Bah!
Blast! My Gibson is haxxored again!
British white hat hacker and Google Project Zero chap Tavis Ormandy is making life miserable for Symantec again: the bug-hunter has turned up an exploitable overflow in “the core Symantec Antivirus Engine used in most Symantec and Norton branded Antivirus products”. Described here, the problem is in how the antivirus products …
I'd never ever run Symantec or McAfee anything on my own hardware, because they are bloated and stagnant junkware, from personal experience with their enterprise products. Security needs to be in depth, not bloated and brittle layers. McAfee is also crap because it only supports obsolete fat32 for virtual disk encryption on Windows and can't even do file encryption properly to ensure that virtual disk and backup software is usable.
Security software must implement the highest defensive programming standards, including against value range or buffer overflow exploits.
Running anything risky with the highest security permissions is a complete security fail and insanely negligent 'design', /all/ security testing must be in a lower permissions sandbox, and only when really necessary so as not to cripple performance.
The main purpose is extracting money from end users.
There might be an accidental side effect of providing some security primarily by making your computer so slow that you stop using it.
The chances of Symantec being used by intelligence agencies to gather information when the software turns your machine into an unusable piece of crap which severely limits intelligence gathering.
Back in the XP days (before Patchguard), Symantec/Norton antivirus hooked some of the same shadow SSDT entries (syscalls) as you'd expect a keylogger to do. I actually showed the hooks to a guy at MS security and he was totally convinced the computer had a keylogger...
Really makes you wonder.
And also:
Comment 7 by kobrasre...@gmail.com, Today (2 hours ago)
> a remote ring0 memory corruption vulnerability
...with no user interaction!
After reading this, I'm conflicted:
When the Pwnie Awards come around, should I nominate this bug for "Pwnie for Epic Ownage" or nominate Tavis for "Pwnie for Lifetime Achievement"?
Because, just... damn.
Anti-virus software should be considered harmful.
This post has been deleted by its author