|
Matousec (a portmanteau of its founder's name - Matoušek and security) is a personal firewall testing group, known also as Matousec Transparent Security. History It was founded in March 2006 by Czech IT security researcher David Matoušek with a small group of university students (mostly) to find vulnerabilities in Windows PC security software. Nowadays the group's focus is on non-commercial public testing of personal firewall and Internet Security software. Group's testing results are usually mentioned in reports "Comparative reviews of personal firewall software". In April 2009, the group and project were acquired by unknown Internet and software-related company Difinex (Different Internet Experience) Ltd. under which it continues testing security software working under Microsoft Windows systems. Projects The most known project of Matousec is an independent security software testing challenge called Firewall Challenge (in 2009 - Proactive Security Challenge). The group is also known by the development of Security Software Testing Suite used for the tests mentioned above. Matousec is often mentioned in IT security forums when talking about how secure a firewall-based software is. or at personal firewall and Internet security software producers' sites news (Comodo, Kaspersky Lab. Currently, more than 50 firewall-related products were tested by Matousec group. Matousec tests Internet Security suites or personal firewalls with HIPS engines ability to stop leaks; how well it protects itself from crashing; if it can stop spywares from spying; and some other tests; the test used to include a performance test, but that has been removed now. All tests are performed on an administrator account on Windows XP with recent version of Internet Explorer. Reception Some have criticized Matousec for demanding more of a firewall than what is traditionally expected. A PC firewall should stop leaks, and some argue that it must not protect against other vulnerabilities such as key logging. Matousec has also been criticized on the basis of conflict of interest, due to being paid by security software makers for re-testing. Results may then, at the discretion of the software vendor, be disclosed or kept private. However, Matousec is transparent about this, and the testing procedure is described in detail on the website: Every vendor has a right to request a paid Proactive Security Challenge testing, in which case its product will be tested in all levels regardless the results on each of the levels. After the vendor receives the results of the paid testing, it can either keep them private or request their publishing on our website, but such a request will be satisfied only if the previously published results for the tested product, if any, are at least one month old and if the tested version is stable and publicly available. There are no limits of the frequency of the paid tests.<ref name="method"/>
|
|
|