Monday, June 30, 2008

Is Security Software a Scam

While researching reports of the various vulnerabilities facing computer users, and the monetary incentive of criminal hackers to keep malware on your machine, I came to the realization that we are wasting our money with the current crop of anti-virus software products. One security expert, Greg Hoglund of HBgary called anti-virus programs snake oil because of their expense and inability to detect and remove the modern forms of malware.

Indeed many programs are totally ineffectual in finding the worst threats out there, especially those containing root-kits. Malware payloads are frequently written by several different teams of highly paid, professional software developers. This new form of business, often originates in the eastern European Countries were development and sales of these products is totally legal. Furthermore these "companies" often net profits in the hundreds of millions of dollars so the incentive to keep your machines and networks vulnerable is very high. Although the home user is at risk and is frequently assisting the malware purveyors unknowingly the ultimate target of many of these enterprises is big business. The theft of intellectual property and proprietary information is the real target. The losses from these attacks are staggering, and are measured in the tens of billions of dollars every year.

So what can the home computer user do if antivirus software is ineffectual and the threats are so serious? Several basic fundamentals are necessary these days for safe computing, regardless of whether you are running Windows XP or Vista, Mac or PC. The first and foremost is never operate online as administrator, this is far more important than running antivirus software. This is much easier to do when using a Mac or running Vista, it can be done with XP although it's much more of a hassle. The second thing is to make sure your operating system is up to date, both Windows and Macs have built in software updating built into their operating systems. Safe online behavior is a must, never clicking links or opening attachments in email or downloading pirated music is absolutely necessary, and if you visit porn sites and are running as an administrator you're infected, no doubt about it.

So should you dump your antivirus? Only if you are extremely careful online, and with your computing habits in general? Even then, running an online scan from one of the many security vendors out there will make you feel a little more protected. In reality most people should run some form of antivirus to protect them from the less serious threats out there. All users should also keep an up-to-date, complete backup of all their important data and programs. If a computer gets infected these days it's virtually impossible to trust your computer again until you do a clean reformat, reinstall of your operating system, programs, and data.

1 comment:

Anonymous said...

Hey Mark,

Great article!

I agree entirely with your view on this issue. As you say, once infected the most appropriate action is a reformat and reinstall. It sure reaffirms that a recovery plan should be part of every computer users tool kit.

Bill Mullins