UPDATED 05:04 EST / NOVEMBER 17 2016

APPS

Google security engineer slams antivirus software, cites better security methods

Google Inc. senior security engineer Darren Bilby isn’t a fan of antivirus software, telling a conference in New Zealand that more time should be spent on more meaningful defenses such as whitelisting applications.

Speaking at the Kiwicon hacking conference, Bilby said that antivirus apps are simply ineffective and the security world should concentrate its efforts on things that can make a difference.

“Please no more magic,” Bilby told the conference, according to The Register. “We need to stop investing in those things we have shown do not work. Sure, you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.”

Antivirus software does some useful things, he said, “but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying, ‘Thank god it inhaled all the poisonous gas.’”

While negative on antivirus software, Bilby did call on hackers and security experts to concentrate on things such as intrusion detection systems that can make a real difference in an enterprise space by protecting users even if they’ve accidentally stumbled down the path of opening a malicious website or bringing an infected device into the workplace.

“You are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan,” Bilby said, “but allocate some time to working on things that actually genuinely help.”

Interestingly, Bilby noted that networks themselves no longer provide a high level of defense as users can simply bypass the network using mobile Internet, allowing them to bring malicious code via a side door of sorts.

Bilby concluded that giving advice to people in the workplace to practice safe internet was “horrible” as it shifts blame to the users themselves when it should be those who manufactured the software and hardware with vulnerabilities to begin with who are to blame. “We are giving people systems that are not safe for the internet and we are blaming the user,” he noted.

Image credit: Pixabay/ Public Domain CC0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU