This is more intended for a Windows developer audience. However, the virus detection numbers are priceless. Just skip through the technical parts.
You should never run Win2K or XP w/o admin level access like he is pushing for, because MS made that pretty much impossible. Vista’s is better, but far more annoying. A Mac is good if you don’t play games or fix other people’s computers.
http://www.codinghorror.com/blog/archives/000929.html
…
2. Traditional Anti-Virus Doesn’t Work Any More
The blacklist approach used by anti-virus vendors simply doesn’t scale to today’s threat environment. Blacklists are never particularly effective. But it’s getting to the point where the illusion of protection afforded by a traditional anti-virus solution is worse than no protection at all:
Let’s suppose somebody who is involved with incident response at a typical US public University collected a few recent malware samples from the compromised machines, and then submitted all the samples to VirusTotal for scanning against all current anti-virus and anti-virus-like products. What do you think the average detection rate is?
Let me give you the answer: it is 33%. In other words, the average detection rate of malware from these “solutions” was 33%, with the maximum at 50% and the minimum at 2%. Keep this number in mind, that shiny anti-virus product you just bought might be protecting you from just 2% of currently active and common malware (not some esoteric and custom uber-haxor stuff)!
I have to conclude what many security pundits were blabbing about for years: “mainstream” anti-virus is finally DEAD. It’s a weak excuse for defense-in-depth, in about the same sense as wearing an extra shirt provides “another security layer” in a gun fight.
Not only does anti-virus cripple your machine’s performance, it doesn’t even protect you adequately! Even if your anti-virus or anti-malware solution is catching an incredibly optimistic 90% of threats, all it takes is one new, undetected threat to get through and your machine is thoroughly 0wned.
…