Speaking in a personal capacity here: My problem with third-party AV is that, to satisfy some marketing checkbox, they are always mucking around with the behaviour of other legitimate programs.
-
Show this thread
-
But AV has no control over the development of the programs that they’re messing with. What works in the current build might not work with the previous or next build.
1 reply 0 retweets 11 likesShow this thread -
There are two issues with that: The first is that every time something changes in that other program, there will be a lag time until the AV can update itself.
1 reply 0 retweets 7 likesShow this thread -
Secondly, time and time again these AV vendors have demonstrated that they don’t even bother testing with betas of the programs that they interfere with! Not only are their actions not future-proof, they can’t even be bothered to minimize their effects!
1 reply 4 retweets 21 likesShow this thread -
You would think that working in the open as a prominent open source project might help Firefox avoid some of this, in comparison to closed-source software, but it does not.
1 reply 0 retweets 9 likesShow this thread -
I have dealt with AV that consumers have never heard of because they are enterprisey. These vendors are so ingrained in that universe that they are often flabbergasted to learn that Mozilla openly provides betas without needing to sign an NDA! But I digress.
1 reply 1 retweet 15 likesShow this thread -
You might ask, what if the AV vendor assigned a developer to monitor our code for changes that affect them? No AV vendor is going to spend money to do that.
1 reply 0 retweets 9 likesShow this thread -
AV vendors also have a bad habit of looking at everybody’s code like it’s all nails for their hammers. Sometimes they’re hooking the shit out of our binaries to do stuff that could easily be accomplished with an add on.
1 reply 0 retweets 11 likesShow this thread -
There were several books in the 90s that were basically instruction manuals for how to do bad stuff to other processes. They all had disclaimers that said, to paraphrase, this is a cool technique for spelunking around the system, but it is not robust enough for production code.
1 reply 0 retweets 13 likesShow this thread -
It seems to me like most third-party AVs read those books but ignored all the disclaimers.
STOP
TAMPERING
WITH
PROCESSES
THAT
AREN’T
YOURS!
And that concludes today’s lesson of future-proofing 101.1 reply 6 retweets 39 likesShow this thread
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
