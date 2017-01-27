You Don't Need an Antivirus (Except Microsoft's Built-in on Windows), Says Former Firefox Developer (ocallahan.org) 67
Former Firefox developer Robert O'Callahan believes that antivirus software is not necessary, AV vendors are of little help, and that you should uninstall your antivirus software immediately. From a blog post: Users have been fooled into associating AV vendors with security and you don't want AV vendors bad-mouthing your product. AV software is broadly installed and when it breaks your product, you need the cooperation of AV vendors to fix it. (You can't tell users to turn off AV software because if anything bad were to happen that the AV software might have prevented, you'll catch the blame.) When your product crashes on startup due to AV interference, users blame your product, not AV. Worse still, if they make your product incredibly slow and bloated, users just think that's how your product is.
hyper-v and don't install chrome extensions
i do all my porn and risky surfing on a VM on my main computer that i keep shut off unless i'm using it. and i avoid virtually all chrome extensions unless they are from someone i trust with a real corporate email in the contacts.
Another benefit of using a virtual machine is just powering it off when you are finished and having it reset to the last snapshot. Every month or so apply patches and move your snapshot forward.
I do the same thing, except I have the song ~smooth operator by sade playing in the background when im in "secure" mode.
This is obvious even to AV vendors (Score:5, Informative)
The writing has been on the wall for a while now. You rarely get "just AV" when you install an AV product these days. You end up with a whole suite of value added applications like password managers, system optimizers, registry cleaners, web site scanners, IPS and content filters, etc.
The reactionary system we have been living in was never very good. Relying on signatures to detect malware is a fundamentally flawed system. As the operating systems and, more importantly, the applications that run on them become increasingly secure, the need for the signature-based AV systems declines.
Any AV software company has seen this coming for a long time. At least I would hope they have.
Part of it had to do with running most users with administrative privileges, and Microsoft created this mess by making the systems hard to use if you didn't have administrative privileges.
I know people even today who turn off UAC the first chance they get because they are so annoyed by the prompts.
"You can pry this OS from my cold, dead hands!"
Do they? Everyone I know associates AV vendors with bloatware/malware. Except for, say, MalwareBytes. There are exceptions, just not many.
Further, any software you install likely creates new security holes in your system. By installing an AV you are likely opening up more holes then you are closing.
There are three main sources of security holes:
1) Holes in the OS that the OS manufacturer needs to close
2) Holes in installed software that the software manufacturer needs to close
3) Holes in the user's general security intelligence.
None of those are solved by adding ANOTHER software suite.
Holes in the user's general security intelligence.
None of those are solved by adding ANOTHER software suite.
Not even whitelist-based security tools that allow only vetted applications to run? I thought that was the point behind Apple's App Store, game consoles' app stores, and the PC Matic tool for Windows.
Problem with whitelisting is that it destroys your computer.
It's not a computer any more. It's an appliance.
Which is fine for people you can only trust to run an appliance, but it prevents anyone from programming aka becoming more productive.
It's a nice little racket - it guarantees the IT dept. a job (they were charging £2,000 to vet programs for distribution at my last place), it gives the "real" programmers more work, but it stops users reaching enlightenment and getting the computer to do what it'
iPad, PlayStation, and Jiffy Lube (Score:2)
an appliance [...] prevents anyone from programming aka becoming more productive [and] stops users reaching enlightenment and getting the computer to do what it's for - lots of repetitive tasks in an automated manner.
Which elicits a big "So?" from appliance fans.
The majority of the population do not read Slashdot. I imagine that most either A. use computing devices for entertainment rather than "becoming more productive" or B. prefer to outsource the programming to a specialist rather than "reaching enlightenment" themselves. For evidence of these, look at the popularity of iPod touch, iPhone, iPad, PlayStation 3, Xbox 360, PlayStation 4, and Xbox One. For evidence of preference of delegation to a specialist, look at th
I started removing AV from clients computers years ago. All it does is slow your PC down. Every time I had to deal with an infection, the PC involved had AV, that was sometimes very hard to remove.
malware removal services should just be a tax on the easily confused.
Exactly. I do the same, if we get a new PC with commercial AV installed (usually some trial) it's the first thing I uninstall to installing improve disk performance by 50-100%. The Windows 10 built-in AV works fine and doesn't make a PC perform like it has a 5400rpm drive from 2001, instead of a modern SSD.
Certainly only old people still fall for the aftermarket AV scam? I quit years ago when AVG transitioned to "worse than the disease" status.
That and organizations with more than ten PCs running Windows 7. The last time I checked, the built-in AV on Windows 7 (Microsoft Security Essentials) was licensed for use only on up to ten PCs in an organization, after which the organization is expected to either A. buy the appropriate Windows Server license and the appropriate Microsoft System Center 2012 Endpoint Protection license, or B. upgrade to Windows 8 or later where MSE was integrated into Windows Defender.
always use an ad blocker
How will this remain practical once more sites follow the lead of WIRED and The Atlantic and start showing paywalls to ad blocker users? If you view one document on each of 20 different sites in a month, would you find it affordable to buy a $4 per month subscription to each of these 20 sites?
Sites that require an exception in ad-blocker or a subscription are also sites that are unable to afford to be reckless with the advertisers they allow on their site. It's really about placing the responsibility on the site to make sure they are not serving up malware in ads.
Also, don't go to any sites with ads as they're a significant virus vector.
But wait, you're here so use an ad blocker.
But wait, some have been paid by ad co's to allow their ads. Including infected ads.
Now keep a list of which ad blockers, AVs, websites, official emails, are good. This week.
The average person does need A/V but the built in stuff that come with Windows is more than adequate. Signatures are really only good if they are nearly to the moment up to date and with the present rate of churn on the internet that model just does not really work. To the degree it does still work Microsoft does as good a job as anyone. Its the heuristic side where there is still some effectiveness but even the high dollar stuff like Cylance falls down more than it succeeds. They claim 99% and maybe th
Ad Block (Score:5, Insightful)
*Yes, trusted sites can be comprised and it's happened in the past where downloads were infected but the odds that I'll download that software during that window where the infected files are being handed out are about the same as me getting stuck by lightning.
"YOU'RE KILLING THE INTERNET!"
Yeah, well the internet infected and killed one of my computers, so I'm going to be wearing an internet condom from now on. Besides, you can't tell me no one is viewing ads anymore when my aunt still is using windows XP.
"What websites were you LOOKING at that killed your comptuer?"
Oh the usual ones, porn, porn, yahoo, [washingtonpost.com] and more porn.
"You pervert! Use google instead!"
I'm sure they have more information than I do, but I suspect they're spending more money and losing more readers doing it than they would theoretically be gaining in the first place.
Let's be real with ourselves. Nowadays the vectors for attack are easily protected so long as you use a modern browser that sandboxes itself and use an ad blocker you really don't need anything more than the built in AV and firewall tools for windows. I don't even think OSX provides an AV tool.
I haven't paid for antivirus software since 2005 which was coincidentally when I discovered Firefox and Adblocking extension.
I'll stick with the free tools.
There's one more requirement: Don't download MyFavouritePokemonDesktopPal from many-pokemon.software-site.no-really.latest-software.trust-us.com
All you have to do is limit your browsing (stay away from porn/downloads)
Is there a reason that erotic videos can't be made safe? And if you have a gaming PC, how do you obtain games other than through downloads?
For the last 10 years I've had a laptop that I've used solely for web browsing/anything we based... and a gaming PC that only connects to the internet for games
Or just abandon the PC platform entirely: do non-gaming on a tablet running a smartphone-derived operating system, possibly with a Bluetooth keyboard, and use a PlayStation 4 for gaming.
AV products actually make you less secure. They act as a MITM, replacing certificates with their own and totally defeating the purpose of TLS/HTTPS.
Without using a MITM proxy, how else is the operator of a home or organizational network supposed to cache public images, scripts, style sheets, and other resources, so that multiple devices on the network don't have to redundantly download the same resources over a slow and/or capped connection to the Internet?
With Malwarebytes and BitDefender. I don't go for the big all-in-one "security quites", so the simpler approach works great for me.
What's better: a bunch of applications that you can run inside your web browser, or a bunch of applications that you can't run at all because their developer's computer uses a different operating system from your computer?
I find that SPI firewalls, execution prevention, careful permissions for limited users, NoScript and other tools are far superior to an AV.
Liberal OS policies and platforms are not ideal for anything you;d hate to lose. Often you would not know that something malicious is running.
