Security experts: antivirus products become increasingly useless

DoMiN8ToR 2016-07-14 12:38:35 UTC #1

We've just posted the following news: Security experts: antivirus products become increasingly useless[newsimage]http://www.myce.com/wp-content/images_posts/2016/07/norton-safe-web-95x75.jpeg[/newsimage]

An interview from CBC.ca learns us that many security experts agree that antivirus software isn't doing a good on protecting against today's threats. Cybercriminals increasingly focus on social engineering and phishing and no longer on circumventing antivirus software.

            Read the full article here: [http://www.myce.com/news/security-experts-antivirus-products-become-increasingly-useless-79931/](http://www.myce.com/news/security-experts-antivirus-products-become-increasingly-useless-79931/)

            Please note that the reactions from the complete site will be synched below.

coolcolors 2016-07-14 12:50:50 UTC #2

The professor himself hasnâ€™t used antivirus software for years as he feels they hardly have an advantage and have the disadvantage of slowing down the computer and introduce new vulnerabilities.
Very poor advice…I have MSE and see No slowdowns or problems.

Other security experts who were interviewed by CBC.ca state that virussoftware is becoming increasingly useless nowadays. Especially because cybercriminals now focus on the weakest link in computer security, the user.
Poorly paid experts is what I see. If the user uses only the limited account any infections is limited to their accounts and a wipe clean of the user account removes the threat. Maybe that is what the so called security experts should be telling user “STOP using your Admin” account that is what the malware/virus wants you to use so they do the most damages.

They estimate antivirus products now protect against less than 10% of threats due to the new methods used by cybercriminals.
Need to get out more???

The experts also warn against having a false sense of security if you have an antivirus installed.
False security believing security experts that can’t do their job properly is also a problem in itself.

The biggest threat to worry about nowadays is ransomware, according to the experts. Malware that encrypts files on the computer and demands a ransom to decrypt them.
Not if you use the limited accounts where any install requires Admin password to install - that in itself will stop any malware install or ransomware in stall.

So all in all those are not what I call “security experts” I call them bungling of fools that like to think they are so called security experts.

DrageMester 2016-07-14 13:22:42 UTC #3

[QUOTE=coolcolors;2777812]Very poor advice…I have MSE and see No slowdowns or problems.[/QUOTE] With MSE or Windows Defender enabled you would see slowdowns when copying large amounts of small files such as e.g. running a backup. For that reason I have entered exceptions for my backup programs in Windows Defender and I used to do the same in MSE and Norton AntiVirus.

Xercus 2016-07-14 13:22:55 UTC #4

There really is no professor needed here… This is a general problem which has gone from bad to worse during the late 2000s and so far in the 2010s
They did fine during the late 90s and early 00s, but then we got rootkits that the Anti-virus could not detect and so we got rootkit scanners. Then we got malware which the Anti-virus scanners could not care less about and so we got Anti.malware scanners installed. Today we got anti-ransomware and subsequently mitigations installed to minimize impact from these kinds of threats.

Xercus 2016-07-14 13:26:37 UTC #5

Which is the other side of the story, get things going with the least amount of troubles

coolcolors 2016-07-14 15:19:41 UTC #6

[QUOTE=DrageMester;2777814]With MSE or Windows Defender enabled you would see slowdowns when copying large amounts of small files such as e.g. running a backup. For that reason I have entered exceptions for my backup programs in Windows Defender and I used to do the same in MSE and Norton AntiVirus.[/QUOTE]
I’ve transfered large Anime gig files movies series from one HDD to another HDD and see no more slowdown then any general usage transfers of files. And this is with MSE with default settings.

Xercus 2016-07-14 15:24:23 UTC #7

[QUOTE=coolcolors;2777818]I’ve transfered large Anime gig files movies series from one HDD to another HDD and see no more slowdown then any general usage transfers of files. And this is with MSE with default settings.[/QUOTE]
On a general level, DrageMester is right, Any processing will slow down file transfer or backup. The level of processing done on a transfer depending on the filetype could make the slowdown neglible, but it will still be there.

coolcolors 2016-07-14 15:27:09 UTC #8

[QUOTE=Xercus;2777815]There really is no professor needed here… This is a general problem which has gone from bad to worse during the late 2000s and so far in the 2010s[/QUOTE]That’s a understatement.

[QUOTE=Xercus;2777815]They did fine during the late 90s and early 00s, but then we got rootkits that the Anti-virus could not detect and so we got rootkit scanners.[/QUOTE]This is also because users were Admin user that permitted RootKits to install silently. I think if it was limited account that the rootkit would’ve been found sooner-you can credit that to SONY…RootKit…

[QUOTE=Xercus;2777815]Then we got malware which the Anti-virus scanners could not care less about and so we got Anti.malware scanners installed. Today we got anti-ransomware and subsequently mitigations installed to minimize impact from these kinds of threats.[/QUOTE]AFAIK MSE/Defender is suppose to be a AV and malware scanner as well and also why is one going to black sites and using pirated software how else would you get infected or find infections and pass them on to others.

[QUOTE=Xercus;2777815]So to cut a longer story short, how many viruses have surfaced in 2016? Forget it, I stick to the one built into windows and a few registry settings…then I protect myself against real threats of the day [/QUOTE]Enough to fit the world 5x deep… lol…

Xercus 2016-07-14 15:42:21 UTC #9

[QUOTE=coolcolors;2777820]AFAIK MSE/Defender is suppose to be a AV and malware scanner as well and also why is one going to black sites and using pirated software how else would you get infected or find infections and pass them on to others.[/QUOTE]

That is why you use disposable VMs to go and enter the darker side of the web (anything for that matter, become remote to the world), use a 90 day trial and dispose of it after that period even if it has not been compromised for the darker side. Set up a new and off you go… Happy hunting the dark side, I guarantee you’ll pick up a few interesting candidates for research… Put up an e-mail and enter it on a few dubious sites for a steady supply of candidates to your malware library - Depending on how you handled your private one, it could function like that already for all I know

DrageMester 2016-07-14 16:02:15 UTC #10

[QUOTE=coolcolors;2777818]I’ve transfered large Anime gig files movies series from one HDD to another HDD and see no more slowdown then any general usage transfers of files. And this is with MSE with default settings.[/QUOTE] You would see the slowdown on transferring many small files, not on few large files, since the virus scanning overhead is relatively larger for small files.

When I say “many” I mean hundreds or thousands.

SuperDude501 2016-07-15 08:55:37 UTC #11

I have to agree with this article tho, specially if the network is handling Confidential Data. AV can be effective, specially if the user is responsible for downloading data sets or retrieving information off a website. I don’t agree with DrageMaster, theirs quite a few points I don’t agree with. More or less a well configured corporate firewall can take more of these issues than people give it credit for. Secondly, even with Limited User Accounts, there are still some exe’s and msi’s that users can still install. I ran into this issue last week, so no that is not a credible point. And third, if you understand what EXACTLY AV and a lot of malware detection software’s do, then it can be most definitely effective against virus’s and ransom-ware, but nothing will beat the strategy of a well informed user base. Regardless of AV if a user understands the difference between a phish scam and a regular email, that would save your company a lot of time and money, sometimes more than most corporate AV software.

TL; DR - Yes there are a few valid points made in the article, and majority of the arguments made in the comments are not valid IMO. A well-built image, along with a strong GPO, a enterprise grade firewall & a well informed user base will always be the better strategy as opposed to relying on Corporate AV software.

TSJnachos117 2016-07-26 15:56:49 UTC #12

When it comes to slowdowns, one thing worth considering is the choice of software. Anti-Malware program A won’t have the same performance impact as program B. So, while MS Security Essentials might not slow your computer too much, another program probably will.

Also, one should probably take the speed of the CPU into consideration. The number of required to do a job cycles could be multiplied ten-fold, thanks to anti-malware software, but if you have 16+ ridiculously-fast cores, you probably won’t notice any difference. IMHO, if you really want to get a sense of performance, you should test on an Intel Atom processor. The speed of any one product will immediately become apparent.[QUOTE=Xercus;2777815]There really is no professor needed here… This is a general problem which has gone from bad to worse during the late 2000s and so far in the 2010s
They did fine during the late 90s and early 00s, but then we got rootkits that the Anti-virus could not detect and so we got rootkit scanners. Then we got malware which the Anti-virus scanners could not care less about and so we got Anti.malware scanners installed. Today we got anti-ransomware and subsequently mitigations installed to minimize impact from these kinds of threats.

So to cut a longer story short, how many viruses have surfaced in 2016? Forget it, I stick to the one built into windows and a few registry settings…then I protect myself against real threats of the day [/QUOTE]Personally, I feel like software development in general has gone downhill during the 2000s. As of 2006, it felt to me like any commercial software was too bloated to run on my 2002 computer. Even something as simple as a CD burning program would completely hog my CPU (to this day, I still refuse to use Nero software). Now, I know my computer wasn’t [I]that[/I] slow, since IMGBurn and CDBurnerXP would only use 2-5 percent of my CPU.

This trend has only gotten worse. Now, you need many gigabytes of RAM just to get your system to boot in a reasonable amount of time. Running more than one or two apps on a machine with only 1 gig of RAM often requires either carefully choosing which app to use for the job (that is, figuring out which app has the least amount of code bloat), or mentally preparing yourself for seemingly-endless thrashing.

coolcolors 2016-07-26 16:53:30 UTC #13

[QUOTE=SuperDude501;2777866]Secondly, even with Limited User Accounts, there are still some exe’s and msi’s that users can still install. I ran into this issue last week, so no that is not a credible point.[/QUOTE]So what was the name of the software if this happened?

[QUOTE=SuperDude501;2777866]And third, if you understand what EXACTLY AV and a lot of malware detection software’s do, then it can be most definitely effective against virus’s and ransom-ware, but nothing will beat the strategy of a well informed user base.[/QUOTE]
That what is missing here they click on emails and links without thinking did I ask for this or what? Also never click on “You won a Million dollar” link that is never a smart move.

[QUOTE=SuperDude501;2777866]Regardless of AV if a user understands the difference between a phish scam and a regular email, that would save your company a lot of time and money, sometimes more than most corporate AV software.[/QUOTE]
This is why you don’t use your personal email at work to register for “Free” stuff online it most likely will get scooped up by phishing bots and then that spam and malware will follow.