Are you asking for a source for only that statement or for my post in general? Source is myself. I have a masters in Cyber Security and have worked in the field for 15 years. I've written numerous exploits and have actively evaded antivirus in the past. I can tell you from experience that ASLR is 10 times the pain in the ass that AV is, and NX bits/DEP are maybe 100 times more. Not trying to have a dick measuring contest, just justifying why I don't mind citing myself :-D
Regarding:
> Polymorphic viruses have been in commonplace since decades
I disagree. I wouldn't describe them as "commonplace" until maybe the last decade or so. Regardless, this is probably the weakest of the arguments that I made.
> AV software isn't restricted to comparing file hashes with known threats, there's so much more that can be done for security.
With this I agree, tho I would contend that even the most advanced heuristics and things like hook interceptions such as those Comodo experimented with in the late 2000s are still not what has made us so much more secure. At best AV is a small layer of a Defense in Depth strategy. At worst it's a bloated unnecessary layer that eats cycles and robs system resources that could be devoted to useful activities.
That said, if I had any Windows machines in my home (been on Linux exclusively for a bit over 10 years now), I would likely run Defender on them. I'm not suggesting that AV is worthless, just that it isn't the reason things are much more secure these days.
Regarding:
> Polymorphic viruses have been in commonplace since decades
I disagree. I wouldn't describe them as "commonplace" until maybe the last decade or so. Regardless, this is probably the weakest of the arguments that I made.
> AV software isn't restricted to comparing file hashes with known threats, there's so much more that can be done for security.
With this I agree, tho I would contend that even the most advanced heuristics and things like hook interceptions such as those Comodo experimented with in the late 2000s are still not what has made us so much more secure. At best AV is a small layer of a Defense in Depth strategy. At worst it's a bloated unnecessary layer that eats cycles and robs system resources that could be devoted to useful activities.
That said, if I had any Windows machines in my home (been on Linux exclusively for a bit over 10 years now), I would likely run Defender on them. I'm not suggesting that AV is worthless, just that it isn't the reason things are much more secure these days.