How does the fact that most links aren’t phishing links play into anything? Maybe we don’t need AV because most files aren’t viruses? You had enough of a point without this.
> Maybe we don’t need AV because most files aren’t viruses?
Since you used that example...
How would you feel if everyone in their neighborhood got assigned a private security officer that sits in their apartment doorway all day and notes who comes and goes? The company argues that it's to protect from the thieves and fraudsters, and indeed there are always some break-ins or grandparents scammed somewhere. Oh, and everyone gets an officer free of charge - it's paid for by the ads they wear on their vests and that play regularly on their walkie-talkies. Would you trust the security company that all the notes, taken by a person in the privileged position of observing everything in your home, will only be used to prevent crime and nothing else, ever?
Back to your example - AV companies are quite shady these days, and their products not all that useful relative to costs/damage and snooping they do.
This is a weird example you posed because it's a real thing. It's called a doorman and it's very popular in new york (it's considered a luxury to have one)
Indeed. Except in that poster's example, imagine the doorman isn't merely looking over the building. Every door in the building has a doorman. The doorman to the building is more palatable because it's beyond their capacity to monitor all activity and movement through the building.
The League of Meticulously Documenting Doormen on the other hand is a much greater threat to privacy. We're increasingly in jeopardy with regards to implementing that. The more we don't push back against unnecessary logging, the bigger the problem we're building socio-technically.
I see your point, but comparing this with an off-line AV scanner with a regularly updated internal database (assuming that's what you meant) is not an apt comparison.
The analog would be an AV scanner that sends a list of your files/hashes to a centralised server somewhere, so that the company can target ads related to your file contents (or sell your data...), in addition to warning you about viruses.
Agreed that % true positive is not a factor in whether or not to have a given security feature. But it is merely convenient that the vast majority of the usage of this "link protection" feature would benefit Google/MS and not the customer/user (assuming that Google/MS are data mining, which is yet unproven in this use case).
> The analog would be an AV scanner that sends a list of your files/hashes to a centralised server somewhere, so that the company can target ads related to your file contents (or sell your data...), in addition to warning you about viruses.
Is there an antivirus program that doesn't do this? I've been assuming for a very long time that windows defender does, Norton/McAfee/Avast too. I'd be shocked if they didn't
I largely agree with you, but GP didn't specify they are talking about an off-line AV scanner. In fact Google itself has an online AV scanner that scans attachments in gmail, files downloaded in Drive, etc.
Since you used that example...
How would you feel if everyone in their neighborhood got assigned a private security officer that sits in their apartment doorway all day and notes who comes and goes? The company argues that it's to protect from the thieves and fraudsters, and indeed there are always some break-ins or grandparents scammed somewhere. Oh, and everyone gets an officer free of charge - it's paid for by the ads they wear on their vests and that play regularly on their walkie-talkies. Would you trust the security company that all the notes, taken by a person in the privileged position of observing everything in your home, will only be used to prevent crime and nothing else, ever?
Back to your example - AV companies are quite shady these days, and their products not all that useful relative to costs/damage and snooping they do.