News of Microsoft’s anti-virus product failing to receive a certification for effectiveness has been circulating on the Internet. The outfit running the tests is AV-TEST and they consider themselves the “Independent IT-Security Institute”. In previous certification tests, Microsoft’s anti-malware application scored high enough to be certified, but starting in September, the tool started failing the tests. On January 16th, Microsoft responded in a blog that vaguely attacked AV-TEST for poor testing methodology. Of course, AV-TEST responded to that. This is what seems like a tipping point, as many have started to seriously question the effectiveness of locally installed Virus Scanning applications. This idea of depending on virus scanning applications has been on my mind, and I wanted to flesh it out.
Earlier this month, I read an article on the ESET Threat Blog with great interest. This blog is generally pro-anti-virus, so I usually take the ideas with a healthy dose of skepticism.
The Anti-Virus (AV) industry (as a whole) appears to position itself on the “extra layers” of protection that you commonly see as link scanners, mail scanning, web reputation services, and firewalls. The industry (as far as I’m concerned) is broken and outmoded. They won’t admit it, of course. And, why would they? The mediocre effectiveness of this software is only part of the problem. User’s who also rely too much on the patina of this software, are another issue. I’ve felt, for many years, that AV software makers use the same tactics viruses themselves use to get on your computer – to get you to pay up for purchases or subscriptions.
I’ve recommended for some time, that users take a reasonable and rational approach to malicious software. Here are a few of them:
1. Use software that is known to be more secure. Consider this when starting or planning a project. Using the Chrome browser over that of Internet Explorer, for example. Google’s mail system over unfiltered POP3 on Outlook.
2. Whenever reasonable, encrypt what you can. Become familiar with how to encrypt anything from a single message, file, or your entire system.
3. Be as diligent as possible about leaving devices unattended. In your car? Put it in the trunk. Going to use a washroom at the coffee shop? Pack it up and take it with you.
4. Protect your mobile devices by password. Use geolocation, if available. Only have the data you need on the device, not everything.
5. Firewalls are usually not needed on machines because what’s included in the operating system works well. Be wary of large anti-virus packages that have firewalls. Do not use software just because “it was included with the machine”. Often this is trial-ware.
6. Use an anti-virus application that is low-cost or free and has a low footprint and is easy to maintain and use. Currently, Microsoft’s Security Essentials meets all of these requirements well.
We’re all part of a changing tide for malicious software and AV software makers alike. For many years, the PC has supported a plethora of different viruses with somewhat easy access and powerful hardware. Now, the market is changing to a handheld device-centric environment. Viruses will no doubt change with trends as we see more compromises to application stores and mobile operating systems. The clear perception among many too, is that AV software is either not required, basically effective or not useful at all. I recently posed that very question on Quora, and I welcome you to add your own thoughts.