Matousec.com Proactive Security Challenge - AVAST FAILED??!

Avast Free Antivirus / Premium Security
1

I just stumbled across this: http://www.matousec.com/projects/proactive-security-challenge/results.php

Now is this something to worry about? I am no pro I just need a safe PC. But the results make me think.

I always thought AVAST was a premium product. Shouldn’t it pass a challenge like this easily with recommendation?

2

Search Matousec on the forum and you will find the answer.

3

Check out this independent lab http://www.avast.com/en-us/pr-avast-free-antivirus-wins-12th-straight-vb100-award

This is a real anti virus test. :slight_smile:

4

The only thing to worry about is how Matousec conducts the tests.

It is more of a HIPS test than a firewall test and they ran the avast internet security application crippled, only the firewall enabled and it is designed to be fully integrated with the other shields, behavior shield, file system shield and autosandbox, etc.

5

Avast uses a very different implementation of protection than what Matousec is set up to test. Matousec is only good for comparing HIPS based Firewall products.

6

Gizmo criticizes the Matousec’s tests. It’s a technical reading, but seems fair (http://www.techsupportalert.com/content/matousec-personal-firewall-tests-analyzed.htm).
Others point to an interest conflict on Matousec’s tests, reducing their independence (?) (http://smokeys.wordpress.com/2008/04/20/matousecs-firewall-challenge-wrinkle-conflict-of-interests/).

Leak tests are popular mainly because they are very easy to perform: you simply run a program, and it tells you if it passed or failed the test. However, life is not that simple, unfortunately.

The primary goal of a firewall is to keep hackers out of your system, that is, prevent inbound attacks in the first place. It’s astonishing that many firewaller “testers” only focus on outbound protection, completely ignoring the inbound part (which is absolutely vital). It’s like they assumed it worked flawlessly in case of all the products, which, unfortunately, doesn’t seem to be the case, really.

Next, outbound protection is of course also important, but so called leak tests are not everything. There’s a myriad of other things that a decent firewall should do, and which are usually not assesed by these tests. All I’m saying is that testing a firewall is a very complex task and focusing on leak tests is a gross (and inappropriate) simplification.