Cryptography Lessons
Tracy r reed   |  

You cannot rely on antivirus

Antivirus is inherently out of date while consuming ever-increasing resources while viruses are now far more dangerous.

As the number of viruses/malware to scan for and parts of the system to monitor for infection increases more resources will be required. I bet we already spend the equivalent of one whole CPU of ten years ago just scanning for malware on the typical modern computer. In the last couple of years there has been talk of the end of antivirus as we know it:

This is because the increase in resources required to secure the computer cannot continue forever.

What's worse is that antivirus only detects known viruses. There are an increasing number of unknown viruses out there and antivirus vendors are falling further behind. There has always been a large lag between initial release and detection by antivirus software. The virus has to be released, discovered, reverse engineered, signature created, added to antivirus software signature database, then the user has to update. This all takes plenty of time.

There is an increasing number of unknown viruses out there that do not get caught until after they have already caused damage. Google had no clue they were infiltrated until the bad guys tipped their hands by getting caught logging into other people's webmail accounts which prompted investigation. At that point the malware they had been sent was undetected. There have been serious consequences, likely including prison time if not worse, for certain human rights activists in China whose gmail accounts were compromised.

Stuxnet was discovered in June 2010. The widely accepted theory is that it was designed to sabotage the Iranian centrifuges and has probably been successful. According to:
we see the number of centrifuges online decreasing between May and August of 2009.