- Jan 8, 2011
- 22,361
If you pay for an Antivirus / Anti-malware product, who's at fault when your PC or Mac becomes infected with malware, adware or ransomware?
Please provide comments and solutions that are helpful to the author of this topic.
HA! Love this @TairikuOkami ! Best way to put it to anyone. As others have said and now from me as well..If you buy a mosquito spray and get bitten, who is at fault? Obviously, you did not pay enough for protection. AV, no matter how complex, provides a basic service and that is it.
If you want a complete protection, you have to pay a security company, which guarantees your safety by providing the protection, backup and recovery, in case of an infection.
I totally agree... from a legal standpoint this is absolutely correct, and probably the best answer. But if you simply want to figure out why the infection actually occurred, then you have to look beyond the legal standpoint.User assumes all risks unless specified in writing in the EULA. All you need for understanding is to read the MalwareTips user rules to get an idea.
Only answer is to read the firm's terms.
Under very rare and special cases you might be able to prove that the company has been selling products unfit for their purpose - for example a very old vulnerability has been neglected and has been used to infect you, or they didn't maintain the needed hygienic design. An example of "unfit for purpose" is Norton's engine which has been rumored to emulate threats in Kernel Mode prior to the SDS switch and also to use old, vulnerable un-archiving plug-in. There are articles on that if one is interested. Other than that, there are no legal processes one can instantiate and this one by itself is almost doomed.In legal terms you are responsible unless you can prove the company sold the solution to you as 100% protection.
Under very rare and special cases you might be able to prove that the company has been selling products unfit for their purpose - for example a very old vulnerability has been neglected and has been used to infect you, or they didn't maintain the needed hygienic design. An example of "unfit for purpose" is Norton's engine which has been rumored to emulate threats in Kernel Mode prior to the SDS switch and also to use old, vulnerable un-archiving plug-in. There are articles on that if one is interested. Other than that, there are no legal processes one can instantiate and this one by itself is almost doomed.
So to summarise: AV is at fault only in the case when the overall product, a threat or situation has been neglected, this led to infection and can also be proven. In that case users are protected by local authorities and trade standards, just like with any other goods.
You'll have to be severely compromised and will have to present a proof not only of the AV company's neglect, but also of the facts how this affected you (financial loss, depression, distress and others)...The nightmare of proving it in court, considering most judges are absolutely ignorant of how technology works...
You'll have to be severely compromised and will have to present a proof not only of the AV company's neglect, but also of the facts how this affected you (financial loss, depression, distress and others)...
I believe we all have better things to do in life than that
This just reminded me of how Escobar (the infamous Escobar phone scammer and dealer) allegedly was looking to sue Apple because FaceTime bug revealed his location and this costed him 2 BN in reallocating to another house...
A few people mentioned that we cannot expect security software to be perfect, and that basically allow-by-default is designed to fail. This is absolutely true, and everyone working in cybersecurity and on security forums understand this. I like mosquito analogy by @TairikuOkami, I usually would would say "well, you get a flu shot but that does not mean you are not going to catch the flu".
But ask anyone who has worked directly with a massive arrary of end users (especially for 21 years ) how many times they have heard the question (verbatim) "I have antivirus software, how did I get a virus?". I wonder how average and novice users would respond to this question.