Is Antivirus Relevant Anymore?

In the late ’90s, as Windows became a mature operating system and the home PC market was really taking off, a slew of viruses began to appear. It was during this time that most antivirus (AV) software developers like Norton, McAfee, and Avast came to prominence and did their best to eliminate threats and categorize them correctly.

A few decades have passed and most of these companies are continuing to sell their software, but less people are using them. Are they right to stop installing antivirus programs on their computers? And perhaps more importantly: Are AVs still able to protect you from threats as advertised?

One of the reasons that AV software was necessary in the first place is because no one else was really paying attention to the problem. Viruses were creeping in and exploiting the operating system with absolutely no obstacle in front of them except perhaps your own interference when you opened your task manager and realized that one process was using 100 percent of your CPU.

In the early 2000s there were a lot of ways in which these little buggers would propagate, including through email and instant messaging. There really was no other solution for the common user except installing an AV.

Fast-forward a decade or so, and in 2015 Google was scanning every single file it touched for viruses through Drive, Gmail, and Chrome. Services like Facebook actively fight against malware spread on their networks. Web, desktop, and mobile app developers alike are constantly hardening their own software to make sure their users are safe. Couple this with the fact that OS developers like Microsoft have more years of experience fighting viruses under their belt and you end up with systems that can do the job of an AV on their own. Windows had a rocky start with User Account Control in Vista but has since improved the system to become less intrusive while offering the same level of protection in later versions of the operating system.

relevantantivirus-detection

When a new virus appears, it has another signature, another file size, another MD5 hash … It wears another hat! This presents a dilemma for antivirus makers. When they scan a file for infection, they typically use heuristics to scan for code patterns and other things that could indicate that this file has that virus. With all its sophistication, an AV is nothing more than a glorified doorman.

If a hacker wants to write a new virus, the first thing he will think about is throwing off this heuristic algorithm. If he succeeds, such software will be useless against the virus at least for a few days (and often times longer than that) until a new update comes along.

relevantantivirus-update

Let’s return to the hacker writing a virus. He successfully made it undetectable to antivirus software (which isn’t exactly the hardest thing in the world to do). Now he needs it to be effective against the operating system. It needs to exploit something. Usually the most known exploits come from older versions that haven’t plugged all of their holes in awhile. “OK, so which old OS version are most people using these days?” This is the path of least resistance and the first question a hacker asks himself before planning his creation.

You can respond to this by making sure that you have the most updated operating system possible. Doing this is more likely to frustrate a hacker than keeping an updated AV. Virtually any “zero-day” virus can throw off updated antivirus software. On the other hand, it takes an extraordinary amount of skill and resources to exploit an up-to-date operating system that keeps all its ducks in a row.

relevantantivirus-bsod

Have you ever had a program crash constantly, only to discover that turning off your AV fixes the problem? If you thought that might just be a one-time phenomenon, think again. This actually happens very, very often. Because antivirus developers often make their programs hook forcibly into other software you run, there are often glitches that make your computer go haywire when this happens. In many cases, an AV can act more like a virus than anything else installed in your computer (not intentionally, of course, but it’s still annoying).

While I can’t wholeheartedly advocate entirely eliminating any antivirus software from your computer, it is kind of hard for me to justify its use in the modern computing era when so many developers are taking proactive steps to prevent their applications and operating systems from being compromised. In addition to this, there are very real threats out there (which I have written about extensively here and here) against which an AV would be useless in protecting you. To read what my colleagues here at MTE have to say about how useful antivirus is, you can do so right over here.

What do you think? Do you still use antivirus software? Tell us why or why not in a comment!

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.