The author’s argument is built on the flawed ‘attack surface’ logic that if you install antivirus the bad guys will be better able to find and exploit your machine. Secondly, that we in the IT security industry are unable to defend against emerging threats, so-called zero-day attacks.
This advice reminds me of the old flawed arguments against seat belts back when I was growing up. If this were true then users with antivirus and other security products would have more infections than users without – which academic research refutes, ever since the early days of the internet. For example a Harvard study of infections from 2001, where students skipping antivirus caused campus-wide outbreaks.
For years, our industry has employed sophisticated heuristics – where we identify and neutralise a new threat by recognising its suspicious behaviour, rather than by knowing its exact signature – to identify and stop zero-day attacks.
Additionally, many infections these days come from a user’s web-browsing behaviour. Protecting against these threats has become standard practice in our industry and browser safety products. Numerous academic studies and our own threat research have demonstrated that no amount of wishful thinking will stop users from visiting dangerous websites. There are also regional differences, in one academic study on browsing behaviour the French lead with 29.1% of users at risk because of their browsing behaviour, Japan however at 10.0%.
The data are clear: if you don’t use antivirus and other IT security products when you are on your computer and mobile devices you are more likely to be infected than without.
This post is also available in: German
