2006-09-01

Anti Virus Software

Photobucket - Video and Image HostingAnti virus software has been with us since the days of DOS. For the Microsoft Windows people the virus scanning software is pretty much essential for a multitude of reasons.

There has been a claim that at one stage the virus problem was solved. The operating system would make a check sum of every file, securely store this file, and check every program before you ran it to make sure that the file had not been altered. Not exactly sure how effective that method would be, but it certainly sounds like a start. A free community monitored net based registry might be a similar solution. The story continues that the anti virus software companies realised that it is far more profitable to sell subscriptions to a virus signature scanner rather than checksum protect existing software. Being a profit oriented business they went the signature route.

Now with holes appearing in things like the widely used WEP wireless security, RFID tags used in credit cards and passports, the easily crackable US electronic voting system, and CPU level virtualisation with the Blue Pill proof-of-concept undetectable virus, all indicate that security concerns aren't quite at the forefront of the closed source businesses on the hardware front as well as the software front.

In the early days there pretty much was only one virus scanner, McAfee. These days there are a few dozen. The big mother of all scanners comes from the utility consuming company Symantec. In the early days, Symantec Anti Virus, aka Norton Anti Virus was quite good. Nowadays, Symantec is a piece of poop. Bloated resource hungry software that has every chance of kicking your machine over as it does of defending your computer from attacks. We have numerous complaints at work from users about their computer running slow, these are reasonably spec'd machines with 1.5GHz and 256Meg RAM. Basically these systems are just used for word processing and run quite slickly until the corporate edition of Symantec Anti Virus is installed, after which start up and shut down of applications and the operating system takes far too long. I regularly remove Symantec Anti Virus from the software from systems belonging to friends and relatives, replacing with a free software alternative. They are shocked at the speed increase and ask "Why?". My (possibly ill informed) answer is that Symantec is a company of profit oriented business people who have a passing knowledge of programming. They are more concerned about documenting for certification of their code rather than optimising it. They spend far too much money on suits to market their crap than they do on making their software work properly. This is the Microsoft model of software production.

One school of thought is that if you are going to make a new virus then you would make sure it got past the most popular virus scanners: McAfee and Symantec, so you are far better off installing a non-popular brand of scanner.

The question is: which software should you install? I'm glad you asked. There are a wide range of opinions. If you have huge amounts of RAM, the fastest CPU and don't care about the performance drop then Symantec isn't a completely terrible option. However there are many more alternatives out there that are definitely worth thinking about. Popular amongst the squeakers (adolescent computer nerds) is NOD32, it stands up to the big guys very well, regularly rates higher in detection, is exceedingly fast and is very frugal with computer resources. Kaspersky always rates very highly, regularly at the top in most tests. The free Anti Virus software don't always do so well but aren't the worst, except Avira AntiVir which sometimes rates with the big names.

ThePCSpy did an excellent article on what really slows windows down. Briefly, results were no real surprise.

Software that SLOWS your computer the most:
(1) Norton Internet Security 2006;
(2) McAfee VirusScan Enterprise 8;
(3) Norton Internet Security 2007;
(4) Trend Micro PC-cillin AV 2006;
(5) ZoneAlarm ISS;
(6) Norton Antivirus 2002

Free Anti Virus Software:
Avria AntiVir
Avast
AVG (AVG has some ethical issues, and not a very good performer)

Paid for Anti Virus Software:
Kaspersky
NOD32
Bit Defender
F-Prot
Norman (is not Norton)
Sophos

Reviews of Anti Virus Software:
Virus.gr
av-test.org
Consumer Reports
av-comparitives

Which brings me to the last bit of my discussion. A consumer group "Consumer Reports", who makes claims to be independent from business interests, and I have no reason to suspect otherwise, has taken it upon themselves to test a hand full of the various virus detecting software out there using methods that has the anti-virus companies up in arms. Apparently ConsumerReports created thousands of new computer viruses to see how the various anti-virus software handled detection of viruses that they did not have signatures for. Sounds perfectly reasonable to me. However, some software companies think otherwise. I would put these companies into the small minded, suit-oriented, lounge lizard type companies, but that is just my opinion (like everything here).

From Digg:
More than 100 security experts from companies like Microsoft and HP as well as anti-virus vendors F-Secure, Kaspersky, McAfee, Sophos, Symantec and Trend Micro signed their names to a declaration denouncing Consumer Reports' methods, stating that it is "not necessary and ... not useful to write computer viruses to learn how to protect against them.

Check out the comprehensive article on The Washington Post.

UPDATE: I had a virus infection which AVG totally ignored. Thankfully other people had different/better software (Sophos) and figured out that I was infected. So I bit the bullet and bought Kaspersky, which is still ranked as best by nearly all measures. Kaspersky found heaps of issues, going back to files that I have not touched for nearly 15 years. AVG never even blinked at these. I can't, in good conscience, recommend AVG anymore.

In the end, I think as long as you have some sort of Anti Virus on windows and you aren't monkeying around with dangerous software from disreputable sites, then you should be ok. The companies will probably also want you to buy other security packages like spyware filters, a firewall, antispam and/or email virus scanners (most virus scanners will scan email), and even parental control software (block naughty web sites). All worth your consideration to one extent or another, just remember that each extra software program will have to be active and running on your computer, using up RAM and CPU time. You don't want to make your computer so secure that it becomes too slow to be usable.

Kind of like the situation in the world, you have a government so concerned with security that they are prepared to sacrifice your freedom, making it very difficult to do anything just so you are more secure.

Or just get a Mac.

2 comments:

Narbs said...

I was waiting for the mac angle - I've been happy with avast as a free scanner.

technologickill said...

Installed avast on many private PC's but from now on using AVG again or ppl wanna spend some bugs for top kaspersky products.

avast Heap Overflow


juergen (munich)