The online world is ablaze with a discussion about whether having anti-virus software on a computer could actually pose a greater risk than the malware it is intended to safeguard against.
It was Robert O’Callahan, formerly head developer at Mozilla, who got the ball rolling. He advised computer users to disable all virus scanners from their computers and not to purchase any new security software. O’Callahan only allows Microsoft’s free “basic protection” Windows Defender (because apparently Microsoft developers are clearly more competent in all security matters than all other AV producers.
And the argumentation is especially interesting. For the former Firefox developer, this is not about the security gaps in security software products which have been repeatedly denounced for years. Rather, O’Callahan is annoyed as a developer that anti-virus software repeatedly causes security issues itself or hinders the implementation of effective safeguarding measures, as “heise Security”magazine reports.
Justin Schuh, who was previously one of the developers working on the security of the Chrome browser at Google, is beating the same drum. Both criticize AV software for impeding the provision of critical security updates, undermining the consistent implementation of ASLR (Address Space Layout Randomization) in many cases or eroding Transport Layer Security with faulty man-in-the-middle modules. O’Callahan and Schuh go on to complain that developers also generally lose a substantial amount of productive working time analyzing system crashes for which AV is in the final analysis responsible.
This kind of criticism seldom goes public, because no software provider can afford to or would be willing to start a war of words with AV producers. Yet security experts are already seeing anti-virus software playing an ever smaller role, according to a survey published by Google as far back as summer 2015. The report shows that security experts install updates as quickly as possible and also take particular care to ensure that their passwords are of a high quality, often by making use of a password manager.
Our point of view: Anti-virus software has undoubtedly long been declining in significance as a means of end-point security. Companies in particular should still, of course, continue to check their e-mail in-boxes — a major gateway for malware and cyber attacks — for virus and so-called advanced threats. Or have them checked by an expert service provider which is specialized in this field, such as Retarus. For instance, we run four scanning engines in parallel, enabling us to delete 99.99 percent of all incoming viruses. On top of this, we also develop novel approaches such as our innovative “Patient Zero Detection”. Find out more about Retarus E-Mail Security here or directly from your local Retarus contact person.
This kind of criticism seldom goes public, because no software provider can afford to or would be willing to start a war of words with AV producers. Yet security experts are already seeing anti-virus software playing an ever smaller role, according to a survey published by Google as far back as summer 2015. The report shows that security experts install updates as quickly as possible and also take particular care to ensure that their passwords are of a high quality, often by making use of a password manager.
Our point of view: Anti-virus software has undoubtedly long been declining in significance as a means of end-point security. Companies in particular should still, of course, continue to check their e-mail in-boxes — a major gateway for malware and cyber attacks — for virus and so-called advanced threats. Or have them checked by an expert service provider which is specialized in this field, such as Retarus. For instance, we run four scanning engines in parallel, enabling us to delete 99.99 percent of all incoming viruses. On top of this, we also develop novel approaches such as our innovative “Patient Zero Detection”. Find out more about Retarus E-Mail Security here or directly from your local Retarus contact person.
[su_box title=”About Conor McGrath” style=”noise” box_color=”#336588″][short_info id=’101767′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.