Running antivirus software is just common sense… until it causes a few blue screens. Or constantly detects false positives in your favourite applications. Or makes your programs crash with unhelpful, mysterious errors. Is there an argument for not installing antivirus software? Perhaps.
Robert O’Callahan, a former Mozilla software developer, has written a post advocating that Windows users “uninstall” their antivirus software, the argument being that “[AV] software vendors are terrible”.
In fact, he recommends Microsoft Defender if you're going to run anything at all, despite it being utter pants in terms of threat detection compared to the competition.
It almost sounds like insanity. Almost. Fortunately, O'Callahan goes into more detail further into the post:
At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)
He goes on to say that problems with "poorly-implemented" AV usually manifest in other applications, somewhat hiding the problem:
When your product crashes on startup due to AV interference, users blame your product, not AV. Worse still, if they make your product incredibly slow and bloated, users just think that's how your product is.
Does O'Callahan have a point? I'd say more experienced users can get away with installing AV and disabling real-time protection. Often you just want to scan the odd file; a constant watchdog is not necessary.
For the less knowledgeable user though? Real-time AV does have a place, though vendors could do better when it comes to code quality.
Originally published on Lifehacker Australia.