Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Former Mozilla dev joins chorus roasting antivirus, says 'It's poison!'

Kill your antivirus, maybe keep Windows Defender

Antivirus is harmful and everyone should uninstall it, so says recently liberated ex-Mozilla developer Robert O'Callahan.

The former Mozilla man worked at the browser baron for 16 years and has now joined his voice to the growing chorus of hackers pouring scorn on the utility of antivirus software. Among O'Callahan's beefs is that at one point vendors of the would-be malware protection technology blocked Firefox updates to sever the increasing security they found hard to deal with.

Almost all arguments against antivirus centre on the fact that the technology increases security attack surfaces, breaks operating system defences like address space layout randomisation and uses hacked-together hooks to comandeer web browsers.

Many security boffins therefore believe that antivirus reduces developers' ability to ship secure products.

That includes antivirus software itself: Google's Project Zero hack house has been revealing crushing vulnerabilities in all corporate antivirus that leave users open to remote compromise.

Moreover, the ease with which targeted attackers can craft malware that eludes and disables antivirus means the once essential security control has few friends left in information security circles.

O'Callahan roasts the ancient security control with similar arguments in a blog that concludes that such antivirus hate speech from staff developers would draw the ire of corporate gatekeepers; "But now I'm free! Bwahahaha!".

"At best, there is negligible evidence that major non-Microsoft antivirus products give a net improvement in security," O'Callahan says.

"Antivirus products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security.

"Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have."

He says Redmond's antivirus is okay since it is built by the company's "generally competent" developers who follow good security practice.

Antivirus companies have irritated Mozilla hackers. Years back Firefox engineers had cooked the then new address space layout randomisation operating system exploit defense into their browser and were frustrated as antivirus companies installed on so many user machines disabled the critical control with DLLs.

The security scourge even blocked Firefox updates.

"Major amounts of developer time are soaked up dealing with antivirus-induced breakage, time that could be spent making actual improvements in security," O'Callahan says.

Antivirus would face broadsides everywhere if it were not for the need for developers to work with the security software companies in order to have false positive virus flags removed, he says.

That quiet has fooled users into "associating antivirus vendors with security".

Others have been less dismissive of antivirus software. Respected Google hacker Darren Bilby has called on security thinkers to spend more energy on developing, refining, and deploying more meaningful defences than "magic" antivirus and intrusion detection systems that "do not work".®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like