Hacker News new | past | comments | ask | show | jobs | submit login

Related reading:

Robert O'Callahan's (ex-Mozilla employee) blog post on anti-virus injecting code into browsers.[1]

And then read this fun Twitter thread from Justin Schuh, head of Chrome's security team, arguing with AV author Vess on the very issue.[2]

And then read the HN thread on that Twitter thread.[3]

[1] - http://robert.ocallahan.org/2017/01/disable-your-antivirus-s...

[2] - https://twitter.com/justinschuh/status/802491391121260544

[3] - https://news.ycombinator.com/item?id=13079569




The shit that Norton does to Chrome is impressive, they hijack the search engine, install two addons to your top bar, and add a few hundred ms of latency to every web page load.

Essentially crappifying the internet for their users, while charging them for the privilege.


Is there anyway to detect this via a web page to report the presence of the broken plugins to the end user? I guess I should just install it and figure it out but was hoping maybe someone had already done the heavy lifting.

[edit]. Found this https://vah13.github.io/AVDetection/


I'll tell you right now that it's a terrible idea.

As much as this sucks, if you tell the user that their antivirus is the problem (the antivirus program that they paid for and trust), you will lose a customer.

Many people who aren't comfortable with technology have been taught to NEVER disable their antivirus, and that anyone that is telling them to is trying to hack them.

That leads to the situation where they instantly and completely distrust anyone telling them to disable/replace/edit their Antivirus in any way.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: