RayLopez99 explained :
> The topic of conversation is this:  I use Windows Defender on Windows 10, 
> which AV Comparibles (sic) says has 'only' an 80% detection rate (I say 
> that's good enough).

Then it is. Only you can make the determination as to how much your 
data is worth.

>  Another program, like say Norton or whatever, will have 
> a 98% detection rate.  What badware (virus, malware, etc) lies in the gap 
> between Defender's detection rate and the better commercial software?  In the

> 18% range? (98-80 = 18%)?

Probably some of the polymorphic worms and viruses. Trojans are much 
more likely to affect you due to their prevalence and Defender might 
well be "good enough" to know most of them, so you're okay.

Another consideration is how quickly a vendor reacts to newly 
discovered malware, how long their 'zero-day' lasts. I don't think that 
is a metric these comparatives use.

If your data is worth more, then the higher scoring AVs are worth more.

> I am speculating not much badware.  It's something obscure like a "Open 
> Candy" cookie or something that might hijack your browser or something like 
> that, nothing "serious". I'm speculating the 'serious stuff' is in the 80% 
> and below range that every AV program (including the 'hapless' Defender) will

> catch.

I don't think that is the case, but I'm not familiar with that 
particular "AV Comparibles" service. A good comparatives service will 
not have competitors rising to the top by detecting lameware and crud.

> Is this a reasonable assumption?

Not IMO.

> Please, resist the temptation for a "parade 
> of horribles" example.  I'm sure you can come up with one, but I could 
> counter that the Stuxnet virus could infect even the machine that has 98% 
> detection.

You are correct, Stuxnet could infect a machine if it was in that 2 
percent the AV was missing.

>  We're talking about 'center mass' or stuff that falls 1 or 2 
> standard deviations from the mean, not stuff China, North Korea or the CIA 
> would write.

I agree, Defender will probably do well against most of the 'run of the 
mill' malware. If that's good enough, then it is good enough.

> "Diesel" wrote in another thread:
>
> While it's a true statement, it's mostly marketing FUD and PR
> nonsense. Honestly. SAS catches things MBAM missed, BugHunter caught
> things MBAM missed (yes, it did), MBAM caught things both of the
> previously mentioned ones missed. None of this remained consistent.
> Sometimes, within hours, one or more would trade places on who
> scanned what first and detected it. It's no different than various
> antivirus programs. It's been ongoing since more than one antivirus
> was presented to the world. :)

Right, doing consistently good for years carries some weight though.
--- NewsGate v1.0 gamma 2