Tuesday, 3 April 2007

The Great Anti-Virus Rip-Off

A couple of months ago I wrote a series of reviews on anti-virus software for PCs. Specifically, I looked at the world's market leading desktop applications plus a few less popular products. The results were surprising, and not in a good way.

I have been reviewing anti-virus software for a few years now, and have always used real, live viruses in my tests. Sometimes I have even used certain 'dark' techniques (nothing you can't find easily on the internet) to hide files from the more gullible scanners. However, the size of the sample collection used to be be quite small. This time, thanks to a large number of live and recent samples supplied by MessageLabs, I was able to run hundreds of threats past each of the anti-virus programs.

The entire set of reviews, plus my testing methodology, is available on my website, but here is a summary of the main points.

  • The three main anti-virus programs for Windows PCs are, in descending order, Symantec Norton AntiVirus, McAfee VirusScan and Trend Micro PC-cillin.
  • Of these three, Symantec Norton AntiVirus was the most accurate.
  • McAfee VirusScan came second.
  • Trend Micro PC-cillin came last
  • There are loads of alternative products that are more accurate than all three. In many cases they are cheaper too.

Needless to say, many people have contacted me and asked how these products can be so poor and yet remain so popular. The majority also say things like, "I have used product X for years and never had a virus" as if that is proof that their choice of security software is 100 per cent effective.

Some note that reviews by other writers reach different conclusions, and point out that just about every commercial anti-virus program has been certified. You can read my thoughts on security certification if you want an answer to that. As for other writers, I can't comment on their testing methods but I'm pretty happy with mine - although I am constantly upgrading the tests.

What do the anti-virus companies make of all this? Trend Micro and Symantec claim to be working hard to improve their products, while McAfee has not contacted me about the test results.