Ask Slashdot: How Dead Is Antivirus, Exactly? 331
Safensoft writes: Symantec recently made a loud statement that antivirus is dead and that they don't really consider it to be a source of profit. Some companies said the same afterwards; some other suggested that Symantec just wants a bit of free media attention. The press is full of data on antivirus efficiency being quite low. A notable example would be the Zeus banking Trojan, and how only 40% of its versions can be stopped by antivirus software. The arms race between malware authors and security companies is unlikely to stop.
On the other hand, experts' opinions of antivirus software have been low for a while, so it's hardly surprising. It's not a panacea. The only question that remains is: how exactly should antivirus operate in modern security solutions? Should it be one of the key parts of a protection solution, or it should be reduced to only stopping the easiest and most well-known threats?
Threats aren't the only issue — there are also performance concerns. Processors get better, and interaction with hard drives becomes faster, but at the same time antivirus solutions require more and more of that power. Real-time file scanning, constant updates and regular checks on the whole system only mean one thing – as long as antivirus is thorough, productivity while using a computer goes down severely. This situation is not going to change, ever, so we have to deal with it. But how, exactly? Is a massive migration of everything, from workstations to automatic control systems in industry, even possible? Is using whitelisting protection on Windows-based machines is the answer? Or we should all just sit and hope for Microsoft to give us a new Windows with good integrated protection? Are there any other ways to deal with it?
On the other hand, experts' opinions of antivirus software have been low for a while, so it's hardly surprising. It's not a panacea. The only question that remains is: how exactly should antivirus operate in modern security solutions? Should it be one of the key parts of a protection solution, or it should be reduced to only stopping the easiest and most well-known threats?
Threats aren't the only issue — there are also performance concerns. Processors get better, and interaction with hard drives becomes faster, but at the same time antivirus solutions require more and more of that power. Real-time file scanning, constant updates and regular checks on the whole system only mean one thing – as long as antivirus is thorough, productivity while using a computer goes down severely. This situation is not going to change, ever, so we have to deal with it. But how, exactly? Is a massive migration of everything, from workstations to automatic control systems in industry, even possible? Is using whitelisting protection on Windows-based machines is the answer? Or we should all just sit and hope for Microsoft to give us a new Windows with good integrated protection? Are there any other ways to deal with it?
Pining for the fjords (Score:5, Funny)
Its not dead, its just resting.
Re:Incentive Bug Finding (Score:4, Funny)
But as most people just use the tools they're given and can't control how secure those tools are, in practice that would mean punishing computer programmers.
If you want the usage of C and C++ to be considered equivalent to suicide then this would be a great policy to bring about such a world.
Re:Incentive Bug Finding (Score:5, Funny)
Yes, that means punishing the victim.
That's what Symantec and McAffee are for.
Re:Never mind the quantity, feel the quality (Score:4, Funny)
That's why they , hold various campaigns, negotiate with relevant parties in domestic disputes and so on.
LOL I missed that in my first reply. You've really been sold a bill of goods, and bought into some specious marketing claims
patrol the streets
Very little of police resources are used for this type of activity, but when it is, it is more properly termed "looking for someone to arrest for something."
hold various campaigns
...In an attempt to "improve their image". You've obviously bought into this marketing, but many people have not [sky.com].
negotiate with relevant parties in domestic disputes
There are now federal rules (Violence Against Women Act) that generally requires an arrest to be made when a domestic call is made. The "negotiation" you're so fond of the police conducting is basically an exercise of "deciding who to arrest" and "collecting evidence on the perp". The only "prevention" aspect of this is that someone gets locked up, and prevented from beating up their domestic partner again for a day or two.