Is antivirus bad for security?

Browser developers suggest antivirus isn't helping with security

free security software

Is it time to ditch antivirus? With near-constant serious attacks and the threat of hackers targeting your business or personal accounts, it may seem an obvious answer: of course not.

But an ongoing debate about the value of antivirus suggests that the answer may not be so simple to some.

Robert O'Callahan is a former Mozilla developer and in a blog post spotted by The Register he lays out the case against antivirus software, saying: "antivirus software vendors are terrible; don't buy antivirus software, and [un-ininstall] it if you already have it (except, on Windows, for Microsoft's)."

He does stress that for this to hold true your operating system needs to be up-to-date. "If you're on Windows 7 or, God forbid, Windows XP, third-party [antivirus] software might make you slightly less doomed."

Here's his argument against antivirus: O'Callahan says there's little evidence that it offers a real improvement in security, and it at times actually features bugs leaving users at risk he pointed to the vulnerabilities spotted by Google's Project Zero as evidence. "These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices," he said, noting that Microsoft's developers are "generally competent".

On top of that, he argues that antivirus products "poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security." In particular, he mention ASLR which is address space layout randomisation, a feature that helps protect against a specific type of attack called buffer overflowsaying antivirus software often broke it in Firefox for Windows.

His view was backed by Tweets from Justin Schuh, a security developer working on Google Chrome saying "worthless" antivirus code delayed a series of useful protective features and introduced vulnerabilities for users. "I expect it's possible to make an [antivirus] that isn't more harm than good, but none of you are even trying," he concluded.

Better solution?

Simon Edwards, founder of SE Labs, disagrees, arguingthat his antivirus testing lab shows that some antivirus is more effective than others and Microsoft's isn't the best. "You may not trust all of them, and you may have problems with some or all of the ways that they test, but I would suggest that they can't all be wrong," he said. "Our position on the Microsoft anti-malware included with Windows is that it is far better than it used to be, but that commercial third-party packages are consistently stronger."

That said, he said that there may well be good reasons to dislike antivirus, or "anti-malware" software, which he argues is a more appropriate term. While for some, disparaging established antivirus firms is a marketing tool, others will dislike the way such products "embed themselves into Windows in sometimes strange and unusual ways, causing potential havoc with their own efforts and potentially introducing new security vulnerabilities," he said.

But rather than argue wholly against antivirus, he'd prefer a different tactic. "Some testers make it their life's mission to discover technical problems with anti-malware, sometimes apparently taking the position that 'anti-malware is bad for you,' rather than, 'you need it, it's a bit broken but here's how to fix it'," he said.

What should you do?

Independent security analyst Graham Cluley said the "vast majority" of people should stick with antivirus.

"That doesn't mean that anti-virus software is perfect, or that it hasn't sometimes contained its own flaws and vulnerabilities," he said. "But the typical user is much much more likely to be protected by antivirus software than find themselves targeted by a sophisticated attack which exploits a flaw in the security software."

Edwards agreed, and said O'Callahan was right to focus on OS updates."There is no doubt that updating your operating system makes it more secure. We've run tests to prove that this oft-quoted advice is based on real, reproducible data," he said. "But what we've also seen is that adding a decent antivirus package to a good patching schedule raises protection levels even higher."

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Google removes 17 apps infected with evasive ‘Joker’ malware
malware

Google removes 17 apps infected with evasive ‘Joker’ malware

28 Sep 2020