Uninstall antivirus software - vendors are terrible

Published by

teaser

That is what an Ex-Mozilla developer states on his blog. He is not the first though, earlier on Google employees called on this one as well. The Mozilla engineer states that now he has left Mozilla he’s finally able to speak out about it. 



He calls for users to no longer purchase anti-virus software and to uninstall any previously purchased anti-virus applications. He does add that uninstalling antivirus software should only be done on an up-to-date OS. Ex-Mozilla engineer Robert O’Callahan argues that only Microsoft’s antivirus solution can be safely used and that the others ‘poison the software ecosystem’. He writes, “AV [antivirus] products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security.”

Here's a paste from his posting:

But you also need to your OS to be up-to-date. If you're on Windows 7 or, God forbid, Windows XP, third party AV software might make you slightly less doomed.)

At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)

Furthermore, as Justin Schuh pointed out in that Twitter thread, AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security. For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security (recent-ish example).

What's really insidious is that it's hard for software vendors to speak out about these problems because they need cooperation from the AV vendors (except for Google, lately, maybe). Users have been fooled into associating AV vendors with security and you don't want AV vendors bad-mouthing your product. AV software is broadly installed and when it breaks your product, you need the cooperation of AV vendors to fix it. (You can't tell users to turn off AV software because if anything bad were to happen that the AV software might have prevented, you'll catch the blame.) When your product crashes on startup due to AV interference, users blame your product, not AV. Worse still, if they make your product incredibly slow and bloated, users just think that's how your product is.

If a rogue developer is tempted to speak out, the PR hammer comes down (and they were probably right to do so!). But now I'm free!

Uninstall antivirus software - vendors are terrible


Share this content
Twitter Facebook Reddit WhatsApp Email Print

The Elder Scrolls Online Morrowind Announced

Backblaze report: 8-terabyte HDDs lasting a long time - HGST Most Reliable