Older versions of NAV with current def files: performance / accuracyissues?

[Virus Guy]

Ok, so the verdict is that NAV (what, 2003? 2004? 2005?) versions
are bloat-ware and resource hogs.

So when I re-install Systemworks 2001 or 2002, and then do all the
updates, well then what do I have?

I mean, do I have the benefits of the relatively low bloat-ware factor
and low performance hit of NAV 2001 or 2002 detection engine while
having the benefit of running the current def files?

Is there any down-side in running NAV 2001/2002 instead of 2004/2005?

 

[kurt wismer]

Ok, so the verdict is that NAV (what, 2003? 2004? 2005?) versions
are bloat-ware and resource hogs.

So when I re-install Systemworks 2001 or 2002, and then do all the
updates, well then what do I have?

you have a false sense of security...

I mean, do I have the benefits of the relatively low bloat-ware factor
and low performance hit of NAV 2001 or 2002 detection engine while
having the benefit of running the current def files?

not entirely, no...

Is there any down-side in running NAV 2001/2002 instead of 2004/2005?

newer defs require newer engines to make full use of them...

see, it's not just the pool of what to look for that changes over time,
but also how to look for them... that's in the engine, not the defs...

 

[Virus Guy]

newer defs require newer engines to make full use of them...

see, it's not just the pool of what to look for that changes over
time, but also how to look for them... that's in the engine, not
the defs...

Has anyone put fully-updated NAV 2001 or 2002 up against 2004 or 2005
in a head-to-head detection test against the same set of
virus-infected files?

 

[kurt wismer]

Has anyone put fully-updated NAV 2001 or 2002 up against 2004 or 2005
in a head-to-head detection test against the same set of
virus-infected files?

probably not, no... why should they?

we know for a fact that scanning engines get updated to deal with new
situations that arise... if the older versions were capable of dealing
with those new situations then the engine updates wouldn't happen....

further, as engine updates occur, the newer defs that are created are
written in such a way as to make use of the newer engine's new
abilities (otherwise why update the engine?)... as such, those defs
cannot be used to their full potential by engines that don't employ the
full array of capabilities that the defs were intended for...

this is not something that needs to be proven by testing different
versions of the same product against a set of virus samples...

 

[Virus Guy]

probably not, no... why should they?

To prove your arm-waving, arm chair theory about how AV engines work
and that the differences between NAV 01/02 and 04/05 are more than
theoretical.

we know for a fact that scanning engines get updated to deal with
new situations that arise...

And we know that because we believe Norton's marketing lingo?

if the older versions were capable of dealing with those new

Funny how the old versions of NAV are capable/compatible with the new
def'n files but somehow they are just a little more in-capable of
making full use of them.

this is not something that needs to be proven by testing
different versions of the same product

bla bla bla. It's all arm-waving theory. Until someone puts it to a
friggin test it's all theory. It sounds good. It sounds like
Symantec *should* impliment differences between the engine of
different versions of NAV. I'll believe it when an independent third
party puts them head-to-head in a test. Otherwise it's all just
back-of-the-package advertising claims geared to migrate people to new
versions each year as their subscriptions expire.

 

[kurt wismer]

To prove your arm-waving, arm chair theory about how AV engines work
and that the differences between NAV 01/02 and 04/05 are more than
theoretical.

it's just a *theory* but i think if i hit you with a hammer, it will
hurt... do i need to prove this theory or can we agree that it's
obviously true?...

And we know that because we believe Norton's marketing lingo?

we know this because new situations *do* arise (once upon a time there
were no cavity infectors and then all of a sudden there were, once upon
a time there were no polymorphic viruses and then all of a sudden there
were, once upon a time there were no macro viruses and then all of a
sudden there were, once upon a time there were no viruses with
anti-debugging tricks and then all of a sudden there were) and the
people who design scanning engines do not have perfect future
knowledge... there must always be cases those designers did not take
into account and there will always be virus writers figuring out what
those cases are...

Funny how the old versions of NAV are capable/compatible with the new
def'n files but somehow they are just a little more in-capable of
making full use of them.

they don't change the file format every time they upgrade the engine - i
imagine probably because it would be a support nightmare... and because
they already tell their customers to update and figure those customers
will do so...

bla bla bla. It's all arm-waving theory. Until someone puts it to a
friggin test it's all theory. It sounds good. It sounds like
Symantec *should* impliment differences between the engine of
different versions of NAV. I'll believe it when an independent third
party puts them head-to-head in a test. Otherwise it's all just
back-of-the-package advertising claims geared to migrate people to new
versions each year as their subscriptions expire.

right... i'll bet you think the earth is flat, too...

 

[Virus Guy]

right... i'll bet you think the earth is flat, too...

Point me to a source file somewhere on the net that contains the most
spiffy new fangled example of exotic worm/trojan/virus technology.

Don't tell me what it is.

I'll grab a copy and tell NAV 2002 to scan it.

If it works, I'll tell you what it is.

If not, well then you're right.

 

[kurt wismer]

Point me to a source file somewhere on the net that contains the most
spiffy new fangled example of exotic worm/trojan/virus technology.

Don't tell me what it is.

I'll grab a copy and tell NAV 2002 to scan it.

If it works, I'll tell you what it is.

If not, well then you're right.

i don't think so...

if you honestly believe that scanning engines have never required
reworking to deal with new virus technologies then there is something
seriously wrong with you...

either way, i'm not wasting my time any further with this... and i most
certainly am not going to point someone i don't know i can trust
towards viral materials... nice troll attempt but no dice...