Google senior security engineer Darren Bilby spoke out against the antivirus industry at a Kiwicon hacking conference in Wellington, New Zealand earlier this week.
Bilby referred to antivirus tools as "magic" that is shoved down the throats of engineers for the sake of compliance, he acknowledged it does some useful things but believes it is largely useless and that more work needs to be done on other tools such as whitelisting, hardware security keys and dynamic access rights.
"Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'," he said.
Furthermore, Bilby voiced his disdain over the popular advice on safe Internet use that basically puts the blame on the end-user, whereas it is the hardware and software that is not secure enough:
Advice on safe internet use is "horrible", he added. Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online.
"We are giving people systems that are not safe for the internet and we are blaming the user."