Antivirus tools are not good enough, says Google’s senior security engineer

Google’s senior security engineer says antivirus apps are ineffective magic

Google’s senior security engineer and tech expert, Darren Bilby has told fellow hackers that the antivirus applications are actually useless and questioned the overall effectiveness of them, while speaking at the ‘Kiwicon’ hacking conference in Wellington on Thursday.

Referring tp a series of cyberattacks named ‘2009 Operation Aurora campaign’ that made several computers vulnerable to attacks, Bilby said there is no need of ‘magic’ through ineffective antivirus.

He further said, “We need to stop investing in those things we have shown do not work. Sure, you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.

“Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying ‘Thank god it inhaled all the poisonous gas’.”

While negative on antivirus software, Bilby urged his fellow hackers and security experts to concentrate on things such as intrusion detection systems that can make a real difference in an enterprise space and protect users even if they access malicious websites or open compromised documents.

“And sure you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.”

Bilby told the conference that he thinks networks are not stable enough, as individuals can use mobile networks to upload data to various cloud services that are not adequately protected.

He concluded by giving advice to people in the workplace to practice safe internet was “horrible” as it shifts blame to the users themselves and away from those who manufactured hardware and software that is not secure enough to be used online.

“We are giving people systems that are not safe for the internet and we are blaming the user.”

3 COMMENTS

  1. Haven’t run antivirus in years. If you use JUST A LITTLE COMMON sense you don’t need it.

    1) Nothing is free.
    2) No one can magically see if you’re hacked remotely. It’s reading your browser cache.
    3) NOTHING IS EVER FREE………

  2. The social media preview for this article: “Antivirus tools are useless….”

    Article clearly states the opinion of the engineer is different: “Antivirus does some useful things,….”

    Click whoring with shock and blah… build a good reputation and the rest will follow

  3. It would be nice if we had secure operating system designed to be secure from the start. Microsoft have had 25 years of DCE RPC RCE’s and we still dont know if they have all been fixed. Why they did not recode this are from scratch like 15 years ago I really dont know ?

LEAVE A REPLY

Please enter your comment!
Please enter your name here