{"id":5916,"date":"2017-02-03T08:05:31","date_gmt":"2017-02-03T13:05:31","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/?p=5916"},"modified":"2017-09-24T18:36:12","modified_gmt":"2017-09-24T14:36:12","slug":"is-antivirus-really-dead","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/is-antivirus-really-dead\/5916\/","title":{"rendered":"Who doesn’t need antivirus?"},"content":{"rendered":"

Recently Robert O\u2019Callahan, who used to be a Firefox developer, published a provocative\u00a0opinion<\/a>stating that people should delete their antivirus protection because the basic security that operating systems provide is sufficient.<\/p>\n

\"\"<\/p>\n

Let\u2019s analyze his claims and debunk a couple of myths.<\/p>\n

No antivirus required?<\/h2>\n

Everyone acknowledges the abundance of malware today. It\u2019s not someone else\u2019s problem in some distant country; it\u2019s everywhere. According to Kaspersky Lab, in 2016, 31.9% of computers were attacked at least once.<\/p>\n

In 2016, Kaspersky Lab solutions repelled 758,044,650 attacks launched from online resources located all over the world. Web antivirus components recognized 261,774,932 unique URLs as malicious and detected 69,277,289 unique malicious objects (scripts, exploits, executables, etc.). Encryptors targeted 1,445,434 computers of unique users. Kaspersky Lab solutions blocked attempts to launch malware capable of stealing money via online banking on 2,871,965 devices.
\nYou can read a more detailed report\u00a0here<\/a>.<\/p>\n

Of course, responsible users follow general security recommendations and minimize their risk: They update their operating system and software promptly, visit only trusted websites, never open suspicious attachments or click on suspicious links (even those sent by friends and colleagues), and so forth.<\/p>\n

These users indeed run lower risks of getting their devices infected. Of course, hacks of popular Web resources and critical vulnerabilities in popular software are common, but not frequent enough to significantly raise the chances of an experienced user getting infected.<\/p>\n

Yet, the majority of Internet users, both end users and organizations, want to be a bit more relaxed and carefree. They just want to live their digital lives. They want to be able to click on a link their mom sent. They want their software to update automatically and without hassle. They want to check out a website their friends told them about. They are keen to explore the digital world. At work, they want to be able to open a CV sent by a candidate (who is, in almost all cases, a person unknown to anyone in the organization).<\/p>\n

If you\u2019re one of those very responsible users, then good for you \u2014 really, we applaud your effort \u2014 but most people still need extra protection. And making average users more\u00a0confident<\/em>\u00a0in their carelessness doesn\u2019t make them better protected.<\/p>\n

I agree that digital hygiene \u2014 responsible behavior \u2014 is the most efficient means of protection. That\u2019s why we spend so much time educating users. But imagine we are talking about your child or parent, or great-grandparent. Do they know how to be responsible online?<\/p>\n

Antivirus is crucial, like seat belts or airbags. If you never actually need them, that\u2019s great. But when you do need them, there\u2019s no warning, and they can be the thing that saves you.<\/p>\n

Is malware really so bad?<\/h3>\n

Some users might ask: \u201cWell, if my computer gets infected, so what? No one will die. I don\u2019t do my banking online, I don\u2019t use credit cards online, and I don\u2019t have any secrets anyone would care about.\u201d<\/p>\n

Well, there\u2019s quite a variety of malicious programs. Some just spy on you to collect your preferences and then use this data for targeted advertising; some click URLs on your behalf to boost a number of visits to a website; some attack remote servers, using your computer as a base for the attack, which can bring the police to your door, by the way. Some Trojans discreetly turn on your webcam.<\/p>\n

Still OK with leaving your computer and devices unprotected? Now imagine this: One click on an attachment or link sent by a friend and all of your data is encrypted and held for ransom. You lose access to everything: your wedding album, photos of your kids, some very personal photos; your documents, including agreements, your will, the novel you have been writing for half of your life; everything! Even cloud storage like Dropbox that automatically syncs and backs up your files wouldn\u2019t necessarily solve the problem. The chances are good that your locally encrypted files will overwrite the backed-up cloud versions.<\/p>\n

Of course, with ransomware you can try paying the ransom. It might work. You might, for about $200, get your files back. Or maybe not: Our studies show that in one in five cases\u00a0it won\u2019t happen<\/a>.<\/p>\n

Is Windows 10\u2019s antivirus enough?<\/h3>\n

But let\u2019s get back to our friend. On the one hand, O\u2019Callahan claims antivirus is not necessary anymore, yet on the other hand, he suggests that the default operating system antivirus should be enabled.<\/p>\n

It\u2019s hard to say whether he is admitting that protection is still needed or he just considers all security solutions equal. If it\u2019s the latter, this IT expert should learn more about information security. Antivirus solutions vary greatly in terms of quality of protection, impact on system performance, and false positives.<\/p>\n

User approval can tell you something about a product\u2019s effectiveness, but not that much. That\u2019s why antivirus products are also tested by independent labs and get\u00a0awards<\/a>\u00a0for great performance and results. Here\u2019s one example that should interest O\u2019Callahan: our very own Kaspersky Internet Security, compared against Windows 10\u2019s integrated security solution.<\/p>\n

AV-Test benchmark comparing Kaspersky Internet Security and Windows 10 basic protection by Microsoft. Source.<\/p><\/div>\n

As you can see, in terms of false positives (the \u201cUsability\u201d column) or impact on performance, Microsoft Windows Defender is not critically worse than Kaspersky Internet Security. But when it comes to the main parameter \u2014 protection \u2014 Windows Defender lags far behind: its result is 3 of 6 points, which speaks for itself.<\/p>\n

Moreover, choosing one of the least-experienced players on the market as the \u201cdon\u2019t need antivirus\u201d antivirus is bewildering. Check out this\u00a0picture<\/a>, which shows who ended up in the top three the most times, based on 94 benchmarks and tests. See Microsoft\u2019s dot?<\/p>\n

\"\"

The vertical axis represents a percentage of times when a security solution was in the top three. The horizontal axis represents a number of times a solution was benchmarked. The size of the circle represents a number of times a product was a No. 1 winner.<\/p><\/div>\n

Why should antivirus be integrated with a browser?<\/h3>\n

O\u2019Callahan also wonders why security solutions track browser activity, why they intercept and analyze traffic. He says that if not for \u201cuseless antiviruses,\u201d browser developers would have built efficient protection on their own long ago.<\/p>\n

Here I\u2019d affirm that browser developers indeed work hard to minimize risks of critical vulnerabilities, and I\u2019m sure they would feel much more free without antivirus hovering over browser processes.<\/p>\n

Let me remind O\u2019Callahan, however, that vulnerabilities represent an obvious attack vector for malware to infiltrate a user\u2019s system \u2014 but it\u2019s not the only one. A competitive security solution needs to protect against phishing, malicious scripts, inappropriate content, pervasive advertising, and\u00a0online tracking<\/a>\u00a0while securing payments and at times preventing a user from willingly downloading and running malware. All of these threats are bound to browser activity, but a browser doesn\u2019t protect against them \u2014 at least, not particularly well.<\/p>\n

That\u2019s why browser and antivirus should be tightly integrated. For Kaspersky Lab, compatibility and usability are just as important as they are for browser developers. That\u2019s why we have a group of experts who proactively run compatibility tests and fix bugs as soon as browser beta versions are available for developers. When we find a problem, we proactively contact the developers.<\/p>\n

Debunking a few more points<\/h3>\n

A few more general points are worth examining.<\/p>\n

O\u2019Callahan points out that one should apply OS and software patches to ensure protection. That\u2019s correct; patches do mitigate the risk of infection through known vectors. We agree that updating is critically important, and that\u2019s why we launched a new component in Kaspersky Internet Security 2017. It\u2019s called\u00a0Software Update<\/a>, and it automates patching.<\/p>\n

He also points out that antiviruses can have bugs and vulnerabilities. That\u2019s true, but Kaspersky Lab handles these issues responsibly, and we have a\u00a0Bug Bounty<\/a>\u00a0program that offers payments to researchers who manage to find vulnerabilities in our products.<\/p>\n

Finally, O\u2019Callahan says some antivirus programs impact system performance. That\u00a0is<\/em>\u00a0true. But Kaspersky\u2019s security solutions have a minimal impact on performance, which is\u00a0confirmed by independent benchmark tests<\/a>.<\/p>\n

\"\"<\/p>\n

A small conspiracy theory<\/h3>\n

There is another strange thing about the ex-Firefox employee\u2019s emotional outpouring. He claims the company\u2019s PR always hushed up his complaints about antivirus software to avoid revenge from security companies. But in the face of constantly voiced disapproval, I have never heard of any sanctions or counterattacks from any of his nemeses. I\u2019m still unclear about what his fears are based upon.<\/p>\n

Robert O\u2019Callahan has criticized other software before. In 2010, he argued with Microsoft over the latter\u2019s claims that Internet Explorer was the only browser supporting software acceleration. In 2013, he attacked Blink, Chrome\u2019s then newest engine. In 2014, he called for a Chrome ban to prevent, he said, Google from monopolizing the Internet; and in 2017, he said all browser developers with the exception of Mozilla cared more about profits than their users.<\/p>\n

Let\u2019s look at the wider view. People have been pronouncing antivirus dead and unnecessary for decades now. Browser developers happen to be the latest group to try and nail the coffin shut. For example, Darren Bilby, a security engineer at Google, also recently stated that security software is \u201cuseless.\u201d<\/p>\n

I cannot know for sure \u2014 maybe antivirus programs do hinder browser developers\u2019 efforts to make more money. After all, browsers are mostly free; they are monetized with contextual ads and other types of advertising. Antiviruses protect against undesirable advertising and user tracking. In other words, user protection conflicts with the interests of browser developers.<\/p>\n

But let\u2019s not make wild guesses. Our task is protecting against threats, so we\u2019ll stick to that. That\u2019s what we call True Cybersecurity.<\/p>\n

\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

Recently Robert O\u2019Callahan, who used to be a Firefox developer, published a provocative\u00a0opinionstating that people should delete their antivirus protection because the basic security that operating systems provide is sufficient.<\/p>\n","protected":false},"author":669,"featured_media":5917,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[1062,21,352,1088],"class_list":{"0":"post-5916","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-antivirus","9":"tag-firefox","10":"tag-kaspersky-lab","11":"tag-myths"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/is-antivirus-really-dead\/5916\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/is-antivirus-really-dead\/4109\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/is-antivirus-really-dead\/10774\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/is-antivirus-really-dead\/8346\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/is-antivirus-really-dead\/8883\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/is-antivirus-really-dead\/10001\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/is-antivirus-really-dead\/9743\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/is-antivirus-really-dead\/14065\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/is-antivirus-really-dead\/13959\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/is-antivirus-really-dead\/6665\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/is-antivirus-really-dead\/7109\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/is-antivirus-really-dead\/6140\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/is-antivirus-really-dead\/9706\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/is-antivirus-really-dead\/14093\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/is-antivirus-really-dead\/14065\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/is-antivirus-really-dead\/13959\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/is-antivirus-really-dead\/13959\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/antivirus\/","name":"Antivirus"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/669"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=5916"}],"version-history":[{"count":1,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5916\/revisions"}],"predecessor-version":[{"id":6231,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5916\/revisions\/6231"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/5917"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=5916"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=5916"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=5916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}