A large number of internet users have been using and are still using anti-virus programs as tools that defend them from viruses and other malware. Essentially, the role of an anti-virus program is to examine information for malicious content and ultimately to protect the end user from “commodity malware”. Here the term ”commodity malware” means simple, widespread malware as opposed to advanced, rare malware. Commodity malware performs opportunistic attacks against users as general targets and is rarely used in targeted attacks.
On the one hand, installing complex software that integrates deeply with many low-level components of the machine, as anti-virus software does, increases the attack surface – because, just like any other complex software, anti-virus programs have bugs and vulnerabilities. On the other hand, the users are facing increased malware attacks of many kinds. With this picture as a background, there is a thread of bitter arguments between the developers of web browser and those of anti-virus software. These arguments revolve around the fact that the anti-virus programs are meddling with the operation of browsers and are affecting their speed and performance.
Allegations & Counter-allegations
From the perspective of the browser makers what makes AV incredibly invasive is that it - by force and by design - injects its components into and connects with numerous applications and other software like the word processors, the browsers and also the OS kernel. Some well-respected engineers working for Google and Mozilla even went to the extent of recommending that users remove their anti-virus programs and not use them at all.
In response to these allegations, Dr. Vesselin Vladimirov Bontchev who has been a part of the anti-virus industry for the past 30 years, told Red Piranha, “Anti-virus needs access to the stuff the browser is trying to access, because often it (the browser) is a malware infection vector and it is our duty to protect our customers from malware that arrives via this vector. If the browser makers don't like the way we're doing it, the proper solution is to find a better way to provide us with the information that we need, in order to integrate properly with their product - not to say that users shouldn’t use anti-virus software!”
The Ultimate Losers are the End Users
The lack of cooperation between the browser makers and the anti-virus industry has definitely exposed a glaring loophole in the system. Given the fact that anti-virus programs are used by the majority of users, there has to be some kind of mechanism that ultimately addresses the various issues related to the operation of anti-virus software. Browser makers must provide the required information to the AV developers, so that they can integrate properly the anti-virus program with the browser. On the other hand, the anti-virus producers must design their products in a way that does not impede the operation of the browser or lower its security when compromised due to vulnerability. It’s a moral responsibility that must be addressed by both parties because with all these problems cropping up, it’s the end-users who suffer when their computers become slow or insecure.
Learn about endpoint protection tools to keep your organisation safe from cyber attacks.