Consumer Reports Reviews Antivirus, McAfee Cries Foul

Consumer Reports reviews antivirus products in its September 2006 edition. Most of the article requires a subscription, as a result I have not had a chance to look at it yet.
McAfee responds in their weblog. The author “Igor” obviously has no clue who Consumer Reports is. As a result, he is confused by the September 2006 date. Since the material is undoubtedly part of the September 2006 edition of the magazine, that is the correct way to date the article on their website as well.
Igor gets his nose out of joint because CR used a live fire test, creating new viruses in the lab. Igor prefers tests where three month old virus definitions are used so any virus that came out after that can be tested as a “new” virus.
Complaining about that reminds me of when a vendor complains about the method of disclosure to distract from the vulnerability in their product. (although there is actual damage from full disclosure and no damage from this private lab test). Igor needs to get over it. Signature based detection is dead, and antivirus products will be judged by their heuristic and behavioral protections. That said, CR needs to look into the standard virus testing methodology. They are unaware of the testing performed by av-comparatives for example. These types of tests are not as new as CR imagines.