Sunday, July 23, 2006

the REAL reason anti-virus programs don't work

by now a lot of people have seen one or both of the pair of zdnet articles on anti-virus apps not being worth a damn... i've already argued that the logic of their argument is bogus but then along comes a different article with an entirely different observation...

readers of this blog probably know by now that i tend to be a little on the critical side - i tend not to say anything when i agree with someone, usually only when i disagree, so brace yourselves for a departure from the norm because martin overton has done an excellent job of capturing the REAL reason why anti-virus programs aren't working and i just thought it was so good i had to try and draw more attention to it...

he's done a much better job than i probably would have done because i wouldn't have tip-toed around the thorny issue of blaming the victims and just come out and said that the anti-virus programs are failing because they're being used by morons who move their lips when they click and click on everything except the update button...

why? why are people so dense? ok, i get that the average person isn't going to be a technical marvel, but the simple behaviour we've been trying to teach them for a decade or 2 now is to use anti-virus software AND keep it up to date... is that second part really so much harder than the first?

come on folks, buying a new computer in order to solve a malware problem is not the answer - there comes a time when you have to look with a critical eye at the sequence of events that lead to the malware contamination and ask yourself "what could i have done differently that would have helped to avoid this problem?"... if you don't get a better handle on this then you're new computer will soon be infested by malware as well and then what will you do? unfortunately musical chairs does not represent an effective anti-malware strategy...

if you're going to use anti-virus (and you should) you're going to also have to keep it up to date... why? because there are about 60-70 new pieces of malware created each day... malware scanners mostly only detect what they know so each day that your scanner goes without being updated represents an additional 60-70 pieces of malware it doesn't know about and therefore won't be able to help you avoid... if it's been months (or years) since you last updated, do the math and figure out how many potential threats your security software isn't helping to protect you from... pretty scary, huh?

if that just woke you up out of your stupor and you've started to ask yourself "but what if i am completely up to date and i still encounter malware my anti-virus app doesn't know about?" then congratulations, you've just ascended to a new level of malware awareness... to you i say that your anti-virus is just one layer of defense and nobody ever said you were limited to only using one...

0 comments: