Security & Privacy

Why “Anti-Virus” is a Terribly Outdated Idea

Posted on March 29th, 2013 by

Alright kids, it’s time for Auntie Lysa to go on a rant about Ye Olden Days. Are you ready?

I’ve been listening to/reading a lot of things talking about “viruses” as the object of computer security. I know this is really nothing new, but as the computer security landscape changes, this sort of attitude seems more impossibly outdated and harmful. It’s a bit like viewing phones as those giant, ancient devices that hung on the wall, whose dial you used to have to spin with your finger and whose only purpose was speaking to someone very far away. Now phones are slabs of glass that are such powerful computers, you could use them to send a space shuttle to the moon. Oh, and you can also use them to speak to someone far away.

Once upon a time, the main worry about computer security was indeed getting infected with viruses. Viruses could move far and fast, and they could wreck your entire day. Maybe even several days. Virus outbreaks sucked. Viruses were often destructive, and would overwrite your data so that you couldn’t recover it. Yuck. But there hasn’t really been a virus outbreak on any operating system in a really long time. Years and years.

But we aren’t really safer or less vulnerable to computer security issues than we were years and years ago. Viruses have fallen out of favor, but Trojans are now much more prevalent. And, like Flashback, they can sometimes hit a whole lot of people. There are huge numbers of new Trojan variants discovered every day, mostly for Windows and Android. They’re not destructive in the “Oh no, it’s killed my data!” sense, but in the “Oh no, they burgled my data!” sort of way. Which still sucks, if you ask me.

Even that is only part of the problem these days. Malware is still an issue, but attackers aren’t stopping at making you run their code so they can get your data. Sometimes it’s simply easier to steal your data by breaking and entering, or stealing your credentials from some third party.

The upshot of my rant is this: We all know what “anti-virus” software is, but this is not the whole of the security needed to protect you, digitally speaking. Malware is not the only way to ruin your computing day. We need to protect our data and our computers, not just fight malicious code.

old Mac photo credit: JulkaG via photopin cc

  • billjohn2

    Well since you started with the terminology, I will have to quibble with you on Flashback. 🙂 Flashback, the trojan, did not affect that many people. It was somewhat widespread, but less so than MacDefender, which had spread some months earlier.

    However, it was only when Flashback adopted the Java exploit (months after its initial release in Trojan form) did it become extremely widespread. But that at point, it should no longer be considered a Trojan, IMO. It didn’t present any UI to the user, nor did it trick them into executing anything. It used an unpatched Java exploit to gain remote code execution. And I would argue that’s something entirely different, a client-side exploit.

    • LysaMyers

      That does get into a tricky area of terminology. In the Greek-myth sense, it definitely makes sense to consider “Trojans” as only the things that rely on social engineering. I tend to simply consider a Trojan something that maliciously causes damage. But I think we can both agree that the security concerns of old have morphed into a much broader thing than they once were.

    • Al Varnell

      > it should no longer be considered a Trojan, IMO. It didn’t present any UI to the user, nor did it trick them into executing anything.

      Actually, it did ask for an admin password, but if you refused it would still resort to a backup infection method. That’s part of the reason it was sometimes referred to as a “Backdoor”.

  • Jane Mickelborough

    I have Intego Net Barrier and Virus barrier.

    I also do the other stuff that is recommended, I use strong passwords (no pets or dates of birth!), I have a separate administrator account on my computer, I dont use public wi-fi. I use a password manager…

    So, can you explain, in words of one syllable, whether this is (more-or-less)sufficient to protect against these more modern threats?

    • LysaMyers

      Without getting my own grimy paws on a computer to verify settings and whatnot, I can’t say for sure, but it sounds like you’ve got a pretty good set-up there to protect yourself against common attacks.