Comment by qalmakka
3 years ago
I don't know, the more time passes the more I convince myself that the net benefits of antivirus software do not (an maybe never) exceed their downsides. In decades I've heard so many stories about AV software behaving suspiciously, using borderline shady tricks to monitor user activity, causing severe performance degradation, etc
> (an maybe never) exceed their downsides
There were certainly times when they were necessary: when Windows had nothing built-in to defend itself, and for a time after then when those built-in features were crap.
Those times are pretty much over now IMO. I'd go as far as to suggest that the market is now an attempt at a protection racket and hardware hawkers are complicit: things come pre-installed on new laptops and make very misleading claims about what might happen if you uninstall them instead of subscribing after the free trial period (ref: Dad got a new laptop recently, I went through and removed all the junk included with it, I can see why people with little technical experience might just pay up).
> There were certainly times when they were necessary
Around the time of Windows 7 I stopped using anti-virus software and nothing happened. And for a long time before that, paid antivirus software (ESET NOD-32) wasn't finding anything. I think the simple rules of having a router with a firewall, not clicking random files, not using Internet Explorer, and keeping Windows up to date covered 99% of possible exploits, and the other 1% was luck.
Windows 7 was the first version that Microsoft was allowed (by the US/EU antitrust decisions) to have Defender installed out of the box in Windows. They were trying to do that as far back as XP and "Security Essentials" (the name before Defender) was a free and easy download on XP and Vista, but without the protection racket style marketing it was easy to miss and not everyone realized that there was a nice, quiet Windows anti-virus tool from Microsoft just a click away. I still think bundled anti-virus was one of the stupider things the antitrust decisions blocked and it gave the protection rackets a few more years to solidify power that they didn't need.
Actually an antivirus will only help if you already have malware. (Or if it scans downloads/websites) but it will, most of the time, not prevent new malware.
The fact that a computer bought from a store, that you pay good money for, comes with this crapware installed shows that even when you do pay, sometimes you are still the product not the customer.
How about that time Avast gave you RCE by simply adding HTML to the CN field of an invalid certificate?[^1] Or when TrendMicro added an unauthenticated listener that would exec anything you sent it?[^2]
[1]: https://www.theregister.com/2015/10/06/google_zero_hacker_re... [2]: https://bugs.chromium.org/p/project-zero/issues/detail?id=69...
A couple years ago I heard a podcast that referenced a study that polled 2 groups of people; those that (admittedly, SELF) identified as "security professionals" and those that did not.
The data point was "what is the biggest thing your group does that the other does not?"
The professionals came in as "multi-factor auth" The non-professionals came in as "anti-virus"
There was a time when they made sense, but it's been many years since the benefits of running a third party antivirus program outweighed the drawbacks.
I remember our Java developers being very unhappy with ESET requirement that made the Linux boxes compile performance literally halve
Seemed to be a win-win for Windows and the AV companies. Windows would let cheap interns pump out code (autorun.inf) and anti-virus companies would throttle your computer looking for anything exploiting the garbage code. Windows Vista was like the high-water mark for a slapped together shit OS with its AV "protection" — "that place where the wave finally broke and rolled back".
There’s a deeper economic lesson in here. Essentially it could be summarised as: government cannot leave policing to the market.
In modern capitalist democracies with social benefits there’s a lot of debate/opinion about what the state should do versus leave to the market.
Imagine you establish a successful little utopia on an island somewhere. At first you outsource policing to a few strong and forthright friends, then as the place grows you let the market decide. But as the place really matures you end up having to bring policing “in house”, controlled by the state. There is still plenty (plenty!) of ways it can be corrupt… but when anti-virus / policing etc is fully outsourced - over time its corruption levels completely saturate.
Similarly - a military power that relies on mercenaries/soldiers of fortune/contracted parties. It cannot work beyond a very short term. (Machiavelli goes into this in a lot of detail in ‘The Prince’ … he was super evil but he was no fool.)
Seems strange to say that Bill Gates should’ve read more Machiavelli and he would’ve avoided creating the leeching anti-virus industry for so long.