Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tavis Ormandy Criticizes Meaningless Antivirus Excellence Awards (softpedia.com)

Posted by timothy on from the you-wanna-play-the-dozens-well-the-dozens-is-game dept.

An anonymous reader writes: A Google security expert (Tavis Ormandy) has become annoyed with antivirus products receiving awards a week after he finds huge security holes in their software. He's talking about Comodo who received an "excellence" award from Verizon, after the researcher discovered 4 security issues in the past four months, and is in the process of submitting a fifth. His criticism of Comodo and Verizon's silly awards is also validated by the fact that during the past year, he discovered security flaws in numerous antivirus and security software such as Avast, Malwarebytes, Trend Micro, AVG, FireEye, Kaspersky, and ESET.

3 of 72 comments (clear)

  1. Bloatware by Anonymous Coward · · Score: 4, Interesting

    Many antivirus products started as small, useful tools which genuinely helped detect and neutralize viruses, at least still in the 90s and early 2000s. For some reason which I can only compare to gluttony for more "features" and attention, most have grown to bloatware with flashing popups, nagging screens and award stickers collected like flairs which are supposed to validate their usefulness, but are meaningless. When friends ask me to set up a newly purchased laptop, one of the first things to do is remove all that antivirus crap and educate them on PC hygiene.

    1. Re:Bloatware by rudy_wayne · · Score: 4, Informative

      Most AV programs have not only become bloatware, adding more and more useless "features", but they have actually become malware themselves.

      For example:

      The AVG Web TuneUp Chrome extension, forcibly added to Google Chrome browsers when users install AVG antivirus, is vulnerable to trivial XSS (cross-site scripting) attacks.

      "This extension adds numerous JavaScript APIs to Chrome, apparently so that they can hijack search settings and the new tab page. The installation process is quite complicated so that AVG can bypass the Chrome Store malware checks, which specifically tries to stop abuse of the Chrome Extension API."

  2. And The Best AntiVirus is.... by FudRucker · · Score: 4, Insightful

    switching to an Operating System that is not the target of virus writers, or at least less of a target

    Linux is your best bet for a general purpose operating system

    --
    Politics is Treachery, Religion is Brainwashing