尽管有很多可用的防病毒解决方案,但家庭计算机的安全性(home computer security)远非完美。主要原因之一是,在功能热潮(feature rush)中,许多开发人员忘记了难题中最重要的部分:用户。他们设计了复杂的安全解决方案,其中包含许多普通用户不了解并且不知道如何使用它们的功能。我们的团队一直致力于寻找能够有效保护您的计算机免受恶意软件侵害并且对大多数人(如果不是所有人)都易于使用的安全解决方案。在本文中,我们想向您介绍我们对“人人安全(Security)”系列的方法,描述我们如何测试每个产品并解释我们每个徽章的含义:
数字公民在做什么?
传统上,审阅者一直关注安全软件(security software)的特性和功能。我们想以不同的方式来做。
我们知道,正确配置的程序将能够满足普通用户的所有安全要求。您可能不需要智能数据包过滤器、隧道功能、日志功能和花哨的活动监视器。您可能只想阻止可疑程序并确保您的计算机免受恶意软件和黑客攻击(malware and hacker attacks)。这就是我们关注的重点: 一个程序在保护您的计算机方面有多实用?(How)不是它的潜力是什么,而是对于不想花太多精力使用它或学习它的人来说有多大用处。我们希望为您的祖母或任何其他认为浏览器标签难以应付的家庭成员找到完美的(family member)安全程序。(security program)
这背后有一个合乎逻辑的原因:大多数用户不太可能需要安全程序提供的大多数高级或“额外”功能。此外,大多数用户不太可能投入太多时间来积极保护他们的系统。即使他们确实投入了足够的时间,他们也可能不喜欢它。因此,可以公平地假设大多数用户需要具有易于配置的强大基本功能的可访问软件。
我们正在测试哪些类型的安全产品?
我们主要测试以安全套件形式分发的商业产品。这些产品通常提供完整的保护,我们可以评估所有重要保护模块的效率:防火墙、防病毒和反间谍软件(antivirus and antispyware)。在当今的网络空间中,仅运行防病毒软件或仅运行防火墙已不够。您需要在您的计算机上至少运行这三个保护层,再加上防 rootkit保护和实时(protection and real-time) HTTP 流量(HTTP traffic)扫描。
我们如何进行安全测试
多年来,我们的评论在完整性、篇幅和质量(length and quality)方面都发生了很大变化。今天,我们在五个重要的测试领域构建我们的评论:
- 下载和安装体验(download and installation experience)- 我们首先评估下载和安装我们正在审查的安全产品(security product)的所谓简单练习。我们会查看下载和安装产品所需的步骤数、允许您使用产品所需的信息、下载的大小以及(download and number)完成安装所需的重启次数。我们还对安全产品(security product)是否在安装后不久自行更新以及首次交互的友好程度感兴趣。
- 与Windows、Web 浏览器和通用Windows 平台(Windows platform)应用程序集成 - 许多软件开发人员倾向于忽略Windows中引入的新功能。为了确保用户有良好的体验,我们首先检查安全套件(security suite)是否自动禁用 Windows防火墙和 Windows Defender。在您的系统上运行两个防火墙可能会给用户带来麻烦。而 Windows Defender如果与其他防病毒产品同时运行,很可能会造成冲突。然后,我们看看安全套件(security suite)对我们测试计算机的启动时间有多大影响(test computer),安全套件(security suite)的进程需要多少内存才能运行,以及它与家庭组等网络功能的集成程度(Homegroup)。最后但并非最不重要的一点是,我们测试您是否可以终止安全套件(security suite)的运行进程,以及它与Google Chrome、Mozilla Firefox、Microsoft Edge 和 Opera(Microsoft Edge and Opera)等流行网络浏览器的集成程度。
- 易于使用和配置(use & configuration)- 我们在本节中开始我们更高级的测试。我们首先查看可用于扫描系统以查找恶意软件的选项、默认计划扫描和可用计划选项。我们评估了通过所有菜单和配置选项(menus and configuration options)找到您的方式的难易程度,而无需访问 帮助文档(Help documentation)。然后,我们检查访问每种产品提供的支持服务、其 帮助文档和报告功能(Help documentation and reporting features)(如果可用)的难易程度。我们还尝试评估理解我们正在审查的安全产品共享的警报和消息的难易程度。(security product)人们是否需要一本手册来了解安全产品(security product)是在说,还是使用简单的英语与用户交流?
- 防火墙保护 - 我们使用两种网络漏洞(network vulnerability)扫描程序来评估防火墙的性能:Nmap和Nessus。我们寻找某些类型的网络攻击的漏洞、开放端口及其对您系统安全的相对重要性,以及可以通过例行扫描轻松识别的任何其他信息:MAC 地址(MAC address)、操作系统等。我们还会检查是否安全套件(security suite)能够在连接到新网络时分配正确的安全配置文件(security profile),以便您在安全性和访问(security and access)网络共享功能(连接到安全的专用网络时)之间获得最佳平衡。
- 防病毒和反间谍软件保护(Antivirus and antispyware protection) ——我们首先访问几个恶意网站,看看安全套件(security suite)是否在浏览网页时保护用户。然后,我们检查每个安全产品(security product)如何处理外部存储驱动器。我们将几个恶意软件样本放在USB 记忆(USB memory)棒上,将其插入我们的测试计算机(test computer),然后评估安全套件(security suite)的功能。对于我们最复杂的反恶意软件测试,我们在测试计算机上进行干净的(test computer)Windows 10安装,在其上植入恶意软件,然后询问安全产品(security product)我们正在审查自行安装并删除所有恶意软件。我们尝试评估防病毒引擎(antivirus engine)的性能,这取决于它在删除恶意软件方面的效率,以及整个过程的速度和简单程度。我们还运行一系列完整的系统防病毒扫描,并监控防病毒引擎(antivirus engine)扫描您的计算机的速度。我们还寻求第二个意见,并检查其他独立安全组织对我们评估的产品效率的评价。获得第二意见很好,不是吗?
- 额外(Extra)功能 - 许多IT 安全(IT security)公司为其安全产品开发了许多额外功能。我们安装和使用特定产品附带的每一个额外工具。在这样做的同时,我们分析了这些额外工具的有用性以及它们是否为客户带来了附加值。因为我们认为它对许多家长 来说是一项重要的安全功能,所以我们会查看(security feature)家长控制模块(Parental Controls module)是否可用以及它是否易于设置和使用。我们还在进行在线交易或包含VPN 服务(VPN service)时寻找 安全浏览(Safe Browsing)功能。
- (Default)您可能想要调整的默认设置 - 一些安全套件(security suite)具有有效保护您的能力,但它们没有,因为它们缺乏适当的默认设置来执行此操作。当我们测试安全套件(security suite)时,我们还会寻找可以调整的设置,以使您更安全。例如,许多安全套件(security suite)可以安排自动防病毒扫描,但它们不能。如果我们发现此类设置,我们会在审核中列出它们,并建议采取适当的措施。
我们尽量做到完整,并提供对每种产品效率的良好概述。虽然我们没有用于给出最终结论的数学公式,但我们会查看每种产品在所有这些领域的表现,并分享我们的建议。
判决及其含义
我们使用五星级评级系统(star rating system)来分享我们的产品推荐:
- 5 星 - 这些是最好的,最好的,顶级的,la creme de la creme。你懂的图片!它们是我们会随时向任何人推荐的安全产品。这些安全套件中包含的工具为您提供了出色的保护级别,并且它们以出色的方式提供保护,易于理解和使用。没有比这更好的安全产品了。
- 4 星 - 这些都是非常好的安全产品。我们向所有人推荐这些安全套件,因为它们是一流的产品,非常擅长保护您免受各种网络威胁。四星级产品是那些“几乎很棒”的产品,但它们因为有一些小缺陷而跌跌撞撞。
- 3 星 - 这些都是很好的安全产品。我们认为它们是普通的解决方案,我们只能将它们推荐给知道自己在做什么的人。其中一些在某个领域可能非常出色,例如拥有非常出色的防病毒引擎(antivirus engine),而在其他方面则较弱,例如无法提供良好的防火墙保护(firewall protection)。某些产品的默认设置可能较弱,用户可以对其进行改进。当您看到 3星评级(star rating)时,请务必阅读我们的裁决以及我们强调的优缺点,以便您更好地了解我们正在审查的产品的优缺点。
- 2 星 - 这些是平庸的安全产品。它们也是我们不喜欢的安全产品,我们不向读者推荐。这些产品无法保护其用户免受威胁,而且通常它们也难以使用和理解。
- 1 星 - 这些是您永远不应该使用的产品。他们非常不擅长他们应该做的事情:保护他们的用户免受恶意软件和网络攻击(malware and network attacks)。
除了我们的五星级评级系统(rating system)外,我们有时还会为那些在一个或多个领域大放异彩的安全产品授予徽章:
- 编辑推荐(Editor)-(Pick)当我们授予此徽章时,我们想表达我们真的很喜欢我们审查过的产品这一事实。此徽章仅授予远高于平均水平且易于使用的产品。通常,我们仅将这个徽章用于获得 4 星或 5 星评级的安全产品。
- 最佳安全(Best Security)性- 此徽章意味着我们审查过的安全产品为其用户提供了高水平的保护。(security product)这些产品在有效性方面大放异彩,但在其他方面可能不那么出色,例如可用性或性能(usability or performance)。此徽章可授予评级为 4 星或 5 星的产品。有时,评级为 3 的产品可能会收到此徽章,但前提是其缺陷与其反恶意软件保护的有效性无关。
结论
我们希望这个系列对我们的读者仍然有用。我们不希望您购买无用的安全工具并浪费您的金钱,同时将您的安全和隐私(security and privacy)置于危险之中。通过这个系列,我们正在尽最大努力识别那些值得考虑的安全产品,即使是在您毫无头绪的朋友和亲戚的计算机和设备上。
Security for everyone - How we review security products
Even though there are plenty of available antivirus solutіons, home computer security is far from being perfect. One of the main reasons is that, in thе feature rush, mаny developers forget aboυt the most important piece in the puzzle: the υser. They design complіcated security solutіons with lots of features which normal users don't undеrstand and have no clue about how tо usе them. Our team has bеen on a mission to fіnd those security solutions which are effective in protectіng your computer from malware and easy to use for most, if not all people. In this article wе'd like to tell you about our approach to the "Security for everyone" series, describing how we teѕt each product and explain what each of our badges means:
What is Digital Citizen doing?
Traditionally, reviewers have been focusing on the features and the capabilities of security software. We want to do it differently.
We know that a correctly configured program will be able to cope with all the security requirements of an average user. You probably don't need intelligent packet filters, tunneling features, logging features and fancy activity monitors. You probably just want to block suspicious programs and make sure that your computer is safe from malware and hacker attacks. This is what we are focusing on: How practical is a program in securing your computer? Not what its potential is, but how useful to someone who does not want to put much effort into using it or learning anything about it. We want to find the perfect security program for your grandmother or any other family member who thinks that browser tabs are hard to cope with.
There is a logical reason behind this: most users are unlikely to need most of the advanced or "extra" features security programs offer. Furthermore, most users are unlikely to invest too much of their time in actively securing their systems. And even when they do invest enough time, they probably do not like it. As a consequence, it is only fair to assume that most users require accessible software with robust basic features that are easy to configure.
What kinds of security products are we testing?
We are testing mostly commercial products that are distributed in the form of security suites. These products generally offer complete protection and we can evaluate the efficiency of all the important protection modules: firewall, antivirus and antispyware. Running only an antivirus or just a firewall is no longer enough in today's cyberspace. You need to have at least these three protection layers running on your computer, coupled with anti-rootkit protection and real-time HTTP traffic scanning.
How we do our security tests
During the years, our reviews have evolved a lot in terms of completeness, length and quality. Today we are structuring our reviews in five important test areas:
- The download and installation experience - We first evaluate the supposedly simple exercise of downloading and installing the security product that we are reviewing. We look at the number of steps required to download and install the product, the information required so that you are allowed to use the product, the size of the download and number of reboots required to finalize the installation. We are also interested in whether the security product updates itself shortly after the installation and how friendly the first interactions are.
- Integration with Windows, web browsers and universal Windows platform apps - Many software developers tend to ignore the new features that are introduced in Windows. To make sure users have a good experience, we start by checking if a security suite automatically disables the Windows Firewall and Windows Defender . Having two firewalls running on your system can cause headaches for users. And Windows Defender is likely to cause conflicts if it runs simultaneously with other antivirus products. Then, we look at how much a security suite affects the startup time of our test computer, how much memory is needed by the security suite's processes in order to run and how well it integrates with networking features such as the Homegroup. Last but not least, we test whether you can kill the running processes of the security suite and how well it is integrated with popular web browsers like Google Chrome, Mozilla Firefox, Microsoft Edge and Opera.
- Ease of use & configuration - We start our more advanced tests in this section. We first look at the options available for scanning your system for malware, the default scheduled scans and the available scheduling options. We evaluate how easy it is to find your way through all the menus and configuration options, without needing to access the Help documentation. Then, we check how easy it is to get access to the support services offered by each product, its Help documentation and reporting features, if they are available. We also try to evaluate how easy it is to understand the alerts and messages shared by the security product we are reviewing. Will people need a manual to understand what the security product is saying, or is it using plain English to communicate with users?
- Firewall protection - We use two network vulnerability scanners in order to evaluate the performance of the firewall: Nmap and Nessus. We look for vulnerabilities to certain types of network attacks, open ports and their relative importance to the security of your system, and any other information that can be easily identified through a routine scan: MAC address, operating system, etc. We also check if the security suite is able to assign the correct security profile when connecting to a new network, so that you get the best balance between security and access to network sharing features (when connecting to safe, private networks).
- Antivirus and antispyware protection - We start by visiting a couple of malicious websites to see if the security suite is protecting the user while browsing the web. Then, we check how each security product handles external memory drives. We place several malware samples on a USB memory stick, we plug it into our test computer and then we evaluate what the security suite does. For our most complex anti-malware test, we make a clean Windows 10 installation on our test computer, we implant malware on it and then we ask the security product that we are reviewing to install itself and remove all the malware. We try to evaluate how good the antivirus engine is, depending on how efficient it is at removing the malware, but also how fast and how easy the entire procedure is. We also run a series of full system antivirus scans and monitor how fast the antivirus engine is at scanning your computer. We also look for a second opinion and we check what other independent security organisations have had to say about the efficiency of the products that we are rating. It's good to get a second opinion, isn't it?
- Extra features - Many IT security companies develop lots of extra features for their security products. We install and use each and every extra tool that comes with a certain product. While doing so, we analyze how useful these extra tools are and whether they bring added value to the customer. Because we consider it an important security feature for many parents, we look whether a Parental Controls module is available and whether it is easy to setup and use. We also, look for Safe Browsing features when doing online transactions or for the inclusion of a VPN service.
- Default settings you might want to adjust - Some security suites have the power to protect you efficiently but they do not, because they lack the proper default settings to do that. When we test a security suite, we also look for those settings that could be adjusted in order to make you safer. For instance, many security suites can schedule automatic antivirus scans but they don't. If we find such settings, we list them in our review and we recommend the appropriate actions.
We try to be as complete as possible and provide a good overview of the efficiency of each product. While we don't have a mathematical formula we use to give the final verdicts, we look at how well each product performs in all of these areas and share our recommendations.
Verdicts and what they mean
We use a five star rating system in order to share our product recommendations:
- 5 stars - These are the best of the best, top of the top, la creme de la creme. You get the picture! They are security products that we would recommend to anyone, anytime. The tools included by these security suites provide you with an excellent level of protection and they do it in a manner that is great , both easy to understand and to use. Security products can't get better than this.
- 4 stars - These are very good security products. We recommend these security suites to everyone, because they are top notch products that are very good at protecting you against all kinds of cyber threats. Four star products are those products that are "almost great" but they stumble because they have a few small flaws.
- 3 stars - These are good security products. We consider them average solutions and we can recommend them only to people who know what they're doing. Some of them can be very good in one a rea, like having a very good antivirus engine, while being weak at others, like being unable to provide decent firewall protection. Some products may have weak default settings which can be improved by the user. When you see a 3 star rating, it is important that you read our verdict and the pros and cons we highlighted, so that you better understand the strengths and weaknesses of the product that we are reviewing.
- 2 stars - These are security products that are mediocre at be st . They are also security products that we don't like and we don't recommend to our readers. These products fail to protect their users against threats and, usually, they are also hard to use and understand.
- 1 star - These are products that you should never use. They are very bad at what they should be doing: protect their users from malware and network attacks.
Besides our five stars rating system, we sometimes also give badges to those security products that shine in one or more areas :
- Editor's Pick - When we give this badge, we want to express the fact that we really like the product that we have reviewed. This badge is given only to products that are way above average and that are also easy to use. In general, we use this badge only for security products that have received a rating of 4 or 5 stars.
- Best Security - This badge means that the security product we have reviewed offers a great level of protection to its users. These products shine in terms of effectiveness but they might not be as great in other aspects, like usability or performance. This badge can be given to products with a rating of 4 or 5 stars. Sometimes, a product with a rating of 3 might receive this badge, but only when its flaws are not related to the effectiveness of its anti-malware protection.
Conclusion
We hope that this series will remain useful to our readers. We don't want you to purchase useless security tools and waste your money, while putting your security and privacy in danger. With this series, we are doing our best to identify those security products that are worth considering even on your clueless friends' and relatives' computers and devices.