Experts avoid AV because they can - the rest of you should still use it

by Steve Ragan - Mar 5 2012, 10:00

Wired published an interesting article on Friday. In it, Bob McMillan spoke to a few security experts about their use of AV software, or more importantly the fact that some of them don’t use it at all. Just because some of the more well-known security experts avoid AV protection, that doesn’t mean they think everyone should.

“If [insert name(s) here] jumped off of a bridge, would you jump too?”

Many of us have heard that question before. In this case, if a known and established security professional admits to not using anti-Virus protection on their personal computer, does that mean that you should stop using it too?

Not in the slightest.

“If you asked the average security expert whether they use antivirus or not,” WhiteHat Security’s CTO, Jeremiah Grossman, said in an interview with Wired, “a significant proportion of them do not.”

This quote was followed by one from Dan Guido, another security expert and founder of the startup Trail of Bits, who noted that those in the InfoSec world using AV do so because of professional requirements, otherwise “almost nobody in the security industry would run it.”

Paul Carugati, a security architect with Motorola Solutions, commented, “I don’t want to downplay the need for [anti-Virus], but it has certainly lost its effectiveness.”

Three security experts, from three separate segments of the InfoSec community, either do not use AV protection themselves, or feel that it has lost its value in some way. On top of this, they state that others on their level are likely to agree and not use AV either.

A comment on Wired’s article called it “dangerous” comparing the idea of not using AV protection to the notion that “we should stop giving babies Polio vaccines because there isn’t any major incidence of Polio in the world.”

Read the entire article, and one thing that stands out is that none of them outright said to avoid AV, either for personal or professional use. The only thing these experts did was offer an opinion on the matter, or personal preference. For the overwhelming majority of the Internet populace, AV is a key layer of protection – despite its faults.

There are ways to surf the Web and use a computer without needing AV protection, even on Windows, and no we’re not talking about using OS X or a Linux distribution. It’s entirely possible to remain safe and virus free on a PC by using limited account controls and enabling things like UAC.

However, most users do not like the restrictions or the process it takes to manage the system fully with them in place. Thus they run as administrators, which opens the attack surface on the system, enabling criminals to spread their Malware. For situations like this, AV is essential.

Again, just because the experts are doing it, doesn’t mean they encourage others to follow their lead. They know how to avoid Malware infections, and many of them use system configurations that prevent most, if not all, of the typical virus attacks online.

The average Joe or Jane cannot make the same claim. As such, they should always stick with the basics when it comes to system security, including keeping and maintaining AV software, on top of ensuring that their OS is kept up to date along with any third-party applications that they’ve installed.

If cost is an issue, there are plenty of free AV / anti-Malware applications on the market. Products like AVG (Free), Microsoft Security Essentials, Malwarebytes AntiMalware, Panda’s Cloud AV, and Comodo are decent security programs in their own right and they cost nothing to use.

When it comes to AV, some can get by without using it, others are not so lucky. AV isn’t perfect. It won’t prevent every type of Malware infection, nor will prevent all the infections that can come from risky online behavior. It’s like an airbag in a car, it’s better to not need it and have it, than to risk going without.

Wired’s article is here, head over and check it out.

Around the Web

comments powered by Disqus