Opinion: How not to use antivirus software, and survive

By Hector D. Calabia

IDG News Service, Buenos Aires Bureau

(This article has been widely reproduced by many specialized magazines in several languages)

 

All right. I confess it. I do not like antivirus software, and I have none installed in my computer. I have found that most software of that sort is a pain, especially when resident and working in the background.

 

I have tried antivirus programs many times, but I have always found that they invariably make my machines slower, they require constant loving care (that is, frequent updates and adjustments) and more often than not they consume more resources than what I am willing to allow them and, sometimes – only sometimes – they can play havoc with the data they are supposed to protect. For instance, Norton antivirus is known for blocking an entire Eudora e-mail folder if it finds a virus there. This causes Eudora to malfunction, and the entire folder contents can be lost. It has not happened to me, but some of my friends have already had that painful experience.

 

So, for several years now, I have had no antivirus software in my computer. Infection incidents? None. And beware: I am not a secluded monk isolated from the world. My office computers are permanently connected to the Internet, and I get about 400 e-mail messages a day, mostly from mailing lists. I exchange files day in and day out with my colleagues at the IDG News Service, and with friends and clients, and have never, ever, have I received a report that I had sent an infected file to them.

 

How come, then? Am I exceptionally fortunate? Have the virus epidemics that affected the whole civilized world (or just the computerized world, bah!) spared my beloved machines every time? Not a chance.

 

I do have viruses. They do reach me. But they do not infect my system, although I have no antivirus in place. How it is possible? Let me tell you a story.

 

Yesterday I was asked to report on the new antivirus scanning service that Hispasec Sistemas is offering for the Spanish speaking Web users. This system uses the Trend Micro "House call" antivirus engine, that is also available in English at http://housecall.antivirus.com/housecall/ (See separate report.)

 

When I ran the service on my "D" drive, where I keep my data and my e-mail messages, the software found 17 infected files, with an staggering variety of viruses of all kinds. There they were, the whole lot of them, with all their cryptic names and destructive power: Troj Mtx A, W97M Classes A, B and D, 666 Test, Pretty Park, and many others. I also had some of the famous ones: I love you, and the recent and very infective Anna Kournikova, also known as VBS Kalamar.

 

Then I ran a scan of my "C" drive. The result: not a single file was infected. None of the viruses, with their all their potential for wrong doing, had ever left their original files on the "D" drive, and I had never re-sent them by e-mail, inadvertently or not.

 

Of course, after the scan I deleted or cleaned all the infected files. But I could as well have left them there. They had caused no harm for years. They would have probably remained harmless in the future.

 

Let's say I have been a "healthy virus carrier" all these years (not infectious, either). And this is due to a few factors that I would like to share with you now:

 

1. Most viruses, Trojan horses, and worms come now through e-mail, and they are relatively unsophisticated. The previous generation of viruses (or "virii", as some would like us to say) was, let's say, smarter and more sophisticated. They were smaller. They knew how to hide in executable files and diskette boot sectors. They even used stealth techniques for fooling the scanners. The diskette boot sectors were a great hiding and infecting place. But who uses diskettes any more? These viruses still exist, but I have not seen one in years. The ones that spread today need the services of Windows software and, most particularly, Microsoft e-mail software. Conclusion: I do not use Microsoft Outlook. I use Eudora. It's a lot safer.

 

2. The new generation of virus require some sort of "permission" from the user to do their tricks. Your e-mail software must be set to automatically run executable content, or you have to click on the fatidic icon. I never do. My software does not run executables on its own, and I never click on suspicious files. And what if the icon indicates a picture file, for instance? I look at the extension. None of my software and operating system hides the extensions. I know that some extensions are dangerous: .exe, .vbs, .scr, .com. And I know that some malicious software tries to pass for a lamb with a "first" fake extension. But the real one is always there, if your software is not set to hide it.

 

3. I do not allow automatic macro execution in the Office suite programs.

 

4. I have backups. If for any reason – virus related or not – something happens, I know I have most of my significant data backed up on another drive, on another machine, and that eventually it will all find its way to my CD burner.

 

So, viruses are not such a terrible threat after all. I have lived with them for years, and I am here to tell you the story. Be cautious, though. They are no joke.

 

 

This article was originally published by the IDG World Network of magazines and Web Sites
  IDG publishes more than 300 magazines and newspapers including Bio-IT World, CIO, CSO, Computerworld, GamePro, InfoWorld, Network World, and PC World. The company features the largest network of technology-specific Web sites with more than 400 around the world. IDG is also a leading producer of more than 170 computer-related events worldwide including LinuxWorld Conference & Expo(R), Macworld Conference & Expo(R), DEMO, and IDC Directions. IDC provides global market research and advice through offices in 50 countries.
Some stories have been distributed through CNN.com by special arrangement.

 

<< BACK