Skrivet av Ecuaman:
Har en Poll - omröstning tillagd i det första inlägget i denna tråd.
Bra där. Nu fick vi dessutom diskutera lite och bilda oss en uppfattning först innan omröstningen startade.
För de som vill läsa mer och något som är aktuellt kanske den senaste debatten på Twitter i ämnet kan vara intressant. Någon Vess som har jobbat i av-industrin skrev att Microsofts antivirus skulle vara dåligt och så blev det mer eller mindre krig. Bland annat hoppade Google Chromes säkerhetschef Justin Schuh in i debatten. Han verkar vara redigt förbannad på antivirustillverkarna och de risker de utsätter användarna för. Även utvecklare från Firefox var med på ett hörn. Mycket underhållande.
Så här skrev Tavis Ormandy, det är ungefär här startskottet går av:
Ormandy: No doubt you're saying "crap" because of some avtest metric. Based on code quality and safety, Microsoft wins.
Här är Justin Schuhs mer läsvärda inlägg, det är hårda ord men jag gillar när folk talar klarspråk:
Schuh: You misunderstand your own ignorance. AV is my single biggest impediment to shipping a secure browser.
Schuh: I could rattle off a laundry list of total security breakage due to worthless AV code. In fact, I will.
Schuh: AV tampering delayed Win32k Flash lockdown for over a year. Lowbox & CSRSS lockdown are still on hold.
Schuh: We constantly suffer injected AV vulns, from ROP gadgets at predictable addresses to command exec
Schuh: Broken AV MitM creates a constant stream of TLS failures, and breaks real security like HSTS pinning.
Schuh: And don't even get me started on the constantly elevated crash rates outright bricking of the browser.
Schuh: I expect it's possible to make an AV that isn't more harm than good, but none of you are even trying.
Schuh: You ignore all security best practice, piling dodgy format parsing and other unsafe code into the kernel
Schuh: No isolation or defense-in-depth. You inject huge blobs of privilege and attack surface in every process
Schuh: I'm willing to revisit my position on AV, but I'd need to see some basic regard for security first.
Schuh: You're deflecting. The problem is irrelevant of injection hacks. The code itself is a vuln-ridden mess.
Schuh: Name one AV that sandboxes it's format parsing, or does anything significant to minimize attack surface?
Schuh: Name one AV that fuzzes it's hostile data handling code or tries to meet any reasonable bar.
Schuh: AV injects a mess of vulnerable, buggy attack surface and you have the gall to ask us to make it easier?
Schuh: You continue to deflect rather than answer very real criticism of how AV puts users at serious risk.
Schuh: I can't tell if you're just that ignorant or if you're being evasive because you know @taviso and I are right.
Schuh: To anyone familiar with software security, yes. AV is at least a decade behind Office or Windows on basic security practice.
Schuh: This belies total ignorance of modern software security. Windows & Office sandbox major attack surface plus other hardening.
Schuh: No software is perfect, but attacking MS products takes real time, effort, & expertise. Whereas AV is just trivially soft.
Schuh: Just find someone you trust who genuinely knows a bit about modern software security, and have them explain it to you.
Schuh: I assume this is the main reason Microsoft is pushing Defender. Because third-party AVs are Typhoid Mary by comparison.
Schuh: Why AV is bad: Security is mostly about reducing attack surface & enforcing boundaries. AV adds huge attack surface & bridges boundaries.
Schuh: MS Defender doesn't sandbox, but it's still quite robust. Likely due to basic secure coding practice and aggressive fuzzing.
Schuh: To add context, AV doesn't have to be this bad, but other than MS Defender, none of them are incentivised to make safe products.