I wrote about this seven years ago and it's depressing how little has changed. All the same problems are in today's security software: sluggishness, instability, false alarms, missed detections, and updates that don't keep up with attacks. Is there any other class of PC software that fails so often, yet is so widely deployed?
As the recent ZoneAlarm incident shows, security software still offers defects as well as defense. Antivirus programs are just as bad. Just last week, a neighbor who volunteers as the IT guy for a nonprofit company in the area came to me trying to remove WinAntivirus 2008, a scam AV program installed via exploits and deception. The company's Symantec security software let it right through. It turns out that Symantec's auto-update function had broken and it was no longer getting signature updates. After manually updating signatures, he was able to remove WinAntivirus 2008.
Symantec knows its product is bloated and that its uninstaller leaves behind running components. The company supposedly plans to do something about it. I sure hope so, because a decade of this nonsense is plenty, thanks.
Although I feel like my own experiment without security software has been a success, I know that most IT departments would be committing suicide if they set nontechnical users loose without it. Has anyone out there had good luck with any of the major security software vendors in a medium-sized to large company?
