Is Anti-Virus Security Software Still Relevant?

Is Anti Virus Security Software Still Relevant 2017 images

“Don’t buy antivirus software, and uninstall it if you already have it (except, on Windows, for Microsoft),” said former Mozilla engineer Robert O’Callahan. Now that would leave your system vulnerable, wouldn’t it? This advice is applicable to Windows 8.1 and Windows 10 where Microsoft’s Windows Defender is built in. It’s a wonder that Microsoft hasn’t been slapped with another antitrust complaint by AV manufacturers. The old adage that any other AV is better than Microsoft’s is still floating around.

Now as a currently-employed IT officer, I’m at the behest of the powers-at-be from headquarters and am inclined to follow whatever anti-virus software they recommend; Trend Micro, McAfee, Symantec, Sophos but they chose to go with Microsoft System Center Endpoint Protection. Who better than Microsoft to protect their own operating system, right? Going with this, whenever I purchase new systems, I uninstall whatever anti-virus is included which is often McAfee and I enable Windows Defender; and for older ones with Windows 7, I install Microsoft Security Essentials for units assigned to projects. To be fair, Microsoft’s packages have been successful in tackling most malware out in the wild, including some high-profile ransomware. That, and enough security education for our users have been sufficient in curbing infections so far; maybe except for those annoying toolbars, browser add-ons and hijackers that attach themselves legit freeware some users are in-love with.

Now, what other reasons are there to ditch those old anti-virus packages we used to love despite Microsoft having its own? Well for slower systems, especially those cheap laptops and Windows 10 tablets out there, AV packages take up much-needed space as well as processing power. Some packages aren’t as polished as they should be and end up being too intrusive. There was that time when Symantec’s Norton Anti-virus was the slowest in town, causing many skins and systems to crawl as it updates its definitions. It’s basically fast now, but that reputation stuck with this author. It’s only an opinion as I haven’t looked into the package lately. Another is that major AV packages now run on a subscription basis. Why shell out monthly or annually when there’s one already built-in and is free? There’s also the fact that some AV packages interfere with valid software preventing them to run without any notice, leaving normal users clueless as to what’s wrong until they decide to shut their protection down.

As for Mr. O’Callahan’s reasons, in telling people to ditch other AVs, he says that there’s little evidence that these packages actually enhance security. In fact, they could actually be used as doorways by attackers due to their high security privileges. Experts found over 200 flaws in Trend Micro products, which Trend Micro immediately fixed after being outed. Those flaws, however, shouldn’t have been there in the first place or at least not that many. Google’s Project Zero Team also found critical bugs in other major AV packages.

Missing the good old days when computer viruses actually simulated viruses by attaching themselves to EXE programs. Nowadays, major virus and malware vectors are email attachments and web browsers. Phishing tactics aren’t even detectable. Browser developers now include some security features that other AV packages unfortunately undermine.

“Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security.”

— Robert O’Callahan, former Mozilla engineer

It seems like a sour-graping statement considering where he’s from but he has valid points that AV packages tend to hobble browser security features meant to protect users from exploits. Firefox isn’t alone in this as AV packages also introduced security holes in Chrome according to one of the browser’s security engineers.

As mentioned, more often used vectors nowadays are email and browsers that affect users no matter the operating system; Windows, Mac OS X and Linux. Traditional AVs hardly matter to Linux users and Macs, both of which gradually eat up Windows’ market share with Windows now fighting back. And with Windows fighting back, it makes sense for users to protect themselves with whatever they’re comfortable with or whatever their companies tell them to use.

I occasionally get laptops back from project sites with other AVs installed. Take this article with a grain of salt. Windows Defender is completely fine, but whatever works for you.