Is Antivirus Software Still Up To The Job?

How often do antivirus manufacturers admit that their products are not really up to the challenge anymore?

The only folks I know who do this are those from Trend Micro. I interviewed Steve Chang, its founder, a couple of years back, and he made it clear that antivirus software can’t keep everything out. But it doesn’t always come across quite as frankly as it should. This BusinessWorld piece today makes clear, in an interview with Ah Sin Ang, Trend Micro Incorporated’s regional marketing manager for South Asia, asks the important question, (is there) yet no antivirus software than can protect us from phishing?

Ang’s reply could be more thorough, but it’s probably more honest than some of Trend Micros’ competitors: If you are aware that banks don’t send you these types of emails, you’ll be protected. That’s why Trend Micro emphasizes public education.

He also makes the valid point that ‘antivirus’ is not a particularly useful term anymore: Although anti-virus is a general term for Internet security, we like an antivirus software to clarify what that software means – does it include protection against Trojans, spyware, adware and hackers? Does it block unhealthy sites? Once you get infected, there may be a lot of pop-ups featuring pornographic and gambling sites. A good integrated software must also allow filtering. When you filter, it must also be able to filter spam and phishing.

I think the bottom line is that antivirus software is not doing what its customers think it’s doing. Most of us can’t tell the difference between a worm and a Trojan, and tend to assume that antivirus software will also protect us if we click on something in an email that takes us to an infected site. This is no longer true, if it ever was. Instead, the software gives us a false sense of security. Would we better off not having it, and instead educating ourselves about threats?

17. May 2005 by jeremy
Categories: Malware, Phishing, Security | Tags: , , , , , , , , , , , , , , , , , , , | 5 comments

Comments (5)

  1. I thought about the phishing problem a while back. The central problem is that security in this case has to be handled within the browser itself. Credit card numbers and such are easy to recognize, if a user is to type them in to a web page. The browser should, by default, refuse to transmit anything in a form that looks like a credit card number unless the form is in a secure connection and the credentials are valid. If the user insists on continuing, the browser should quickly check a “blacklist” maintained at a central place, and warn the user again if the site is a bad spot.

    As far as passwords go, most users have a small set of passwords (or one password) that they use across everything. The browser knows what these passwords are; it should recognize when a password has been entered into a form, and check blacklists and credentials before transmitting it.

    These measures would not prevent phishing but they’d cut down on the success rate. And one more thing: Do not permit http redirects when the browser is opened from clicking an email link. A browser opened directly from an email is a “sandbox browser” and can’t go to another site.

    Too bad this stuff is necessary. My own mother has called me a few times asking me if an email was “real” (they weren’t).

  2. Your post is very true but just how much integration do
    you really want from the big three AV’s (Symantec,
    Trend Micro, McAfee) when it comes to Windows and it’s
    lack of security?

    I’m an Admin for a little rural ISP and I can tell you
    from personal and professional opinion that all three of
    there Security/Internet suits suck.

    Yes they can detect incoming viruses but the firewall
    and e-mail utilities are bloated pigs that we tend to
    recommend customers uninstall due to them having 3+ year
    old systems. And for DSL customers buying a hardware
    firewall is always the best option. I’ve never had
    a customer not take my advice on picking up a
    Router/Firewall box for a fixed IP DSL package.

    We’ve went so far as to send infected customers (about
    6k total subscribers with 4k dial-up and 2k’ish DSL)
    free CD’s with the following apps:

    A link to Trend’s online scanner:
    [http://housecall.trendmicro.com/]

    A copy of Trend’s SysClean stand-alone scanner with
    current pattern file.

    AVG Free (I’m waiting for ClamWin to get better)
    Ad-Aware
    Spybot
    Firefox
    Thunderbird
    Gaim

    Just because you can’t get a decent suit that does
    everything from AV to Malware *and* firewall that’s
    worth a $60.00+ price tag.

    That and I’m a Linux nut stuck in a MS world so I push
    my favorite FOSS apps on anyone I can .

    – Brad

  3. First, I think the author is *very* confused.

    “… and tend to assume that antivirus software will also protect us if we click on something in an email that takes us to an infected site.”

    Are you seriously telling us that *you* don’t know the difference between a virus/worm and a freaking URL hyperlink? You, the human, clicked on something. Are you suggesting that AV software should go out and pre-check the URL to see if it’s safe for you?

    Second, I’m concerned by this statement “Instead, the software gives us a false sense of security. Would we better off not having it, and instead educating ourselves about threats?”

    Since you don’t seem to realize the need for AV software I’ll make a deal with you. Get educated about threats, and uninstall your AV software. Seriously, if that’s all it will take then don’t run any anti virus protection at all on your daily computer running Microsoft Windows. There. I’ve just saved you 30 bucks. Go wild.

  4. Pingback: Christmas Gifts Directory

  5. Pingback: Techno-News Blog