The jury’s VER­DICT

PC & Tech Authority - - FEATURE -

Whether you need to worry about antivirus’ in­her­ent flaws de­pends on your risk pro­file. If you’re a po­ten­tial tar­get of state-spon­sored hack­ing or other se­ri­ous, tar­geted at­tacks, the bugs in antivirus may well present a se­ri­ous risk.

But what about the rest of us? We asked res­i­dent se­cu­rity guru Davey Win­der for his thoughts. “Re­mem­ber, all soft­ware has bugs. Would I sug­gest you don’t use any AV soft­ware? No, of course not. Sim­i­larly, I wouldn’t sug­gest you re­ply upon any antivirus soft­ware alone to pro­tect your net­works and data. A multi-lay­ered se­cu­rity pos­ture is the way for­ward for most peo­ple, most of the time; and antivirus re­mains a valid layer within that pos­tur­ing.”

The antivirus firms also seem to be step­ping up their own se­cu­rity. They are wisely start­ing to of­fer bug bounty pay­ments to en­cour­age se­cu­rity re­searchers to cast a glance over their code, and while some seem to view Or­mandy et al with a sus­pi­cious eye, oth­ers are happy to work with flaw fin­ders to har­den their soft­ware.

But that only ad­dresses the cod­ing flaws in antivirus. Where it sits makes those bugs more danger­ous. Per­haps it’s time for antivirus to de­velop a bet­ter, safer scan­ning sys­tem – Sul­li­van points out that F-Se­cure doesn’t play man-in-the-mid­dle to watch over HTTPS traf­fic. “We are miss­ing one op­por­tu­nity to spot some ma­li­cious code and kill it in the bud,” he ad­mits. “But we made that call sev­eral years back that we don’t want to be in the po­si­tion of be­ing a man-in-the-mid­dle, even if that is a trusted man-in-the-mid­dle. You just have to work harder on the other lay­ers you’ve got.” Š

Other devel­op­ers ( see right) note that Chrome and Fire­fox both sup­port other tech­niques to fil­ter traf­fic, so no “man-in-the-mid­dle” is re­quired.

In the mean­time, users are be­ing left with some­thing of a Hob­son’s choice. “Should the antivirus prod­ucts use bet­ter, more se­cure de­signs? Ab­so­lutely! There is much that needs im­prove­ment in this as­pect,” Bontchev ar­gues. “But, most im­por­tantly, what is needed is a di­a­logue.”

While the pur­suit and pub­li­ca­tion of antivirus bugs has raised aware­ness of the is­sue, it’s key for antivirus mak­ers and bug hun­ters to re­mem­ber they’re work­ing to­wards the same goal – keep­ing users safe.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.