Although an antivirus solution has always been recommended whenever you buy a new PC, but it looks this might just be terrible idea. According to a report in Ars Technica, Robert O’Callahan, who is a former Mozilla engineer has come out to criticise third-party antivirus vendors, with a warning to consumers they should not use antivirus software, or uninstall it if they already are using these.
O’ Callahan has a blog post explaining why he thinks anti-virus software is a terrible idea. “Antivirus software vendors are terrible; don’t buy antivirus software, and uninstall it if you already have it”, explained O’Callahan in his post. His argument stick with Microsoft’s Windows defenders on your PC, and keep updating Windows 10 regularly, unless you are on Windows XP or something, where even he admits you might need some third-part help.
He notes in his blogpost, “At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google’s Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices.” Google’s Project Zero is a team dedicated to find security issues with commonly used software across the world. Previously it has found some serious issues in Symantec/Norton’s products, calling these vulnerabilities as bad as they can get.
The former Mozilla engineer blames third-party antivirus vendors for not following “standard security practices”, unlike Microsoft whom he called generally competent. He’s also calling out the AV software over its invasive practices and “poorly-implemented code”, which ends up creating security issues for many browsers. As the piece in Ars Technica explains, anti-virus software will “hooks itself into other pieces of software on your computer,” including the OS kernel.
The former Mozilla engineer then, goes on to say that how some antivirus solutions block Firefox updates, which can lead people to believe the browser’s inefficiency. “Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security,” he wrote.
He says that the software developers hardly raise these issues because they “spend too much time because they need cooperation from the AV vendors”, and not on things that could actually improve user experience. “When your product crashes on startup due to AV interference, users blame your product, not AV,” he adds, referring to browsers.
O’Callahan’s idea is simple: Anti-virus software is bad, and you don’t really need it. However, for those who are not regularly updating their systems, or are still on older versions of Windows, this might not be the worst idea.