I tend to agree. As I said earlier though, when "average people" (and I know that's a flawed description in and of itself) come to me and ask: should I get an AV? After talking to some people who know more than me about this my conclusion is: probably, yes.
-
-
Replying to @lorenzofb @tiraniddo and
That conclusion is wrong, and dangerous. I think you're stuck on this idea that the problem with antivirus is antivirus exploits, and that is a serious problem, but the real problem is it just plain doesn't work. It is not safe to click on anything with AV, it is not even safer.
2 replies 2 retweets 13 likes -
Replying to @taviso @lorenzofb and
I think all reasonable people, even in the AV industry, will agree with "doesn't make it safe to click on anything". The "not even safer" is more contentious, and that is where the debate is.
3 replies 0 retweets 13 likes -
Replying to @taviso @lorenzofb
Yes, they would. They would even, if not always publicly, agree that AV isn't your biggest priority. Here's a funny thing: lots of AV vendor blogs are filled with advice for (home and corporate) users. A lot of this advice actually reduces the need for AV.
1 reply 0 retweets 5 likes -
It's funny: AV is doing a pretty good job reducing the threat on all those legacy networks where half the desktops still run XP. But rather than boasting about it, AV vendors keep telling people to patch their systems, upgrade OS's. That's also why I believe AV aren't bad people.
1 reply 0 retweets 5 likes -
Replying to @martijn_grooten @lorenzofb
Don't push it too far Martijn, a homeopath that tells you to exercise and eat right is still a homeopath
Installing antivirus on XP does not make it a secure system, if the antivirus ever makes a difference then you're in serious trouble.1 reply 0 retweets 11 likes -
Replying to @taviso @lorenzofb
I don't disagree with that statement. In theory, a company's CFO should never run in a situation where AV¹ makes a serious difference. In practice, a whole lot of of them do and I think AV still makes a decent difference. ¹endpoint protection and ignoring APT-style attacks.
2 replies 0 retweets 1 like -
Allow me: what _exactly_ does AV protect? And, follow on, at what collateral risk?
1 reply 0 retweets 1 like -
It protects the user from things like installing a "Flash Player update" because a website tells them to, when it's actually malware. At a risk that is quite small for this threat model.
1 reply 0 retweets 2 likes
How about, "With some very significant security tradeoffs, there is a non-zero chance that if your vendor has seen this exact file before, even though there is no reason that they would have had to, we could stop it. You are still in very significant danger".
-
-
The 1990s just called and want your "exact file" argument back... AV hasn't relied on exact matches for decades. Most AV engines include a significant machine learning component.
1 reply 0 retweets 1 like -
No, the antivirus industry is desperate to distance themselves from blacklisting. The reality is that I've reverse engineered more antivirus engines than you have, and think "blacklisting" is a very appropriate term. So 2018 called, and wants you to accept reality
2 replies 0 retweets 5 likes - 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.