Almost everyone installs antivirus software on their PC and Macs. But there is growing realisation among cybersecurity experts that antivirus software actually makes you more vulnerable to hackers!
As this article pointed out,
Antivirus, in an attempt to catch viruses before they can infect your system, forcibly hooks itself into other pieces of software on your computer, such as your browser, word processor, or even the OS kernel.
Anti-virus software, in order to do its work of catching malware, bury itself deep inside the operating system. And here is the problem:
As in, without AV installed, a hacker might have to find a vulnerability in the browser or operating system—but if there’s AV present, the hacker can also look for a vulnerability there. This wouldn’t necessarily be a problem if AV makers made secure software, but for the most part they don’t.
To hack your computer, hackers first finding security holes in the anti-virus software itself. Once the hacker subverts the anti-virus software, he can then enter the operating system because the anti-virus software is very deeply intertwined with it. In other words, without the anti-virus software, the hacker will not have the opportunity to hack into your computer in the first place!
Back in June last year, Google’s Project Zero found 25 high-severity bugs in Symantec/Norton security products. “These vulnerabilities are as bad as it gets,” said Tavis Ormandy, a Project Zero researcher. “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.” Over the past five years, Ormandy has found similar vulnerabilities in security software from Kaspersky, McAfee, Eset, Comodo, Trend Micro, and others.
Even big, reputable anti-virus software vendors are producing insecure software and putting their users in danger instead!
Which anti-virus software should you use?
Most cybersecurity experts do not bother with running an anti-virus software in their computers.
But if you must run an anti-virus software, only one vendor is trusted by cybersecurity experts to write secure software. Not only that, this vendor had recently announced a new security feature in their anti-virus software to make it much harder for hackers to attack. Other vendors are still lagging behind in this area.
Which is the vendor? You will be surprised at the answer, which can be found in my book, Digital Security & Privacy for Dummies.