back to article NSS Labs sues antivirus toolmakers, claims they quietly conspire to evade performance tests

NSS Labs has thrown a hand grenade into the always fractious but slightly obscure world of security product testing – by suing multiple vendors as well as an industry standards organisation. Its lawsuit, filed in California this week against CrowdStrike, Symantec, ESET, and the Anti-Malware Testing Standards Organization ( …

  1. Cavehomme_

    Testing Labs

    "Other security testing labs are available with other examples including AV-Comparatives, AV-TEST, and SE Labs, among others. "

    Don't ignore UK based MRG Effitas, they seem to be more comprehensive than the others you listed.

    1. LeahroyNake

      Re: Testing Labs

      MRG seems to have missed Sophos and a few other large AV

      vendors? Admittedly the ones I was looking for were more corporate rather than the cheap crap that you get with an off the shelf PC 30 day trial.

  2. Anonymous Coward
    Anonymous Coward

    Its always been my experience from my time in the AV dogfood industry... if you can't compete in VB100, you pay NSS some money and presto, they'll find _some_ combination of X and Y axis's where you shine.

    So it ends up being a bit of an extortion racket - pay us or we'll move the X and Y axis's back someplace else....

  3. Anonymous Coward
    Mushroom

    NSS Labs: Next Generation Firewall Test

    Next Generation Firewall 9.0

    NSS Labs is issuing a call for industry engagement from both enterprises and NGFW vendors to help shape and evolve the ninth iteration of our NGFW Group Test.” Read the full press release:

  4. Anonymous Coward
    Anonymous Coward

    Bastard red head step child

    NSS Labs is the bastard child of unknown parentage in the testing world. They might as well label their reports "This is a stack rank of vendors who paid us the most".

    The bias in this year's report really hurt what little credibility NSS had because IT people aren't dumb and saw through the bravo-sierra. So now they go to the next level of extortion: Lawsuit!

  5. Anonymous Coward
    Anonymous Coward

    AV tests

    I reached out to one of those AV test labs to report an Android "antivirus" app that was using another companies AV engine that was in reality just a giant ad server and got absolutely no response.

    If you want to see what's REALLY going on with these dodgy "antivirus" apps just enter the apps name here:

    https://reports.exodus-privacy.eu.org/

    You will see that these "antivirus" apps are the worst offenders as far as containg trackers.

    Even the larger more well known AV companies are guilty.

    Disgraceful.

    (Ask Tavis Ormandy what he thinks about all these AV companies)

  6. John Smith 19 Gold badge
    Unhappy

    Lots of posts AC

    Suspicious.

  7. Anonymous Coward
    Anonymous Coward

    Only in the US can you sue companies for not giving you attention

    That being said Antivirus is but a sticking plaster, the OS vendor should be made to secure their own product and reimburse companies that suffer because of bad security.

    1. Will Godfrey Silver badge

      Re: Only in the US can you sue companies for not giving you attention

      "the OS vendor should be made to secure their own product and reimburse companies that suffer because of bad security"

      That's only part of the problem. The writers of the applications that sit on the OS also need to sort their shit out.

  8. Frank Bitterlich
    Mushroom

    Test for yourself

    Next time your get one of these "invoice" emails with a MS Word attachment and a misspelled subject line, upload the file to Virustotal. You'll be lucky if half of the engines detect the malware, even two weeks later.

    That gives a good inidication how much these "award-winning", "widely tested" packages are worth.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon