybe it's just not happening that often...
-JavaJones (October 20, 2015, 01:57 PM)
--- End quote ---
Does bring to mind the old expression "Deafening Silence" doesn't it.. :D
Your point 1 as stated would dovetail rather nicely with the Human Firewall (educational program basically) I mentioned earlier. If the AV companies toned down the jargon a bit, and just - 10 words or less - plainly stated we think this is trying to X the overall outcome would improve drastically virtually overnight. Hell some of these reports are so blatheringly unspecific that I can't even figure out what the heck they're trying to say half the time.
Renegade:
ALYac 0 0 0 0 100
--- End quote ---
Woohoo for ALYac and my buddies over at ESTsoft~! ;D
I really don't think it's that difficult to do. I think it's less a matter of changing the functionality than the communication with the user.
-mouser (October 19, 2015, 04:48 PM)
--- End quote ---
I think you are overestimating how easy it is there. Communicating with the user is very, very far from easy for this kind of software.
1. They don't care.
2. Stop using big words.
3. like wtf heristick lip gloss huh lol?!!11!!1!\
4. wut wuz i doin
5. pron gam3z 4evah!!!!!1111!1
Or something along those lines.
You've got a very broad audience where computer literacy ranges from god-like to near zero. Addressing that range of people is tough, and the less computer literate they are, the more important the communications are.
And you've got the issue of not nagging them, but at the same time making sure that important notices aren't dismissed by reflex.
Can it be done? Sure. But I think the effort required for those communications (and the infrastructure to support the communications) is far more than most companies are willing to even entertain, even if they had the imagination for the task (which I doubt is there as it requires reimagining standard and common practices).
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version