About Us

The Immunet Blog is maintained by the Immunet team as a forum for discussing news and issues related to AntiVirus, security and cloud technology.

Search

Archives
Blogs We Read
Tags
« Immunet By The Numbers - II | Main | PC World Covers Immunet in New Online Video »
Wednesday
Nov112009

Schneier on Anti-Virus, and why I joined Immunet

DateWednesday, November 11, 2009 at 11:35AM | AuthorAdam J. O'Donnell

Bruce Schneier, one of the leading voices of our community, took a stand on the controversial position held by many security researchers that anti-virus is dead. Bruce disagrees with this position and reaffirmed the necessity of anti-virus this week. He makes the sound argument that the reduction in efficacy of traditional anti-virus technologies is not a reason to eliminate them from your desktop. Saying otherwise would be akin to throwing out all antibiotics because a certain class of them became less effective. Even if old-school anti-virus products become less effective, they are better than nothing.

What is dying, however, is the traditional nuts and bolts behind anti-virus. Many moons ago, the rules that governed what was and what was not a virus were distributed via floppy disk and dial-up BBSes and sat resident in the system's memory. The vast majority of anti-virus products in-field today still use a similar "fetch and archive" technology for their rulesets, except now they fetch updates at regular intervals over a broadband connection rather than irregularly off of magnetic media or dial-up connections. The improvements in update frequency may have helped keep AV from being completely worthless, but by no means is it sufficient to make traditional AV competitive against modern malware threats.

Viruses no longer arrive on floppy disks or from your local BBS after months of circulation, but by compromised websites minutes after they were first created. We need to build anti-virus technologies that, from day one, are designed to operate in a continuously changing threat environment, and rely upon a real-time database that is continuously updated with every threat seen by the entire Internet-using population. Protection for a new threat needs to arrive not after analysts spend a few hours picking it apart, but as soon as it is seen in the wild before it damages the user community.

That level of protection can't be provided by software designed to be updated at the walking speed of a user carrying a floppy disk. I truly believe that the way we as an industry have produced anti-virus technologies is coming to an end, and wholly new technologies such as cloud-based lookup must be employed if consumers are going to have any hope of not being infected.

That is what Immunet is doing and that is why I joined them.

While I have you here, you should download Immunet Protect and give it a try.

| | Print ArticlePrint Article | | CommentPost a Comment

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.