Value of Traditional Antivirus Software Questioned
It has taken us some time to learn that no PC, and now no smartphone and tablet, is complete without reasonable anti-malware equipment.
But now it seems there is reason to believe that the average antivirus and security software package may not be capable of doing what it is supposed to do and new solutions are necessary to promise better protection from emerging threats.
An article published by the New York Times suggests that the "antivirus industry has a dirty little secret", namely that "its products are often not very good at stopping viruses." That blanket statement could, of course be debatable, especially when we are referring to "viruses". However, there is little doubt that malware creators usually have the advantage in a cat and mouse game, in which the mouse has been evading the cat from the very beginning of viruses (which can be traced back to 1971 and the first computer virus - Creeper, deployed to Arpanet).
The NYT article discusses an ongoing trend of a change in the antivirus and malware industry, which intends to shorten the reaction time of virus detection and removal time frames. Specifically, software developed by startups focuses on examining known and unknown code behavior on a network and allowing only known behavior to pass certain gates. Even if malicious code makes its way into network and client territory, behavioral analysis may be able to react faster and initiate malicious code removal faster than current signature-based anti-malware solutions, which often require days, weeks or even months to come up with an effective removal solution.
Of course, one of the more prominent failures of the security software industry were Flame and Stuxnet, tow high-profile viruses for espionage and industrial equipment destruction purposes, which eluded detection for several years. There are even reports that espionage viruses similar to Flame are in operation that have yet to be detected. F-Secure's Mikko Hypponen wrote in an article for Wired that Flame was "a spectacular failure for [his] company, and for the antivirus industry in general."
The solution? The malware problem is getting more complex and the security software industry will have to provide a more "comprehensive" solution to address evolving threats.
Hell, even I made a decompression bomb with a self-extracting 7zip package packaged with 26tb of stuff (Compressed to 15kb) and just set it to -s so there was no main window. (I didn't send it out or anything, I'm just experimenting for personal fun)
Technically that isn't a virus but it's equally as devastating to system performance.
Back on topic, Antivirus software like Avast (which has live streaming of cloud updates) is pretty good as long as the team behind developing the protective detection method is fast at finding samples to detect against.
What i have yet to see in over a decade is an infected Linux machine of any kind, and those almost never have antivirus. (and no, willfully installing onto an Android phone a wallpaper app that requests the ability to send email, and then the starts sending spam is not a virus, that's user stupidity). Although I'm told it's theoretically possible and these viruses might maybe exist in the wild somewhere, LMFAO.
An anti-virus can be good, with a good team, it can catch new stuff quickly and prevent it from spreading too far, but there's no way to stop that initial wave of infected computers.
If I recall, NY times website had an advertisement that was infected with a drive-by-download malware months ago. And I've seen school websites that were hacked and injected with java exploits.
I guess if they don't work anyway, that's a very good reason to use the free versions.
you realize that the only reason that there are few linux viruses is because it's not worth a hacker's time to write on? it's much more profitable to infect say windows 7 or now any popular mac OS
What i have yet to see in over a decade is an infected Linux machine of any kind, and those almost never have antivirus. (and no, willfully installing onto an Android phone a wallpaper app that requests the ability to send email, and then the starts sending spam is not a virus, that's user stupidity). Although I'm told it's theoretically possible and these viruses might maybe exist in the wild somewhere, LMFAO.
Linux's market share: Too small for hackers to waste their time on.
Average Linux user: On avg more computer literate because it's easier for the general public to purchase a Windows/Mac computer than a Linux computer.
And there's been malware appliances that bypassed all of the security/privacy settings and did whatever they wish on your phone without letting you know.
His name is at the top of this article >_>
Not only that, but from what I've read, certain hackers are reluctant to target Unix/Unix-like systems for some reason, like it is an act of betrayal or something. So, you take the relatively small target, add it to these reluctant hackers, and you now have an extremely small group of people who would even consider going after Linux. Then, you have to wonder if any of these small groups have the skill needed to attack a Linux exploit.
+1 Agreed...
I have long thought of the typical good antivirus programs we use as filters that stop the most common infections; I don't think they should be seen as more than that. Real security requires real work, not just an addon program, but an in-house effort to keep the smart guys at bay.
Of course, one of the best anti-malware things you can do is only allow programs to run on your computer that YOU started. Unfortunately, many people can't be bothered with a couple of extra mouse clicks, and turn off things like Window's UAC. Doing that is like saying "Sure, come into my house and do whatever you like, it's all good by me! Take my TV screen, my fridge, anything you want!"
The worst program offenders though aren't anti-malware programs that let things in, it's browsers designed specifically to allow people to run programs on your computer without you even knowing. While they have been improved in protecting us to some degree, their very nature means that hackers/crackers have an invitation they shouldn't have.
Not us, just the Apple fan-people.
Linux doesn't have enough marketshare for hackers to care? So having practically every web server isn't enough for them to care? So the Akamai servers all running Linux that the microsoft.com Windows servers hide behind aren't a big enough target? So every single google.com, facebook.com and twitter.com server running Linux isn't a big enough target?
Since Linux powers virtually every internet facing server on the planet, rest assured that it's a plenty big enough target. If it were possible to hack it, people would already be doing so. An internet that works and is secure, courtesy of Linux. You're welcome, you ungrateful simpletons.