It might be time to stop using antivirus

Former Firefox developer Robert O'Callahan, now a free agent and safe from the PR tentacles of his corporate overlord, says that antivirus software is terrible, AV vendors are terrible, and that you should uninstall your antivirus software immediately—unless you use Microsoft's Windows Defender, which is apparently okay.

A couple of months back, Justin Schuh, Google Chrome's security chief, and indeed one of the world's top infosec bods, said that antivirus software is "my single biggest impediment to shipping a secure browser." Further down the thread he explains that meddling AV software delayed Win32 Flash sandboxing "for over a year" and that further sandboxing efforts are still on hold due to AV. The man-in-the-middle nature of antivirus also causes a stream of TLS (transport layer security) errors, says Schuh, which in turn breaks some elements of HTTPS/HSTS.

These are just two recent instances of browser makers being increasingly upset with antivirus software. Back in 2012, Nicholas Nethercote, another Mozillian working on Firefox's MemShrink project said that "McAfee is killing us." In that case, Nethercote was trying to reduce the memory footprint of Firefox, and found that gnarly browser add-ons like McAfee were consuming a huge amount of memory, amongst other things. If you venture off-piste into the browser mailing lists, anti-antivirus sentiment has bubbled away just below the surface for a very long time...

Source: It might be time to stop using antivirus | Ars Technica
 
This is interesting. I think that Google in the future will force by using Chrome warning for domains that don't have SSL, after that happens other browsers will follow. Plus Google works on deleting from search results spammy domains that are spreading viruses. Antiviruses effectiveness will be diminished.
 

My Computer

Google have already implemented a system where non secure, (HTTP not HTTPS), sites fall down the order in search results. This means that any company sites that do not apply proper security to their site will find that fewer users will find them. This is not limited to the Chrome Browser, but any searches made via Google which is the vast majority of searches performed world wide, excluding China where they force use of their own search.
 

My Computers

System One System Two

  • Operating System
    Windows 10 Pro x64 Latest Release Preview
    Monitor(s) Displays
    Acer G276HL 27", (DVi) + Samsung 39" HDTV (HDMI)
    Screen Resolution
    2 x 1920x1080 @50Hz
  • Manufacturer/Model
    Real World Computers (Custom by Me)
    CPU
    AMD FX8350 Vishera 8 Core @4GHz
    Motherboard
    Asus M5A78L-M USB3
    Memory
    32GB [4x8GB] DDR3 1600 MHz
    Graphics card(s)
    Asus nVidia GTX750TI-OC-2GD5 (2GB DDR5)
    Sound Card
    ASUS Xoner DG + SPDIF to 5.1 System + HDMI
    Monitor(s) Displays
    Samsung 32" TV
    Screen Resolution
    1920 x 1080
    Hard Drives
    Internal
    Crucial CT256MX100SSD1 256GB SSD,
    Seagate ST2000DM001-1CH1 2TB,

    External (USB3)
    Seagate Backup+ Hub BK SCSI Disk 8TB
    2.5/3.5 Hot Swap Cradle, USB3 + eSata (client HDDs)
    NAS 4TB
    PSU
    Aerocool Templarius Imperator 750W 80+ Silver
    Case
    AeroCool X-Warrior Red Devil Tower
    Cooling
    Hyper103 CPU, Rear 120mm, Front 2x120mm, Side 2x120mm
    Internet Speed
    68 MB Down 18.5 MB Up
    Other Info
    Six Sensor Auto / Manual Digital cooling (Fan) control with Touch control Panel
Using Google, I have always been able to go to a certain site. As of about 3 weeks ago, when I try to go to the site, I am presented with a warning that the site is not secure and it is my choice if I want to proceed.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
I think that could be the next stage to the new limitations or could be just due to the general tightening of the levels you have to meet as a site to be considered safe a small site may easily fall to the lower ranks as the costs of securing a site are not cheap. it's an unfortunate thing for small sites but is the fault of the bad guys, not google or other major players.

Another thing that is being tightened is the security certificates held by sites, whereas previously there was a grey area where a minor infraction of the dates or other rules might be overlooked, for a short time, to allow the website to catch up I've seen a lot more certificate expired notices when surfing than I ever had before.

I recently had an unsafe add-on restriction from Firefox for my Bit Defender Password wallet, when I checked into it it was just because an update to Bitdefender needed a re-boot to complete and Firefox would not allow it access whilst in this state

Big Brother is watching us, but for the right reasons ;)
 

My Computers

System One System Two

  • Operating System
    Windows 10 Pro x64 Latest Release Preview
    Monitor(s) Displays
    Acer G276HL 27", (DVi) + Samsung 39" HDTV (HDMI)
    Screen Resolution
    2 x 1920x1080 @50Hz
  • Manufacturer/Model
    Real World Computers (Custom by Me)
    CPU
    AMD FX8350 Vishera 8 Core @4GHz
    Motherboard
    Asus M5A78L-M USB3
    Memory
    32GB [4x8GB] DDR3 1600 MHz
    Graphics card(s)
    Asus nVidia GTX750TI-OC-2GD5 (2GB DDR5)
    Sound Card
    ASUS Xoner DG + SPDIF to 5.1 System + HDMI
    Monitor(s) Displays
    Samsung 32" TV
    Screen Resolution
    1920 x 1080
    Hard Drives
    Internal
    Crucial CT256MX100SSD1 256GB SSD,
    Seagate ST2000DM001-1CH1 2TB,

    External (USB3)
    Seagate Backup+ Hub BK SCSI Disk 8TB
    2.5/3.5 Hot Swap Cradle, USB3 + eSata (client HDDs)
    NAS 4TB
    PSU
    Aerocool Templarius Imperator 750W 80+ Silver
    Case
    AeroCool X-Warrior Red Devil Tower
    Cooling
    Hyper103 CPU, Rear 120mm, Front 2x120mm, Side 2x120mm
    Internet Speed
    68 MB Down 18.5 MB Up
    Other Info
    Six Sensor Auto / Manual Digital cooling (Fan) control with Touch control Panel
You can still rank your website with HTTP but if you have online store, service, forum, etc. you will get spanked by Google and that is good make staff safer. On the other hand, I can't see the reason why Google would slap blog sites for not having SSL. Blog that is free and is found by private money, to have useless for them expensive SSL protocol.
 

My Computer

Back
Top