Gizmodo Is Wrong: You Do Need Antivirus Software

[Paul Wagenseil]

Gizmodo says that you don't need antivirus software. Not true! Here's why you do, and how you don't have to spend money for it.

Gizmodo Is Wrong: You Do Need Antivirus Software : Read more

 

[Daekar3]

And the evidence that antivirus by its very nature cannot protect against zero-day threats? And the incontrovertible evidence that the deep hooks put into any OS by AV software presents increased and significant attack surface that directly leads to compromised systems?

This isn't a black and white issue. If it was, many smart people wouldn't disagree with you about it, including Steve Gibson. You can't just declare a debate over because you've decided you're right.

 

[Paul Wagenseil]

And the evidence that antivirus by its very nature cannot protect against zero-day threats? And the incontrovertible evidence that the deep hooks put into any OS by AV software presents increased and significant attack surface that directly leads to compromised systems?

This isn't a black and white issue. If it was, many smart people wouldn't disagree with you about it, including Steve Gibson. You can't just declare a debate over because you've decided you're right.

I never said the debate was over, or that it was a black-and-white issue. Going over your points:

1) Signature-based malware detection indeed cannot protect against zero-day threats, or even against polymorphic malware. But almost all antivirus software is much more than just signature matching these days. The real mark of a good AV suite is how well its various behavioral and code-inspecting tools can stop zero-day malware. Some of our top-rated products stop all of it in lab tests.

2) AV software does create a huge attack surface, which is why it's very important that AV software makers take care to make sure that their own products don't become the vector for an attack. But you know what's even more dangerous? Web browsers, browser plugins, Java and Microsoft Office software. If you didn't run any of those products, and never connected a PC to the Internet, you could probably live without AV software. But most people definitely need it.

 

[Avast-Team]

And the evidence that antivirus by its very nature cannot protect against zero-day threats? And the incontrovertible evidence that the deep hooks put into any OS by AV software presents increased and significant attack surface that directly leads to compromised systems?

This isn't a black and white issue. If it was, many smart people wouldn't disagree with you about it, including Steve Gibson. You can't just declare a debate over because you've decided you're right.

I never said the debate was over, or that it was a black-and-white issue. Going over your points:

1) Signature-based malware detection indeed cannot protect against zero-day threats, or even against polymorphic malware. But almost all antivirus software is much more than just signature matching these days. The real mark of a good AV suite is how well its various behavioral and code-inspecting tools can stop zero-day malware. Some of our top-rated products stop all of it in lab tests.

2) AV software does create a huge attack surface, which is why it's very important that AV software makers take care to make sure that their own products don't become the vector for an attack. But you know what's even more dangerous? Web browsers, browser plugins, Java and Microsoft Office software. If you didn't run any of those products, and never connected a PC to the Internet, you could probably live without AV software. But most people definitely need it.

I believe part of the issue is the term "antivirus."

The truth is, antivirus software -- Avast and AVG included -- needs to have layers in itself to prevent against ransomware, zero-days, and new strains, as Paul mentioned.

This is why we have next-gen detection and prevention such as CyberCapture (isolate and sandbox unknown files before they do damage) and Behavior Shield (real-time monitoring of processes for malicious behavior) which all themselves employ AI and machine learning to react to ever-changing threats.

Whew, a mouthful for sure, and apologies if that was too much jargon, but my point is that "antivirus" now means a lot more than traditional signature-based protection, or built-in basic protection On a side note, here's the latest real-world test from AV-comparatives, which just came out.

 

[GrayBit]

http/www.zdnet.com/article/research-shows-antivirus-products-vulnerable-to-attack/

I'll stick to EMET and Defender for now, thank you

 

[Dark Lord of Tech]

F-Secure is the best I've used , and I've tried all of the big contenders.