Antivirus Software Isn't Very Secure, Researchers Find

[TheIrishman]

Antivirus Software Isn't Very Secure, Researchers Find

http://www.tomsguide.com/us/antivirus-software-insecure,news-19227.html

<< Antivirus software is often just as insecure as the software it's meant to protect — and running it might make you even more insecure, according to a researcher with Singapore-based security firm Coseinc. >>

P.S.: nothing new here, but the number of morons who trust these pieces of crap is astounding. Flame on!

[bluefirecorp]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

[TheIrishman]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

Wow! Thanks for enlightening me! What a perfect metaphor! You're the man!

[bluefirecorp]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

Wow! Thanks for enlightening me! What a perfect metaphor! You're the man!

I'm pretty awesome, aren't I?

But seriously, people don't start uninstalling your anti-virus software. Doing so would be rather silly and killing one of your last layers of security.

[chogath]

Antivirus software's are effective when you also stay aware of your data usage, some may slow down your system usage, some may kill important activities which you need. So better take the one with high market reputation.

[zetaray]

Antivirus is 100% fool proof. We all know that. Viruses and malware evolve everyday, it is unreasonable to assume it can detect every new string of virus. The best security is yourself: Don't click and open every link you see.

[strijelac2311]

Antivirus Software Isn't Very Secure this is true , you have proffesional  virus  and anti virus , but antivirus cannot find a strong virus this is true , but the most of them are home made so they are low and your antivirus can find them  but you also have and strong and great made  virus ! If you ask me the best are Nod 32 7/8 and Avast !

[lihuajkl]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

None sense! The company hired wrong security guard or applied outdated antivirus software. It's their own fault.

[bluefirecorp]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

None sense! The company hired wrong security guard or applied outdated antivirus software. It's their own fault.

Anyone can be converted. Rather it be blackmail, extortion, family being held ransom, a huge bribe, people can be swayed.

As I said, security works in layers. Doesn't matter if you have the absolute best AV in the world if your user just disables it because it "popped up and was being annoying".

[DrG]

AV software is just another hurdle for viruses.  If you really want to get an infection on your machines just sit a 15 year old teenager in front of it and they will defeat it. The multiple layers noted above work as long as they keep moving (like cars in the frogger game).

[Brewins]

That is what people in the info security said.

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

[medUSA]

These researchers are stating the obvious. However, it is a message they should be repeating over and over again to warn complacent users that they are at risk. They made a good point though, vulnerability comes from the common things most people install thinking they are safe:

"With Java, or Adobe Reader, or Flash, you have good targets — if you find a vulnerability, you know that millions of PCs are affected," Marx said. "There are a lot more antivirus products on the market, so you won't easily reach a high infection rate if you exploit a security vulnerability there."

[DrG]

That is what people in the info security said.

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

Humans are constantly striving to become better idiots.  Unfortunately the safety net of antivirus software doesn't help these improved idiots, it enables them to do more stupid stuff. Stupidity should be more painful than it currently is.

[TheIrishman]

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

That's precisely the point. The whole multibillion "antivirus" industry grew using scaremongering tactics while offering users the illusion that they'd be protected if they installed their crappy programs (which 99.999999% of the time won't stop the viruses that will effectively cause harm, mostly the so-called zero-day viruses). The main effect of that was to help turn generations of computer users into lazy idiots with no clue as to how things work in their computer systems. There is no way around that - either users learn the basics of how their operating systems work and learn about good basic security practices, or they are going to get infected by some type of malware sooner or later. There are no multiple "layers of protection", it all comes down to one single "layer" in the end: the user's awareness of what he is doing. The best "antivirus" ever will always be a little something called common sense.

[crystalsum]

Welll surely having an AV is better than not having one ?

[catena5260]

Anything would be unsecure if an idiot is using it. Antivirus did really help a lot, but you have to remain vigilant. You should know how to keep your computers safe. No system is 100 percent secure even the software use by the government.

[vit1988]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

nah. not because they are corrupted but because they are blind. do you really need that blind security guard at your front door who is molesting your friends and only keeping the really obvious stupid thieves out when on the other hand you have a dozen backdoors and windows open?

[rohnearner]

I'm not good with explaining things but I'll prefer to have an AV protection rather not having it.
 I don't listen to those studies most of the times tonight they will say this works and next day they'll say that sucks :p  few times they are simply not worth it and few times these studies are misinterpreted by readers that looks like the case here.
 Its true that you can't totally rely on AV for you security online and you have to be careful while choosing one , but clearly having one helps.

[b!z]

AV is snakeoil.

[bluefirecorp]

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

nah. not because they are corrupted but because they are blind. do you really need that blind security guard at your front door who is molesting your friends and only keeping the really obvious stupid thieves out when on the other hand you have a dozen backdoors and windows open?

This blind guy kinda helps:

But seriously, are you really that naive? That's like saying a firewall is insecure because technically once you get access to it, you can see ALL the rules on it to find all the weak points of access on the network.

Sure, it's possible that some of the AV software has escalation vulnerability, but really, in today's world, so fucking what? Cryptolocker doesn't give a shit rather you're root or not. The only AV's security vulnerability that'd actually scare me is enterprise AV with it's ability to deploy to multiple workstations in a domain network.