Posted by: David Harley | March 27, 2015

Choosing an antivirus program

Not so long ago, Heimdal Security’s Aurelian Neagu put together a blog to which a number of security people – including me – contributed tips: 50+ Internet Security Tips & Tricks from Top Experts.

So, given my continuing interest in testing and related issues, I was interested to see that Aurelian had put up security guide on What Is The Best Antivirus For My PC? A Step-By-Step Research Guide. After all, a lot of my writing (including the work I did with AMTSO) has been concerned with helping people to be able to make informed judgements on what security products they should invest in. Not from the point of  view of recommending specific products – since much of my income comes from working with a company that is a major player in the anti-malware market, it would be hard to avoid conflicts of interest – but in terms of making the best possible decision. However, I’ve tended to focus on product testing, and in particular, approaches to evaluating comparative tests.

The Heimdal guide takes a slightly broader approach exemplified by a Venn diagram where three circles representing Expert Reviews, Independent Testing, and User Opinions overlap to make up the label Complete Antivirus Assessment.

I’m not altogether on board with this approach:

  • Due to decades of reading forum discussions – from the chaos of alt.comp.virus in the 1990s, where marketroids, researchers, virus writers and confused computer users all rubbed shoulders, through to various LinkedIn groups where most of the posts are by vendor marketing managers –  I’m far from convinced that crowd-sourced information is reliable. It’s one of those areas where if you know enough to distinguish between good and bad advice, maybe you don’t need advice. There’s an article demanding to be written here on what snippets of advice should raise red flags, but Heimdal hasn’t written it.
  • The trouble with expert reviews is that so many of them are not written by experts (and they’re not always independent). It’s one of those areas where if you know enough to distinguish between good and bad advice, maybe you don’t need advice. (Is there an echo in here?)
  • Not all independent tests are competent. And some that look independent aren’t.

If past experience is anything to go by, I stand a good chance of inviting accusations of being at least negative and possibly elitist by these comments. But I don’t think it’s enough to direct people towards a forum of all shades of opinion and expertise may be represented. How do you decide whose advice to take (especially when it’s based on  ones-size-fits-all-criteria like price – how many tests, reviews and commentaries assume that free AV is best)?

There are, in fact, some useful ideas here as regards sources of information, like several of the more competent testers.  But it’s downright bizarre that there’s no mention of AMTSO here. Admittedly, one of the reasons I no longer have formal ties with AMTSO is that I always felt that the organization could have done more to engage with the everyday user, rather than focusing on testers. And it’s a pity that the AMTSO site seems to have dropped linking to articles other than its own guidelines documents, most of which are focused on testing methodologies rather than evaluation of tests by non-experts. (However, the AMTSO Fundamental Principles of Testing is still a must-read for anyone who wants to understand more about testing.)

Heimdal are to be applauded for trying to provide clarity where there is none – or very little – but I’m disappointed.

David Harley

Advertisements

Responses

  1. Hello David!

    We tried to cover a large area on how to find a good security product and I think the article should be used as a starting point.

    It’s true that it’s not easy for an user to know what’s the best antivirus evaluation and how it should be done, that’s why we have included your link to the “AMTSO Fundamental Principles of Testing”.

    Though we started the article by addressing a normal user, I realize that it is now more like a collection of starting points from where an user can go into any direction.

    Thank you for your interest.
    Aurelian

    • Hi, Aurelian.
      Thanks for your response. Thinking about it, maybe my article was more negative than I originally intended. It’s a difficult topic, and my own discouragement is probably demonstrated by the fact that I’ve written about it so little myself recently. (And probably derives from my suspicion that most people don’t want to learn to evaluate – they want someone to tell them what to buy…)
      As you say, your article certainly has value as a starting point (or points). I’ve been thinking for a while that it might be time I returned to the topic – though I think the testing book I was thinking about for a while is probably not going to happen – and if I do, your article and approach will certainly provide food for thought.
      Regards, D.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: