Why the best antivirus is you – Part 1: Debunking some mistruths about antivirus software
I have a deep dark secret to share with all of you.[quote_box_center]Buying antivirus software is a waste of money.[/quote_box_center]
Last year security software firms earned 16 billion dollars while telling you how you’re unprotected and setting yourself up to be violated by computer hackers. I want to debunk that – not the 16 billion dollars but the violating. Please join me over this three-part series while I show you why antivirus software is unreliable, some good tips for learning how to be safe, and what to do if you do get a virus. At the end of the day, you’ll realize that antivirus software just fools you into thinking you’re protected and why it’s ultimately up to you to be safe.
Definitions and the unknown.
Antivirus software relies on definitions to make them effective. These definitions tell your antivirus product what a threat is and how to remove it. The inherent problem is that minutes after you install updated ones, a new virus is launched into the wild. A few years ago the CEO from Trend Micro, one of the major antivirus firms, had this to say:
[quote_box_center]According to Chen, the security industry has over-hyped how effective its products are — and so has been misleading customers — for years.
Chen believes that no single company can offer adequate protection against the sheer volume of new viruses that are being churned out by cybercriminals.[/quote_box_center]
An outdated definitions example.
Over the past few years the internet has been inundated more and more with websites designed to make you think that your machine is infected. The goal of these programs is to trick you into installing them, hijack your machine, and then force you to pay to get rid of it.
To test the theory that antivirus software doesn’t find new viruses, I did an experiment while back and allowed this website pictured above to download its software to my machine. I then uploaded this file to a website called virus total that scans the file across 42 antivirus vendors with updated definitions to see how the antivirus vendor would’ve identified it. Here’s the link to my saved version of the results:
Out of the 42 vendors only 6 identified it as a threat. That’s only 14%! In theory the other 36 antivirus programs probably would’ve let you install the virus and your machine would be infected. This number proves that definitions are only as good as the latest update – and maybe not even then.
PC? Apple? Neither one of you are exempt.
People are afraid of the unknown. If you’re not sure how viruses, firewalls, and web browsers work then it’s easy for you to worry. PC’s take the blame for the majority of viruses today but Apple users aren’t out of the cross hairs either. In fact, Apple users suffer from operating system exploits and are even susceptible to the fake antivirus software like PC users. The point I’m making, of course, is that viruses are out there for everyone.
Stop being so scared.
Antivirus firms have been praying on your fears for years. A good example of this scare tactic was the great “Conficker” worm from a year and a half ago. Does this name ring a bell? This virus was supposed to lay dormant on people’s machines until April 1st 2009, reawaken and cause all of this havoc; like a computer Armageddon. To further the spread of the fear factor, this 60 Minutes piece about the worm from a year and a half ago was released:
This is a great marketing piece about security software, why terrorists want to gain control of your computer and why you should be afraid. What it lacks are solutions. Your only choice it seems is to buy antivirus software and that’s my main problem with it. The Conficker worm was an easily solvable problem. All you needed to do was run a patch from Microsoft. To add more fuel to this scare tactic, this clip aired in March of 2009 and the patch to prevent the worm was released 6 months earlier. You probably had the patch already installed but you never would have known it because this piece never mentioned its existence.
I found a great site which give speed testing benchmarks that demonstrate how much slower a PC was with antivirus software installed. The latest results from an August test done by http://www.av-comparatives.org show that the best antivirus product, in terms of speed, was Symantec with a score of 188.3 out of 200. In this case Symantec will slow your machine down by as much as 7%. Since they were #1, that is the best you can hope for. You’d be amazed at how noticeable 7% would be and the numbers only get worse from there.
I’ve shown that antivirus products don’t catch everything. I’ve given you an example of the fear behind antivirus vendors advertising and I’ve shown you that antivirus software actually slows your computer down. Rather than teach awareness, these companies suggest that you just install their software and get back to business. I don’t agree.
Viruses are a real threat. What should you be doing instead? Come back later for part 2 where I’ll tell you. Part 2 is out! Read it here!
Thanks to Flickr for the for the image.