Yes, AV is in a position where a) it needs regular full priv access to your files and unencrypted web traffic, b) is in a highly competitive, low-margin field where the players are literally attacking each other on your machine [1] to stay even, and c) have enormous motivation to seek other funding sources based on their desktop position [2-5].
I didn't say they created malware, no, but they certainly wave that flag when someone finds some. And it's certainly in their interest to pursue all of these alternatives, or even have a bad third party violate THEM to do so. The money is on the table. Do they take it? They'd be foolish not to.
If you refer to the theory that AV actually wrote viruses (it's not clear), that's as realistic as saying that police commits crimes so that they can get extra reward from the new tasks.
I've followed the VX scene for years (it died long ago) and there has never been shortage of new malware.
Even if we wanted to give some credit to the theory, which type of virus would the AV companies develop? Something trivial, that requires a variation of a signature to detect? Or something extremely complex, that requires month of work, and that slows down the AV engine because it's algorithmically complex to detect?
None of this makes any sense. The truth is very simple - malware has always been an interesting subject, and writing viruses always had a subversive appeal to young rebels.
This only really goes to the "don't entirely trust their statements regarding their product being the only effective barrier" part of the story. Reputable anti-virus companies do have a huge conflict of interest reporting on viruses they find and can tackle, but they also remain an important source of information about viruses. Disreputable anti-virus companies sell product which could be as simple as a "hollywood OS" green stripe animated GIF which says "virus cleaned" for all they really do: they probably install more malware rather than removing any.
Also, an anti virus company saying they can't understand how a virus remains infected after removal is interesting.
imglorp|6 years ago
I didn't say they created malware, no, but they certainly wave that flag when someone finds some. And it's certainly in their interest to pursue all of these alternatives, or even have a bad third party violate THEM to do so. The money is on the table. Do they take it? They'd be foolish not to.
1. http://www.techradar.com/us/news/software/security-software/...
2. https://news.ycombinator.com/item?id=13079569
3. https://www.wsj.com/articles/russian-hackers-scanned-network...
4. https://wiki.mozilla.org/CA:Symantec_Issues
5. https://www.howtogeek.com/199829/avast-antivirus-was-spying-...
etc...
explodingcamera|6 years ago
pizza234|6 years ago
I've followed the VX scene for years (it died long ago) and there has never been shortage of new malware.
Even if we wanted to give some credit to the theory, which type of virus would the AV companies develop? Something trivial, that requires a variation of a signature to detect? Or something extremely complex, that requires month of work, and that slows down the AV engine because it's algorithmically complex to detect?
None of this makes any sense. The truth is very simple - malware has always been an interesting subject, and writing viruses always had a subversive appeal to young rebels.
ggm|6 years ago
Also, an anti virus company saying they can't understand how a virus remains infected after removal is interesting.
diminoten|6 years ago
How uselessly cynical.