Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security China Software IT Technology

Chinese Security Vendor Qihoo 360 Caught Cheating In Anti-virus Tests 63

Bismillah writes: China's allegedly largest security vendor Qihoo 360 has fessed up to supplying custom versions of its AV for testing according to an investigation by Virus Bulletin, AV-Comparatives and AV-Test. "On requesting an explanation from Qihoo 360 for their actions (PDF), the firm confirmed that some settings had been adjusted for testing, including enabling detection of types of files such as keygens and cracked software, and directing cloud lookups to servers located closer to the test labs. After several requests for specific information on the use of thirdparty engines, it was eventually confirmed that the engine configuration submitted for testing differed from that available by default to users."
This discussion has been archived. No new comments can be posted.

Chinese Security Vendor Qihoo 360 Caught Cheating In Anti-virus Tests

Comments Filter:
  • Finally (Score:2, Interesting)

    by Anonymous Coward

    Qihoo has been a joke in China for a long time. They finally made their way to the international platform. Good.

    A Chinese.

    • Re:Finally (Score:5, Interesting)

      by Anonymous Coward on Friday May 01, 2015 @11:15AM (#49594193)

      Chinese here too.

      360 is no "joke" in all seriousness. They are bullies, really badass bullies.

      They "kidnapped" hundreds of thousands of terminals (PC/Phone/browser) by disguising themselves as a "security guard", telling users what is bad and what is good, and then blackmail developers and websites to bribe them to get into their "good" list.

      My company has a website that only shows text and picture news and contact info and stuff. One day 360 decided to reported our website as "security threat" and show warning on ALL 360 browsers (which is A LOT).

      We contacted them, they told us to put "a security script" into our server. Once they confirmed the script is in place, they re-score our website to 100-OK, without asking us to modify/patch anything.

      What that script does (thankfully it's PHP so it's naturally "open source") is scanning our whole www directory, upload whatever info they want, and even modify our code whenever they like.

      Oh, and they also labeled my company's phone number as scam in their "smartphone guard", even though we've been using it for years.

      • You should put the PHP script on a copy of your website that you only serve to 360. It would seem to be a tactic they approve of.
        • by Anonymous Coward

          Yes, that's exactly what I did.

      • How do we know you're not part of a competing firm, like Symantec? Posting as AC doesn't give us any reason to believe that your statements are true and plenty to doubt their veracity. I use 360 TS. If the company genuinely sucks, I'd like evidence of it, not anecdotes. Please post some links that can verify your comments. Have there been any incidences of Qihoo bullying firms outside of China? Are they trying to be a 1990's Microsoft-style company?
        • How about the fact that if you think the NSA does some crazy malware stuff with Flame and Stuxnet, at least they tend to confine it to foreign political targets. China has probably the largest censorship and MITM infrastructure in the world, and actively uses it to pull average citizens into a government run botnet to DDOS western sites.

          Not to mention that any sufficiently large business needs to have the explicit blessing of the powers that be in China.

          All of that combined means you would have to be crazy

  • by swb ( 14022 ) on Friday May 01, 2015 @10:50AM (#49593937)

    Any sufficiently sophisticated Chinese security security product to be of any use will either be compromised by the Chinese government "in the interest of domestic social harmony" or for national security/military/espionage.

    • by AmiMoJo ( 196126 )

      You are just projecting US thinking onto the Chinese government. They have little interest in turning AV software into a trojan, because they don't want or need to spy on their citizens that way. They have more direct means, and prefer censorship over mass spying because it's cheaper and easier.

      Unlike the US, China does have an interest in keeping its citizens safe so doesn't break their security software.

  • Broken test? (Score:4, Insightful)

    by AmiMoJo ( 196126 ) on Friday May 01, 2015 @10:53AM (#49593979) Homepage Journal

    If the test is checking for non-virus files like keygens it sounds like the test is broken. AV software should detect things that are harmful to your computer, not things that software vendors don't like but are otherwise harmless.

    I'm not surprised they ship with keygen detection off in China.

  • Not really an issue (Score:4, Informative)

    by ITRambo ( 1467509 ) on Friday May 01, 2015 @10:55AM (#49593993)
    The company submitted 360 Total Security with Bitdefender enabled to the antivirus test firms. It was very highly rated. The 360 TS and TSE base products let you enable Bitdefender and Avira engines, but does not come with them pre-enabled. They also have a version that comes with Bitdefender enabled called 360 TSE Enhanced. This is what was submitted, as I understand this issue. I'm not convinced that there was any "trickery". It more than likely was poor communication between the firms.
    • I was trying to understand the problem. Unless it's an up-sell product, which seems to be what you indicated, I would expect those items to be turned on by default.
      • by tnk1 ( 899206 )

        Right. There's no issue with them putting their best foot forward if this is something you can get with the basic product.

        However, if you have to enable these features AND you have to pay for them, that's a different product. The danger is that the reviewers rate their "basic" product as a top-rated AV product. Then people flock to get this basic product over the basic offerings of other AV companies who did not rate as well, but might well have a better "basic" product.

        It's basically bait and switch, an

        • There is no upsell, that I can see, when there is no charge for either product. How can there be a bait and switch when it's free? "Here's a nice AV. But wait, here's a better one. Gonna cost ya... nothing."
          • Which raises the question: Why do they have two products that are free? One that they market, and one that they test, and pawn off as the marketed item?

            The problem here is that they were submitting one product for testing, and using the certification gained by that testing to represent another product.

            My guess is that this was done so that the product they distribute in China is 100% Chinese, but they get the one that's essentially BitDefender certified to raise acceptance.

            • by AK Marc ( 707885 )
              Or the have two products that are free because one is more "secure" with more false positives, and the other is more "permissive" because some people only want "hits" when it's a real virus, not the more generic hits when it detects a nonvirus, like a kegen. As for the mixup for which was provided, did the reviewer use a native Chinese speaker to discuss the versions and which is delivered? It may have been a simple miscommunication on the default config, not malicious.
  • I keep imagining some scenario like in Blade Runner and the crazy Chinese eye-doctor or something.

  • The major American AV vendors announced a joint task force today to respond to these results.

    When asked how they would ensure that corporate members of the task force would be held accountable for this sort of cheating, their spokesperson responded with the following:

    "Accountable for cheating? No, no, no, the point of the task force is to keep from getting caught like this."

Fast, cheap, good: pick two.

Working...