Sunday, February 25, 2007


You have a good anti-virus, congratulations. You are conscientous about spyware and have included a good anti-spyware. Further congratulations. However, you have to remember that all anti-viruses will miss something, and there is no anti-spyware which gives 100% results. This fact was borne out to me when, inspite using an anti-virus with an above 99% detection rate (the best in the industry), I found two malwares in my system on taking the Trend Micro online scanner. Therefore, I recommend that an additional online scan be taken for the syatem occasionally (every 7 or 15 days) so that there is an additional layer of security. It is to be noted that some of the scans just detect malware, but cannot remove them (e.g Kaspersky online scan), while some both detect and remove the virus/trojan/spyware (e.g Trend Micro).

Check out the following sites:

Trend Micro(scans and repairs files damaged by viruses, deletes spyware)

Panda (detects and removes viruses, and trojans, only detects spyware)

Bit Defender (scans and repairs files damaged by viruses)

e-Trust(detects and removes viruses)

Kaspersky (only detection)

Symantec (only detects viruses)

McAfee (only detects viruses)

F-Secure(only detection)

Please note that you have to run Internet Explorer for most of these scans.Also read the FAQ and EULA before scanning. You have to download a program of a few MB size and then continue.

Note: The scans may take a long time, so make sure you scan when you have plenty of free time.

Further IMPORTANT note: The online virus scans are a complement, not a replacement for your anti-virus. An AntiVirus having real time scanning is a must.

Saturday, February 24, 2007


There are 6 major anti-virus programs: AOL Active Virus Shield, Avira AntiVir Personal Edition Classic, Bit Defender Free edition, Avast! Home edition, AVG Free edition and ClamWin. To compare between the best programs, we need to know the detection rates, how the program affects the system speed, and the scanning speed. In this article, I will compare these programs across these parameters to decide which should be the best for most users.



AOL Active Virus Shield: 99.62%

Bit Defender Freeware: 95.57%

Avira AntiVir Classic: 94.26%

Avast! Freeware: 87.46%

AVG Free: 82.82%

ClamWin: 51.23%

Virus type / Antivirus AntiVir Classic Active Virus Shield by AOL BitDefender 8.0.202 freeware Avast 4.7.871 freeware AVG 7.1.405 freeware ClamWin 0.88.4

File (256) 231 253 185 174 43 135

90.23% 98.83% 72.27% 67.97% 16.80% 52.73%
MS-DOS (38851) 37929 38748 37585 36702 33433 29612

97.63% 99.73% 96.74% 94.47% 86.05% 76.22%
Windows.* (1978) 1858 1928 1728 1761 1639 1055

93.93% 97.47% 87.36% 89.03% 82.86% 53.34%
Macro (7638) 7444 7632 7374 7218 7213 6192

97.46% 99.92% 96.54% 94.50% 94.44% 81.07%
Malware (7769) 4826 7614 5163 4535 3919 2721

62.12% 98.00% 66.46% 58.37% 50.44% 35.02%
Script (10003) 9608 9875 9833 8971 8223 5569

96.05% 98.72% 98.30% 89.68% 82.21% 55.67%
Trojans-Backdoors (80689) 76833 80571 78800 69372 67432 30124

95.22% 99.85% 97.66% 85.97% 83.57% 37.33%
Total (147184) 138729 146621 140668 128733 121902 75408

94.26% 99.62% 95.57% 87.46% 82.82% 51.23%

Boot disk/cd NO NO NO NO YES NO

Right-click scan YES YES YES YES YES YES


Background scanning YES YES NO YES YES YES

Folder-only scan YES YES YES YES YES YES

Another important consideration is whether the product has a succession of VB100 certificates. However, it is difficult to know whether the certificates are for the professional paid version or also for the free version. Going by the vendor,

AOL Active Virus Shield: Did not enter. However, it is powered by the kaspersky engine, which has passed all tests it entered in 2006.

Bit Defender: Passed all tests in 2006, did not enter in 2007

Avira AntiVir: Passed two tests, but failed 1 in 2006, did not enter in 2007

Avast!: Entered 4 tests from 2006-2007, passed all (certified fit for windows Vista)

AVG: Entered 4 tests from 2006-2007, passed all.(certified fit for Windows Vista)

Clam Win: Did not enter

ICSA certified for virus detection: Bit Defender, Avira AntiVir, Avast!, AVG (all are for Windows XP)(Kaspersky is also ICSA certified)

ICSA certified for Virus cleaning: Bit Defender (all are for Windows XP), (Kaspersky also has that certificate)

AV Comparatives gives perhaps the best comparison of antivirus detection ability. According to that site, the professional editions of Kaspersky and Avira were rated the highest among the companies listed here. However, their data cannot be given over here for copyright reasons, and you have to go to their website to access their articles. Avira was the best for polymorphic viruses. However, that site rated the professional editions, and may not hold true for free editions.
Winner: AOL Active Virus Shield. It is powered by Kaspersky, which has the highest detection rates for any anti-virus.

Because of the low rate of detection, Clam Win will not be discussed any further.


AOL Active Virus Shield affects the startup time the least, followed by Avira, Avast!, Bit Defender and AVG.

SCANNING is done in the least time by Avira, followed by Bit Defender, Avast!, AOL Active Virus Shield and AVG.

AVG is the only free antivirus in which a rescue CD can be built.

Other Quirks: Bit Defender lacks real time scanning.

Overall, FOR WINDOWS XP, THE WINNER IS AOL ACTIVE VIRUS SHIELD, closely followed by Avira, and then Avast!, AVG and Bit Defender. It is fast, has a higher detection rate than all other paid anti-viruses, and does not slow down the system much. In fact, it has got the feature of releasing memory when another concurrent program is running, so that the user is not hampered by the scan.

Avira AntiVir is also an excellent choice, as is Avast! . AVG is a standard product which has the added advantage of having a rescue CD .Bit Defender is good, but lacks real time scanning, a real necessity, and therefore is not recommended, inspite of having high detection rates.

FOR WINDOWS VISTA, only Avast! and AVG have got the certification. Therefore, for the present, these are the two best products

I will try to post the exact boot times and scanning times for my computer within the next few posts. Other reviews on how the antivirus affects the system performance will be found here and here

For the best comparison of anti-virus detection rates, you can go here.

Wednesday, February 21, 2007


Browser security is extremely important. It is one of the major ways by which a remote attack can be made on your system. Any important information on your system can be easily read by a malicious hacker if you are not careful. Therefore, browser security is of prime importance.

There have been misguided, (and probably mischievous) attempts in the net to measure the security afforded by a browser just by the number of reported vulnerabilities. It is NOT necessary that a higher number of reported vulnerabilities implies an insecure browser. In fact, it may well reflect transparency on the part of the company to alert the users about the security hazards they would be facing if they either do not apply patches or try a workaround. On the other hand, a company refusing to acknowledge a discovered flaw and not patching it for months altogether is socially irresponsible.

The most important aspect for the end user should be the criticality of risk they are facing due to a program flaw and the number of days they are at risk due to that flaw remaining unpatched. A higher number of reported patched vulnerabilities before the error was publicly known is much more secure than just one critically risky flaw that will allow the hacker access to a computer for just a few days. In the former case, most hackers will not get at you, in the latter, anyone interested may get any information they want from your computer. Keeping this in mind, I propose that the number of risk-days due to a vulnerability be the true indicator of browser security. In this metric, the number of days a vulnerability remains unpatched equals the risk days for that vulnerability. In this way, the risk days for all the reported vulnerabilities may be added together to get an estimation of the risk, and therefore, the security provided by a browser may be measured. It should be noted that all the vulnerabilities are not of equal risk, and therefore the risk days for vulnerabilities of different risk categories should be calculated differently.

Keeping the above in mind, I attempted to calculate the risk an user faced in using a fully patched version of Internet Explorer, Mozilla Firefox and Opera in a Windows XP Operating System. I have also made the assumption that the user would upgrade the browser on the date of release., e.g an Internet explorer user would have downloaded IE 7 on October 18. Even otherwise, the conclusions of this study would have remained the same, but the numbers would have changed. All the vulnerabilities for the browsers have been taken from, the website of one of the most respected third party cyber security companies.
Secunia has divided vulnerabilities into 5 grades ranging from “not critical” to “extremely critical”. These have been translated as ranging from criticality 1x to criticality 5x in my study. The study period ranged from January 2006 to the present. The number of unpatched vulnerabilities were also noted. The interpretation of the criticality levels can be found at the website

Internet Explorer172296

Table 1: Showing the number of vulnerabilities reported for the different browsers in the period Jan 1 2006 to Mar2 2007

As can be seen from Table 1 above, Opera experienced the least number of vulnerabilities. The number of vulnerabilities of Firefox was higher than that of Internet Explorer, a finding by which some people have come to the (erroneous) conclusion that Firefox is less secure than Internet Explorer. However, Internet Explorer had vulnerabilities in the extremely critical range, meaning that a public exploit was already available at the time of the patch, and the user was already at risk even while the patch was being downloaded.

Internet Explorer2329621308620

Table 2: Showing the total risk days for vulnerabilities for the different browsers in the period Jan 1 2006 to Mar2 2007.

The total number of risk-days for the browsers given in Table 2 paint a more accurate picture of browser security. Opera had the least number of risk days and these were from the lowest risk category (labelled as “not critical” by secunia). Firefox had a much lower risk-days than Internet Explorer, showing that the developers of this browser is much more responsible in giving out security patches. Internet Explorer had the worst record, and even the most critcal vulnerability was left unpatched for some days.

Internet Explorer05100

Table 3: Showing the number of unpatched vulnerabilities in the period Jan 1 2006 to Mar 2 2007.

Table 3 shows the number of unpatched vulnerabilities. It again shows Opera in the most favourable light. At the moment, IE also has the highest number of unpatched vulnerabilities

Therefore, Opera is by probably the most secure major browser for Windows in the market today, beating the other two vendors by a fair margin in all the metrics of security. Firefox has, for the most part been much more secure than Internet Explorer, a fact which can be obscured by its higher vulnerability count. Internet Explorer has failed spectacularly in the security front. It is amazing, therefore, how IE apologists, still maintain that IE is secure, showing some superficial and inappropriate statistics.

In the end, what these statistics also show is that the best browser may have vulnerabilities discovered. In a way, this is to be expected, because software programs(like humans) are not perfect. This therefore serves also as a reminder to keep ones browser always updated.

Monday, February 19, 2007


There has been numerous arguments as to which is the best browser, Internet Explorer, Mozilla Firefox or Opera. All three have their own strong points, making it very difficult to decide as to which is the best browser. Added to that are the differing philosophies behind the creation of each browser: Firefox has a simple default install and gives the owner the freedom to customize the browser to his or her choice. Opera, on the other hand, gives a feature packed default install to make browsing as powerful as possible. Also coming into the question is the open-source proprietary debate. As a result of all these, this article will try to assess subjectively which the best browser is. Perhaps the question cannot be answered at all, and in the end, just show the writers perception and needs. Therefore, what follows is the authors two paise on the browsers.
For this article, the different browsers will be judged according to the following criteria:
1.Page rendering and viewability-40%
2.Web standards compliance -10%
Of these, page rendering and viewability is the most important fiunction. A person uses a browser to view web pages and check web mail. Therefore it is given the greatest weightage. However, many browsers suffer because many web pages are not standards compliant and have been optimised for a single browser. Standards are extremely important and adherence to these standards show, to an extent, the social responsibility of the browser manufacturers. Therefore, an additional 10% have been given for web standards compliance. The standards compliance have been tested using the acid2test and another web page showing the extent of standards compliance of the browsers.
Security is extremely critical, and the data extracted from has been used for measuring this component. What has been seen are the number of reported vulnerabilities, the time taken to patch the critical (and not so critical) vulnerabilities and the number as well as the severity of unpatched vulnerabilities.
Comparison of features is difficult to measure. It is extremely difficult to give a number to useful features. Therefore, this portion will be the most subjective of the various assesments. What complicates the matter further is that Opera has more installed features, while Firefox gives the user the choice to extend his browsing capabilities. Therefore, what this will intend to measure is the features that an User may wish to install, whether or not that comes with the default installation.
Speed is the fifth component of this comparison. I felt that this is not as important an component as features or security, and therefore gave it the least weightage. Now , on to the comparison:

Page rendering and viewability: There is no question about who the winner in this category will be. Due to its immense market share, only a foolish web page maker will make a page not correctly viewable in Internet Explorer. Therefore, almost all the webpages are viewable in IE7. Moreover, the presence of ActiveX allows some thing not possible in other browsers, e.g: Online malware scanning. Firefox comes near, but there are still a few pages which do not show well in it. The loser in this category is Opera. Many pages are optimised for IE or Firefox. Even though the Mask as Firefox or Mask as Internet Explorer feature does an admirable job,and perhaps more than 99% of the pages render perfectly, some pages are broken (though functional).Also, it is a pain trying to use online office suites in Opera. ( I know it is not Opera's fault, but this analysis was done keeping the end users in mind, and Opera, having a low market share, has to suffer). The marks given are:
IE7 40
Firefox- 38
Opera 34

Web standards compliance: There is again very little doubt about the winner in this category. Opera is the only browser among the three to pass the Acid2test. Furthermore a look at the standards compliance shows Opera to be ahead in most of the important features. Internet Explorer has a pathetic compliance for standards, and though Firefox is good, it could be better. Of course development builds of Firefox (the Gran Paradiso) have passed the Acid2test and will lessen the gap in the coming months.
IE 3
Firefox 7.5
Opera 9

Security: Again, there is little doubt as to the winner in this category. Opera has no unpatched vulnerabilities, and took very little time to patch those as well. Firefox has done well, patching the critical vulnerabilities fast and leaving no critical vulnerability unpatched. IE also has unpatched vulnerabilities. It has to be mentioned here that Firefox has more reported vulnerabilities than IE, but this should not be a criterion for marking. The nature of Open Source is such that more vulnerabilities will be reported because they have more eyes scanning them. What is really important is the promptness with which the vulnerabilities are repaired. Now two of the unpatched vulnerabilities in Firefox are relatively long standing ( June and November 2006) and blots its security record. Opera is almost perfect, but they could have been more open about the patches. As Asa Dotzler pointed out (even though “Asa is a troll”), they did not inform the users about the patches to the critical vulnerabilities. This is an extremely lax attitude and offsets some of their almost perfect record, and 10% of the total points have been docked. Still, they are the runaway winners in this category.IE also has 1.5 points docked for not acknowlwdging security flaws reporting to them and keeping them unpatched.
IE 6
Firefox 13
Opera 18

Features: This was difficult, mind you. On one hand, the numerous extensions of Firefox gave the user an almost unbelievable power. However, extensions have an effect on the memory footprint and speed (and to come anywhere near the functionality of Opera, you need to have more than 40 extensions installed). Opera, had an amazingly feature packed default install and can do many of the things by default that the most popular Firefox extensions do. Furthermore, being a full featured internet suite, it has an inbuilt mail client, news feed reader and chat client, with the former two (I believe) adding much more functionality than any extension. Besides that online presentations can be prepared with Opera. That along with MDI closes the huge gap in functionality that the extensions in Firefox seem to have built up. Internet Explorer had Active X and first and third party add ons, (in fact, it haa entire browsers browser-Maxthon, Avant as add ons). Therefore, the marks given in this category is extremely subjective and prone to debate.
IE 14
Firefox 18
Opera 14

Speed: Opera is a hands down winner in this category. It renders pages faster, loads very fast and makes the other browsers seem dead slow. There have been different articles showing that Opera is indeed the fastest, and by a large margin. And for the ones needing text really fast, it can run in text mode.
IE 7
Firefox 7
Opera 9

Final marks: IE 71
                       Firefox 83.5
                       Opera 84

And the winner is: Opera (though by a small margin). However, the small margin of victory has emphasised that there will be plenty of users (especially those for whom customisability is important) for whom Firefox will be the browser of choice. Also, as web page makers build good pages, Opera should gain more users. A fairer assessment should perhaps be that Opera and Firefox are both Winners. For me, however, inspite of being a supporter of the open source philosophy, Opera rules.