Anti-Virus gone wrong: a good read

Discussion in 'other anti-virus software' started by Defcon, Oct 17, 2007.

Thread Status:
Not open for further replies.
  1. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    A good article containing some very detailed technical analysis of some anti-virus software and the questionable tactics they use. It goes a long way towards explaining why security software sometimes makes the pc more unstable.

    http://www.uninformed.org/?v=all&a=21
     
  2. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    It's not a problem of the AV products alone. It's caused by the way you have to do API hooking in Windows. It's not well documented, the documentation is sometimes plain wrong or incomplete, often you need to do dirty tricks/workarounds to achieve your goal because there is no other way. And even if your hooking framework is 100% perfect, the user could install another software which does hooking in an unclean way and cause problems together with your product.

    Vista was yet another attempt by Microsoft to introduce a clean hooking interface, we will have to see what will come out of it (after SP1).

    BTW, the call for behaviour blocking/HIPS on this board leads to even more hooks being installed in your system if you follow that (good) advice. But: more hooks = more potential instability and system slow down. Everything comes at a price...
     
  3. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    I got SP1b yesterday, I hope my hooks are all clean :D
     
Loading...
Thread Status:
Not open for further replies.