Valid argument or indispensable shield? There are effective alternatives for protecting yourself.
Installing antivirus programs on your PC does not offer protection; on the contrary, they open up superfluous vulnerabilities in the protective shield! This is what Robert O’Callahan argues. As a former developer of the Firefox web browser, he has called upon users to uninstall their AV software. Justin Schuh, a developer of the competitor browser Chrome, concurs: AV programs are not equipped with important and appropriate mechanisms such as sandboxing. Rather, some of them have significant quality problems, particularly with respect to their own security. The high-level system rights that most AV programs are granted enable attackers to exploit these vulnerabilities and cause direct damage on the end devices.
Virus software fails to identify viruses
To make matters worse, there is a problem that various previous studies have already shown: namely that the mechanisms used to identify viruses are not as effective as they were a few years ago. Back in 2014, Lastline Labs tested the quality of various AV programs. One of the sobering results of the tests: Only 61% of all programs identified new viruses within two weeks of their emergence. At the same time, the updates must be installed much faster, because the duration of virus attacks are becoming shorter all the time. In other words, many attacks last just a few minutes or hours. What’s more, today’s malware is often a polymorphic phenomenon, transforming in manifold ways during an attack. Both create major problems for signature-based scanners.
So what’s to be done? Robert O’Callahan recommends that Windows users trust the already very reliable Defender module that is part of Windows 10. This makes sense, particularly considering that Defender is already an integral part of the operating system. While this doesn’t improve recognition, it at least prevents the opening of new security gaps. Additionally, it cannot be stressed enough that users should keep all programs up-to-date and always install the latest security patches.
Nevertheless, the question remains as to whether protection on local devices is still at all useful or whether protecting computers and networks should take place somewhere entirely different. It obviously makes sense to examine more closely how malicious software finds its way onto a computer in the first place.
Spam filter + web filter > antivirus protection
The two main gateways for malware are email and web traffic. Attacks via other routes such as infected external disks or active attacks by hackers, on the other hand, occur much less often. However, file attachments with malicious code or links to hidden downloads are frequently found in emails. Preventing these from ever landing in a recipient’s inbox in the first place is an effective way to protect against unwanted intruders. Cloud solutions in particular offer a protective wall that is located far upstream from one’s own IT infrastructure. In addition to this, by bundling the data traffic of very large numbers of users, undesired data can be noticed quickly – so all users benefit quickly from the results of the analysis. Professional cloud providers also offer additional security mechanisms such as sandboxing or the revising of links found in emails in order to increase the level of protection offered by filter systems. Web filter systems, on the other hand, check whether users are surfing on websites containing malware and block the opening of the destination page if needed, thereby blocking this attack route.
Of course, none of these measures offer 100% protection either, but they do greatly increase the likelihood of stopping data theft, extortion attempts, and imposter schemes.