Is antivirus bad for security?

Browser developers suggest antivirus isn't helping with security

free security software

Is it time to ditch antivirus? With near-constant serious attacks and the threat of hackers targeting your business or personal accounts, it may seem an obvious answer: of course not.

But an ongoing debate about the value of antivirus suggests that the answer may not be so simple to some.

Robert O'Callahan is a former Mozilla developer and in a blog post spotted by The Register he lays out the case against antivirus software, saying: "antivirus software vendors are terrible; don't buy antivirus software, and [un-ininstall] it if you already have it (except, on Windows, for Microsoft's)."

He does stress that for this to hold true your operating system needs to be up-to-date. "If you're on Windows 7 or, God forbid, Windows XP, third-party [antivirus] software might make you slightly less doomed."

Here's his argument against antivirus: O'Callahan says there's little evidence that it offers a real improvement in security, and it at times actually features bugs leaving users at risk he pointed to the vulnerabilities spotted by Google's Project Zero as evidence. "These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices," he said, noting that Microsoft's developers are "generally competent".

On top of that, he argues that antivirus products "poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security." In particular, he mention ASLR which is address space layout randomisation, a feature that helps protect against a specific type of attack called buffer overflowsaying antivirus software often broke it in Firefox for Windows.

His view was backed by Tweets from Justin Schuh, a security developer working on Google Chrome saying "worthless" antivirus code delayed a series of useful protective features and introduced vulnerabilities for users. "I expect it's possible to make an [antivirus] that isn't more harm than good, but none of you are even trying," he concluded.

Better solution?

Simon Edwards, founder of SE Labs, disagrees, arguingthat his antivirus testing lab shows that some antivirus is more effective than others and Microsoft's isn't the best. "You may not trust all of them, and you may have problems with some or all of the ways that they test, but I would suggest that they can't all be wrong," he said. "Our position on the Microsoft anti-malware included with Windows is that it is far better than it used to be, but that commercial third-party packages are consistently stronger."

That said, he said that there may well be good reasons to dislike antivirus, or "anti-malware" software, which he argues is a more appropriate term. While for some, disparaging established antivirus firms is a marketing tool, others will dislike the way such products "embed themselves into Windows in sometimes strange and unusual ways, causing potential havoc with their own efforts and potentially introducing new security vulnerabilities," he said.

But rather than argue wholly against antivirus, he'd prefer a different tactic. "Some testers make it their life's mission to discover technical problems with anti-malware, sometimes apparently taking the position that 'anti-malware is bad for you,' rather than, 'you need it, it's a bit broken but here's how to fix it'," he said.

What should you do?

Independent security analyst Graham Cluley said the "vast majority" of people should stick with antivirus.

"That doesn't mean that anti-virus software is perfect, or that it hasn't sometimes contained its own flaws and vulnerabilities," he said. "But the typical user is much much more likely to be protected by antivirus software than find themselves targeted by a sophisticated attack which exploits a flaw in the security software."

Edwards agreed, and said O'Callahan was right to focus on OS updates."There is no doubt that updating your operating system makes it more secure. We've run tests to prove that this oft-quoted advice is based on real, reproducible data," he said. "But what we've also seen is that adding a decent antivirus package to a good patching schedule raises protection levels even higher."

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021
MirrorBlast phishing campaign targets financial companies
phishing

MirrorBlast phishing campaign targets financial companies

15 Oct 2021
Russia missing from US-organized international ransomware event
ransomware

Russia missing from US-organized international ransomware event

13 Oct 2021
Kaspersky exposes MysterySnail zero-day exploit in Windows
zero-day exploit

Kaspersky exposes MysterySnail zero-day exploit in Windows

13 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021