THE GOOD OL DAYS
Do you remember how it was to buy a computer back in the early 2000s? For the first day or two after buying a new computer, we would spend all of our time setting it up. We would install things like Microsoft Office, Chrome, Adobe Flash, drivers, uTorrent, and maybe a few games. We would also spend 3 hours waiting for all of our files to transfer from our old hard drive to our new hard drive.
And who could forget the countless restarts that we would have to endure after each and every install. But regardless of how exactly this setup process looked for you, one thing that we would all do to finish the coronation of our new computers was install anti-virus protection software.
We would use a McAfee CD or Norton flash drive and enable our 1 year free trials that came with the computer. We all felt that this was a necessary part of not only keeping our data safe but keeping our computers operational as fatal computer viruses were a dime a dozen.
After this initial setup, we usually see McAfee or Norton every time we boot up our computers, informing us that they’re doing a malware scan to make sure our computer is safe. And every couple of months, we would get a pop-up telling us that McAfee had detected a trojan virus and that we could eliminate the threat with just one click.
As we clicked eliminate the threat on these pop-ups, for a moment, we would feel an overwhelming sense of relief because, from experience, we all knew how annoying it was to deal with a virus. And this feeling would make the $50 annual subscription more than worth it.
But, computers have come a long way since then and anti-virus software has become a sort of relic of computer history. To be honest, I’m not complaining because while I have some fond memories of using Windows XP with McAfee, I always hated McAfee.
That crap made the computer slow and laggy, and I’m glad we no longer have to deal with anti-virus software, but how could this be. Every year, cybercrime is becoming a larger and larger threat and the tech industry is pouring increasingly large amounts into fighting against hackers and criminals. Well, join me as we take a look back at how anti-virus protection somehow lost its place in our increasingly tech-driven world.
MICROSOFT DROPS THE BALL
To answer why we no longer use anti-virus software, we first have to address why we used to use anti-virus software. Normally, with these types of things, there is no pinpointable factor. Usually, it’s just poor security infrastructure across the board that has gotten better over the years. But, when it comes to computer viruses, there actually is a guilty culprit and that’s none other than Microsoft.
You see, Windows XP was fundamentally flawed when it came to security. You know how sometimes you go onto a sketchy website or an old website and you get this warning. Your connection is not private. Attackers might be trying to steal your information.
This warning basically describes the entirety of Windows XP internet because Microsoft basically botched how Windows XP communicated with the internet. Now, I’m no cybersecurity expert but from what I gather, the issue centers around raw sockets.
Whenever a file or piece of data is sent over the internet, you have two main parts. One is the actual file itself and the other is a header that contains the metadata of the file. For example, how big the file is. If raw sockets are not enabled, this metadata is automatically calculated based on the attributes of the file.
However, if raw sockets are enabled, like it was with Windows XP, you have the ability to manually define this metadata. In 99% of instances, this doesn’t matter at all, but for someone with malicious intent, this becomes a free lunch.
For example, someone could misrepresent a 2 GB file as a 2 MB file. If the computer knew the true size of the file, maybe it would’ve stopped it due to its abnormal size. But, since it doesn’t, this allows random crap to be downloaded onto your computer and that’s just a basic example.
Essentially, raw sockets allowed hackers to misrepresent data that was being transferred over the internet to Windows XP computers. Now, you might be inclined to think that this was just an honest oversight. Microsoft didn’t realize that people would use raw sockets in this manner and that may have been true.
Maybe Microsoft didn’t realize it initially but security experts like Steve Gibson were quick to point it out even before the launch of XP. But despite these warnings, Microsoft went ahead and launched XP with raw sockets making the OS a virus magnet.
The shortcomings of XP, however, were only half the story as Internet Explorer was equally as guilty. If you’re familiar with web development, you’ve probably heard of HTML, CSS, and Javascript. These are the fundamental pillars that make modern websites functional. HTML gives structure to the page, CSS gives design to the page, and Javascript gives functionality to the page.
But, Internet Explorer could also run another programming language: Visual Basic Script or VBS. At first glance, this probably sounds like an advantage. IE supported more languages making the browser more versatile. This is probably what Microsoft thought as well, but there was one major problem.
VBS allowed browsers to do tasks outside of the browser. This was actually kind of what made VBS special in the first place. Given that Windows applications and system administration used VBS, a VBS script on IE could be used to do general computer tasks. Of course, this is great when used the right way but when used the wrong way, well, this becomes really dangerous.
This is why it was so dangerous to open unknown emails back in the day. Hackers would give files names like “Hello.txt.vbs” or “Hello.docx.vbs”. These seem like harmless text files but in reality, these files have to ability to brick your computer, and that’s exactly what happened to many unsuspecting users.
And those are just two of the biggest vulnerabilities of early computers. Much of Microsoft’s early software was plagued with such vulnerabilities leading to the rise of anti-virus software.
Also Read:
ANTI-VIRUS PICKS UP THE SLACK
To be honest, we can’t blame Microsoft too Anti Virus Picks Up The Slack much. Back in the late '90s and early 2000s, the number one priority for Microsoft was to create stable functional software. There was simply so much to do here that they weren’t able to give security the care that it really needed.
And it wasn’t until viruses started going rampant until it really became clear how big of a shortfall this really was. Fortunately, though, we would see anti-virus software from companies like McAfee and Norton pick up the slack, but what exactly did such software even do?
Well, from an overarching perspective, the functionality of this anti-virus software was pretty straightforward. They would basically just regularly scan all of the files on your computer, identify suspicious files, and urge you to delete them. The magic of this software was really its identification algorithms which usually boiled down to 3 main methods starting with signature-based detection.
This is by far the most archaic and least effective type of virus detection. Basically, the virus detection software has a repo of known computer viruses and references to how their code looks. If the software detects that one of your files has the same code, it’ll flag it. This, however, only works with viruses that have already been flagged and added to the software’s repo.
So, it’s completely ineffective against new viruses and old viruses whose code has been creatively rearranged. This brings us to the second type of virus detection: Heuristic-based detection. This is basically an evolved version of signature-based detection.
Instead of looking for exact matches in code, this detection looks for matches in functionality within a file code. This should theoretically protect you against viruses that use similar methods and exploits. But likely the most effective type of virus detection is behavior-based detection.
Instead of focusing on the code, this type of detection focuses on what computer files are actually doing. Is a file randomly duplicating itself and destroying your disk space? Is a file randomly trying to access your system files? Is a file randomly trying to corrupt stored data and so on and so forth? Aside from these scans, anti-virus software usually also comes with some sort of firewall.
This might sound like some advanced security measure but really, a firewall is just a gate between your computer and the internet. Whenever you download a file either knowingly or unknowingly, the firewall will run these same sorts of scans on the file you wanna download and block them if necessary.
Hearing all this, you’re probably thinking that all of this sounds a bit too simplistic. Is that really all that anti-virus software was doing? Well, it’s obviously a lot easier said than done but you’re not wrong. Accomplishing the same tasks as these antivirus software is not particularly hard, especially for a software giant like Microsoft, and that’s precisely why they started addressing these issues themselves.
Starting from Windows 7, Microsoft would start shipping their own Firewall with Windows but the real jump forward didn’t happen till Windows 8. This is quite ironic given that Windows 8 is usually viewed in a super negative light as Microsoft’s worst OS of all time, but it turns out that Windows 8 actually made huge leaps in terms of security.
You see, Windows 8 came preinstalled with a tool called Windows Defender which was basically just an out-of-the-box version of Microsoft’s anti-virus software: Microsoft Security Essentials. This made Windows 8 the first version of Windows to come preinstalled with full anti-virus protection software.
Windows 10 and eventually 11 built upon this with auto updates and more security but no one ever really gave this a second thought. Everyone was too busy talking about the horrible Windows 8 tiles which, to be honest, I don’t think were that bad. But over time, people did slowly notice leading us to the death of anti-virus protection.
THE DEATH OF VIRUS PROTECTION
There was never really a pivotal The Death Of Virus Protection turning point when people just suddenly ditched anti-virus software. Rather, it was much more of a gradual decline. You might forget to renew your McAfee subscription one year, and suddenly it's been 6 months since you forgot to renew.
You realize that you didn’t have any issues over the past 6 months and decide to just not renew. General perception also plays a big role in this. One of the main reasons that people were so intent on buying anti-virus protection was because they were constantly hearing horror stories from friends and family and the news.
Uncle Joe just happened to open an unsuspecting email from what seemed like his son and boom, his computer got fried. These are the types of stories that drove people to buy anti-virus protection back in the day, but we rarely hear about such stories nowadays. And one of the main reasons for this is that all of us have become way more tech-savvy.
We know when a download is sketchy, we know not to open emails about Amazon refunds, and we know when a website is fake. Also, even if we somehow do get a computer virus, we all know how to restore our computers and get all our data back from the cloud. This is really just an inconvenience, not a game-changer like it used to be.
Moreover, our internet usage nowadays is far more curated. Virtually, all of our internet traffic goes through Google, Facebook, Amazon, Apple, and other reputable big tech companies. This isn’t to say that there are no more fears regarding cybersecurity because there absolutely are.
However, the fears have morphed. Nowadays, the concerns are keeping your data private, using VPNs, keeping your identity safe, and so on. As such, the goal of hackers has also morphed. Hackers are no longer trying to brick your computer with a trojan virus.
In fact, that would be counterproductive as hackers want you to use your computers for as long as possible with no issues so that they can steal as much data as possible. So, unfortunately, keeping safe online is still very much a concern but traditional anti-virus software simply no longer plays a big role in this and that’s what happened to anti-virus software.
