Does Antivirus cause more problems than it's worth?

[thisdude]

It might be time to stop using antivirus!

Antivirus tools are a useless box-ticking exercise says Google security chap

Security Now 597 Traitors In Our Midst

 

I just wanted to get a conversation going about whether antivirus has a place for computer users anymore?

 

I think a case for antivirus can be easily made for "your grandma" who likes to send email forwards and doesn't understand how she could get malware from infected web advertising. Or for companies with hundreds or thousands of employees and that it's just safer to lock things down and go with prevention rather than assume all their employees practice good security with their work computer.

 

But in these articles and podcast (and these are from people in the security industry) they talk about how antivirus software, literally, gets into every part of the operating system and browsers, which we all understand why. But how being into everything actually causes more security holes because the antivirus software itself could have security vulnerabilities. There's some links in the Ars Technica article that keep a running list of security vulnerabilities in the antivirus software out there.

 

With all that said I don't think running your computer with no security software is a good idea either. Having scanners like Hitman Pro and MalwareBytes is a good secondary option to your antivirus. But after reading those articles and their reasons maybe just running with white listing, behavioral scanners, and a firewall is the way to go?

 

What do ya'll think? I'm interesting in reading what others experiences are, work or personal, maybe if you have links to supporting or dissenting articles I would really like to read those. My current subscription to Kaspersky is about to end. And it does have a small memory footprint on my computer, scanning doesn't hinder the performance (sometimes it does). It does install a lot of stuff that I don't need; vpn (limited version and I use a 3rd party one already), all the security software for your browser (ad blocking, private browsing) email spam protection (don't use email software locally) webcam protection (have a desktop and don't have a webcam) IM protection (does anyone use IM on their home computer anymore?) And just a lot of other stuff.

 

Thanks, looking forward to reading your posts!

[lnmnky]

No.

[Mindovermaster Moderator]

I'm running Mint 18.1, no need

 

But, as for kids, you know how they get into everything. Otherwise you'd need to reload their OS every week... A firewall is better IMO. Can block certain sites, protect them from odd-named programs.

[+Warwagon MVC]

Some AV ... like Mcafee can make the PC crawl.

[Anibal P]

I've seen no credible information as to why not run a good AV on your system, be it Mac, Linux, or Windows, they have AVs for all of them and should be used as part of a good security setup in your home or business network, that goes the same for grandma or the "it pro" out there 

[thisdude]

Did any of ya'll read the articles? Just curious because no one's comments have mentioned anything from them.

[thisdude]

56 minutes ago, Mindovermaster said:

I'm running Mint 18.1, no need

 

But, as for kids, you know how they get into everything. Otherwise you'd need to reload their OS every week... A firewall is better IMO. Can block certain sites, protect them from odd-named programs.

Yeah, definitely for kids. My kids use a laptop and before I spent the time to really lock it down it was a mess!

[thisdude]

11 minutes ago, Anibal P said:

I've seen no credible information as to why not run a good AV on your system, be it Mac, Linux, or Windows, they have AVs for all of them and should be used as part of a good security setup in your home or business network, that goes the same for grandma or the "it pro" out there 

Read those articles, plenty of credible information there. Not saying antivirus shouldn't be used but there's certainly some credibility to back up why one wouldn't want to use one.

[Mindovermaster Moderator]

18 minutes ago, Anibal P said:

I've seen no credible information as to why not run a good AV on your system, be it Mac, Linux, or Windows, they have AVs for all of them and should be used as part of a good security setup in your home or business network, that goes the same for grandma or the "it pro" out there 

I care to differ. Linux is less a threat because MOST viruses are files that run in Windows. .exe, .inf, etc. They don't run on Linux/Mac.

 

Edit: Another thing, Linux uses MOSTLY repositories. Trusted and tested software. Not something from download.com.

[Anibal P]

Just now, Mindovermaster said:

I care to differ. Linux is less a threat because MOST viruses are files that run in Windows. .exe, .inf, etc. They don't run on Linux/Mac

Well there are Linux and Mac based viruses, trojans and malware, it's best to be safe and ignore the FUD 

[Mindovermaster Moderator]

8 minutes ago, Anibal P said:

Well there are Linux and Mac based viruses, trojans and malware, it's best to be safe and ignore the FUD 

Yes, there are, but if Windows has 1 million, Linux and Mac have 100...

[NeoWind]

Anti-virus software is often out of date that barely does anything other than scanning and identifying any potential threat. In theory, it should be power by advanced AI that can intelligently verify 100% that the program is really harmful with adequate evidence and seek out how to remove the virus in the event of being infected rather than reformating the whole OS.  

[+Gary7 Subscriber²]

1 minute ago, Mindovermaster said:

Yes, there are, but if Windows has 1 million, Linux and Mac have 100...

When I ran Linux there were no AV programs for it. I never had any problems.

[Gotenks98]

3 minutes ago, Mindovermaster said:

Yes, there are, but if Windows has 1 million, Linux and Mac have 100...

I would hardly say that about Mac at this point. Its pretty much open season for them with the viruses now. For Linux yeah I could agree.

[+Gary7 Subscriber²]

1 minute ago, Master of Cell said:

Anti-virus software is often out of date that barely does anything other than scanning and identifying any potential threat. In theory, it should be power by advanced AI that can intelligently seek out how to remove the virus in the event of being infected rather than reformating the whole OS.  

When I used Avast Internet Security, it updated several times a day but it also slowed my system down. Now I just use Defender.

[+mram Subscriber²]

I agree with the sentiments.

 

There was a thread recently about this, and as a result I stopped using ESET and just went pure Windows Defender on Windows 10.  I think I've been that way for a week now, and in general I'm happy with it, but I've been about as critical as I can be.  The general idea:  Why would I pay for something that comes with the OS for free, and is 100% vetted for viability with the OS?  What raw, practical, tangible protections would a 3rd party AntiMalware provider give me, and what risks does it introduce?

 

So just in my case, there are two gaps as far as I saw it.  Defender was rated pretty low for zero-day vulnerabilities, and offered no "smartscreen" capabilities for browsers beyond Edge.  For the zero-day issue, after some investigation, determined that I think Defender would update on its own only once a day.  That was an easy fix:  created a task to update DATs once an hour.  That made it just as aggressive as ESET, and I do have reasonable faith that they're catching the same things, as the DATs are generally being updated constantly.

 

Smartscreen I really have no answer for, for Chrome, but it isn't something I'm expressly concerned with.  My email is protected at the service level, so the only issue I've got is possibly going somewhere bad in a browser?  What exactly could it do?  Smartscreen seems like not-incredibly-necessary tech to me, so...

 

In a nutshell, Anti-Malware is important, but I struggle to see what the 3rd parties truly bring to the table, unless MAYBE you're an ignorant computer user.

[thisdude]

15 minutes ago, Mindovermaster said:

I care to differ. Linux is less a threat because MOST viruses are files that run in Windows. .exe, .inf, etc. They don't run on Linux/Mac.

 

Edit: Another thing, Linux uses MOSTLY repositories. Trusted and tested software. Not something from download.com.

https://blogs.sophos.com/2015/03/26/dont-believe-these-four-myths-about-linux-security/

 

I think there's a big false sense of security just because someone is running Linux versus Windows or Mac.

There's just a greater number of Windows users, so the pool to attack is much bigger.

 

And don't forget the recent IoT botnet attack. Those devices weren't running Windows. And I doubt that the servers were running Windows Server either.

[thisdude]

12 minutes ago, mram said:

I agree with the sentiments.

 

There was a thread recently about this, and as a result I stopped using ESET and just went pure Windows Defender on Windows 10.  I think I've been that way for a week now, and in general I'm happy with it, but I've been about as critical as I can be.  The general idea:  Why would I pay for something that comes with the OS for free, and is 100% vetted for viability with the OS?  What raw, practical, tangible protections would a 3rd party AntiMalware provider give me, and what risks does it introduce?

 

So just in my case, there are two gaps as far as I saw it.  Defender was rated pretty low for zero-day vulnerabilities, and offered no "smartscreen" capabilities for browsers beyond Edge.  For the zero-day issue, after some investigation, determined that I think Defender would update on its own only once a day.  That was an easy fix:  created a task to update DATs once an hour.  That made it just as aggressive as ESET, and I do have reasonable faith that they're catching the same things, as the DATs are generally being updated constantly.

 

Smartscreen I really have no answer for, for Chrome, but it isn't something I'm expressly concerned with.  My email is protected at the service level, so the only issue I've got is possibly going somewhere bad in a browser?  What exactly could it do?  Smartscreen seems like not-incredibly-necessary tech to me, so...

 

In a nutshell, Anti-Malware is important, but I struggle to see what the 3rd parties truly bring to the table, unless MAYBE you're an ignorant computer user.

Thanks for the comment. I can understand you're line of thinking, why pay for something when you already have it with the OS. That certainly makes sense.

 

I almost think we're at the point with the internet that if you understand how and where you can get infections, that understanding and knowledge is more effective than installing an antivirus that can potentially cause more vulnerabilities and impede your system in one way or another.

 

Our web browsers know have sand boxing, ad blocking protection, pop up protection, the browser companies now include updates to protect from infected links.

 

Free malware protection is available now, like MalwareBytes.

 

Here's another point that came up in the articles and some other tech/security podcasts I've listened to. They were trying to make a point that the responsibility for protecting users should be with the software and hardware manufacturers not the users. So a car manufacturer not taking responsibility and making sure their cars will be safe to drive longer than one year for example. That would be unacceptable and they'd be facing legal major legal repercussions.

 

What do you think?

[Som]

short answer ... no

long answer ... noooooo

[thisdude]

15 minutes ago, Gary7 said:

When I used Avast Internet Security, it updated several times a day but it also slowed my system down. Now I just use Defender.

I used to use Avast Internet Security too. And it slowed my system down a lot. And their customer service was horrible. I didn't renew my subscription ( and didn't sign up for automatic renewal either) but they charged me for it for up to 2 years after not renewing. So there's that issue too of having to pay for antivirus. Another party having your financial information.

[+Gary7 Subscriber²]

1 minute ago, LoboVerde said:

I didn't renew my subscription

Neither did I

[Mindovermaster Moderator]

49 minutes ago, LoboVerde said:

https://blogs.sophos.com/2015/03/26/dont-believe-these-four-myths-about-linux-security/

 

I think there's a big false sense of security just because someone is running Linux versus Windows or Mac.

There's just a greater number of Windows users, so the pool to attack is much bigger.

 

And don't forget the recent IoT botnet attack. Those devices weren't running Windows. And I doubt that the servers were running Windows Server either.

That botnet was more towards server editions. But, there are Linux viruses, I agree, but they are less common because Windows holds a bigger market share.

[thisdude]

Exactly and I'm sure most of those server were Linux based.  I just think there's a false sense of security just because someone is using Linux . It's an operating system just like Windows. Android is Linux based and there's security vulnerabilities for it all the time.

 

Like those articles were saying in my original post, the days of viruses infecting computers isn't the greatest threat anymore. It's malware and social engineering.

 

But I don't think AV software will go away anytime soon either. But maybe we're starting to see the computer world change here just like we did with floppy drives. Maybe something on that level?

 

I would like to hear more from people that aren't using AVs like BitDefender and Kaspersky and just going with Windows Defender and a malware scanner. And see what their daily usage experiences have been.

[Riggers]

1 hour ago, mram said:

So just in my case, there are two gaps as far as I saw it.  Defender was rated pretty low for zero-day vulnerabilities, and offered no "smartscreen" capabilities for browsers beyond Edge.  For the zero-day issue, after some investigation, determined that I think Defender would update on its own only once a day.  That was an easy fix:  created a task to update DATs once an hour.  That made it just as aggressive as ESET, and I do have reasonable faith that they're catching the same things, as the DATs are generally being updated constantly.

 

Smartscreen I really have no answer for, for Chrome, but it isn't something I'm expressly concerned with.  My email is protected at the service level, so the only issue I've got is possibly going somewhere bad in a browser?  What exactly could it do?  Smartscreen seems like not-incredibly-necessary tech to me, so...

 

In a nutshell, Anti-Malware is important, but I struggle to see what the 3rd parties truly bring to the table, unless MAYBE you're an ignorant computer user.

In windows 10 Smartscreen is system wide so it doesn`t matter the browser or source of the file...The inbuilt systems/prevention methods provided by Windows 10 are pretty good. Fair play for getting out of that multi million dollar AV racket!

 

For Windows 10, Microsoft further developed the SmartScreen Filter by integrating its app reputation abilities into the operating system itself, which allows the filter to protect users regardless of the web browser they are using or the path that the app uses to arrive on the device (for example, email, USB flash drive). The first time a user runs an app that originates from the Internet, even if the user copied it from another PC, the SmartScreen Filter checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, the SmartScreen Filter warns the user or blocks execution entirely, depending on how the administrator has configured Group Policy (see Figure 7).

From here https://technet.microsoft.com/en-us/itpro/windows/keep-secure/windows-10-security-guide

[thisdude]

I disabled Smart Screen. I didn't like how it was collecting your IP and what you where downloading. I don't know how it is now but I'm still hesitant to enable it now.

 

https://en.wikipedia.org/wiki/Microsoft_SmartScreen