Virus Scanners and Snake Oil

Biohazard SymbolThere are millions of infected PCs in the world and they are coming after you through cyberspace – are you protected?

Regardless of the machine you are using, I think the answer is somewhere between no and…it depends.

IT security is enough of a black art that I wouldn’t be surprised to see a “security professional” sacrificing a chicken over the mother-board to expel its demons.  And if you put 3 “security professionals” in a room and asked them to select the best Anti-virus program you’ll get 4 answers. None of them will be able to articulate why they chose one over the other but, when pressed they, will resorting to implying  that it’s too technical for you to understand, which should probably be read as  “I have no idea, but it sounds way cooler if I choose a program no one has heard of.”

There are plenty of anti-virus choices out there, and the fact that most industry reviews won’t include the free offerings for fear of losing ad revenue, makes figuring this out all the more challenging.

Frankly, I don’t trust any company that is making money on virus scanners, mostly because if I were the CEO of McAfee or Symantec, I’d be paying people in China to write viruses that only my software could detect – thus keeping the paranoia high and my detection ratings even higher.  Just saying….

But the free security offerings do seem to do a reasonable job of keeping my machines clean, so I believe that most  of the benefits touted by the paid AV companies are in the snake oil group, designed to keep you paying them to protect you.

Fortunately, Microsoft has recently started to include their free Security Essentials (MSE) system as an optional part of its regular Windows update.  Personally, I think this is a great step forward, because there are a shocking number of PCs out there with no Anti-virus protection at all – usually  because people opted not to pony up when the trial subscription ran out – and this is bound to fill at least a few of those holes.

Those of you reading this on your Apple MAC, are probably feeling pretty smug, because viruses don’t affect your machines…right?

Well don’t go thumbing your noses at your Windows cousins just yet, because you are not immune.  Much of the reason that MAC based systems have fewer viruses has been, frankly, because they didn’t offer a big enough target.  But, with their growing popularity, that situation is changing quickly.

Unix based platforms (including MAC and Linux) may be technically more secure, but most viruses get in through social engineering and not security loopholes.  It doesn’t matter how good your security is if you open the door and invite that nasty virus in.  If you don’t believe me, watch this video and tell me you wouldn’t have installed that program.

And MAC users shouldn’t be so selfish!  Just because you are immune to a Windows virus does not mean you are free to spread it to other people like some modern Typhoid Mary.  How are you going to feel when someone calls you to say you gave their PC the ‘clap’?  If you answer ‘well then they should have bought a MAC’ then you have truly drunk the Apple cool-aid.

ubuntu-910-vs-windows-7Personally, I take a belt and braces approach.  Each of my Windows PCs has Microsoft Security Essentials as the main virus protection, and a dual-boot of Ubuntu Linux (a great, free, operating system) running ClamAV.  This gives several advantages:

  1. Some viruses are great at hiding from Windows programs, so I periodically boot into Linux and run a virus scan of the entire disk from there. It is not uncommon for the Ubuntu scan to find programs that the Windows scanners have missed.
  2. Should Windows become unusable, I can boot into Ubuntu, access my files, and run a virus scanner from outside of Windows.
  3. Some viruses are smart and protect themselves – for example, they will install multiple versions that check each other and, should one die, immediately reinstate it.  They can’t protect each other if they never start in the first place.

For any of you fellow geeks who are interested, I have included instructions on how to set up that dual-boot here.

Ultimately, the most important thing is for you to do something – ANYTHING – to protect your machine. I don’t care if you are a gold member of McAfee, run the free AVG product or never actually plug your PC into the Internet, but if you infect me or one of my friends, then I’m coming after you…in cyberspace, of course.  😉

Advertisements

6 Comments

Filed under Technology

6 responses to “Virus Scanners and Snake Oil

  1. Excellent blog post on securing your machine. This is something people take for granted.

  2. Comment via email from Chris:

    Thought your blog entry on safe computing anti
    malware was spot on.. Well done

    One additional subtle addition is to coach folks into creating a
    “daily use” account on the evil os from Redmond that has no
    admin privileges and modify behavior so that daily use
    account is the default login unless installing something etcetera..

    No guarantees there is always the malware that jumps the OS
    priv barrier such as designed but at least you stop some of the malware..

    • It’s a good point. My kids PC has stayed remarkably virus free despite a complete lack of concern about that. I put that down to the fact that they have parental controls turned on and no admin privs. There have been plenty of times when my kids have called me over to authorize some sort of install or action and I said “Ummm…no, we’re not doing that”.

  3. As if to reinforce this post McAfee’s recent List of Targets for Emerging Threats in 2011 includes the Mac OS X platform as one of their major targets for cybercriminals. http://newsroom.mcafee.com/article_display.cfm?article_id=3711

  4. Pingback: Quora

Your thoughts?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s