Testers join forces to investigate cheating anti-virus products

Graham Cluley

CheatersFollowing on from yesterday’s news that an (as yet unnamed) anti-virus product was being accused by independent agency AV-Comparatives of cheating in its recent tests, there has been a development.

If you recall, AV-Comparatives said that they had discovered that a version of an anti-virus product specifically engineered for testing labs had been submitted for testing. Another vendor was also being investigated for similar reasons.

AV-Comparatives has now posted an update on its Facebook page, saying that it has spoken with other respected testing bodies, and that they are now collaborating on the investigation.

In due course, it appears, a joint statement will be made by AV-Comparatives, AV-Test.org and Virus Bulletin.

AV-Comparatives on Facebook

UPDATE: AV-Test, Virus Bulletin and AV-Comparatives had a conference call today. Further collaborative investigation is now in progress. We will give additional information in a joint statement with the other labs. We will keep you up to date.

Speculation about precisely who is being accused of breaking the anti-virus tester’s rules is growing, but until any official word comes from the testing community it doesn’t seem healthy to second guess what’s going on.

Although you might find it tempting to leave a comment, naming your least favourite anti-virus vendor, I would appreciate it if you would keep brand names out of the discussion until some facts are known. It would be all too easy to defame an innocent party right now.

Update: Revealed: The anti-virus vendor cheating in independent tests

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Testers join forces to investigate cheating anti-virus products”

  1. "Although you might find it tempting to leave a comment, naming your least favourite anti-virus vendor,"
    And one should always remember their own faults and keep in mind that accusations – warranted and otherwise – goes in multiple ways.

    " I would appreciate it if you would keep brand names out of the discussion until some facts are known."
    Thank you for pointing that out. Yes, this would be a problem. Speculation is always a problem, and so are accusations (especially with no evidence of any kind). While a prosecutor might have to make accusations, it shouldn't be forgotten that the potential jurors won't know the supposed perpetrator, and as such, they are more likely to have a negative first impression. That isn't to say it is always unwarranted; it is to say that reality isn't always what it may seem to be, and if someone doesn't like a certain AV, fine; call out the things you don't like – but making up things because you don't like them is another issue entirely, and many innocents have been convicted of supposed crimes because of similar things as this. Let's say witch hunts.

    "It would be all too easy to defame an innocent party right now."
    Indeed. And while the AV companies might not go after any examples, they possibly legally could, given that slander and libel – and more generally defamation – runs into the issue of the law.

    With that said, I am positive both both Symantec and Mcafee are guilty of this…

  2. Graham,if you want to edit my post from yesterday,feel free. But the report I mentioned is available to anyone. Typically when someone does dodgy things,its not unrealistic to think there may be other things they may try.

  3. The testers should follow the example of organizations like Consumers Union. When they need product to test, they send out anonymous shoppers to buy the items retail. AV testers should purchase the products they test in retail stores or on-line using names not connected to their organizations. That way they can be sure of testing exactly what any user would get from the AV producers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES