Antivirus software is designed to detect, prevent, and remove malicious software, aka malware. The classification of malware includes viruses, worms, trojans, and scareware, as well as (depending on the scanner) some forms of potentially unwanted programs (such as adware and spyware).
At its core, antivirus software provides signature-based detection of malware (malicious software). A virus signature (aka pattern) is based on a unique segment of code within the malware, typically checksummed/hashed and distributed in the form of antivirus signature (aka pattern) updates.
Since its start in the late 1980s, antivirus software has evolved along with the threats that it protects against. As a result, today’s static signature (pattern-matching) detection is often bolstered with more dynamic behavioral-based and intrusion prevention technologies.
Antivirus software is often the subject of contentious debate. The most common themes are disagreement over free versus paid antivirus, the assumption that signature detection is ineffective, and the conspiracy theory that accuses antivirus vendors of writing the malware the scanners are designed to detect. Following is a brief discussion of each of these arguments.
Free Versus Fee
Antivirus software is sold or distributed in many forms, from standalone antivirus scanners to complete Internet security suites that bundle antivirus with a firewall, privacy controls, and other adjunct security protection. Some vendors, such as Microsoft, AVG, Avast, and AntiVir offer free antivirus software for home use (sometimes extending it for small home office – aka SOHO – use as well).
Periodically, debates will ensue as to whether free antivirus is as capable as paid antivirus. A long term analysis of AV-Test.org antivirus software testing suggests that paid products tend to demonstrate higher levels of prevention and removal than do free antivirus software. On the flip side, free antivirus software tends to be less feature-rich, thereby consuming fewer system resources which suggests it may run better on older computers or computers with limited system capacity.
Whether you opt for free or fee-based antivirus is a personal decision that should be based on your financial capabilities and the needs of your computer. What you should always avoid, however, are pop-ups and advertisements that promise a free antivirus scan. These ads are scareware - bogus products that make erroneous claims that your computer is infected in order to trick you into buying a fake antivirus scanner.
Signatures Can’t Keep Up
Despite its ability to effectively field the majority of malware, a significant percentage of malware can go undetected by traditional antivirus software. To counter this, a layered security approach provides the best coverage, particularly when the layered protection is provided by different vendors. If all security is provided by a single vendor, the attack surface area becomes much larger. As a result, any vulnerability in that vendor’s software – or a missed detection – can have far more adverse impact than would occur in a more diverse environment.
Regardless, while antivirus software is not a catch-all for every bit of malware out there and additional layers of security are needed, antivirus software should be at the core of any protection system you decide upon, as it will be the workhorse that deters the majority of threats with which you would otherwise have to contend.
Antivirus Vendors Write Viruses
The conspiracy theory that antivirus vendors write viruses is an old, silly, and completely unfounded notion. The accusation is akin to claiming that doctors create disease or that police rob banks in exchange for job security.
There are literally millions of malware, with upwards of tens of thousands of new threats discovered daily. If antivirus vendors wrote the malware, there would be far less of it as no one in the antivirus industry is a glutton for punishment. Criminals and attackers write and distribute malware. Antivirus vendor employees work long and arduous hours to ensure your computer is kept safe from the onslaught. End of story.
At its core, antivirus software provides signature-based detection of malware (malicious software). A virus signature (aka pattern) is based on a unique segment of code within the malware, typically checksummed/hashed and distributed in the form of antivirus signature (aka pattern) updates.
Since its start in the late 1980s, antivirus software has evolved along with the threats that it protects against. As a result, today’s static signature (pattern-matching) detection is often bolstered with more dynamic behavioral-based and intrusion prevention technologies.
Antivirus software is often the subject of contentious debate. The most common themes are disagreement over free versus paid antivirus, the assumption that signature detection is ineffective, and the conspiracy theory that accuses antivirus vendors of writing the malware the scanners are designed to detect. Following is a brief discussion of each of these arguments.
Free Versus Fee
Antivirus software is sold or distributed in many forms, from standalone antivirus scanners to complete Internet security suites that bundle antivirus with a firewall, privacy controls, and other adjunct security protection. Some vendors, such as Microsoft, AVG, Avast, and AntiVir offer free antivirus software for home use (sometimes extending it for small home office – aka SOHO – use as well).
Periodically, debates will ensue as to whether free antivirus is as capable as paid antivirus. A long term analysis of AV-Test.org antivirus software testing suggests that paid products tend to demonstrate higher levels of prevention and removal than do free antivirus software. On the flip side, free antivirus software tends to be less feature-rich, thereby consuming fewer system resources which suggests it may run better on older computers or computers with limited system capacity.
Whether you opt for free or fee-based antivirus is a personal decision that should be based on your financial capabilities and the needs of your computer. What you should always avoid, however, are pop-ups and advertisements that promise a free antivirus scan. These ads are scareware - bogus products that make erroneous claims that your computer is infected in order to trick you into buying a fake antivirus scanner.
Signatures Can’t Keep Up
Despite its ability to effectively field the majority of malware, a significant percentage of malware can go undetected by traditional antivirus software. To counter this, a layered security approach provides the best coverage, particularly when the layered protection is provided by different vendors. If all security is provided by a single vendor, the attack surface area becomes much larger. As a result, any vulnerability in that vendor’s software – or a missed detection – can have far more adverse impact than would occur in a more diverse environment.
Regardless, while antivirus software is not a catch-all for every bit of malware out there and additional layers of security are needed, antivirus software should be at the core of any protection system you decide upon, as it will be the workhorse that deters the majority of threats with which you would otherwise have to contend.
Antivirus Vendors Write Viruses
The conspiracy theory that antivirus vendors write viruses is an old, silly, and completely unfounded notion. The accusation is akin to claiming that doctors create disease or that police rob banks in exchange for job security.
There are literally millions of malware, with upwards of tens of thousands of new threats discovered daily. If antivirus vendors wrote the malware, there would be far less of it as no one in the antivirus industry is a glutton for punishment. Criminals and attackers write and distribute malware. Antivirus vendor employees work long and arduous hours to ensure your computer is kept safe from the onslaught. End of story.
No comments:
Post a Comment