“Virus arms race primes malware numbers surge”

Computer security people have seen this coming for years. Signature-based detection of specific malware variants is less and less effective all the time; there’s no way antivirus programs can keep up anymore, and they’re just going to get further behind. Not to mention the ongoing problems with false positives.

(I don’t even bother running an antivirus program on most of my machines anymore. They’re usually more trouble than they’re worth, and I have several layers of other defenses, including keeping up on what malware authors are doing. But those layers aren’t easily available to most people.)

Heuristic analysis is the only real answer, but the bad guys can code around any readily-available fixed-heuristic analyzer — they can get the updates as easily as anyone else, and can test whether their creations are detected before releasing them. The only thing that’s going to put a real dent in malware, in the face of general purpose computers run by people who can be tricked into installing stuff, is a true artificial intelligence that can watch for odd behavior, such as data that’s being sent without the user explicitly doing so, and alert the user that something might be wrong. And unless there’s such a thing brewing that I haven’t heard about, that’s several years away at minimum.

One Comment

Comments are closed.