​

Every once in a while, someone or some company in the information security industry comes up and says, “antivirus is dead.” This happened again last week, when Symantec’s Brian Dye told the Wall Street Journal that antivirus was dead and that it was no longer a “moneymaker.”

Antivirus is usually declared dead when a company launches some fancy new product that uses sophisticated technologies to detect and mitigate cyber threats. This time is no exception. Symantec has just announced its plans to release new software and services to protect organizations against advanced threats.

So, is antivirus dead? It depends on how you look at it. Traditional antivirus, the one that relies only on malware signatures to detect a threat, is certainly dead. However, most of the major security software companies offer “antivirus” solutions that integrate all sorts of sophisticated mechanisms that can detect threats based on their behavior.

Antivirus can also be legitimately declared dead when it comes to securing the systems and networks of an enterprise. Here’s what experts have to say about the “death of antivirus.”

Bogdan Dumitru, Bitdefender chief technology officer, tells Softpedia:
“The truth is always in the middle ground. Relying solely on antivirus is a dead end – and it has been for at least 8 years now. But that’s like saying that aspirin is dead because it’s not the cure for cancer, AIDS and all of humanity’s other illnesses.

Aspirin still works for a hangover or a mild cold and people still keep it in their medicine chests. Other techniques were developed for other illnesses. The same way, other [smaller] companies have brought new innovative technologies that expanded their spectrum and started defending against several other threats. Antivirus is just one feature within a security suite.”

Catalin Cosoi, Bitdefender chief security strategist, tells us:
“APT is yet another of many buzz word, and everyone will start working (officially) on ATP technologies. On the other hand, there might some truth in that statement if understood correctly. We have proven results that we were ahead of the flag on several other occasions and we are also working on changing the security industry. We have the results and we will launch soon.”

An expert from Malwarebytes, to Softpedia:
“Saying antivirus is dead is quite a bold statement, but as the threat landscape has diversified so much in recent years, it’s not sufficient on its own. Many traditional antivirus approaches have not adapted as fast as the threat environment and as malware has become more advanced, it has outpaced traditional security approaches.

This is why we have always touted a ‘complementary approach’. Having a specialist piece of software such as Malwarebytes working alongside traditional antivirus provides greater security.”

AVAST’s CEO Vincent Steckler notes in a blog post:
“Symantec’s statement seems to relate to the enterprise, and not the consumer and small business. Enterprises have traditionally relied on many layers of defense and antivirus is one of those layers. Antivirus though is a broad-spectrum defense and as such is often complemented by other products, such as those protecting against targeted attacks that enterprises worry about.

In the consumer and SMB space, the situation is quite different: customers typically do not have multiple layers of protection. They have one, their AV product.

These products though are not the simple AV products of past years. The true statement in the story is that consumer security is so much broader than AV. AV is used as a generic name as it is what customers know.

They instead incorporate firewalls, intrusion detection, heuristics, virtualization, sandboxes, and many other layers of protection and not just antivirus. Therefore, we believe AV is not dead in the consumer space. It is far from dead there.”

Costin Raiu, senior security researcher at Kaspersky Lab, writes in a blog post:
“Traditional signature-scan antivirus as the sole method of protection has been dead for many years. It has been replaced by a much more sophisticated bundle of products and technologies, which combine heuristics, sandbox analyzers, cloud reputation and whitelisting technologies to protect the user.

Every major player today has already adapted to these trends. Actually, those who didn’t adapt simply disappeared! Many times new technologies have emerged which were supposed to become ‘magic bullets’ to save the world from malware and make traditional (signature-based) antivirus technology largely obsolete.

However, it always becomes quickly apparent they’re not magic bullets at all, and all that happens is that the new technologies are simply added to IT security companies’ existing protection technologies which in turn bolsters the level of security overall.”

Security expert and investigative journalist Brian Krebs writes:
“In short, as I’ve noted time and again, if you are counting on your antivirus to save you or your co-workers from the latest threats, you may be in for a rude awakening down the road.

Does this mean antivirus software is completely useless? Not at all. Very often, your antivirus product will detect a new variant as something akin to a threat it has seen in the past. Perhaps the bad guys targeting you or your organization in this case didn’t use a crypting service, or maybe that service wasn’t any good to begin with.

In either case, antivirus remains a useful — if somewhat antiquated and ineffective – approach to security. Security is all about layers, and not depending on any one technology or approach to detect or save you from the latest threats.

The most important layer in that security defense? You! Most threats succeed because they take advantage of human weaknesses (laziness, apathy, ignorance, etc.), and less because of their sophistication.”

Avira Security Expert and Product Manager Sorin Mustaca tells us via email:
“This hardly comes as news for anyone in the security industry who’s been in the business for more than a few years. I've written in April 2014 in the Virus Bulletin magazine an article called ‘Is the IT security industry up to the new challenges to come?’ where I describe exactly this situation.

For the past 25 years, the IT security industry has done a great job of protecting users against existing and emerging threats, in the form of files (copied, downloaded or emailed), streams of data (remember Code Red), and recently, even against common vulnerabilities in third-party software. We started with Windows, continued with MacOS and Linux, and lately we have extended the protection to mobile devices running various operating systems.

Saying that the ‘Antivirus is dead’ is incomplete. The classical antivirus, the one that works only with signatures or patterns, might be dead - but dead as in not enough anymore. These days, all antivirus companies that want to make a difference, are doing more than providing signatures.

The detection of malicious software using signatures worked well until late 90' beginning of 2000, because the bad guys were too slow in creating malware. Since then, the bad guys got organized and are much faster.

Now, we are adding cloud detections, sandboxes, heuristics, artificial intelligence and more.

IT security got so complex these days, that it is no longer enough to just install a software to detect malicious programs. An effective security product contains a suite of programs that deal also with web threats, vulnerabilities in 3rd party software, mail threats (spam, phishing) and a firewall.

To conclude, I would like to say that ‘the antivirus is dead, long live the antivirus.’ Or perhaps, it would be better to not even call it antivirus at all.”

Panda Security’s Luis Corrons has also published a blog post on the death of the antivirus. He notes the following:
“Antivirus has to evolve. It has been evolving and it will be evolving forever. To evolve you need to invest in it, and no company invests in something they consider dead. To be involved in the creation and development of new technologies and revolutionary approaches to combat malware and fighting cybercriminals is one of those secret ingredients.”

Source: Softpedia

 

100% Protection?

In the real and virtual worlds, complete protection never did, and never will, exist. I'm a fool for adventure, and I wouldn't have it any other way.

Real adventure always involves an element of risk. I feel honored that NSA, organized crime, adware, spyware, God knows what, would bother to target a lowly peasant like me. DARPA -- US Military Defense -- hacked me about 10 years ago, just because I was hanging out with troublemakers in Spain.

Life is what we make it. I think the web is beautiful as it is.

I try to protect myself, of course, by staying well informed. That is why I read this page. Thank you, Catalyst.

 

I think that most of the companys who made antivirus-programms upload viruses thereself

i never used a virus programm why should i ...nothing to hide nothing to gain...call it oldschool...no

i-netbanking...not using apps...visiting websides so what...they spy on me...so what enjoy life...my life is

boring i do music thats all

if the NSA or whoever knocks on my door without inventation will get a slap in da face just for knocking

if i want something in private i meet people and dont use the shitty socialmedia...if my pc chrashes ..ok most

of the chrashes are my fault...and when i discover it was a plugin...you can bet on me i sure will delete it...

HEY KIDS do you remember how it was without the I-net...i mean...using walkmans...a rotaryphone...lol...nope

then get yourself an Antivirus programm and hope they protect you from whatever ...

just an opinion mine

i forgot i never had a virus detected on my puter... only using a firewall

 

I do a lot of PC repair so I've seen about every Antivirus under the sun being used,none of em are 100%,most of the PC's I've dealt with are infected with similar malware,that most of em get from clicking on certain things or installing certain things and not paying attention to all the other things it tries to install in something they've installed,or toolbars,or from not running simple lil things in their browser like Adblock,csfire,etc.Well that's what I'm guessing anyway since it doesn't really happen to me nearly as often(It's funny they almost always blame it on porn)
Most of them we're cleaned with either combofix or malwarebytes. Combofix has seemed to have the best malware detection and removal compared to anything else I've used.
On my own PC I run Avast free and it does a decent job (especially for detecting malicious websites) but sometimes it's a lil too heavy or will pull a false positive,been a few times it's gotten disabled to install something.I run Combofix prolly every month or so whether my PC is seeming to be running fine or not,and most times it finds something and removes it.Last couple times I did it,it was clean.But that still doesn't 100% mean a system is clean,viruses can be designed and crafted to be completely undetectable,rootkits too.And being clean of viruses and/or malware and using virus detection still isn't keeping you totally secure.Even with the most up to date definitions and windows updates and having ran something like combofix,everyone is still vulnerable to exploits that haven't been patched

 

That's exactly how i feel about the NSA spying on "everyone". Person of Interest makes a good show out of all this.

Anyways, I haven't use an anti-virus for a few years now. I mostly use the internet for games/audio download/video stream nothing that amazing.

I always wonder why would people create virus to destroy computers instead of profiting of it. I mean if i was a really good hacker, i would rather be emptying the pockets of bill gates than stealing average person savings or destroying their hardrive. (Unless it's a well deserve EX.)

 

No problem guys, hope it was useful.

Concerning NSA spying: Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think About Surveillance

Privacy is a right whether you have something to hide or not. Fucking everything is a crime these days, laws never get repealed and there are some laws that are flat out ridiculous. The existence of this system is in itself a contradiction to the Constitution.