Google Chrome Engineer And Mozilla Employee Heap Praise On Windows Defender As The Only AV Package You Need
Microsoft has a long and somewhat bumpy road in the antivirus field. Even its latest AV solution, Windows Defender, has not always garnered praise, though that is beginning to change. A recent blog post by a security expert who heaped praise on the default security software in Windows has prompted others to come out and speak in favor of using Windows Defender instead of a third-party solution.
"At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)," former Mozilla engineer Robert O'Callahan stated in a blog post.
According to O'Callahan, there are many others engineers and developers in the industry who feel the same way, but if they speak out, "the PR hammer comes down." O'Callahan doesn't necessarily disagree with the consequences—if a software vendor speaks out about an AV program, it risks having the AV vendor bad mouth the product—but now that he is no longer working at Mozilla, he is free to shout from a mountaintop about the conflicts that third-party AV programs have with a browser's built-in security.
"AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security," O'Callahan adds. "For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes."
"At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)," former Mozilla engineer Robert O'Callahan stated in a blog post.
According to O'Callahan, there are many others engineers and developers in the industry who feel the same way, but if they speak out, "the PR hammer comes down." O'Callahan doesn't necessarily disagree with the consequences—if a software vendor speaks out about an AV program, it risks having the AV vendor bad mouth the product—but now that he is no longer working at Mozilla, he is free to shout from a mountaintop about the conflicts that third-party AV programs have with a browser's built-in security.
"AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security," O'Callahan adds. "For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes."
Browser makers don't complain about Microsoft Defender because we have tons of empirical data showing that it's the only well behaved AV. https://t.co/ClGwEWCoWu
— 🔥 Justin Schuh 🔥 (@justinschuh) January 31, 2017
O'Callahan goes on to state that developers spend considerable time dealing with issues that third-party AV programs introduce rather than focusing on making actual improvements to browser security. He is not alone in this thinking, nor is he the only one to champion Windows Defender. Google engineer Justin Schuh posted some high praise for Microsoft's AV software on Twitter.
In another Twitter post, Schuh said that Microsoft generally takes a "first do no harm" approach with Windows Defender, which is obviously something that would appeal to developers.
Do you use Windows Defender? If not, what security software (if any) are you running?
In another Twitter post, Schuh said that Microsoft generally takes a "first do no harm" approach with Windows Defender, which is obviously something that would appeal to developers.
Do you use Windows Defender? If not, what security software (if any) are you running?
