Choosing an antivirus program

Not so long ago, Heimdal Security’s Aurelian Neagu put together a blog to which a number of security people – including me – contributed tips: 50+ Internet Security Tips & Tricks from Top Experts.

So, given my continuing interest in testing and related issues, I was interested to see that Aurelian had put up security guide on What Is The Best Antivirus For My PC? A Step-By-Step Research Guide. After all, a lot of my writing (including the work I did with AMTSO) has been concerned with helping people to be able to make informed judgements on what security products they should invest in. Not from the point of  view of recommending specific products – since much of my income comes from working with a company that is a major player in the anti-malware market, it would be hard to avoid conflicts of interest – but in terms of making the best possible decision. However, I’ve tended to focus on product testing, and in particular, approaches to evaluating comparative tests.

The Heimdal guide takes a slightly broader approach exemplified by a Venn diagram where three circles representing Expert Reviews, Independent Testing, and User Opinions overlap to make up the label Complete Antivirus Assessment.

I’m not altogether on board with this approach:

• Due to decades of reading forum discussions – from the chaos of alt.comp.virus in the 1990s, where marketroids, researchers, virus writers and confused computer users all rubbed shoulders, through to various LinkedIn groups where most of the posts are by vendor marketing managers –  I’m far from convinced that crowd-sourced information is reliable. It’s one of those areas where if you know enough to distinguish between good and bad advice, maybe you don’t need advice. There’s an article demanding to be written here on what snippets of advice should raise red flags, but Heimdal hasn’t written it.
• The trouble with expert reviews is that so many of them are not written by experts (and they’re not always independent). It’s one of those areas where if you know enough to distinguish between good and bad advice, maybe you don’t need advice. (Is there an echo in here?)
• Not all independent tests are competent. And some that look independent aren’t.

If past experience is anything to go by, I stand a good chance of inviting accusations of being at least negative and possibly elitist by these comments. But I don’t think it’s enough to direct people towards a forum of all shades of opinion and expertise may be represented. How do you decide whose advice to take (especially when it’s based on  ones-size-fits-all-criteria like price – how many tests, reviews and commentaries assume that free AV is best)?

There are, in fact, some useful ideas here as regards sources of information, like several of the more competent testers.  But it’s downright bizarre that there’s no mention of AMTSO here. Admittedly, one of the reasons I no longer have formal ties with AMTSO is that I always felt that the organization could have done more to engage with the everyday user, rather than focusing on testers. And it’s a pity that the AMTSO site seems to have dropped linking to articles other than its own guidelines documents, most of which are focused on testing methodologies rather than evaluation of tests by non-experts. (However, the AMTSO Fundamental Principles of Testing is still a must-read for anyone who wants to understand more about testing.)

Heimdal are to be applauded for trying to provide clarity where there is none – or very little – but I’m disappointed.

David Harley