The ToolWiz Blog Welcome Guest | Login or Register

On a forum that I frequent, I got into a discussion about computer security software and basically stated that I think most of it is virtually worthless. One of the forum members came back and kind of slammed me for saying it’s all worthless. Well, I didn’t say that. I’d say that MOST computer security is worthless, given how it’s being marketed and supported today. This is a topic that tends to polarize people with, very few who are knowledgeable in the middle. Of course, the folks in the middle are usually the ones who end up wondering why their brand new computers seem to run slower than the 3-year old one they just gave to the kids.

Believe it or not, there are still laws on the books in many places that make carrying and using crossbows a criminal act. Consider that at the time those laws were enacted, people actually USED crossbows! What good are they doing anybody today?

Every so often, legislators will get together and purge a bunch of these kinds of laws from the books, because they’re not only obsolete, but just totally inappropriate. For example, in Arizona, there was a law on the books that made it a misdemeanor to spit on the sidewalk. And another one that imposed death by hanging for stealing somebody’s horse. Do people still spit on sidewalks and steal horses today? Sure they do! So you might argue, why not leave these laws in place? Simply because the reasons behind their existence are no longer relevant.

In the case of spitting on the sidewalk, this law came during a time when sidewalks, where they existed, were made of wooden slats, and most people chewed tobacco rather than smoked. Spitoons were located at convenient places, but people didn’t use ‘em. (Kinda like contemporary society where people are too lazy today to throw a piece of trash in a can 10 feet away, so they throw it on the ground instead.) Now it also helps to realise that shoes at that time had soles made of leather. What do you think happens when you’re wearing leather shoes and you step on a relatively invisible but slimy puddle of goop on a piece of wood? Slipping on banana peels comes to mind. Only it’s not slapstick comedy. They didn’t have health insurance back then, and just trying to survive every-day challenges was bad enough.

As far as stealing a man’s horse was concerned, this was during a time when your nearest neighbor might be two or three miles away, and town might be 10 miles. No telephone, no cell phones, no radio, no way to call anybody. Nothing like “Help, my horse has been stolen and I can’t get back home!” Stealing a horse from someone in the Arizona desert in July where he’s 25 miles from anything is, well, pretty much a death sentence for the poor horseless guy. So they decided to punish horse thiefs with “death by hanging”. Of course, that was when they could find the thief.

Given the option of eliminating these laws from the books, you’re not going to get too many knowledgeable people objecting to that. There are always some moralists and people who believe “better safe than sorry” applies to everything who will object no matter what. But in general, a knowledgeable person would look at the situation and think, “well now, that really makes no sense to keep those laws in place”.

So why do supposedly knowlegeable people continue to advocate the use of security software for computers that scans for stuff like viruses? In my mind, it’s just as useless as trying to keep people from spitting on the sidewalk.

At the time most “anti-virus” software was created, 99% of all threats DID come from viruses. Viruses have a very specific kind of behavior and footprint. Most actual “virus” programs won’t even run today. So why have 14 layers of anti-virus crap searching for virtually non-existent threats?

Times evolve, threats evolve, sources of threats change. I just don’t agree with taking an approach that keeps piling on more and more stuff to deal with new threats and sources, and never removing the older stuff that’s obsolete.

Originally, viruses were little DOS programs that used common system calls to insert themselves onto the Interrupt Service Vectors that serviced disk reads and writes. They’d install themselves as “TSRs” and just create havoc with the hard drive. I don’t believe that Windows 2000, XP, or Vista will even allow ANY programs to access the Interrupt Service Vectors, let alone install themselves as TSRs. Windows does everything using DLLs now. TSRs went out after Windows NT was released. So why run security software that sifts through apps looking for signatures of viruses that are designed to run as TSRs? Every disk read and write gets inspected! Over and over and over again. It’s lookng for crossbows in a laser-powered war!

That’s my beef. Over 80% of the threats most “security software” is looking for are obsolete. Nonetheless, people have been bamboozled into believing it’s necessary to suck up a huge percentage of CPU resources looking for these innocuous “threats”. Meanwhile, they get attacked from something new neither they nor their security software vendor has even heard about yet, and think they got hit by a “virus”. So they renew their subscriptions and update all of their anti-virus databases…. to what avail?

The ONLY path to 100% certain security is to have 100% control over EVERYTHING EVERYWHERE at ALL TIMES. We have a name for such places: maximum security prisons.

Is there a reason to upgrade your computer to a 3GHz machine with 2GB of RAM if the newest OS plus newest security software chew up half of that RAM and half of the CPU bandwidth, leaving you with a “brand new” 1.5 GHz machine with <1GB of usable RAM? Errr… why did you upgrade again?

What do you think? I’d like to hear your comments.

Trackback this Post | Feed on comments to this Post