← Back to context

Comment by computerex

7 years ago

Uhh what? Software is probably more secure now than ever before. I don't think AV software is snake oil at all.

10 comments

computerex

Reply
cmurf  7 years ago

UEFI Secure Boot, mandatory signed binaries, and Windows Defender (XProtect on macOS), have contributed more to protecting from malware than 3rd party anti-virus. Although I think the existence, cost, and PITAness of 3rd party anti-virus might very well have contributed to motivating the OS vendors into securing their products better.

  • Wowfunhappy  7 years ago

    It should be noted, I believe the parent comments included Windows Defender as an anti-virus. 3rd party was never specified, and disabling Windows Defender can indeed improve file access performance.

    • dvlsg  7 years ago

      Can confirm. I usually have to turn off windows defender whenever I'm doing anything with docker, or node modules, or something similar. If I don't, my computer slows to a crawl.

  • computerex  7 years ago

    Source? I thought UEFI was just a way to make Linux a pain in the ass to dual boot with Windows? What's your evidence that it's effective against malware? I am biased here, and hate uefi.

    • wtallis  7 years ago

      UEFI is not the same thing as UEFI Secure Boot. UEFI booting in general makes dual-booting far easier than BIOS-based booting where operating systems have to fight over who owns the MBR. Secure Boot makes it harder to set up a multi-boot system because you need a signed bootloader for your Linux system.

throwaway2048  7 years ago

Software maybe, but that has precious little to do with AV.

  • JohnJamesRambo  7 years ago

    This sounds like anti vaxxer logic. I don’t think you remember what it was like before anti-virus.

    • freedomben  7 years ago

      I do remember, but correlation != causation. The major improvements that have made software so much more secure are not AV, they are things like ASLR, non-executable stack, stack canaries, a shift to less-privileged code and having more functions in user space, memory-safe(r) languages being more common place, and an increase in general security awareness. If anything anti-virus is much less useful now that polymorphic shell code is commonplace, as well as the fact that user error (such as falling for a phishing attack) is by far the largest cause of security failings.

      2 replies →