Virtually all computer users will essentially fall into two categories: those who know what they’re doing, and those who don’t.
If you look at the users who know what they’re doing, they don’t tend to get “virus infections”. Meanwhile, for those who don’t, it tends to come up a lot. Well, what causes this? Is it that the tech-savvy have better security? Are they using some kind of trickery?
In reality, there is one main reason: They don’t do anything stupid (such as use Internet Explorer, for one). Invariably, those who aren’t experienced users will do something that will make us computer-folk cringe. This is the cause of malware. It is not a result of random infections floating mysteriously across the Internet, striking at those who aren’t protected.
What this really means, though, is that anti-virus is irrelevant. Those who know what they’re doing don’t need it, and clearly for those who do it doesn’t work. Anti-virus is simply a patching system for symptoms of a bigger issue. It has to know exactly what to look for before it strikes, and you can’t catalogue every piece of malware, yet they still try. Though a bit old, still relevant, Anti-virus misses 80%. It will never be 100%, and will never be close. Meanwhile with each new virus it looks for, the slower your system (again old, but relevant):
|Software||%Boot Delay||%Prime Delay||%FileIO Delay|
|Norton Internet Security 2006||46||20||2369|
|McAfee VirusScan Enterprise 8||7||20||2246|
|Norton Internet Security 2007||45||8||1515|
|Trend Micro PC-cillin AV 2006||2||0||1288|
(in case you’re wondering, yes, that’s a 2300% slowdown in harddrive read/write speed)
The system doesn’t work
The concept that we can predetect all malware when people decide themselves that every e-mail attachment and every executable is safe as long as they have Norton running is repeatedly demonstably false, and worse yet it is repeatedly and misleadingly insisted.
Naturally, the programs try to remedy this, through additional software. Detecting generic indicators or malware, whitelisting/blacklisting software, firewall, etc. But ultimately, it’s all for simply throwing a flag on something you already know exists. If you let IE through the wall, then something installs through IE… If you download an .exe and try to install it, nomatter what you’re installing it’s going to prompt you. This does nothing but annoy then let the threat through anyway.
What is truly ironic is that anti-virus software fits the definition of a trojan horse virus. In the guise of software that keeps your computer running smooth, it subjects the user to crippling performance hits. Time after time I’ve seen a computer brought to its knees by the program that is there to protect it. This needs to stop.