Is antivirus software a waste of money…

Topic

New Reply

http://www.wired.com/wiredenterprise/2012/03/antivirus/

Jerry

Reply | Quote

Replies

My feeling is that the user’s actions are the number one cause of infections, by far, but the AV/AM is another layer to prevent the accidental exposure. let’s say you are looking around, say for an answer to a question here, and a Google search turns up a questionable site that is infected that gets by other prevention layers. What is there to stop it? Perhaps my AV/AM app. So I will keep it, and keep it up to date. It does not use much resources and might help.

Reply | Quote

1. Given that (at least for personal use) MSE is free, yes, I’d say it was a waste of money to pay for AV software.

2. In the real world (at least here) where sharing files by USB is very common, I’d be sunk without being able to scan the stick before doing anything else with it. Maybe you’d say I’m stupid plugging an unknown USB stick into my computer, but it’s very common here, as are infected computers. So far :crossfingers: I’ve managed to avoid nasties. I couldn’t have done that without a good AV program.

Chris

Reply | Quote

For me it is not worth paying for an AV application when there are many decent free choices.But somebody has got to support this industry otherwise I could’nt see it surviving long gratis.

Reply | Quote

Have to agree with Clint. Also, if people start buying AVs, then many will fall prey to the simple attacks that those security experts say aren’t used anymore…

I would also counter the experts argument, by a simple sample of simple AV infections that we help with here.

Reply | Quote

I would also counter the experts argument, by a simple sample of simple AV infections that we help with here.

Most of the AV infections we see here represent a failure of an AV product to prevent. I posted the article as an interesting alternate viewpoint especially since it stated that most security experts weren’t using an AV. I use MSE and will continue to use it as it has found and prevented malware in the past for me. But I don’t believe any AV will protect against all the newest malware as the article also states.

Jerry

Reply | Quote

Most of the AV infections we see here represent a failure of an AV product to prevent. I posted the article as an interesting alternate viewpoint especially since it stated that most security experts weren’t using an AV. I use MSE and will continue to use it as it has found and prevented malware in the past for me. But I don’t believe any AV will protect against all the newest malware as the article also states.

Jerry

There are AV products that use strategies that do not rely on signatures. Such software can be effective preventing against unknown threats.
I use OA Premium, together with MSE. Nothing installs or runs in my system without my or OA’s permission (they keep a database of what is safe or not) and what is not in the database won’t run or install without the user being prompted for permission.

Reply | Quote

First, the article clearly states that those AV non-users are IT Professionals in Enterprise environments. Not your average home user without those fancy packet-sniffing Security Appliances and Server-class packet filtering devices.

Second, preventive heuristics is not and cannot be effective against unknown threats. Look at THIS ARTICLE for several insights into the state of the art of heuristics detection, as well as their link as to why AV heuristics can NEVER detect unknown threats definitively. Unfortunately, you have to take a Quiz to get to the discussions of the answers. The discussion of the correct answer to Question 15 contains a link to the halting problem which limits forever the effectiveness of predictive heuristics.

I wonder if Woody Leonhard, the author of the Quiz, could post a link to the Quiz Key itself, without the need to take the Quiz to get at the information contained in the answers?

Third, both of those interviewed and of those who made most of the comments saying they do not use AV/AS products, almost two-thirds admitted to using AV/AS products after getting an infection on theirs or others’ computers. That is a direct contradiction. Cloud Scans are AV/AS Applications. Software Firewalls and Router Firewalls are AV/AS measures. Windows 7 and 8 come with built-in firewalls and (Win 8) built-in AV/AS measures beyond MSE/Defender. They then tried to further obfuscate by claiming that there is some magical semantic difference between a “virus” and all other types of malicious codes. That is stricly Grade-School Bragging on the Playground behavior. Otherwise known online as Trolling.

The article should make IT Administrators think twice about where their resources and money are being spent. But for home users or small businesses, it is still cheaper and less time-consuming to be proactive rather than reactive. And not using AV/AS until something gets onto your network or a computer is being very reactive. I’d even say, Reactionary.

I agree that we should have layers in our security approach, and AV/AS is just one (or several) layer(s) in our ideal approach.

-- rc primak

Reply | Quote