Mozilla Firefox developers started a campaign to ban third party antivirus and keep only Windows Defender.
Discussion get into flames:
I've hated AV products for decades for being intrusive, cumbersome, slow and often nagware. Thanks to this post, I can now add "insecure" to my list of reasons.https://news.ycombinator.com/item?id=13079569
Below, a Google automated translation of http://glo.bo/2kGSwlr (the bold is mine)
Tuesday, 07.02.2017, 12:30, por Altieres pipe
Experts say antivirus are obstacle to security
If you have any questions regarding information security (antivirus, intrusion, cybercrime, data theft , etc.) go to the end of the report and use the space for comments or send an email to g1seguranca@globomail.com . The column answers questions left by readers on the massive package, on Thursdays.
A developer who left after working in Mozilla Firefox creator for 16 years hardened speech against antivirus programs, reaching call the “poison” programs. Robert O’Callahan was inspired by Justin Schuh, a security expert Chrome, who said on Twitter that antivirus programs “the biggest obstacle” to create a more secure browser.
Schuh was arguing with Vesselin Bontchev, one of the traditional experts from antivirus industry. Bontchev began studying computer viruses still in the 80s and made his career in the Irish Frisk Software purchased by Cyren in 2012. He is now a researcher at a university in Bulgaria, where he was born.
According to Schuh, antivirus programs interfere with security measures that make it difficult to fault operation. As incompatible with some market programs, these security mechanisms end up not being implemented (See a discussion on the subject in English).
O’Callahan already spared criticism of Windows Defender (he said that Microsoft “is generally competent”) and suggested that the virus are needed for older versions of Windows, which are also more insecure. For those who use a current version of Windows, O’Callahan was emphatic: do not buy antivirus and uninstall it if you already have one. At best, stay with the Defender.
According to the former developer of Mozilla, antivirus interfered with Firefox’s security features and even the auto - update mechanism, which ended up leaving most vulnerable users.
Complaints of experts are due to the fact that the virus tend to “invade” the processes of other programs. Antivirus do it to accomplish real - time protection and blocking malicious code. This interference, however, ends up creating obstacles for certain security measures and to increase the system’s vulnerability, since the virus itself can be the target of attack.
In other words, the virus uses a number of “hacks”. O’Callahan also complained that software developers do not feel comfortable criticizing antivirus programs.
"Users were deluded and associate antivirus vendors with security and you do not want the antivirus vendors speak ill of your product. Antivirus programs are used widely and when they break your product, you need the cooperation of the manufacturers to fix. You you can not tell their users to disable antivirus software, because if something bad that the software could have prevented, the blame will be yours, "he declared O’Callahan on his blog ( read in English).
In November, Bontchev also discussed with Tavis Ormandy, Google researcher who has found several serious flaws in security programs. Bontchev argued that the ability of the virus to prevent malware attacks programs would be indicative of the quality of programs. Ormandy countered that “it’s like [saying] that a lamp that cause fires is high quality, since only considered lumens (luminous flux measurement)?”
Makes sense?
Vesselin Bontchev defended antivirus programs claiming that browsers should adopt mechanisms for virus could act “right” way and that is the lack of willingness to cooperate that has just forcing antivirus developers to seek imperfect alternatives.
Windows 10 includes a feature called Test Interface Antimalware (AMSI, its acronym in English). It was developed so that programs can “call” the examination of antivirus before dealing with a dangerous file. The idea is to just reduce the need for hacks and invasive behavior by antivirus.
This feature not entered the discussion of experts.
It is true that antivirus rely on “hacks” and some of them reduce security significantly. However, this “reduction” security does not take into account the protection that the antivirus offers in return.
It is not easy to say whether the exchange offsets (in antivirus vision certainly pays off, for critics, certainly not), because we have a dilemma: we can not see the positive impact of other security mechanisms without taking the virus, but sure we can not get the virus before we safer programs, and we can not predict what kind of change we would see in viruses circulating on the network if the virus would no longer be as popular as they are.
On the other hand, it is important - as this column has said several times - that antivirus is not synonymous with safety. In fact, keep updated programs and perform certain security settings and backups - only measure really effective against viruses rescue - is indeed more important than having an antivirus.
This does not mean that the virus is dispensable. However, the fact that the virus did not play such a critical role as they were ten (or twenty) years ago. The fact is that the relevance of the virus is not decreasing only by Microsoft critical actions and developers; in fact, that most reduced the virus of relevance is the use of modern phones like the iPhone and Android in the default configuration, which inverts the logic of the virus: instead of blocking bad programs, it is easier only allow good.