Research wizard Peet Morris gives his personal take on the hot
issue of the day.Antivirus programs cannot truly protect you and,
at worst, lure you into a false sense of security. Here's why - to
catch a virus, your antivirus program has to know that it
exists.
It's like the way the flu jab works - you get inoculated against
the strain that is predicted to hit the country. However, if a
different strain hits us, you get the flu anyway. Viruses - real or
cyber - have
signatures, and you can only immunise against
known types.
It's the same with the Internet. You'll be protected against one
virus, but another will hit your machine or network before the
antidote has even been thought of.
Here is how viruses use e-mail programs to move themselves about -
it goes like this:
- Someone gets a virus (somehow)
- It does its damage and then e-mails a copy of itself to
everyone in his or her address book/in-box
- When the recipients get it, it does the same all over
again.
So, in no time at all, the virus spreads like wildfire - remember,
we're pretty much all connected at the speed of light now - and
your antivirus software has no idea that this strain exists!
Anyway, some poor soul ultimately discovers that it's a
self-replicating virus - and, if they can be bothered, as it's too
late for them - they notify the antivirus software suppliers.
After a time, all the antivirus software suppliers confirm that
it's indeed a virus, and work out a fix. The clock ticks on. They
then issue a software patch on their Web sites.
Hopefully, you've got an "Active Update" type of program running at
your end (or you check for updates yourself periodically), and
quite soon you'll get the fix, but will it all be too late? You
betcha! The likelihood of this is almost certainly proportional to
the value of your data, of course.
And now the really bad news. Modern viruses are getting more
sophisticated at spreading themselves. They're getting smarter in
other ways - they might detect that you're running an antivirus
program and, before infecting your machine good and proper (and
spread), they'll terminate that program, so that you won't get the
fix - ever.
So, are antivirus programs really worth having? Well, broadly
speaking, I say no. What's needed is better technology - viruses
could be caught by the operating system - and they should be!
For a virus to work, it needs to be executed, either directly, or
by some other process already in operation. Now, the operating
system is the thing that creates processes. So, if the operating
system were a more picky about what processes it'll start
automatically - well, these things could be caught very
effectively.
What's your view?
Does antivirus software work?
Tell us in an e-mail >>CW360.com reserves
the right to edit and publish answers on the Web site. Please state
if your answer is not for publication.
Peet Morris has been a software developer since the 1970s. He
is a D.Phil (PhD) student at Oxford University, where he's
researching Software Engineering, Computational Linguistics and
Computer Science.