AV Software Isn't Dead, But It's Not Healthy 162
dasButcher writes "Is a conventional signature-based antivirus technology dead? Trend Micro CEO Eva Chen says no, but more is needed. Her answer: reputational analysis. Not a bad idea, but many have tried and failed to make this type of approach work. We've seen it all before: RBLs, integrity grading, etc. What will make this different? If we're not careful, Trend Micro might give us all a bad Web reputation.
"
I read it the other way around (Score:3, Informative)
PRoblem is the software is not healthy indeed and can screw up a whole system. ITs like their approach to neutralizing a hammer is to encapsulate the whole thing. Every i/o transaction is read and maybe even virtualized.
Does it stop virii? Hell no. I worked help desk at a gaming company which uses the IE sdk for some code on the logon screen. Anyway it wont load if any viruses or keyboard monitoring programs are installing which use the IE sdk. I get many callers saying "WTF. I have norton. What do you mean my system is infected!?". I then clean the system with some cheesy app that is not an antivirus program.
This is why reliance on AV software is dangerous (Score:5, Informative)
http://slashdot.org/~Alioth/journal/167405 [slashdot.org] - includes a link to a major study of a piece of malware which went undetected by the AV companies for months.
Or just go to http://www.secureworks.com/research/threats/gozi/ [secureworks.com] if you don't want to read my crap.
I've personally witnessed two malware infections where the malware arrived up to a week before the AV companies had updated their definitions.
Re:The fewer the merrier (Score:3, Informative)
Now you might say we'd run into this problem with any operating system. But when using Microsoft development tools on a Microsoft OS, the system makes the assumption that every basic dependancy which is built into the OS is there, which is reasonable. If it isn't things get flaky and hard to debug.
Windows (at least up to XP) simply isn't built for this level of customization. Therefore, if you want security through minimalism, Linux is the better way to go.
Re:The fewer the merrier (Score:4, Informative)
AV are Dead (Score:2, Informative)
Re:AV Software Isn't Dead... (Score:3, Informative)
(I love the opportunity to make a Monty Python Reference! Second only to South Park.... oh, yeah:)
They killed AV Software...... You Bastards!