- Oct 23, 2012
- 12,527
There still are many people out there who think that antivirus solutions are must haves for any computer user, but Google senior security engineer Darren Bilby is certainly not one of them.
Speaking at Kiwicon hacking conference, Bilby, who is Manager of the Platform Integrity team as part of the Enterprise Infrastructure Protection Group, said it loud and clear: antivirus apps are simply ineffective and the security world should concentrate its efforts on things that can make a difference.
“Please no more magic,” he was quoted as saying by The Reg. “We need to stop investing in those things we have shown do not work,” he continued, adding that antivirus solutions are nothing more than ineffective magic that most admins install just because they have to, not because they’re efficient.
“Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'.”
Speaking at Kiwicon hacking conference, Bilby, who is Manager of the Platform Integrity team as part of the Enterprise Infrastructure Protection Group, said it loud and clear: antivirus apps are simply ineffective and the security world should concentrate its efforts on things that can make a difference.
“Please no more magic,” he was quoted as saying by The Reg. “We need to stop investing in those things we have shown do not work,” he continued, adding that antivirus solutions are nothing more than ineffective magic that most admins install just because they have to, not because they’re efficient.
“Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'.”
Focusing on this that matter
The Google engineer eventually calls for security experts and hackers to concentrate on things that are more important, such as intrusion detection systems that can make a difference and protect users even if they access malicious websites or open compromised documents.
“And sure you are going to have to spend some time on things like intrusion detection systems because that's what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.”
Bilby also explains that most companies blame users for getting their PCs compromised because they click on links and files that are infected, but in reality, the security of these systems is not good enough to protect them, and this is where security engineers should focus in the future.
While opinions on the efficiency of antivirus solutions are still mixed, these statements come only a few days after Russian-based security company Kaspersky started a war against Microsoft for trying to convince users to give up on third-party security software and switch to its own Windows Defender.
Kaspersky has already received the support of other security vendors, who also believe that Microsoft is playing dirty in Windows 10 with Windows Defender, calling for European authorities to look into this practice and decide if it affects competition or not.