pageoneresults - 12:51 pm on Jan 21, 2010 (gmt 0)

I'm going to be blunt, hope you don't mind. ;)

Let me have it, you know me. ;)

Your software is clearly total junk, as it is horribly broken.

I think my previous software was in the total junk category and was broken. I also think there are quite a few g33ks around this neck of the woods who might take that personally. :)

You appear to be forgetting that commercial "security" software depends on producing sufficient "noise" to give the continual impression it was worth the money you paid for it, regardless of the quality or accuracy of that noise. Norton is a great example of this, a constant nanny shouting "danger" at every turn for entirely spurious reasons.

I've run Norton for as long as I can remember. It is typically pre-installed on the systems I've purchased. In all the years that I utilized Norton, there were less than a handful of those Nanny Shouts you refer to.

Would you like a spam filter to block all mail from Hotmail just because one spam came from their server?

That may be a bit extreme. I would like a spam filter to determine that the mail originated from an IP that has a high volume of spam. And if so, to take the appropriate steps.

In this case, your software is doing something similar: it ignores the fact that an IP address isn't always unique to one server or one site, and so you get a HUGE false-positive rate.

Thing is, I'm not getting a HUGE false-positive rate. Since installing I've had approximately 6 alerts for malicious IPs and I do quite a bit of surfing, the numbers are very small.

So of those 666 sites sharing one IP, only one is evil wink the 665 others are false positives. This is the software's fault, not the webmasters'.

Heh! What a coincidence.

There is no such thing as a "trusted" IP, or hosting company.

I tend to think otherwise. There are plenty of references in various Google Patent filings that discuss the integrity of the hosting environment. I would think that IPs are part of the process, one of the signals that may be used to determine the legitimacy of the provider.

Whatever some noisy anti-virus program that can't handle HTTP/1.1 says.

What do you use? Are you saying that my current choice of security software is noisy? I wonder what ESET, Malwarebytes and TrojanHunter would think about that? ;)

I'm interested to know what you'd recommend as a defense against the current malware threats?