Re: [tlug] Anti-virus software is a scam

[Dave M G <dave@example.com>]

Pier, Kyle, Shawn, Nicolas, Stephen,

Thank you for your comments.

I was not aware of the executable "feature" of PDF files. Thanks for 
alerting me on that one and on the other security issues that I'll take 
into consideration.

However, the thing that strikes me about most of the examples you guys 
gave for Windows is that they exploit vulnerabilities within Windows 
that Microsoft (or whichever application developer was responsible) 
could potentially correct, thus rendering any attack that exploited that 
vulnerability useless.

So really, it's not the image files (or other types) being opened that 
causes the problem, it's the program, and it's relation to the OS, that 
is the problem.

My experience on Windows is that these security vulnerabilities do get 
addressed through patches (sufficient response time might be a debatable 
issue). Ditto for Linux - my update manager routinely tells me about 
"security patches" that I didn't even know were problems until they were 
being fixed.

I guess part of my point (not addressed in my article), is that I don't 
see anti-virus software being faster or better at addressing these 
problems than the patches one is supposed to get as a matter of course 
anyway.

--
Dave M G