Your browser is obsolete!

The page may not load correctly.

Anti-virus fallacies

Антивирусная неправда

Other issues in this category (34)
  • add to favourites
    Add to Bookmarks

A little secret

Read: 479 Comments: 3 Rating: 9

Anti-virus companies are known to license their anti-virus engines so that other developers can use their technologies. Companies that become entitled to use someone else's engine sell their products over their own channels and hope that the core technologies they’ve purchased will help maintain sufficient security.

Let's take Bitdefender as an example. The company licenses its anti-virus engine to many other developers. Its customers include Emsisoft, eScan, F-Secure and Lavasoft. And this is where things get weird. Let's pick at random any test that compares how well anti-viruses detect malware:

#drweb

How strange! F-Secure leases its engine from Bitdefender but performs better than Bitdefender itself does. Meanwhile, Emisoft falls behind the majority of test participants. But they use the same engine!

Actually (and we’ve mentioned it before) an engine is not the most important part of an anti-virus. It only deals with files that have already been selected for examination (or sometimes it can receive a piece of code instead of a complete file). Other modules are responsible for discovering something malicious in a system.

#drweb

So many modules! And most of them intercept and analyse some data. Without these components an anti-virus is deaf and blind. But what will happen if someone just buys a good engine and uses their own solution to feed data to the engine?

#anti_virus #tests_of_antiviruses

Dr.Web recommends

Of course, the engine (and the virus databases it uses) is an important part of an anti-virus. It enables the anti-virus to transmit a detected file or a piece of code to the virus databases. However, no anti-virus engine on its own can find a file or code in a system or an application—these things must be delivered to the anti-virus by other modules that actually look for data that for one reason or another needs to be scanned. And if these modules aren't good at that, no virus databases will make the solution effective.

A little secret: these modules are created by the very companies that pay to access someone else's virus databases. And if a company has no work experience under its belt and, thus, no expertise, the upshot is quite predictable. And the discrepancies on the graph attest to that.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments