Google Chrome Engineer And Mozilla Employee Heap Praise On Windows Defender As The Only AV Package You Need
"At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)," former Mozilla engineer Robert O'Callahan stated in a blog post.
According to O'Callahan, there are many others engineers and developers in the industry who feel the same way, but if they speak out, "the PR hammer comes down." O'Callahan doesn't necessarily disagree with the consequences—if a software vendor speaks out about an AV program, it risks having the AV vendor bad mouth the product—but now that he is no longer working at Mozilla, he is free to shout from a mountaintop about the conflicts that third-party AV programs have with a browser's built-in security.
"AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security," O'Callahan adds. "For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes."
Browser makers don't complain about Microsoft Defender because we have tons of empirical data showing that it's the only well behaved AV. https://t.co/ClGwEWCoWu
— 🔥 Justin Schuh 🔥 (@justinschuh) January 31, 2017
In another Twitter post, Schuh said that Microsoft generally takes a "first do no harm" approach with Windows Defender, which is obviously something that would appeal to developers.
Do you use Windows Defender? If not, what security software (if any) are you running?