The author’s argument is built on the flawed ‘attack surface’ logic that if you install antivirus the bad guys will be better able to find and exploit your machine. Secondly, that we in the IT security industry are unable to defend against emerging threats, so-called zero-day attacks.
This advice reminds me of the old flawed arguments against seat belts back when I was growing up. If this were true then users with antivirus and other security products would have more infections than users without – which academic research refutes, ever since the early days of the internet. For example a Harvard study of infections from 2001, where students skipping antivirus caused campus-wide outbreaks.
For years, our industry has employed sophisticated heuristics – where we identify and neutralise a new threat by recognising its suspicious behaviour, rather than by knowing its exact signature – to identify and stop zero-day attacks.
Additionally, many infections these days come from a user’s web-browsing behaviour. Protecting against these threats has become standard practice in our industry and browser safety products. Numerous academic studies and our own threat research have demonstrated that no amount of wishful thinking will stop users from visiting dangerous websites. There are also regional differences, in one academic study on browsing behaviour the French lead with 29.1% of users at risk because of their browsing behaviour, Japan however at 10.0%.
The data are clear: if you don’t use antivirus and other IT security products when you are on your computer and mobile devices you are more likely to be infected than without.
This post is also available in: German
In your arguments you reference to only one study that is now 15 years old and does not really prove your point. You talk about other studies, but you do not reference to them, this is very unprofessional. Please reference to indenpendent studies not made by anti virus companies. Also you just ignored the initial points attack surface and zero-day attacks. Furthermore there cannot be any studies, because of course most people do not know, when they got hacked.
Hi Max,
Thank you for your feedback! Actually we also refer to another article from 2014 which you can find here. Why we shouldn’t refer to studies being executed by antivirus companies? They are the ones who really know what’s going on in the field of malware, ransomware, viruses and trojans. They’re the experts and they should be related to. It’s like saying ‘The farmer tills a field – but you shouldn’t listen to his experience regarding tilling.’
Best,
István
Thanks for the relevant and informative post shared with us. I am waiting for new post written about antivirus software. Thanks in advance !!!