Leo Laporte and Steve Gibson are two fairly well known and trusted individuals in the world of computing. But just because someone is on TV or well known doesn’t always make them automatically right. In a recent Podcast both announced that they don’t use their antivirus protection in real time or at all. This is something that most security “experts” would not advise everyday computer users to do. Granted these two internet celebrities state that they don’t advise that everyone follow their lead. The problem with this is – most everyone will just hear that they don’t run their antivirus in real time. So then everyone will start stating that Leo Laporte and Steve Gibson have said it is ok not to run your antivirus in real time. Listeners or viewers only hear what they want to hear in many cases. Not what is actually being said. This leads to bad security advice being given by many who feel they got this information from a trusted source. My question has always been this – just because someone is on TV talking about computers does this make them a true “expert”? Granted many of these people have been using computers for a great number of years. Does this automatically mean we should never question their advice? While I feel both Leo and Steve have done a world of good in regards to educating computer users. At times I think they do some things that undo all the good work. The logic that is presented in their latest security Podcast once again shows to me that they don’t always think things through. Steve Gibson is the one who really should be brought to task for this for multiple reasons. In the discussion Leo mentions three ways to become infected with malware. Opening an email attachment, viewing an infected HTML email or as he put it a third less likely way – through a worm. What planet does this man live on? A worm is an unlikely way of becoming infected? Didn’t Steve Gibson himself go ape over Nimda? It seems he now feels a good hardware firewall can protect you against this. Granted this vulnerability has since been patched. But there have been other similar examples of such malware. None that I’m aware of that had the impact of Nimda. With Nimda all you had to do was visit an infected website to have your computer become infected. If you weren’t running an antivirus updated and in real time. Your pc would in fact become a carrier of this worm and start infecting other machines. I personally came across a local jeweler who had an infected website. If not for my antivirus running in real time. I would have become infected. There is no debating this. That is just a quick real world example of why running an antivirus in real time is important.
During the show Leo stated that antivirus scanning would slow down his machine. This is something that many people feel is true. Although over the years even with very lowend machines I can’t say that I feel this is the case. Many antivirus vendors have developed new technology to improve overall scan times. Resource usage has improved for the most part. There are settings that you can enable that will cause slow down. Yet in most cases with the recommended default settings your not going to come across any type of noticeable lag on a fairly modern pc.
Leo always gives Steve Gibson credit for coining the term Spyware. I’m not sure if that is fully valid. Either way if memory serves me correctly Steve gave ZoneAlarm credit for helping him to notice that certain software was trying to phone home. He was an early supporter of this software. Many times he spoke of the great value of using a software firewall. Now of course he has changed his mind. Even though software firewalls are offering even more levels of protection than they did when he championed them as a necessary layer of security. I’ve yet to hear him give a good valid reason for this change in his opinion.