{"id":39093,"date":"2018-06-07T11:00:10","date_gmt":"2018-06-07T09:00:10","guid":{"rendered":"http:\/\/e3mag.com\/?p=39093"},"modified":"2025-07-12T14:53:13","modified_gmt":"2025-07-12T12:53:13","slug":"antivirus-software-snake-oil","status":"publish","type":"post","link":"https:\/\/e3mag.com\/en\/antivirus-software-snake-oil\/","title":{"rendered":"Are Antivirus Solutions the Modern Snake Oil?"},"content":{"rendered":"

In the IT security scene, the discussion about the effectiveness of antivirus products is an ongoing hot topic. She was recently inspired by comments from Robert O\u2019Callahan, a former Mozilla developer, and Justin Schuh, Director of Chrome Security at Google. They claimed that anti-virus solutions are often a stumbling block to developing safer browsers and may even reduce effective security.<\/p>\n

They referred to Tavis Ormandy, a Google security researcher who had recently discovered vulnerabilities in some antivirus solutions. However, the affected manufacturers fixed them so quickly that even Ormandy praised the speed. However, O\u2019Callahan went as far as advising users to uninstall their anti-virus solution in a blog post!<\/p>

\"Fullsize\"<\/a><\/div>\n

With malware, it\u2019s not that simple<\/h2>\n

In addition, there are numerous studies of varying quality available online to prove that signature-based solutions achieve malware detection rates of only 30 to 40 percent and extrapolate that the gain in security is marginal at best. It is undisputed among security experts that purely signature-based malware detection alone does not provide sufficient protection, especially for interactively operated desktop systems, where web surfing and e-mail remain the most important infection vectors.<\/p>\n

The sheer number and high volatility of malware located \u201cin the wild\u201d is simply too high. It is also true that simple pattern matching procedures fail in complex malware with mutating, polymorphic code due to the concept.<\/p>\n

But it is also a fact that the majority of malwares do not display such a high degree of complexity. Furthermore, it does not do security vendors justice if modern virus scan engines are reduced to pure pattern matching. All providers have long since expanded pattern recognition with heuristics, numerous decoders, whitelists and variant detection to such an extent that even for \u201ccustom\u201d malware it is becoming increasingly difficult \u2013 albeit not impossible \u2013 to remain undetected.<\/p>\n

\"Joerg<\/a><\/p>\n

A disservice to regular users<\/h2>\n

Allow me to make a comparison to show that PR-effective, provocative statements, such as O\u2019Callahan\u2019s, are a disservice to regular users. It should be clear that a normal cylinder lock does not prevent an experienced burglar from breaking into a house. If, from the burglar\u2019s point of view, the prospect of the loot justifies the risk and effort, the said lock will be a hurdle, but one that can be overcome.<\/p>\n

This fact does not justify, however, not having a lock on your door at all and reduces the effort for the burglar to virtually zero and shifts the cost-benefit calculation for the burglar in favour of the burglary. Likewise, systems without antivirus protection become the point of least resistance for attackers and evoke attacks.<\/p>\n

No easy way out<\/h2>\n

Under no circumstances should security vendors, whose products do not meet the requirements of secure software development, be protected. Here, customers have to call upon the manufacturers to fullfil their responsibilities.<\/p>\n

With their purchasing decisions, they have a considerable lever to demand improvements and quality from those manufacturers who want to secure their share of the enterprise endpoint security market (according to Forrester, a market volume of 5.9 billion US dollars annually until 2021). Nor do I think that signature-based malware detection alone is sufficient to comprehensively protect every type of endpoint against malware.<\/p>\n

However, I do believe that modern anti-virus protection must remain an integral part of any serious multi-layered security strategy for the foreseeable future. These solutions are the only line of defense where malware is not executed but merely stored. This means central distribution points in the company network, which are accessed by numerous internal and external users\u2014such as storage, document management and last but not least SAP systems!<\/p>","protected":false},"excerpt":{"rendered":"

In the Wild West, \"Clark Stanley's Snake Oil Liniment\" promised to be a medication for many diseases\u2014and turned out to be completely ineffective. Since then, snake oil has stood for expensive, useless products\u2014just like today's antivirus and malware solutions?<\/p>","protected":false},"author":1510,"featured_media":15608,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[21,7,22044],"tags":[1790],"coauthors":[22523],"class_list":["post-39093","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-security","category-meinung","category-mag-1805","tag-it-security","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"thumbnail":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-150x150.jpg",150,150,true],"medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",400,172,false],"medium_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-768x331.jpg",768,331,true],"large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-100":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-100x43.jpg",100,43,true],"image-480":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-480x207.jpg",480,207,true],"image-640":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-640x276.jpg",640,276,true],"image-720":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-720x310.jpg",720,310,true],"image-960":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-960x414.jpg",960,414,true],"image-1168":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-1440":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-1920":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"1536x1536":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"2048x2048":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"trp-custom-language-flag":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",18,8,false],"bricks_large_16x9":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_large_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",600,259,false],"bricks_medium_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",600,259,false],"profile_24":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-24x24.jpg",24,24,true],"profile_48":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-48x48.jpg",48,48,true],"profile_96":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-96x96.jpg",96,96,true],"profile_150":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-150x150.jpg",150,150,true],"profile_300":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"

Im Wilden Westen versprach \u201eClark Stanley\u2019s Snake Oil Liniment\u201c Linderung bei vielen Erkrankungen \u2013 und entpuppte sich als v\u00f6llig wirkungslos. Seither steht Schlangen\u00f6l f\u00fcr teure, nutzlose Produkte \u2013 genau wie heutige Anti-Viren-L\u00f6sungen?<\/p>\n","category_list_v2":"IT-Security Kolumne<\/a>, Die Meinung der SAP-Community<\/a>, MAG 18-05<\/a>","author_info_v2":{"name":"J\u00f6rg Schneider-Simon, Bowbridge Software","url":"https:\/\/e3mag.com\/en\/author\/joerg-schneider\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/39093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/users\/1510"}],"replies":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/comments?post=39093"}],"version-history":[{"count":1,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/39093\/revisions"}],"predecessor-version":[{"id":152415,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/39093\/revisions\/152415"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media\/15608"}],"wp:attachment":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media?parent=39093"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/categories?post=39093"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/tags?post=39093"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/coauthors?post=39093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}