Slashdot Mirror

← Back to Stories (view on slashdot.org)

Antivirus Software Is 'Increasingly Useless' and May Make Your Computer Less Safe (www.cbc.ca)

Posted by msmash on from the security-woes dept.

Emily Chung, writing for CBC: Is your antivirus protecting your computer or making it more hackable? Internet security experts are warning that anti-malware technology is becoming less and less effective at protecting your data and devices, and there's evidence that security software can sometimes even make your computer more vulnerable to security breaches. This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities. "These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," wrote Google researcher Tavis Ormandy in a blog post. Symantec said it had verified and addressed the issues in updates that users are advised to install. It's not the only instance of security software potentially making your computer less safe. Concordia University professor Mohammad Mannan and his PhD student Xavier de Carne de Carnavalet recently presented research on antivirus and parental control software packages, including popular brands like AVG, Kaspersky and BitDefender, that bypass some security features built into internet browsers to verify whether sites are safe or not in order to be able to scan encrypted connections for potential threats. In theory, they should make up for it with their own content verification systems. But Mannan's research, presented at the Network and Distributed System Security Symposium in California earlier this year, found they didn't do a very good job. "We were surprised at how bad they were," he said in an interview. "Some of them, they did not even make it secure in any sense."

4 of 212 comments (clear)

  1. What the fuck by Anonymous Coward · · Score: 0, Insightful

    Slashdot editors are INCREASINGLY useless

    1. Re:What the fuck by Captain+Splendid · · Score: 1, Insightful

      It's not possible to be increasingly useless.

      Clearly someone wasn't around to witness eight years of George W Bush.

      --
      Linux, you magnificent bastard, I read the fucking manual!
  2. Clicking on attachments by martyros · · Score: 3, Insightful

    After a recent debacle where Symantec apparently didn't get the proof-of-concept exploit sent to them by a security researcher because the mail filter automatically opened the document and crashed, I friend of mine joked that antivirus software was actually a tool to "automatically click on attachments for you".

    --

    TCP: Why the Internet is full of SYN.

  3. Adblock by Anonymous Coward · · Score: 5, Insightful

    I think installing an adblocker in your webbrowser is probably the best antivirus available today.