At a Kiwicon hacking conference in Wellington, New Zealand Darren Bilby, Google senior security engineer candidly told hackers to put less energies, effort on antivirus software and direct their research towards whitelisting applications for defence, security purposes.
He describes many tools as an ineffective “magic” that people install for security.
“We need to stop investing in those things we have shown do not work.”
“And sure you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help.”
He emphasized on whitelisting and hardware security keys
“Antivirus does some useful things, but in reality it is more like a canary in the coal mine.
People are able to bypass traditional defences so networks are not a tough security defence.
“We are giving people systems that are not safe for the internet and we are blaming the user.”
Via: The Register