Even a bad AV technology can be valuable, because protection against, say, 30 percent of all threats is still a lot better than protection against 0 percent of all threats.
However, besides the lousy protection, there's still plenty not to like about old-school AV technology.
The average person may not know whether AV software really protects her or not, but she generally knows that it is slow. This is certainly the most common complaint I hear about the technology from average consumers.
So why is most AV so slow?
Let's start by looking at the time people notice it most - when their computers are starting up.
Yes, any software that's going to protect you proactively needs to load up when the computer starts, and that could take a bit of time.
But AV products seem to feel the need to check the files on your computer for signs of bad stuff, and that is often what takes up the time.
The idea behind scanning your computer for bad stuff on bootup is that there might be things on your machine that have been newly determined as bad.
So, maybe there's a screensaver you downloaded a week ago, but your AV company just decided today that it is bad.
Or, in some cases, you might have got bad stuff on the computer when the AV software wasn't running.
For instance, you might have a dual-boot machine, meaning you have a second operating system on the machine that can write to the same disk drive. Maybe you run Windows and Linux, and downloaded some Windows virus while running Linux (where you're unlikely to be running AV).
The typical thing for AV software to do is to look at each file on your filesystem, determining whether or not it's bad. With most AV software, that process of judging a single file is stupidly inefficient.
For instance, many vendors rely heavily on a technique called cryptographic signature matching, but do so in an unintelligent way.
NEXT: Cryptographic signature matching.