Are antiviruses dead/useless?
Why are people still recommending antiviruses?
It’s obvious that antiviruses are based on a flawed principle. All security experts know that default deny is the only sound protection method.
Antiviruses are mainly blacklisting technology, they are reactive, the company needs to get a sample of the new malware , analyse it and create a signature first before it can detect.
In today’s world this is too slow. Plus there are so many none-replicating malware that never get into the hands of AV analysts anyway.
Even a newbie like me has modified a known worm with some hex editing and packers and it is undetectable!
Heuristics? Let’s face it heuristics are a joke, they always have being, in retrospective testing, even the best AV (NOD32) detects only 50% and most are far worse.
It is futile to try to identify every single bad guy, with malware increasing exponentially, antiviruses cannot keep up.
Why don’t people use or recommend sandboxing apps or behavior blockering or anti-exes?
Real world tests show that antiviruses are not very effective. See http://winnow.oitc.com/AntiVirusPerformance.html
These are stats obtained by human analysts who actually encounter malware and load it up for real time checking on virustotal.com
Tests by virus.gr and anti-comparatives.org do not reflect real world performance! The test bed is dubious, many are harmless junk and most are zoo malware, malware that is not spreading.
What i ask goes for antispyware too. They are basically using the same scanner signature technique anyway.
Don’t you experts always say use more than one antispyware cos one can’t get them all? This just shows the failure of a signature blacklist based approach!
Tagged with: Antispyware • apps • blacklisting • Don • gr • hex editing • increasing exponentially • joke • malware • new malware • newbie • nod32 • packers • principle • real world • scanner • security experts • signature • test bed • World • world performance • world tests • worm • zoo
Filed under: Tech News
Like this post? Subscribe to my RSS feed and get loads more!
If you are very much against any antivirus thing( well, me too) then try using openSource softwares.
If that sounds odd… try some behavior blocking antivirus as you said…. one is Prevx1, then Sana Security PrimaryRespose is also a good product.
but… ask yourself these questions: -
Why don’t openSource systems get infected? [afterall they are softwares that follow the same hardware too.]
and who creates the virus? [don't go upon the biological name, it's too a running program, a mere hex code!]
answer to the first is not ONLY that since they are OPEN to everyone… you can see the code and inform the community about any malicious program….but don’t you think it TAKES TIME TOO? AND YEAH IN TODAYS WORLD, IT’S TOO LATE? the same story as virus signatures take at least 8 hours before they get fully detected.
so, why?
why are openSource go uninfected?
it’s because they know the basic reason why one uses a PC…
it’s because they understand that this software war is nowhere ending…
it’s because they don’t write a corrupt policy to beat the competetor, where the main user, that’s we…. are in middle of this.
it’s because they DON’T CREATE VIRUS!
~Cheers~
GoodLuck!
Ok, here’s what I think. You had a bad experience with some antivirus software. Now you’re jaded, and trying to convince others that antivirus software is useless.
Is that about right?
Antiviruses are still a necessary part of computer life today. As soon as you connect to the internet, your computer is an open bucket, if you will. Anything can fall in – rain (which is good), but also leaves, twigs, bugs, spiders.
A computer with antivirus software is like a bucket with a screen over the top. Sure, some bugs might get through sometimes, but for the most part, only rain will get through.
Now, would you rather have the bucket that’s unprotected, or the bucket that has some protection? I think the second one.
And you mention heuristics. You say they detect only 50% of viruses. Well, 50% is still 50%. That’s a whole lot better than 0%, which is what you’ll get with no antivirus software.
So anybody that’s new with computers, don’t listen to this guy. You need to have antivirus and antispyware software installed and updated on your computer. If you get online, you MUST have both of these things.
I think you will be able to answer this question yourself if you remove any antivirus program you have, wait a week and see what happens. You’ll soon realise why anti virus progs are an essential fact of computer life.
There is a lot of evil in the computer world, and we need protection. There may be flaws, but to have Windows and go naked without protection means that pretty soon you not have a computer any more.
There are computer systems, other than Microsoft that have never ever got hacked, computer virus, spyware, malware etc. Some of them are connected to the Internet.
However, people buy Windows because Microsoft is the world’s genius at marketing, and most people when it comes time to buy, want the cheapest purchase cost, could care less about cost of operating. I don’t know why that is. Most people by the time they are on their second or third automobile do care about cost of maintenance and support over the lifetime of the car, and pick a good brand on that basis.
As long as you update your pc consistanly. No doubt. Your pc is safe. plus, don’t surf any site that could provide porn stuff. Don’t download pirated software. Then, you are in the comfort zone.