Is Anti-virus Software Really Necessary?
May 14th, 2006 by Doug
There is a blog post from May 9th
titled Linux
Security - The Illusion if Invulnerability over a viruslist.com
(Kaspersky Lab’s blog). This quote sums up the theme of the post:
I think they have it wrong - it’s not belief in invulnerability, and it’s not Linux. It’s a belief that “Yeah, it could happen to me, but it probably won’t” and the fact that you could envision users of OS X, Windows, or any OS saying this. But the quote pre-supposes that there is a need for anti-virus software at all. Sound crazy? Perhaps not. Here’s a few questions to think about:
This question of whether or not you really need anti-virus software is answered quite well at vmyths.com:
Technorati Tags: Anti-virus, Security
At the Kaspersky stand we talked to a lot of visitors. Pretty soon, it dawned on us exactly what the biggest threat to Linux systems is: the almost overwhelming belief in the invulnerability of Linux
I think they have it wrong - it’s not belief in invulnerability, and it’s not Linux. It’s a belief that “Yeah, it could happen to me, but it probably won’t” and the fact that you could envision users of OS X, Windows, or any OS saying this. But the quote pre-supposes that there is a need for anti-virus software at all. Sound crazy? Perhaps not. Here’s a few questions to think about:
- For some reason, the metric used to judge anti-virus products is how quickly they release signature updates to counter new threats. This seems backwards to me. Has any anti-virus vendor ever done research on how many infections their software has prevented, and what the impact could have been?
- More to the point, is anti-virus software really a valuable part of an IT security policy, or are there better ways of preventing viruses/malware?
- Why does it seem that despite the entire world running Windows desktops, and almost all of those running some form of anti-virus software, there are still major virus outbreaks?
- Does it help to divide malware threats into known and unknown categories? Clearly, antivirus software protects against the former, but not the latter.
- Does reliance on a single security product give a false sense of security? For example, a common misconception is that a firewall is all one needs for protection against external network threats. The truth is much more complicated than that, as most security practitioners know.
This question of whether or not you really need anti-virus software is answered quite well at vmyths.com:
If an expert proclaims you need antivirus software to protect you from a virus, you can counter with the following argument:
If we’d turned off automatic macro execution in Word before Melissa came along, then our PCs wouldn’t have gotten infected. If we’d turned off Windows Visual Basic Scripting before ILoveYou came along, then our PCs wouldn’t have gotten infected. This means our PCs could have protected us even when antivirus software failed to do its job. Perhaps we don’t need to update our antivirus software so often — maybe we really just need to update our antivirus experts.
Technorati Tags: Anti-virus, Security
![[Post to Yahoo Buzz]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-buzz.png){kind=icon}
![[Post to Delicious]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-delicious.png){kind=icon}
![[Post to Digg]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-digg.png){kind=icon}
![[Post to Reddit]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-reddit.png){kind=icon}
![[Post to StumbleUpon]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-su.png){kind=icon}
![[FSF Associate Member]](http://www.unixlore.net/images/fsf_button.png "[FSF Associate Member]"){kind=small}