Linked by Thom Holwerda on Sat 6th Nov 2010 00:27 UTC
Privacy, Security, Encryption Well, this was to be expected: an anti-virus company complaining that Microsoft's Security Essentials - by far the best anti-virus tool for Windows - is anti-competitive. Microsoft recently began offering MSE as an optional download via the optional Microsoft Update service (which is not Windows Update), and Trend Micro (a patent troll) is going into boo-hoo mode over it.
Order by: Score:
Screw Trend Micro
by Lazarus on Sat 6th Nov 2010 00:39 UTC
Lazarus
Member since:
2005-08-10

I wish I had something insightful to add, but I felt like posting my total agreement with this assessment.

I don't see this as Microsoft doing anything bad here and just have to laugh at the folks crying about it.

Reply Score: 9

RE: Screw Trend Micro
by UltraZelda64 on Sat 6th Nov 2010 03:27 UTC in reply to "Screw Trend Micro"
UltraZelda64 Member since:
2006-12-05

I agree. I can add that, like the article says, Microsoft Security Essentials *is* the best IMO... which is ironic in a way because, hey, it's Microsoft... it seems like every other design decision they make is braindead and/or outright against the wishes of the average computer user. On the other hand, no one knows Windows and all of its holes better than its creator. Either way, although I don't use Windows anymore, I have recommended MSE pretty much ever since it came out. It's cleaner and stays out of the way, and if you've got 512+MB RAM, it does pretty decent at resource usage.

On the other hand, I read years and years ago (in the XP days) that Trend Micro's AV was the "best" or the "most accurate" or something. Whether it was or not, I don't know, but you can't beat Microsoft's FREE offering IMO. Yeah, yeah... okay--in the act of buying and using Windows, you're probably still paying for it somehow anyway... but still, they could've easily charged for it. IMO security software (AKA anti-virus in Windows) is something that should be packaged to begin with into the operating system... but the these worthless AV companies, that has antitrust written all over it. If only history worked differently, and Windows had antivirus software built-in well before the antitrust lawsuit.

I used to think of Trend Microsoft as better than McAfee and Symantec... but now with their bitching about patents over ClamAV, they can go f*** themselves. Wishmaster 2-style.

Edited 2010-11-06 03:29 UTC

Reply Score: 4

RE[2]: Screw Trend Micro
by Moredhas on Sun 7th Nov 2010 03:56 UTC in reply to "RE: Screw Trend Micro"
Moredhas Member since:
2008-04-10

Possibly a stupid question, but if Microsoft can make software that adequately compensates for Windows' security flaws... Why not make an OS that didn't have those flaws to begin with?

Reply Score: 4

RE[3]: Screw Trend Micro
by PlatformAgnostic on Sun 7th Nov 2010 06:59 UTC in reply to "RE[2]: Screw Trend Micro"
PlatformAgnostic Member since:
2006-01-02

Presumably the majority of flaws are not in the OS, but in what the user actively chooses to run.

Reply Score: 5

RE[4]: Screw Trend Micro
by liontaur on Sun 7th Nov 2010 20:02 UTC in reply to "RE[3]: Screw Trend Micro"
liontaur Member since:
2010-11-06

And with how many millions of lines of code from probably thousands of programmers, there will always be vulnerabilities in every OS.... well, except for OpenBSD ;)

Reply Score: 4

RE[3]: Screw Trend Micro
by ncopa on Mon 8th Nov 2010 12:24 UTC in reply to "RE[2]: Screw Trend Micro"
ncopa Member since:
2010-11-08

Because that would break backwards compatibility?

Reply Score: 1

The Best? Are you sure about it?
by OSGuy on Sat 6th Nov 2010 00:43 UTC
OSGuy
Member since:
2006-01-01

by far the best anti-virus tool for Windows

Poor protection against keyloggers, rootkits, and scareware. Just average protection against general malware. In testing, sometimes erroneously reported successful malware removal or blocking.

Installing the free Microsoft Security Essentials will protect your system from malware—to a degree. But you'll get better protection from one of the other well-known free anti-malware products.

Source: http://www.pcmag.com/article2/0,2817,2353386,00.asp



During the 3rd quarter of 2010 we have tested 19 security products in the areas protection, repair and usability. The "Protection" covers static and dynamic malware detection, including real-world 0-Day attack testing. In case of "Repair", we check the system disinfection and rootkit removal in detail. The "Usability" testing includes the system slow-down caused by the tools and the number of false positives. A product has to reach at least 12 points total in order to receive a certification. 13 products have fulfilled our requirements and received an AV-Test certificate. The test reports can be found here:

Microsoft: Security Essentials 1.0 - Certified: no

Source: http://www.av-test.org/certifications.php


Here is another comparison chart: http://www.matousec.com/projects/proactive-security-challenge/resul...

For the record, I use Avira with real time off....only scan on demand when downloading files.

Edited 2010-11-06 00:48 UTC

Reply Score: 1

Sodki Member since:
2005-11-10

MSE is "good enough" as a security tool, while being the best in the the "don't harass the user" department. That alone convinced me.

PS: actually, I use GNU/Linux and home and at work, so It doesn't affect me much. :-)

Reply Score: 5

l3v1 Member since:
2005-07-06

MSE is "good enough" as a security tool, while being the best in the the "don't harass the user" department. That alone convinced me.


Which only prooves what MS has been really good at for a long time: catching users that don't have the time, con't care enough, don't know better, or just don't want to deal with other apps in order to look for alternatives. With MSE they did good, since they managed to gather a user based even though there are a lot of very good free alternatives, sometimes with more capabilities. Just as a note: "good enough" with a low level of "harassment", there are quite some nice ones out there.

Reply Score: 3

MollyC Member since:
2006-07-04

Your first link points to a study over a year old.
Your second link for some reason points to the Windows XP study rather than the Windows 7 one; I couldn't care less about XP today, and MSE is indeed "certified" for Windows 7 by those that ran that study.
Your third link, judging from the dates of the comments, refers to a study from March 2008.

Edited 2010-11-06 00:52 UTC

Reply Score: 5

OSGuy Member since:
2006-01-01

Didn't pay attention to the dates, I give you credit for that ;) It would be interesting to see a retest.

Reply Score: 2

b0ne Member since:
2006-05-19

Your first link points to a study over a year old.
Your second link for some reason points to the Windows XP study rather than the Windows 7 one


On-demand file scans are generally considered to be an OS agnostic task, meaning detection rates should not differ.

I have a hard time agreeing that MSE is the overall "best." Yes it has decent detection rates, but it is definitely not the fastest scanner out there. Quite the opposite. The free price makes the speed tolerable though.

http://www.av-comparatives.org/images/stories/test/ondret/avc_od_au...

Total detection rates:
1. G DATA 99.9%
2. Trustport, AVIRA 99.8%
3. McAfee 99.4%
4. Avast, Bitdefender 99.3%
5. F-Secure, eScan, Panda 99.2%
6. Symantec 98.7%
7. ESET 98.6%
8. AVG, Kaspersky 98.3%
9. PC Tools 98.1%
10. Microsoft 97.6%
11. Sophos 96.8%
12. Norman, K7 96.6%
13. Trend Micro 90.3%
14. Kingsoft 80.1%

Reply Score: 2

Tuishimi Member since:
2005-07-06

Better than Trend Micro tho'.

Reply Score: 3

Laurence Member since:
2007-03-26

I have a hard time agreeing that MSE is the overall "best." Yes it has decent detection rates, but it is definitely not the fastest scanner out there. Quite the opposite. The free price makes the speed tolerable though.


Better than Trend Micro tho'.

Yeah, but still worse than all the other free scanners.

Edited 2010-11-07 11:08 UTC

Reply Score: 2

Tuishimi Member since:
2005-07-06

Let's not bicker over who killed who!

Reply Score: 2

Tuishimi Member since:
2005-07-06

Yes, but there are other aspects to the results, such as "false positives" where MSE was better than most. It has also been said in forums that the stuff being scanned, some of it dates back to the mid-90's. While MSE has nothing to be ashamed of for a 97.6% score, I might even suggest that they are trying to make it balanced with performance and also possibly trying to concern themselves with the most modern and typical style of viruses prevalent today.

I was, however disappointed with the middle-of-the-road scripts protection. That was their lowest score at 88.1%.

Reply Score: 3

Thom_Holwerda Member since:
2005-06-29

Do those tests take into account how crap like McAfee and such take over your computer, infesting every corner of it with pop-ups and other annoyances?

If not - fail.

Reply Score: 4

WereCatf Member since:
2006-02-15

Do those tests take into account how crap like McAfee and such take over your computer, infesting every corner of it with pop-ups and other annoyances?

You know very well that such things do not belong in a test about the engine accuracy. They belong in a review of the software, or something similar.

Yes, I know how horrible McAfee is: I've had to several times fix computers with McAfee or Norton installed on them, and it's the anti-virus that has been the cause of slowdowns and crashes, and in one case even filesystem corruption, and all the issues went away after removing the anti-virus in question (Of course with the exception of filesystem corruption which required more work), and most likely anyone who's had to repair computers with them installed has similar experiences.

But you could still leave two sentences long flamebaits out of here and grow up a bit.

Reply Score: 6

werfu Member since:
2005-09-15

Hum, I don't see Comodo there... I'm using their Security Suit. It's pretty lightweight and it found threats that AVG didn't found too. There's other using it?

Reply Score: 1

Tuishimi Member since:
2005-07-06

Yes, nice catch! Windows 7 - Yes

Also, something that should be called into question is the "quality" of the test cases. And a 1-5 scale? I prefer av-comparitives.org scoring... altho' the question of the test cases still exists.

Reply Score: 2

flanque Member since:
2005-12-15

I just got some woman pulling her hair out on that page... kinda ironic really. ;)

Reply Score: 2

Tuishimi Member since:
2005-07-06

:) ;)

Reply Score: 2

Gone fishing Member since:
2006-02-22

MSE Best AV - well thats contentious, it certainly doesn't nag the user to death, slow the box down to a miserable crawl like some well known AVs and seems reasonably effective.

But best - well MSE has been tested on Virus Bulletin 3 time and fail the 100% once - NOD32 has been tested 64 times and fail 3 last fail in 2002.

http://www.virusbtn.com/vb100/archive/results?display=summary

Best Mmmm?

Reply Score: 3

l3v1 Member since:
2005-07-06

MSE Best AV - well thats contentious, it certainly doesn't nag the user to death, slow the box down to a miserable crawl like some well known AVs and seems reasonably effective.


You know of course, that that in itself doesn't proove much, right ? ;) It's a typical tiger repellent stone example. Anyway, many accept it as good enough, which is hard to argue, since one's good is not the same as others' good ;)

Reply Score: 2

Gone fishing Member since:
2006-02-22

You know of course, that that in itself doesn't proove much, right ? ;)


Yes agreed, I don't use MSE but pay for a solution, however, if you don't pay for an AV then MSE will be a lot better than nothing. Whether that is good enough time will tell and it will also depend on you level of computing stupidity, promiscuity etc.

Unfortunately here (in Lesotho) even if its very good it wont make much impact on the virus problem as few computer owners have internet to update MSE and about 90% of Desktop owners use pirate copies of Windows that don't pass the genuine advantage test and so can't have MSE anyway.

Reply Score: 5

modmans2ndcoming Member since:
2005-11-09

Microsoft already has their malware removal tool that gets sent out once a month in an update and removes root kits, key loggers, etc with little problem.

Reply Score: 2

Well....
by Anonymous Coward on Sat 6th Nov 2010 01:32 UTC
Anonymous Coward
Member since:
2005-07-06

MSE is better than others at getting out of the way, and I have a bit more faith in it as far as dealing with things like Smitfraud....but with all of the good, it still irks me when my system starts freezing, and I look in Taskmanager to se MsMpEng sucking up 99% CPU.

It doesn't happen often, and just about never on my Win7 machine....but my Core2 Duo at work running XP... no good.

Reply Score: 1

Wish I could agree about MSE
by darknexus on Sat 6th Nov 2010 01:33 UTC
darknexus
Member since:
2008-07-15

Unfortunately, my experience has been less than positive on my Windows 7 system. It always gets the fan going pretty quickly, and causes major system lag. Granted I don't have a super high spec system, but it's more than enough to be able to run 7 and all the applications I need... oh, and it runs Avast just fine. So, while I agree with the assessment of Trendmicro, I don't have a positive experience with MSE and so certainly can't agree that it's the best security tool on Windows.

Reply Score: 1

RE: Wish I could agree about MSE
by jgagnon on Mon 8th Nov 2010 13:09 UTC in reply to "Wish I could agree about MSE"
jgagnon Member since:
2008-06-24

I've been running MSE on an Atom 330 laptop with Windows 7 (Asus 1201N) and I can say I don't notice any real difference in performance after I installed it. The system itself is not speedy, but with the ION graphics it actually runs some games better than it does some office apps. But it does what I need it to do so I don't complain much. :p

Reply Score: 1

nt_jerkface
Member since:
2009-08-26

What are they going to argue? That it is in the best interest of consumers for MS not to do this? Don't improve security to protect trend micro? Botnets send out spam to everyone, this is an issue that affects us all.

Reply Score: 3

rjamorim Member since:
2005-12-05

They are probably going to argue that if Microsoft Update doesn't find an anti-virus in the system, it should show the user a selection of anti-virus choices. You know, like the browser ballot in EU computers.

Reply Score: 3

OSGuy Member since:
2006-01-01

Haha that is so probable! I won't be surprised if it does happen.

Edited 2010-11-06 07:12 UTC

Reply Score: 2

nirishdave Member since:
2008-09-03

Make sure you include Opera in the Ballot screen. ;)

Reply Score: 2

Trend Micro =/= patent troll
by JokeyRhyme on Sat 6th Nov 2010 03:56 UTC
JokeyRhyme
Member since:
2010-05-28

I would hardly call Trend Micro a patent troll. They actually have released products in the domain in question for quite some time. That would be like calling Apple or Microsoft patent trolls. We could call these companies many things, but they don't exist solely to litigate patent suits or licence patents (which is how I would define "patent troll").

That said, Trend Micro certainly haven't earned themselves many friends lately.

Reply Score: 13

RE: Trend Micro =/= patent troll
by galvanash on Sat 6th Nov 2010 04:51 UTC in reply to "Trend Micro =/= patent troll"
galvanash Member since:
2006-01-25

I would mod you up, but I want to add to what you said... It is counter-productive to call a company like this a patent troll, because it dilutes the definition of the term to the point that it doesn't mean anything anymore. If Trend Micro is a patent troll than virtually every software company on earth who has ever been granted a patent and filed suit at some point is one...

I am violently opposed to the practice of patent trolling. A patent troll is a company that produces nothing, files for and/or acquires obvious patents and then silently waits for an actual functional business to implement their now patented idea and sues the crap out of them for their trouble.

Trend Micro is NOT a patent troll. They make stuff. The stuff they make may be pretty crappy, you may hate their product (hell I hate their product), etc. etc., but they do make something.

The term should be reserved for the vile, filthy, cowardly, scum-of-the-earth, no-talent, useless assholes that truly deserve the title.

Reply Score: 17

Soulbender Member since:
2005-08-18

To these two excellent points I would like to add that I can certainly see why Trends might be miffed about MSE although applying the term antitrust is probably not correct. This is actually more like unfair competition and price dumping, MS is more or less dumping a new product into an existing market and using profits from other products to cover their losses.
I'm not saying Trends is necessarily right but I can see why this behavior would upset them.
I also hate their products too btw, but making crap products isn't against the law.

Reply Score: 3

WereCatf Member since:
2006-02-15

This is actually more like unfair competition and price dumping, MS is more or less dumping a new product into an existing market and using profits from other products to cover their losses.

MSE is not a new product, it has existed already for quite some time. So none of this applies.

Reply Score: 2

vodoomoth Member since:
2010-03-30

Which still doesn't make Trend Micro's complaint something I can agree with. People have been paying for Yahoo Mail plus before GMail arrived. People have been paying for IntelliJ IDEA before Eclipse surfaced (having reportedly cost $40 million to IBM). And these are probably not the sole examples but my mind can't find another valid one right now. The whole h.264 and WebM? Google has "given" web users several good free products that are not search-centric. I bet some of these markets had vendors (of non-free solutions/products) that were already established. Best example, Linux vs Windows...

Big players "dumping" markets looks like a fact of life. Businesses should just learn to deal with it, either by establishing a monopoly and trying to crush the competition, or by releasing products better than the competition. I won't feel sorry for Trend Micro, and that's not just because I use Avira. Imagine if people using MSE were left "in the dark" just to protect AV companies' bottom line.

Reply Score: 4

It is the best
by cefarix on Sat 6th Nov 2010 06:30 UTC
cefarix
Member since:
2006-03-18

I switched to MSE when it came out and I tell everyone to switch to it

Edited 2010-11-06 06:30 UTC

Reply Score: 2

RE: It is the best
by l3v1 on Sat 6th Nov 2010 10:25 UTC in reply to "It is the best"
l3v1 Member since:
2005-07-06

Sir, your arguments just convinced me. Not.

Reply Score: 2

RE[2]: It is the best
by Tuishimi on Sat 6th Nov 2010 16:09 UTC in reply to "RE: It is the best"
Tuishimi Member since:
2005-07-06

You had me going up until the "Not."

Reply Score: 3

RE[2]: It is the best
by cefarix on Sat 6th Nov 2010 18:09 UTC in reply to "RE: It is the best"
cefarix Member since:
2006-03-18

Not everything on the interwebs is an argument.

Reply Score: 3

RE[3]: It is the best
by Morgan on Sun 7th Nov 2010 16:05 UTC in reply to "RE[2]: It is the best"
Morgan Member since:
2005-06-29

Yes it is. ;)

Reply Score: 4

v Terrible
by dgun on Sat 6th Nov 2010 11:13 UTC
RE: Terrible
by talaf on Sat 6th Nov 2010 12:38 UTC in reply to "Terrible"
talaf Member since:
2008-11-19

You're trolling, please develop? In the consumer market, MS has the largest footprint by far, making them the prime target for any security expert. Over the years they developped alot of inherent security mechanisms in the system while mounting what is probably one of the best threat-response workflow of every desktop OS company. They were bad years ago but please provide substantial results on why they didn't improve in the recent years?

Sure, they're not OpenBSD, but their market is quite different and has different needs. I'm all for a good MS bashing but security since vista/7 has improved by leaps. After that, it's not really their fault people are stupid, dl random exe from porn sites, disable UAC and the likes.

Reply Score: 1

RE[2]: Terrible
by jgagnon on Mon 8th Nov 2010 13:24 UTC in reply to "RE: Terrible"
jgagnon Member since:
2008-06-24

This is a good point. It would be interesting to how well OpenBSD would fair with the same desktop exposure as Windows. It most certainly would do much better than Windows, but I'm sure that level of exposure to the world would open up some problems.

Reply Score: 1

Despite what I said above
by OSGuy on Sat 6th Nov 2010 11:38 UTC
OSGuy
Member since:
2006-01-01

I would choose MSE over Trend Micro anytime.

Reply Score: 3

Comment by re_re
by re_re on Sat 6th Nov 2010 15:34 UTC
re_re
Member since:
2005-07-06

To be totally honest, I don't really like MS, but they did a damn fine job with Windows 7, and as far as them supplying their own antivirus software ...... Well, who better then them, It is in the companies best interest to keep it's operating system secure. It makes them look better and secures it's customer base.

If another company can do better, they will win out (at least on the corporate level) which is where most of these security companies make their money anyway.

Reply Score: 5

Yea, but it's free!
by liontaur on Sat 6th Nov 2010 17:49 UTC
liontaur
Member since:
2010-11-06

So really, what's there to complain about? It's not that bad by any means so that's two bonuses. I've installed it on a couple of people's computers and no complaints so far (it's been a year or so).

Reply Score: 3

Can we trust the charts about AV ?
by sirhill on Sat 6th Nov 2010 19:50 UTC
sirhill
Member since:
2010-11-06

I have a problem with all thoses tests on AV.
As I am not a security expert, I can't judge the value of them.

Don't you feel weird that every time a chart is publish there is always one with 100% ?
It remind me Graphic Cards tests.

Edited 2010-11-06 19:51 UTC

Reply Score: 2

v I have read the computer news lately
by the old rang on Sat 6th Nov 2010 20:55 UTC
Maybe the "Best" but not the most effective.
by NeoX on Sat 6th Nov 2010 21:02 UTC
NeoX
Member since:
2006-02-19

by far the best anti-virus tool for Windows

I agree with you on this. MSE is the best tool when it comes to fast scans, unobtrusive behavior and performance. You will hardly know that it is installed.

However, best does not always mean most effective. I have been installing MSE on systems since it was first introduced. Going so far as to supplant AVG, Avira, Norton and Mcafee on most of my clients systems. Then the support calls came. It seems that quite a few fake Anti-virus programs make it right through MSE. Ahh but all the others failed to catch them too.

Malwarebytes did prevent most of them, provided you pay the one time fee of $25 to get the real-time protection.

So for some things, MSE is not entirely effective. However they did a major update to the MSE client recently and I have been hearing of less things that are getting through, so hopefully the continue to make progress here. On any system I setup I always install Malwarebytes in addition to MSE, if the client does not want to pay the $25 fee for MB. Even the free version of MB is a great removal tool for these nasties.

Reply Score: 3

Change in license agreement
by fran on Sat 6th Nov 2010 22:55 UTC
fran
Member since:
2010-08-06

I wonder if the American government is going to step into this. Their is so many unprotected computers serving as botnets out there that automatically securing them through an update could be in the interest of national security. I guess it sound a little extreme but it is possible.

Question: Would Microsoft be able to change their licensing agreement with the next version for eventualities like this? I mean apple dont have trouble loading Mac OS with all wonderfull add ons like ilife coming as default.

Windows itself could be so much better and a richer experience if Microsoft can make these additions add without being sued all the time.

Reply Score: 2

It Actually Works
by aust77 on Sun 7th Nov 2010 02:08 UTC
aust77
Member since:
2010-10-08

As a full time Linux user, I don't worry too much about anti virus software, but recently I installed MSE on a relatives computer (who does not have a broad knowledge of computers) via Windows Update and I find it to be a good program that does not pester you too much but gets the job done--to an extent.

Basically, if you treat your Windows install with care, MSE will help you ensure it is secure. For example, the PC I installed it on has been in use for a year, and MSE was able to detect 6 potential exploits and deal with them accordingly.

I appreciate Microsoft finally making anti virus software built with a insider knowledge of Windows--after all, they made it. Now I hope more people will not have to worry about the annoying nightmares we call Symantec, Norton, etc.

Good luck and safe computing to all!


aust77

Reply Score: 2

RE: It Actually Works
by lemur2 on Sun 7th Nov 2010 22:46 UTC in reply to "It Actually Works"
lemur2 Member since:
2007-02-17

As a full time Linux user, I don't worry too much about anti virus software, but recently I installed MSE on a relatives computer (who does not have a broad knowledge of computers) via Windows Update and I find it to be a good program that does not pester you too much but gets the job done--to an extent. Basically, if you treat your Windows install with care, MSE will help you ensure it is secure. For example, the PC I installed it on has been in use for a year, and MSE was able to detect 6 potential exploits and deal with them accordingly. I appreciate Microsoft finally making anti virus software built with a insider knowledge of Windows--after all, they made it. Now I hope more people will not have to worry about the annoying nightmares we call Symantec, Norton, etc. Good luck and safe computing to all! aust77


The problem is not the six potential Windows exploits that you encountered which MSE successfully dealt with, but rather the unknown number (it might be zero if you are lucky) which you encountered that MSE did not successfully deal with, and which perhaps are now effectively installed on your system and hidden from view so that MSE cannot see them (even if MSE receives a database update it stiil may not see them).

After-the-fact security, such as any anti-malware scanner programmer such as MSE relies on, is doomed to fail in the face of ever-increasing numbers of malware threats. In a year, you say your own PC encountered (at least) six such threats. There were reportedly two million new pieces of malware written for Windows just this last year alone.

Every Windows PC connected to the Internet will encounter new malware threats at an ever-increasing rate. No after-the-fact anti-malware scanner can possibly keep up. Even if the successfult detection rate is a high as 95% (which is pretty good), that means that one is likely to encounter a threat that is not detected once in every twenty exposures.

I'd estimate that the avearge un-infected lifetime of a Windows PC connected to the Internet and used for browsing etc, even one protected by anti-malware such as MSE, is currently down to about 12 months or so. Maybe even less. Given the ever-increasing sheer volume of malware out there, this is only ever going to come down.

So when you say it actually works ... Hmmmm. I don't think so. It can't work IMO, no matter how well it performs, because of the nature of the problem it tries to address.

This is surely a losing battle if ever their was one.

Reply Score: 4

RE[2]: It Actually Works
by lucas_maximus on Mon 8th Nov 2010 13:30 UTC in reply to "RE: It Actually Works"
lucas_maximus Member since:
2009-08-18

Have you got any facts to back up your claims about a Windows 7 PC will be most likely infected after 12 months??

MSE or anti-virus program are the last line of defence. Not exposing yourself to risk in the first place, and keeping the your internet enabled programs and operating system up-2-date are preferrable.

Windows 7 regularly updates the default browser and the operating system and does it silently in the background. All the major browsers that run on Windows automatically keep themselves patched, and the firewall is turned on by default. Also the user is not running as root until prompted by UAC. How is this any worse than Linux or Mac OSX?

Lets not forget that the other major Desktop Operating system MacOSX comes with the firewall disabled as <a href="http://www.macobserver.com/tmo/article/snow_leopard_enabling_the_bu....

Reply Score: 1

RE[2]: It Actually Works
by Bounty on Mon 8th Nov 2010 17:02 UTC in reply to "RE: It Actually Works"
Bounty Member since:
2006-09-18


The problem is not the six potential Windows exploits that you encountered which MSE successfully dealt with, but rather the unknown number (it might be zero if you are lucky) which you encountered that MSE did not successfully deal with, and which perhaps are now effectively installed on your system and hidden from view so that MSE cannot see them (even if MSE receives a database update it stiil may not see them).

After-the-fact security, such as any anti-malware scanner programmer such as MSE relies on, is doomed to fail in the face of ever-increasing numbers of malware threats. In a year, you say your own PC encountered (at least) six such threats. There were reportedly two million new pieces of malware written for Windows just this last year alone.

Every Windows PC connected to the Internet will encounter new malware threats at an ever-increasing rate. No after-the-fact anti-malware scanner can possibly keep up. Even if the successfult detection rate is a high as 95% (which is pretty good), that means that one is likely to encounter a threat that is not detected once in every twenty exposures.

I'd estimate that the avearge un-infected lifetime of a Windows PC connected to the Internet and used for browsing etc, even one protected by anti-malware such as MSE, is currently down to about 12 months or so. Maybe even less. Given the ever-increasing sheer volume of malware out there, this is only ever going to come down.

So when you say it actually works ... Hmmmm. I don't think so. It can't work IMO, no matter how well it performs, because of the nature of the problem it tries to address.

This is surely a losing battle if ever their was one.


Well basically everthing you've said applys to all PC's and operating systems. I think 3rd party software is always going to make user data (the stuff that's important) vunerable. Basically there is a metric ton of $#!+ that users install on purpose.

Also, if you have 6 exposures per year and need 20 encounters to find the 1 that's not dealt with, your closer to the 3 year range, not 12 months. Which sounds closer to realistic to me.

Reply Score: 3

RE[3]: It Actually Works
by lemur2 on Mon 8th Nov 2010 23:38 UTC in reply to "RE[2]: It Actually Works"
lemur2 Member since:
2007-02-17

" The problem is not the six potential Windows exploits that you encountered which MSE successfully dealt with, but rather the unknown number (it might be zero if you are lucky) which you encountered that MSE did not successfully deal with, and which perhaps are now effectively installed on your system and hidden from view so that MSE cannot see them (even if MSE receives a database update it stiil may not see them). After-the-fact security, such as any anti-malware scanner programmer such as MSE relies on, is doomed to fail in the face of ever-increasing numbers of malware threats. In a year, you say your own PC encountered (at least) six such threats. There were reportedly two million new pieces of malware written for Windows just this last year alone. Every Windows PC connected to the Internet will encounter new malware threats at an ever-increasing rate. No after-the-fact anti-malware scanner can possibly keep up. Even if the successfult detection rate is a high as 95% (which is pretty good), that means that one is likely to encounter a threat that is not detected once in every twenty exposures. I'd estimate that the avearge un-infected lifetime of a Windows PC connected to the Internet and used for browsing etc, even one protected by anti-malware such as MSE, is currently down to about 12 months or so. Maybe even less. Given the ever-increasing sheer volume of malware out there, this is only ever going to come down. So when you say it actually works ... Hmmmm. I don't think so. It can't work IMO, no matter how well it performs, because of the nature of the problem it tries to address. This is surely a losing battle if ever their was one.
Well basically everthing you've said applys to all PC's and operating systems. "

Not at all. Only Windows systems face the threat of two million new viruses this year. Because there are so many threats against Windows, the result is that almost any Internet-connected Windows machine will encounter malware threats. The OP said that his Windows system had encountered six that MSE dealt with in a year, and there were an unknown number that MSE did not deal with. The rate at which one encounters malware threats depends on: (1) primarily, if you run Windows, (2) how you use the Internet, (3) how much you use the Internet, and (4) what country you reside in.

Some recent information form Ars:
http://arstechnica.com/security/news/2010/11/fighting-botnets-befor...

Note the text:
And Mac users beware—a new Trojan variant attacks Mac OS systems via social networking sites.


So what about that comment? Well, Ars is pointing out ONE threat against Macs, and it is noteworthy because it is unusual, but there are two million new malware threats against Windows systems just this last year alone.

Ergo: the threat against windows systems is many orders of magnitude higher (perhaps even six orders of magnitude) than against other OSes. You are a million times more likely to encounter a malware threat against your system, if you run Windows.

To put this in perspective: if your Windows system encounters six malware threats viable against it within a year, with the same Internet usage it would have taken a million years for you to encounter that many threats if you had used a Mac instead. Probably even longer if you had used Linux.

I think 3rd party software is always going to make user data (the stuff that's important) vunerable. Basically there is a metric ton of $#!+ that users install on purpose.


This (trojan malware) is indeed a problem. The ONLY viable mitigation against this, that I can see, is for users to adopt a self-imposed policy that they install only software that is able to be independently vetted by people who did not write the software and who are commercially independent of those who did write it. This policy paradigm is not viable on any desktop system apart from Linux.

Also, if you have 6 exposures per year and need 20 encounters to find the 1 that's not dealt with, your closer to the 3 year range, not 12 months. Which sounds closer to realistic to me.


It is just a guess. We don't know how much the OP used the Internet, and how careful/savvy he/she was, but being an OSNews poster I would suggest places that person in a class prudent enough to be less likely to encounter malware threats (through caution) than normal users. BTW, there were six exposures that the OP knew about and an unknown number that the OP did not know about. Your guess assumes the second number to be zero. Mine doesn't.

Edited 2010-11-08 23:41 UTC

Reply Score: 2

Dangerous...
by bert64 on Sun 7th Nov 2010 10:44 UTC
bert64
Member since:
2007-04-23

The idea of MS offering an av program somewhat defeats the point, if this becomes widespread enough then malware will just assume its installed and include code to bypass it and then your back to square 1.

While it's commendable MS are trying to do something about some of the mess they've caused, this is probably the wrong approach. It has always been simple for malware authors to modify their warez to bypass any detection schemes, and any serious malware spread does exactly that on a regular basis.

A much better plan is to ensure the malware never gets to the end user in the first place. Now like it or not, general purpose computers are completely unsuitable for the average guy on the street, a locked down model like the iphone actually works a lot better. The idea of users who have no clue how their computer works, downloading and executing files from arbitrary sites is utterly ridiculous.

There should be a minimum level of technical competence required before your allowed to connect to a public network other than using a device managed by someone else.

Reply Score: 2

RE: Dangerous...
by lucas_maximus on Sun 7th Nov 2010 13:32 UTC in reply to "Dangerous..."
lucas_maximus Member since:
2009-08-18

The idea of MS offering an av program somewhat defeats the point, if this becomes widespread enough then malware will just assume its installed and include code to bypass it and then your back to square 1.


Are you aware that is why the release updates to AntiVirus programs??

Reply Score: 2

What next
by r.j.l on Sun 7th Nov 2010 21:10 UTC
r.j.l
Member since:
2009-08-15

Will some anti-malware company have a whinge that MS is patching zero day flaws to help stop malware.

Whilst there are times when anti-competition laws should be invoked this is not one of them.

Reply Score: 1

MS has advantage of motivation
by Priest on Mon 8th Nov 2010 13:42 UTC
Priest
Member since:
2006-05-12

For years companies were pumping out scareware to make money. Is it any surprise that a company that does not have the same motivation would make a better overall product?

Reply Score: 2

Anti Competative?
by Cromat on Mon 8th Nov 2010 16:26 UTC
Cromat
Member since:
2009-12-15

How is it anti-competitive, they are making a product available(free to download and not installed by default). They are not making it more difficult for users to install an alternate choice. I think Trend is concerned that a user base that thinks Windows is the only OS choice out there will think everything from M$ is the best....Trend stop crying and use that marketing department!

Reply Score: 2

Comment by boldingd
by boldingd on Mon 8th Nov 2010 23:35 UTC
boldingd
Member since:
2009-02-19

I'm actually surprised to see so much vitriol directed at Trend Micro. Microsoft has distributed a free, highly-integrated product that performs a task that is (arguably, at least) not a system task, and that competes with existing, third-party products. We should all remember that they've done that before, and that the consequences for everyone where significant.

It's difficult to compete with free, especially if free is platform-integrated to a degree that you're not. If third-party software manufacturers leave the market, and Microsoft faces no competition, they will stop trying. And this will be bad for everyone.

Reply Score: 2