Darren Bilby, Google’s senior security engineer, in a conference in Wellington told his fellow hackers that antivirus tools are useless. Referring to a series of cyber-attacks named ‘2009 Operation Aurora campaign’ that made several computers vulnerable to attacks, Bilby said there is no need of ‘magic’ through ineffective antivirus.
The Google hacker also argued that networks are not a security defense because users are so easily able to use mobile networks to upload data to cloud services, bypassing all traditional defenses.
He further said :
“We need to stop investing in those things we have shown do not work. Sure, you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying ‘Thank god it inhaled all the poisonous gas’.”
Bilby urged his fellow hackers and security experts to design intrusion detection systems that could make real difference and protect users even if they visit malicious websites or documents.
“We are giving people systems that are not safe for the internet and we are blaming the user.”
He concluded by giving advice to users to be safe because internet is horrible as it blames its users rather than manufacturer who developed these critical hardware and software.