Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security Windows Technology IT

Testing Free English Anti-Malware On Non-English Threats 78

Posted by Soulskill from the may-you-direction-me-to-the-ham dept.
An anonymous reader writes "Brazilian technology news site O Globo posted an interesting comparison on how free anti-malware behaves against non-English threats (Google translation of Portuguese original). By using a database of over 3000 samples from Brazil's Security Incident Contact Center, the numbers are quite different from all US anti-malware reviews. While Avira achieved the best score, 78%, Microsoft Security Essentials stopped less than 14%. This can be a headache for some large multinational corporations, whose IT departments deploy US anti-malware on the entire network, but have network segments outside US with many 'unknown' threats roaming around. I wonder what the results would be in other countries."
This discussion has been archived. No new comments can be posted.

Testing Free English Anti-Malware On Non-English Threats More

Testing Free English Anti-Malware On Non-English Threats

Comments Filter:

  • Interesting... (Score:5, Interesting)

    by fuzzyfuzzyfungus ( 1223518 ) on Tuesday February 22, 2011 @01:29AM (#35275784) Journal
    It isn't really news that AV products rely fairly heavily on canned signatures and that heuristic detection of evil lags behind evil by a fair margin.

    What does surprise me, though, about these results, is that they suggest a fairly high level of geographic discrimination in the customization and targeting of malware. My (naive) expectation would have been that, aside from trivial stuff like trying to get the language of your spam/phishing/social engineering emails correct, the market for good exploits, well-crafted viruses, and so forth would be a fairly global one. Also, given that some malware attempts to propagate itself, rather than being delivered by a bugged website or other external mechanism, I would expect a fair amount of "splash" from malware spreading to any vulnerable hosts it can find, not bothering with any sort of geolocation, or from expats who live in country A, but still visit websites from home country B.

    I would have expected a much more homogeneous(from the perspective of the mechanics of the exploit mechanism, evasion techniques, and payload) worldwide population of malware.

  • What about the other way around? (Score:3, Interesting)

    by _133MHz ( 1556101 ) on Tuesday February 22, 2011 @02:01AM (#35275926)
    In my experience it's pretty easy to spot malware when English menu options and stuff start appearing on a non-English Windows installation, such as "Open" or "Open folder to view files" for thumbdrives while the rest of the options show up in the local language, sometimes malware can even bork the system because of it (like in the olden days of Windows 9x when installing IE in a different language caused all sorts of havoc in the OS)

    Even with such a blatant language mismatch most users simply won't notice anything wrong with their systems until it bites them really hard.

  • Re:They don't even remove the biggest US threat (Score:5, Interesting)

    by Enter the Shoggoth ( 1362079 ) on Tuesday February 22, 2011 @02:25AM (#35276024)

    Actually the installer for OS/2 (warp iirc) would do a virus scan before installing and would come up with the messge

    "windows found, remove: (y/y)?"

    so someone at IBM shares your sense of humor... or maybe it was you?

Slashdot Top Deals

Machines have less problems. I'd like to be a machine. -- Andy Warhol

Close