Google senior security engineer Darren Bilby has told fellow hackers that he believes traditional antivirus applications are not effective and that research should be invested in more meaningful defences such as whitelisting applications instead.
Speaking at the Kiwicon hacking conference in Wellington, Bilby said: ”We need to stop investing in those things we have shown do not work. Sure, you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.”
He argued that antivirus security platforms are useful, but questioned the overall effectiveness of them: “Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying ‘Thank god it inhaled all the poisonous gas’."
Bilby told the conference that he thinks networks are not stable enough, because individuals can use mobile networks to upload data to various cloud services that are not sufficiently protected.
He was also critical of security vendors and said: “We are giving people systems that are not safe for the internet and we are blaming the user.”