Ex-Mozilla dev tells Windows users to uninstall ‘poisonous’ AV software

EX-MOZILLA DEVELOPER Robert O’Callahan has spoken out about “poisonous” antivirus (AV) software and advised that anyone running an up-to-date version of Windows should uninstall any non-Microsoft security software.

O’Callahan, who left Mozilla last year, has said in a blog postthat there’s there’s little evidence that non-Microsoft AV software improves PC security, pointing out that recent bugs discovered by Google’s Project Zero security team, such as a command execution flaw recently spotted in Trend Micro software, show that many widely-used AV products leave many users open to attack.

“Now that I’ve left Mozilla for a while, it’s safe for me to say: antivirus software vendors are terrible; don’t buy antivirus software, and uninstall it if you already have it (except, on Windows, for Microsoft’s),” O’Callahan said.

“At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google’s Project Zero.

“These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)”

This isn’t the only problem with AV software that leaves users open to attack, according to O’Callahan, as “poorly implemented code” also in some cases makes it impossible for users to update their browser, leaving them without crucial security fixes.

“For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes,” he said.

“Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security (recent-ish example).”

O’Callahan, who also warns that AV can make your PC “incredibly slow and bloated”, does advise anyone not running up-to-date Windows software, such as those still using a Windows XP or Windows 7 PC, that they probably should keep hold of their security software for now.

In these cases, third-party AV “might make you slightly less doomed”, according to O’Callahan.

O’Callahan’s warning comes just two months after Eugene Kaspersky accused Microsoft of anti-competitive practices and putting customers in danger with its attitudes to antivirus protection.

Kaspersky likened the fight to that between David and Goliath, but with the Microsoft Goliath “squeezing independent developers out” of specialist areas.

“Users of Windows 10 have been complaining that the system is changing settings, uninstalling user-installed apps and replacing them with standard Microsoft ones. A similar thing’s been happening with security products,” he said.

Source: The Inquirer

  • ja_1410

    I duuno. It was Kaspersky that discovered Stuxnet, not Microsoft.

  • Pip Boy

    It’s hard to disagree with Mr. O’Callahan, especially when top AV vendors install browser extensions that “help improve your buying experience”, or quietly install their own root certificates.

  • Stephen Green

    Don’t forget folks, there’s nothing for free, really.