Do We Really Need Antivirus Software?

Bob Leggitt | Thursday, 29 August 2013 |

Antivirus. If ever a single word could serve as a potent marketing campaign, then this is surely it. But is antivirus software really your essential guardian, or is it an unnecessary drain on your resources which not only bogs down your RAM, but also hypocritically does exactly what it should be protecting you against – acting as a piece of spyware?

Antivirus is essentially an insurance policy, and the way to sell insurance is to exaggerate the sense of danger – which is pretty much how suppliers of antivirus routines peddle their wares. In fact, it could even be suggested that they don’t just exaggerate the sense of danger – they warp it, sweeping under the carpet the Internet’s real out-of-control menace of spying and privacy invasion, and instead focusing on the less prominent, destructive malware programs which many Web users are savvy enough to avoid of their own volition. True, the software is called antivirus, so it’s fair enough that it focuses on viruses. But what is a virus, and is it really worth making such a collossal song and dance about?…

Well, traditionally, a computer virus was a purely malicious file, which set out to destroy through a method of mass self-replication. Initially, there were very few of them, because in a world without mass Internet uptake they had no revenue-earning potential beyond illegal blackmail, meaning no one could legitimately harness them for profit. As late as the mid 1990s, Microsoft recognised considerably fewer than a thousand viruses, worldwide.

But since then, the term “virus” has been broadened to cover other types of malware, which don’t necessarily spread through self-replication, and in some cases don’t even have to ‘sneak’ into a computer. Some spyware enters people’s computers quite legitimately, detailing in full the extent of its digital espionage within its Licence Agreement. Malware like this gets onto people’s systems not through a slick self-replication routine, but through stupidity – users’ failure to question what the program really does, and to read the T&Cs.

IS MY PC LIKE FORT KNOX?...

It’s acknowledged that antivirus programs are, as a breed, very poor at detecting some forms of malware. One of the biggest and most driven security threats of our time – the botnet – is notoriously able to circumvent the majority of antivirus routines at its most potent phase. And then there’s spyware, and adware. Some spyware and adware isn’t even recognised or listed as malware by AV software, due to its legal legitimacy. If a site or program clearly tells you it’s going to intensively spy on you or bombard you with ads in its terms of use, then there’s no real basis for blacklisting it. We should also consider ransomware, which is another malware type with a high success rate in getting past antivirus software. It doesn’t get through because AV routines can’t detect it. It gets through because it masquerades as security software, and people either disable their AV to accommodate it, or replace their AV with it.

So if antivirus is so often impotent as a safeguard against the above threats, and traditional, purely destructive viruses are not common in comparison, what happens when you uninstall your antivirus software and venture out onto the World Wide Web?…

Well, this is what I’ve been doing for the past six months, and the answer in my case is… absolutely nothing. Have I been hit by a virus? No. Spyware? No. Adware? No. Ransomware? No. Am I embroiled in a botnet setup? No. Have I had all my money nicked in a phishing scam? No. It’s true that I’ve been very careful what I click and what I believe during this period, and I’ve used a secure browser which scans downloads for viruses. But six months is a long time to run a Windows PC on a daily basis, visiting hundreds of sites, with no dedicated antivirus software, and come out with a completely clean system.

I should also point out that I do use Zone Alarm, which is an excellent firewall with a quick means to block all Web activity, and I use the Internet activity monitor Bitmeter, which graphically displays the amount of data being uploaded or downloaded. Simply, you can see when something’s uploading or downloading, and if you’re not consciously doing it, you know someone else is. Zone Alarm, meanwhile, forces by default anything on your system to ask permission if it wants to access the Web, and this makes it very hard for rogue apps to sit on your drive remotely interfacing with websites. I must point out that, by the way, this is a really old version of Zone Alarm (3.7 - available from Old Apps), and it doesn't have a built-in antivirus.

Using a combination of Bitmeter and Zone Alarm you can quickly spot the badly behaved sites and programs and eliminate them from your life. I also used Malwarebytes Anti Malware to periodically check my drive for infections. But to date, all of the above has only served to monitor the success of the experiment. I haven’t been hit by any malware. And unless Zone Alarm has blocked any threats without letting me know, that would still have been the case without the aforementioned tools.

SO, IF THERE ARE BETWEEN FIVE AND SIX MILLION RECOGNISED MALWARE STRAINS CURRENTLY OUT THERE, WITH AROUND HALF A MILLION NEW ONES APPEARING EACH MONTH, HOW COME THE WEB IS SO SAFE?

For the vast, vast majority of sites, there just isn’t any motivation to wreck your system or indeed do anything which seriously annoys you. Quite the opposite in fact. Why would they want to compromise your PC? It takes a lot of work and often a lot of money to build a popular website, and all that time and money can go down the drain in the blink of an eye if the site damages its visitors’ systems. It’s in the express interests of enduring websites to be safe. If they’re not, they won’t endure. So reputable sites will take strict steps to ensure you’re not going to come away with a virus when you visit.

When it comes to the proliferation of serious malware, then, you’re really focusing on the ‘underground’ systems of content delivery. The peer to peer systems in which the people serving the content are not webmasters or businesses with a reputation to lose, but anonymous nobodies who can hop in and out on a whim. If you’re someone who accepts or is likely to accept content from unknown or unreliable sources with nothing to lose, you do need protection. Unfortunately, though, you might need more protection than the average antivirus program is able to provide. And this has been borne out time and time again on Internet support forums. Almost all of the people reporting malware on their systems turn out, when asked, to be running an antivirus package.

If you’re greedy (you want expensive stuff for free), and you don’t ever stop to reality check deals (the old “what’s in it for them?” consideration), you’re never going to be far away from cyber traps. The risk is based more on a mentality than inherent circumstance – a susceptibility to con artistry and persuasion.

RISK OF INFECTION

I believe that the risk of your PC getting infected most depends on how you use it, and how good your reality check radar is. Your reality check radar is what stops you from taking advice or accepting offers which obviously don’t make sense at face value, for the person making the offer. Phishing or scam emails are dangerous – but only if you rush into responding without a reality check. Why is someone emailing you, out of the blue, and begging to give you a huge pile of money?… And what about the immortal ‘Free scan’… Why would someone be offering to scan your hard drive for free? What’s in it for them? This type of mindset, of constant suspicion, probably gives you more protection than an AV routine ever will.

As I’ve already hinted, statistically, your PC is highly liable to be hit by malware in the process of you trying to protect it. That’s one of the times when your guard is down, and similar rash behaviours can manifest themselves when you have the grey mist of greed wafting around between your eyes and the computer screen. If you spend much time trying to download adult or commercial movies in breach of copyright from peer to peer sites, or, notoriously, if you try to obtain pirated software, or piracy-protection keys from hacker sites, your risk of falling prey to malware will be inordinately high. Those who offer illegal stuff online know you’re not going to report them because in trying to get hold of the stolen wares you’re just as guilty as they are.

CONCLUSION

Of course, you should only uninstall or de-activate your antivirus program if you have full confidence that you can adequately protect your system without it, and I’m not suggesting anyone takes such a step. I did it, to prove something I’d suspected for a long time could be a reality. Antivirus programs do serve a purpose – obviously. But I don’t believe they make you as safe as you might feel, and they can sap your resources, and at least some of them do harvest information from your hard drive, in keeping with a fairly innocuous spyware app. Whether they’re worth having depends on you, and the places your Internet use takes you. But that clear line - the "If I get an antivirus I'm safe, and if I don't I'm not" - just doesn't exist.

Planet Botch provides a contact facility for business matters only. Here's the link to the Contact Page.