A few weeks ago my mom asked me which anti-virus software she should buy for her home PC. Being a good son, I spent a bit of time looking at independent lab reviews of the most popular products available so I could give an informed answer.
A couple of days later, news broke that a Google research team had uncovered serious flaws in Symantec Antivirus and it looks like millions of customers are at risk of having those flaws exploited.
Opps. I guess I shouldn’t have recommended Symantec for my mom.
Unknown Virus Attacks
I went back and re-read the anti-virus reviews after the Symantec story broke and one thing that caught my eye was how well the software detected previously unknown viruses.
Symantec was one of the best and scored above 95% at detecting previously unknown attacks. Usually, these viruses are just slight modifications of a known threat so you’d expect the software to catch it.
But, the really dangerous stuff is when an entirely new area is attacked and the anti-virus software isn’t even looking for it.
This is why the story about Symantec is so troubling. Not only have the flaws been around for years but no one was even looking for them.
Symantec couldn’t detect its own flaws and since no one runs more than one anti-virus program on their computer, there’s no way for another program to spot them.
Twitter Hack an “Unknown” Virus?
Last month, news broke that 32 million Twitter account passwords were leaked. At first, most people assumed it was another company data breach, but Twitter strongly denied that.
A closer look at the leaked passwords revealed they were most likely stolen from 32 million computers compromised with a computer virus.
Yikes! So, there might be a virus out there that has infected 32 million computers and it’s still on our “Unknown” list?
At Least Protect Your Payments!
We live in a world where millions of computers are already compromised and anti-virus software may or may not detect new threats.
I’ve had many people ask me why we built a hardware device to protect payment information. “Why don’t you just write a software program, or a mobile app?” is a common question.
If Amazon can build hardware buttons to order diapers and cat litter, we think that a dedicated device to encrypt your payments is a pretty good idea.