• On The Insider: Britney's Bikini-Clad Top 10
April 26, 2007 11:03 AM PDT

Antivirus is dead?

by Jon Oltsik

I often joke about the reputation we analysts have for wild hyperbole and speculation but I also realize that some of this well deserved. For example, one frequent analyst diatribe is the "technology X is dead" rap. Point to some technology and become the industry beacon who foretells its demise. Someone resurrects this tired strategy every few years.

The latest version of this old analyst song is that "antivirus is dead." The theory states that new threats are simply too fast, stealthy, and targeted for tried-and-true antivirus software from vendors like McAfee, Symantec, and Trend Micro. After all, antivirus software operates on an a posteriori model where antivirus vendors find malicious code in the wild, develop software signature defenses, and then distribute these signatures to customers. The "antivirus is dead" crowd believes that this model can no longer keep up.

As a member of the brotherhood of industry analysts, I apologize to the world for this soundbite-focused oversimplification. Indeed, antivirus is not dead but like other security technologies its role has changed. Like other IT categories, client security depends upon a layered "defense in depth" model. There is still plenty of pedestrian malware out there that antivirus software is perfectly capable of addressing. Yes, there are other more ominous threats as well which is why desktop software vendors now provide intrusion prevention heuristics as part of their security suites. In other words, add another layer of protection to enhance security and protect against another type of threat. In its simplest form this description categorizes all security strategies.

Saying antivirus software is dead is like saying that airbags made seatbelts obsolete. In fact, airbags simply made seatbelts a part of an overall safety system and thus enhanced automotive safety.

Finally, can someone please introduce me to the analyst who proclaimed that "mainframes are dead" back in 1990 or so? Even after all of these years, I doubt that anyone would own up to such a ridiculous and wildly inaccurate assertion.

Jon Oltsik is a senior analyst at the Enterprise Strategy Group. He is not an employee of CNET.
Topics:

Security

Tags:

antivirus software,

threats,

malware

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
Kaspersky tool detects malware in Twitter links
Phishing, worms spike this year, say Microsoft and McAfee
IOBit 360 refreshed for Windows 7
Jailbroken iPhone? SSH installed? Beware of worms!
McAfee releases new security suite for Macs
Corporate bank accounts targeted in online fraud
Windows 7 default user account control worries experts
New Ad-Aware offers behavioral detection
Add a Comment (Log in or register) (9 Comments)
  • prev
  • 1
  • next
AV is dead
by mjm01010101 April 26, 2007 11:47 AM PDT
Put a properly locked down system on a network, be it modern ubuntu, PSX, or windows where users run as users and can't be elevated, and your AV/spyware concerns will vanish. They can't modify their own environment in a manner that can harm themselves.
Reply to this comment
Only 1 problem:
by fumelo April 26, 2007 12:21 PM PDT
Sloppy software programmers that design their software requiring the user to have Local Admin rights. As an IT Admin, this frustrates me the most as we cannot lock our machines down properly because some software will not work. This causes us the most problems, not just with malware, but with unauthorized installs and such.

Old story, long battle.
I agree
by rbeier April 26, 2007 1:25 PM PDT
It's really not that simple as locking everyone down. I wish it was. But with our companies needs most of our users run as admins. So I just have to stick with the layered protection of Firewall, spam filter, and AV software.
uber-virus
by Riquez-001 April 26, 2007 9:52 PM PDT
Towards the end of 2007 AV software began to become
obsolete, unable to cope with the overwelming mass of virus's,
rootkits and malware. On 14th December 2007 the now famous
"Zroom" uber-virus was released into the wild & within 24 hours
93% of the worlds Windows PC's were taken down. Banks failed,
stockmarkets crashed, power stations went silent, planes fell
from the skys.

Only a small rag-tag band of Unix, Linux & Mac users remained.
The worlds power suddenly transfered to them overnight.
They ruled with an Iron fist. It was only right however - they had
been warning of this for years. Now, truly, the meek had
inherited the Earth.
Reply to this comment
Uber-Virus
by vr5ken April 30, 2007 3:22 PM PDT
Nice going knucklehead now you'll be watched (Homeland Security) as a terrorist for predicting events that may or may not come to past. Just keep dreaming about Linux! Just don't get too angry!!
not dead, but antiquated
by prtn802 June 4, 2007 1:55 PM PDT
AV vendors are dead? 11 consecutive quarters of profitability & several billion in revenue might suggest otherwise.

While the a/v vendors are finding ways to grow,(primarily acquistion of best of breed niche solutions) the methodology behind A/V signature updating is a dying breed. Cutting edge vendors are deploying proactive solutions focusing on the "good" software, rather than constantly hunting for the bad. I've evaluated a few of the tools out there; vendors are starting to get it and so are their customers. I'd prefer to remain objective in my post but evaluations have lead me down a frustrating path. Instead of recommending a vendor, I suggest this whitepaper as a good resource:
http://www.bit9.com/files/wp-2006-Bit9-Anti-Virus-is-Dead.pdf
Reply to this comment
AV is not dead, just marginalized
by drizs August 14, 2007 3:22 PM PDT
Antivirus companies are clearly getting ready for the second coming. They starting to understand that if nothing is done very soon, they are going to loose the battle to freeware and open-source soon.

Same tendency is in the Office world, whereby, in my view, two to three years from now, Google Apps will become the alternative to MS Office. When Google Apps will move in to the comporate world, it's game over.

DM
http://maximumtrust.blogspot.com
Reply to this comment
by antivirus-software December 27, 2008 10:20 AM PST
I still rank pctools spyware doctor as the number 1 antivirus software around
forums.about.com/n/pfx/forum.aspx?nav=messages&webtag=ab-antivirus&tid=2741
Reply to this comment
by erikehresman March 31, 2009 3:04 PM PDT
I find that most antivirus needs can be filled with many of the free antivirus softwares offered. There is clearly a need to block and remove some of the modern threats that slow down and cause problems in home users computers. But spyware is just as big a problem for home users. Once again there are many free softwares that are very effective in solving this problem for home users.
http://www.brainstormpc.com
Reply to this comment
(9 Comments)
  • prev
  • 1
  • next
advertisement

After 5 years, Firefox faces new challenges

Mozilla helped reshape the Web since releasing Firefox 1.0 five years ago. Now it's got a reawakened Microsoft and Google Chrome to reckon with.

There's a map for that: GPS or smartphone?

Almost every handset comes with mapping software these days, but standalone GPS devices are becoming more affordable than ever.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET