In this episode I take umbrage over the new McAfee marketing ploy showing that McAfee was 97% effective at detecting “advanced threat” malware in a recent NSS End Point Protection shootout.
You can get the report here:

I would like to be the first to say the NSS report is 99.9% crap. Check out the video:

Why? Why would we be so harsh on this report? Well it’s because they allowed some of the vendors to modify the default settings to better detect the malware NSS created.
What a horrible, dishonest idea. They should have tested the products as they come out of the box. Because this is the way most users would run the products.
I have a few things to say to McAfee and NSS.
To the McAfee engineers and developers: You guys rock. I know there are cool features you have created which are effective at stoping many attacks. It is to bad your management and sales teams force these features to be off by default. Please, do not take anything I say as an attack against you. You are doing the best you can working for trolls. Next time any of you are at a security conference, beer is on me.
To the McAfee sales and management teams: You are the scum of the earth. But you are no worse nor better than the management and sales teams at other AV companies. If you are in sales or management at any black-list AV vendor, please take a few moments and find a mirror. We’ll wait.
Now look into the mirror. What you see is at least 50% of what is wrong in computer security. If sales and market share are the things that drive you every morning, get out of security. What we are doing is far to important for the crap marketing campaigns you pull. Go play out your Glengarry Glen Ross fantasies someplace else.
To NSS Labs: What the hell? You are supposed to be a trusted resource for security research. To anyone who knows about bypassing AV (i.e. 68.654% of the pen testers on the planet) your report screams of either incompetence, collusion or some delightfully tacky combination of both. People who pay for these reports should demand a full refund. Then, they should never use your service again.
Links for this episode:

  • Offensive Countermeasures at Black Hat

    Video Feeds:
  • About the author