funsec mailing list archives
RE: Consumer Reports Slammed for Creating 'Test' Viruses
From: Drsolly <drsollyp () drsolly com>
Date: Mon, 21 Aug 2006 20:26:21 +0100 (BST)
I don't think I made a comment about who was involved in the testing. What I did menti0n, was that it would be interesting to see their methodiology. In particular, how did the generate these 5,000 viruses, and how did they verify that they were, indeed, viruses. I know one magazine that did an AV test using a large number of files, none of which turned out to be viruses. But that's an extreme case, of course. On Mon, 21 Aug 2006, Young, Keith wrote:
Regarding DrSolly's comment about who was involved in the testing. From: http://www.consumerreports.org/cro/electronics-computers/protection-soft ware-9-06/how-we-test-antivirus-software/0609_software_testing.htm "We tested a comprehensive selection of antivirus software for consumers in ways that accurately reflect real-world conditions, enlisting the help of consultants at Independent Security Evaluators (ISE), a computer-security consulting firm. (The president of ISE, Avi Rubin, is a former technical advisory board member of a company acquired by software vendor McAfee before ISE began its work for Consumer Reports. He continues to act as an advisor to that company and was not involved in our testing.)" [The company mentioned above that was acquired by McAfee is SiteAdvisor: http://www.siteadvisor.com/about/team.html ] Was that full disclosure statement always there? Has anyone tried to contact Avi in order to get more details? Figuring that he has preached on full disclosure of electronic voting machines <http://www.avirubin.com/>, as president of ISE he may be swayed to give full disclosure regarding the methodology of this test... --Keith Keith Young, Security Official Department of Technology Services Montgomery County, Maryland phone - (240) 777-2955 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Consumer Reports Slammed for Creating 'Test' Viruses, (continued)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 17)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 17)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Valdis . Kletnieks (Aug 17)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses David Harley (Aug 17)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses security curmudgeon (Aug 17)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Toralv_Dirro (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Toralv_Dirro (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Young, Keith (Aug 21)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 21)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Dude VanWinkle (Aug 21)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 21)