Google Senior Security Engineer Says Antivirus Is Useless

[Megalith]

This guy thinks antivirus is a waste of time and that resources should be shifted to other solutions such as whitelisting. Have you given up on AV software?

"Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'," he said. The Google hacker also argued that networks are not a security defence because users are so easily able to use mobile networks to upload data to cloud services, bypassing all traditional defences. Advice on safe internet use is "horrible", he added. Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online.

 

[MongGrel]

Personally I just use Windows Defender in WIN10 with No Script and another add on or two.

Most freeware AV seems more like bloat than it is worth to me.

I've paid for Defender with WIN10 and it seems to be pretty up to date and working well.

 

[USMCGrunt]

I haven't used Anti-virus on any of my computers for the better part of a decade without issue. I feel I have a pretty good understanding of how to conduct myself on the internets. That said, I do have antivirus installed on my son's laptop and recommend it to anyone that asks.

 

[azuza001]

I haven't used Anti-virus on any of my computers for the better part of a decade without issue. I feel I have a pretty good understanding of how to conduct myself on the internets. That said, I do have antivirus installed on my son's laptop and recommend it to anyone that asks.

Same here. I haven't used av since sometime in the early 2000's. But I dont try to argue with people about it. I have avast installed on my parents pc because they have to have something.

 

[B00nie]

I've been saying this for a long time. The proper approach is to use an OS that doesn't get targeted so much and practice safe operating methods even when using that.

Unfortunately we can't ditch Windows completely due to the rest of my family gaming. I gave up gaming completely recently. I just can't find fun in it. I like to work and earn money more.

 

[lironmiron]

At this point in time, I think it's pretty much impossible for anyone moderately tech savvy to get a virus... unless you're famous and specifically targeted by hackers. I keep the Windows defender on because it's unintrusive, but the only 2 viruses it has found in all these years have been innocent false positives; one of them coded by me. And I'm not even careful with where I go. I just make sure never to have Java installed.

 

[Seelenlos]

Just windows defender here. I stopped using anti virus on my personal systems years ago. I'll scan every now and then with malwarebytes if I get a suspicious site. So far so good.

Work systems on the other hand? People are stupid. Tell them not to click something and the will click it. I've had people tell me they knew they shouldn't click something...and then did it anyways.

 

[USMCGrunt]

Not to mention, the industry itself has built a lot of av protection into their products over the last few years. My home router has killed a few popup sites on my phone and PC when going to some facebook links (The ridiculous ad filled slideshow type things), Windows has protection built-in that has heuristics capabilities, and processors/UEFI have protection functions built-in as well.

 

[Willypants]

I honestly believe that most antivirus out there are actually a virus themselves. Seriously, look at all the stuff that installs with avg, its ridiculous.

 

[niconx]

Haven't used antivirus in I don't even know how many years.

 

[viscountalpha]

Eset has done a wonderful job with their AV package and hasn't given me any grief. I haven't had any positives in awhile so I could believe you can get away with out running AV. But the really nasty stuff out there, no AV is going to save you.

But, At that point they aren't really viruses since they don't replicate.

 

[Cannyone757]

Eset has done a wonderful job with their AV package and hasn't given me any grief. I haven't had any positives in awhile so I could believe you can get away with out running AV. But the really nasty stuff out there, no AV is going to save you.

But, At that point they aren't really viruses since they don't replicate.

Several years ago I had a friend of the family install ESET... And they had a virus get past it. But the worst part was that they wouldn't do anything to help her. Which I thought was Very UNCOOL!

But personally I'm more concerned with Malware. And even then its not a major issue because I don't surf the way I did in the past. And I don't use P2P the same way I did before either. (Let's face it! That used to be a major path for the spread of virii...)

 

[dgz]

Making people pay you to steal their data isn't "useless" in my book.

 

[steakman1971]

I have non-techy savvy wife + kids, so I do use AV. Ive used Norton AV for the last few years. It's done the job.

 

[Nytegard]

My AV has reported and blocked me from going to websites before, and I'm not talking disreputable ones either. Plus, I have the security suite blocking most of Windows 10 phone home calls. It might not be perfect, but it does less harm than not having it imho.

 

[ChadD]

Anti viruses are almost always a complete waste of time. They make people feel good though I guess. IMO AV is one of the largest scam industries going.

Still I install products for clients cause hey it makes them feel better... and if they do anything stupid I'm to blame of course.

As I see it, its like this. If you don't sleep with unclean women and stay true to your lovely safe wife you love, you will stay nice and clean. On the flip side if you are going to go slumming and take everything home from the bar every night and make hooker runs a few times a week, no amount of rubbers are going to keep you safe. The rubber company is going to love you though and they will make a good living helping you feel safe about your choices.

 

[evilsofa]

As I see it, its like this. If you don't sleep with unclean women and stay true to your lovely safe wife you love, you will stay nice and clean. On the flip side if you are going to go slumming and take everything home from the bar every night and make hooker runs a few times a week, no amount of rubbers are going to keep you safe. The rubber company is going to love you though and they will make a good living helping you feel safe about your choices.

I have bad news for you then. The entire Internet is a brothel of the worst sort. You should log off immediately and never come back.

 

[viscountalpha]

Several years ago I had a friend of the family install ESET... And they had a virus get past it. But the worst part was that they wouldn't do anything to help her. Which I thought was Very UNCOOL!

But personally I'm more concerned with Malware. And even then its not a major issue because I don't surf the way I did in the past. And I don't use P2P the same way I did before either. (Let's face it! That used to be a major path for the spread of virii...)

A couple of years ago? I'd need specifics to judge one way or another.

 

[Skripka]

Anti viruses are almost always a complete waste of time. They make people feel good though I guess. IMO AV is one of the largest scam industries going.

Still I install products for clients cause hey it makes them feel better... and if they do anything stupid I'm to blame of course.

As I see it, its like this. If you don't sleep with unclean women and stay true to your lovely safe wife you love, you will stay nice and clean. On the flip side if you are going to go slumming and take everything home from the bar every night and make hooker runs a few times a week, no amount of rubbers are going to keep you safe. The rubber company is going to love you though and they will make a good living helping you feel safe about your choices.

Infected ads get loaded onto ad-servers all the time. Then you can be minding your business here on [H] and get infected. It can happen.


No you are not a unique snowflake.

 

[sirmonkey1985]

Personally I just use Windows Defender in WIN10 with No Script and another add on or two.

Most freeware AV seems more like bloat than it is worth to me.

I've paid for Defender with WIN10 and it seems to be pretty up to date and working well.

AV's in general are over bloated pieces of crap. just look at norton from the day it released til now, it's friggin insane, i'd rather have a virus then use that crap.

 

[ChadD]

Infected ads get loaded onto ad-servers all the time. Then you can be minding your business here on [H] and get infected. It can happen.


No you are not a unique snowflake.

There are ways to protect against and known ways of doing that. If its not known the av software isn't going to do anything for you anyway. I guess it also helps to not be running windows. lol

 

[Skripka]

There are ways to protect against and known ways of doing that. If its not known the av software isn't going to do anything for you anyway. I guess it also helps to not be running windows. lol

I can ruin your day on a Linux machine without even the need for root. In fact just about all the stuff you care about on your linux box I can ruin with only your regular user perms (because all your user photos and docs have your user attached to them with R/W).

 

[TonyZ]

I just use free ver of Avast and it seems like its pretty lightweight, its caught a few things from just browsing, but I dont go downloading sketchy shit either.

 

[d8lock]

I leave defender on in 10. I also have a lifetime subscription to malwarebytes that I leave on a few of my computers. The only time a computer with a traditional virus has come across my desk has been someone trying to install a crack for a program or game and screwing it up.

 

[Nytegard]

Infected ads get loaded onto ad-servers all the time. Then you can be minding your business here on [H] and get infected. It can happen.


No you are not a unique snowflake.

I believe it has happened before on [H].

 

[ChadD]

I can ruin your day on a Linux machine without even the need for root. In fact just about all the stuff you care about on your linux box I can ruin with only your regular user perms (because all your user photos and docs have your user attached to them with R/W).

So what would an anti virus do really, make me feel good right?

 

[ol1bit]

No anti-virus here for over 10 year. I just switch from IE to Chrome and haven't looked back.

 

[TrailRunner]

Google engineer prefers whitelisting... how's that Android store and the malware discovered once a month on it working out?

 

[Deleted member 126051]

I always keep AV on my machines.
I deal with copious amounts of customer data and files of totally uncertain genesis.
(And no less than a dozen of our customers (that we know of) have come down with CryptoLocker in the last 12 months.)

I don't expect it to be 100% comprehensive protection from everything. AV and anti-malware are REACTIVE security tools. So they're always playing catch up.
But they're better than going bare-assed into a known hostile (or worse, UNKNOWN hostile) environment.


"Canary in a coal mine."

If you're a coal miner, you're damn glad to have that fuckin' canary!

This shows that the stupid twit doesn't understand the purpose of the canary.

Because it's metabolism is so much lower-volume and faster, it provides sufficient warning to GTFO before the carbon monoxide or other harmful gasses (but primarily carbon monoxide) have a chance to kill you too.

If you get out in time, carbon monoxide isn't going to do you any lasting damage.

 

[BulletDust]

Windows defender only as I find antivirus solutions cause more issues than they solve.

I often wondered, what if it's the antivirus companies themselves making all the viruses in order to sell antivirus software?

 

[Jagger100]

Anti-Virus raises the bar and ended the low hanging fruit attacks. Is it useless or has it been too successful where it works and malware has moved to other areas?