Ask Slashdot: How Dead Is Antivirus, Exactly?

Safensoft writes: Symantec recently made a loud statement that antivirus is dead and that they don't really consider it to be a source of profit. Some companies said the same afterwards; some other suggested that Symantec just wants a bit of free media attention. The press is full of data on antivirus efficiency being quite low. A notable example would be the Zeus banking Trojan, and how only 40% of its versions can be stopped by antivirus software. The arms race between malware authors and security companies is unlikely to stop.

On the other hand, experts' opinions of antivirus software have been low for a while, so it's hardly surprising. It's not a panacea. The only question that remains is: how exactly should antivirus operate in modern security solutions? Should it be one of the key parts of a protection solution, or it should be reduced to only stopping the easiest and most well-known threats?

Threats aren't the only issue — there are also performance concerns. Processors get better, and interaction with hard drives becomes faster, but at the same time antivirus solutions require more and more of that power. Real-time file scanning, constant updates and regular checks on the whole system only mean one thing – as long as antivirus is thorough, productivity while using a computer goes down severely. This situation is not going to change, ever, so we have to deal with it. But how, exactly? Is a massive migration of everything, from workstations to automatic control systems in industry, even possible? Is using whitelisting protection on Windows-based machines is the answer? Or we should all just sit and hope for Microsoft to give us a new Windows with good integrated protection? Are there any other ways to deal with it?

Re:Switch to linux / OsX.

Never seen viruses on Linux.

I have. And that's on desktop GNU/Linux with its ~2% market share. If you look at mobile Linux (Android) the situation is much worse.

Re:It works

[Cyberax]

Pedant mode: the plural of "virus" is "viruses". If you /insist/ on using Latin then it should be "vira", since it's a neuter noun in the second declension. Though we don't have any actual examples of such use in contemporary sources.

Use Linux

[Dukenukemx]

The biggest flaw with Windows is it's reliance on antivirus. No matter what computer system I install Windows onto, the antivirus software makes it slow. In some cases the antivirus software is worse than the virus itself.

Just use Linux. Not that nobody writes viruses for Linux, but your chances of getting one is slim. Also distros like Unbuntu/Mint/etc tend to update more then the OS itself. Update Manager will update Java, Firefox, Flash, and everything in between. Windows needs background programs to update the software in your computer, which is why so many vulnerabilities are left exposed in Windows machines.

Re:Dead as a profit source for Symantec, well, ...

[magamiako1]

We use McAfee at work. With proper coaxing, it works pretty well and is unobtrusive--but it actually requires becoming familiar with the product and its features. It took a lot of trial and error.

One quick way you can help reduce A/V hit on a system is to remove zip file scanning during on-access scans and on-demand scans. Also, setting a file scan time limit can limit the amount of time the AV spends on one particular type of file.

Other antivirus solutions handle this a bit better, but McAfee is workable with the proper implementation.

Re:Never mind the quantity, feel the quality

[Curunir_wolf]

The main subset is in fact crime prevention.

Incorrect. In fact, the US courts explicitly ruled that the police do not have a duty or obligation to protect anyone, or prevent any crime.