Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Android IOS Windows Technology

Why is Antivirus Software Still a Thing? (vice.com) 189

Antivirus has been around for more than 20 years. But do you still need it to protect yourself today? From a report: In general, you probably do. But there are caveats. If you are worried about your iPhone, there's actually no real antivirus software for it, and iOS is engineered to make it extremely difficult for hackers to attack users, especially at scale. In the case of Apple's computers, which run MacOS, there are fewer antiviruses, but given that the threat of malware on Mac is increasing ever so slightly, it can't hurt to run an AV on it. If you have an Android phone, on the other hand, an antivirus does not hurt -- especially because there have been several cases of malicious apps available on the Google Play Store. So, on Android, an antivirus will help you, according to Martijn Grooten, the editor of trade magazine Virus Bulletin.

When it comes to computers running Windows, Grooten still thinks you should use an AV. "What antivirus is especially good at is making decisions for you," Grooten told Motherboard, arguing that if you open attachments, click on links, and perhaps you're not too technically savvy, it's good to have an antivirus that can prevent the mistakes you may make in those situations. For Grooten and Simon Edwards, the founder of SE Labs, a company that tests and ranks antivirus software, despite the fact that Windows' own antivirus -- called Defender -- is a good alternative, it's still worth getting a third-party one. "Even if [Defender] wasn't the best and it isn't the best, it's is still a lot better than having nothing," Edwards told Motherboard. Yet, "we do see a benefit in having paid for AV product."

This discussion has been archived. No new comments can be posted.

Why is Antivirus Software Still a Thing?

Comments Filter:
  • No. (Score:3, Interesting)

    by Anonymous Coward on Wednesday November 14, 2018 @03:51PM (#57644824)

    That's an asinine view. Defender is the only av solution needed, and all other products create more problems than the occasional viruses. Third party av apps are security theater.

    • Re:No. (Score:5, Insightful)

      by nine-times ( 778537 ) <nine.times@gmail.com> on Wednesday November 14, 2018 @05:05PM (#57645364) Homepage

      I agree up to a point. For most personal users doing normal things, it's worth having one very lightweight AV that will catch obvious and egregious malware, and Defender fits the bill for that. I don't recommend a lot of the 3rd party stuff. Some of it's fine, but a lot of it is more trouble than it's worth, especially if you don't understand it.

      However, for businesses, you should get something in addition to Defender, if only to get a centralized console that the IT people can use to monitor and configure the AV. Further, some of the "next gen" antivirus products are good for monitoring behavior and flagging things that may be of concern. Unfortunately, those new technologies tend to require some babysitting, so it's not necessarily great for individual use.

      • Comment removed (Score:4, Informative)

        by account_deleted ( 4530225 ) on Wednesday November 14, 2018 @07:42PM (#57646328)
        Comment removed based on user account deletion
        • I have never seen Windows Defender do diddly squat against those FB malware links

          As a matter of personal interest I've clicked on those malware links. I've not been able to get past them on Chrome or Edge (Firefox not tested). Why rely on AV for this? It's like saying "There's a bear trap don't step in it", and getting the reply "It's okay, I have bandages with me. I highly recommend using these instead of just those crappy bandaid found in cheap first aid kits."

          • Comment removed based on user account deletion
            • Which part of "CLUESS USER" was hard for you to grasp?

              The part that says I haven't seen this get past Chrome or Edge, the clueless user's webrowser of choice.

              By the the way if it's a zero day then how will your anti-virus detection help you?

              With Comodo AV it goes "no bad stuff!"

              The clueless user is typically greeted with: https://www.ghacks.net/wp-cont... [ghacks.net]

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      You are an idiot. AV software like ESET NOD32 and Kaspersky are objectively proven, time and time again, to be better than Windows Defender.

    • Nopw
      Windows Defender sucks big balls
      It keeps removing KMSpico after putting it on the exception list.
    • by guruevi ( 827432 )

      I don't have that much problems with Cylance and Microsoft Defender does not detect a variety of issues in the real world. Obviously you don't need an AV if you're somewhat careful, but AV is to protect us from the dumbass clicking on every forward regardless of what you say. We've had "malware education" for about a decade at every turn and it just doesn't work.

    • by Chas ( 5144 )

      Defender is also irrevocably tied into the OS.
      Meaning it's a relatively stationary target.

      A third party AV is going to introduce an element malware writers can't necessarily account for.
      Sure, you might be able to specifically attack Norton AV, or McAfee, or AVG or ESet.
      But you kinda have to KNOW your target's going to be running one of these.
      Otherwise, the shenanigans to subborn one of these specific providers might just get caught by another AV provider.

      Is it security theater? Yep.
      Is it a shell-game varia

    • I've been running with just Windows Defender for years. As part of my work, I visit several hundred unique new internet sites every week. I haven't gotten a virus since the 90s. On the other hand, I have seen many serious system performance problems solved by removing antivirus software. I'd say that removing AV software is the second biggest performance increase you can have on a modern PC after switching to an SSD. Upgrading to a lower latency internet connection might beat it, but often isn't available (
      • by AmiMoJo ( 196126 )

        Any half decent browser won't benefit from AV software anyway. They are all heavily sandboxed and protected now. If the malware can get past that then the AV software probably isn't going to help anyway.

    • Comment removed based on user account deletion
  • by jbmartin6 ( 1232050 ) on Wednesday November 14, 2018 @03:54PM (#57644848)
    Most of the paid antivirus packages come with more than the original file inspection. HTTP inspectors, system cleaners, identity theft insurance, etc. There are all sorts of value-added things in there which Defender doesn't do.
    • by Anonymous Coward

      And the majority of them aren't worth shit once infected, so there's that. Defender is anti-malware, that's it. There's no dark web data search, that's true. It's also free, and not designed to hold your dick when you pee.

    • by phantomfive ( 622387 ) on Wednesday November 14, 2018 @04:22PM (#57645044) Journal
      The summary is wrong, and it should be mentioned, antivirus CAN hurt you. And it can make your system *more* vulnerable.
    • by MobyDisk ( 75490 ) on Wednesday November 14, 2018 @05:21PM (#57645472) Homepage

      You are correct. But those are the things that break applications. When I did consulting for small businesses in 1990's and 2000's, the most common "hard" problem I found was antivirus software interfering with the system. I saw them silently block file shares, DHCP requests, email attachments, and CD burner applications, break SSL connections and backup software, even screw-up the system time. The system cleaners constantly broke Microsoft office. I would often uninstall the Symantec SuperDuper Network Security Pro that they paid a monthly subscription for, and install a cheap or even free antivirus package that had a simple daily scan.

      Windows Defender is exactly what we need. Block applications from injecting themselves into the startup and adding shell extensions, and scan files for viruses. If you want web protection, 90% of that can be gained with an ad blocker. Even if it breaks a few sites it can be easily disabled.

      • by jonwil ( 467024 )

        I still run an anti-virus (AVG free) just to alert me if it finds something suspicious (just because I dont run random exe files doesn't mean something I get that seems legitimate enough can't be something malicious instead) but I have some of the more advanced crap turned off so it doesn't get in the way.

        Once upon a time I used to run Norton but then I tried Norton Internet Security. Worked so good that it stopped my internet and web browsing from working completely. After that I blacklisted Norton and Sym

      • My own work computer gets this lovely notification every so often:

        "Outlook has crashed due to a problem with the following plugins: "Mcafee emailscan" Do you wish to load Outlook with this plugin disabled?"

  • by account_deleted ( 4530225 ) on Wednesday November 14, 2018 @03:55PM (#57644866)
    Comment removed based on user account deletion
    • Nope missing the point:

      We still need antivirus because computers still allow the user to do what they want despite it not being in their best interest, and criminals continue to exploit this problem.

      We will continue to need anti-virus until computers no longer allow users to do what they want, but rather only what is permitted.

  • Don't download from porn sites or from untrusted sources or anything from email that you weren't expecting from the sender. .

    You'll be fine.

    • Don't download from porn sites or from untrusted sources or anything from email that you weren't expecting from the sender. .

      You'll be fine.

      And that virus that comes from a rogue ad on a news site? I know it's rare, bu tit still happens.

      • Any modern browser should easily protect you from that kind of attack. That said, any code that is clever enough to skip through your browser's protections is probably also going to be missed by your Anti-Virus software.

        • by Etcetera ( 14711 )

          Any modern browser should easily protect you from that kind of attack. That said, any code that is clever enough to skip through your browser's protections is probably also going to be missed by your Anti-Virus software.

          I really don't understand this mindset... "Don't run AV software, it's a scam! Just make sure you're on Google Chrome Nightly and ex-filtrate all your browsing data to Alphabet for every HTTP connection" is not a viable strategy.

          If you're being spear-phished or hit by a 0-day attack, there's little that a heuristic AV approach will be able to do and you'll need to hope some other part of your defense catches it. But for any other type of threat, AV is a critical part of that security layering for *any* user

    • by BringsApples ( 3418089 ) on Wednesday November 14, 2018 @05:17PM (#57645446)

      Don't download from porn sites

      pffft. you'll have better luck telling folks to not have actual sex with dirty people. Viri are going to spread via sexual desires - always.

    • by tepples ( 727027 )

      Don't download from porn sites or from untrusted sources

      How can the median user tell which sources are trustworthy?

  • Authors conclusion: yes, we still need wheels
    • Authors conclusion: yes, we still need wheels

      I'm a mouse, and I still know how to walk.

      And my linux boxen still don't need AV unless I'm serving up windoze downloads.

      These days it even comes with a desktop.

  • by Anonymous Coward

    I work in a pretty small shop with no IT staff, I inherited someone else's workstation with instructions to not reinstall or delete anything.

    Of course there are all kinds of weird things happening to the computer and I have no idea what to do. Random browser redirects to Chinese websites like 2345.com, strange rootkit-like things loading at boot (driver files with names like 5sfquib.sys that show no hits in Google), MS Defender randomly panicking about threats and forcing me to reboot...

    I have no idea what

    • by Anonymous Coward

      I work in a pretty small shop with no IT staff, I inherited someone else's workstation with instructions to not reinstall or delete anything.

      Of course there are all kinds of weird things happening to the computer and I have no idea what to do. Random browser redirects to Chinese websites like 2345.com, strange rootkit-like things loading at boot (driver files with names like 5sfquib.sys that show no hits in Google), MS Defender randomly panicking about threats and forcing me to reboot...

      I have no idea what is going on and I could certainly never do anything about without some sort of anti-virus or anti-malware tools.

      Just use a live [Free - Linux] distro. Problem solved.

    • by Anonymous Coward

      nuke it from orbit. you are past the need for anti virus tools, that machine is beyond all hope.

  • Q: Why is Antivirus Software Still a Thing? A: to make you buy "better" hardware
  • Install several antivirus products and MS OneDrive on a Windows box, watch them battle for who gets to access the file first.

  • by Anonymous Coward on Wednesday November 14, 2018 @04:12PM (#57644982)

    Guys from Virus Bulletin and SE Labs that make lots of money from companies that make commercial third-party anti-virus products recommend you buy commercial third-party anti-virus products? Of course.

  • by kackle ( 910159 ) on Wednesday November 14, 2018 @04:15PM (#57645002)
    I just cleaned up a relative's machine. The attack was web browser plug-in related. He had up-to-date Norton Antivirus.

    The last time my folks' machine got a virus was shortly after I installed Eset's NOD32 for them. I then installed ad blockers everywhere, and the problem hasn't recurred in several years.
  • by ytene ( 4376651 ) on Wednesday November 14, 2018 @04:17PM (#57645006)
    This is a fabulously important question for us to look at.

    The answer is: because we continue to operate operating systems and software which are acutely vulnerable to malware - and because we refuse to learn from the lessons of past mistakes.

    A big part of the problem is that we've now had malware present in our lives for such a long period of time that there are professional developers and system designers working today who have never known a technology community without malware. Given this context, it is not entirely surprising that we have come to collectively accept this situation as a "given".

    The important thing that we need to remember is that it is entirely possible to design and produce a technology stack that is not vulnerable to malware. It's certainly not going to be easy, but it's also not impossible. So now the question becomes: how badly do we want it? The problem is, nobody is asking that question, there is not public discussion or debate.

    So the most widespread software in use today (the Microsoft Windows platform, Android, iOS, etc) are not being design in a way where the designers have been given a (design) brief or have been set design objectives with respect to the ability of that software to withstand malware.

    So we have logical partitioning and "containerisation" as third-party add-ons (which have to be paid for). We have come to accept this as "the norm". But just think for a moment about that situation in, say, motor vehicles. Imagine that cars and trucks were sold without brakes. Or without locks on the doors. Imagine that you had to buy your car and then somehow get it to a brake system specialist and pick and choose a reasonable set of brakes for your vehicle. Oh, and if you chose wrong and your car didn't stop and you rolled into someone - well, that's just your fault... Would that be acceptable to motorists today?

    Somehow I don't think so.

    So why should we be willing to accept and pay for incomplete, vulnerable and defective software - and then, having made a purchase (and if you want a copy of, say Windows 10 Pro for a new-build PC, then you are looking at hundreds of dollars), you need to go and spend a bunch more cash making that product secure.

    It's really easy to discuss this and fall in to the trap of bashing Microsoft, Apple or Google for shipping vulnerable or incomplete software. But the truth is that we're responsible for this, not them. We're responsible, because enough of us are willing to just roll over and accept this situation. If we collectively pushed back hard enough, maybe used the law, maybe worked to overturn those horrible EULA "this software comes without any warranty, expressed or implied" schtick and had lawmakers push for tighter and more stringent controls, then maybe we'd get better software.

    Sadly, I can't see the market fixing this. If it were possible, it would have happened by now.
    • The important thing that we need to remember is that it is entirely possible to design and produce a technology stack that is not vulnerable to malware

      [Citation Required]

    • The answer is: because we continue to operate operating systems and software which are acutely vulnerable to malware - and because we refuse to learn from the lessons of past mistakes.

      A big part of the problem is that we've now had malware present in our lives for such a long period of time ...

      Whoever "we" are, they should be ashamed of themselves, and they should also start taking personal responsibility for the machines under their, erm, responsibility.

      People for whom malware is a persistent part of their life should find a babysitter before sitting down at a keyboard.

      • by MobyDisk ( 75490 )

        It's not always the users. Software developers really still don't think about security until it is forced upon them. For example:

        A user takes photos with their cell camera. They install an application that automatically uploads the picture to some photo-sharing web site that shares the pictures with their family. That's neat. The photo-sharing site has a username/password. So the user types their username & password into the application so that it has credentials to upload. How is that username

        • by tepples ( 727027 )

          A fundamentally secure design might contact the server to request a unique key that merely has permissions to upload new photos to the account. It would store that key securely in the device's trusted keystore.

          What trusted keystore API is available on all major Linux distributions? Or on Windows 7?

        • I blame the user for all that stuff.

          The user has to choose a sucky or unknown developer for that stuff to happen.

          If the user took responsibility for their electronic territory, they wouldn't be able to blame the developer; they wouldn't be using the sucky code, so they don't have any accusation against the developer!

    • by swillden ( 191260 ) <shawn-ds@willden.org> on Wednesday November 14, 2018 @05:33PM (#57645560) Journal

      The important thing that we need to remember is that it is entirely possible to design and produce a technology stack that is not vulnerable to malware.

      Is it, is it really? The fact that it has never, ever been done on any system of significant size or complexity argues strongly that you're wrong. Formal verification seems like the only path with real potential, but so far it is impossibly hard to do at scale.

      And then there's the issue that even if you had a system with zero vulnerabilities, that still doesn't make AV unnecessary. One of the hardest problems is how to handle software that does not exploit any vulnerabilities and uses only legitimate, reasonable APIs, but uses them in ways that may harm the user. The Android security team (of which I'm a member) doesn't use the term "malware", because it's too narrow. Instead we use "Potentially-Harmful Apps" (PHA) to include apps that don't qualify as malware in the traditional sense, but yet may do harmful things.

      Now, some of the abusive apps are able to be abusive only because of badly-designed Android APIs. For example, I don't think there's any reason even to have an API that allows apps to retrieve a user's whole contacts database. If an app legitimately needs contact information (say, to make a phone call), they should request a contact from a system API which presents the user with a picker to select the contact whose phone number they wish to provide, and only that number should be provided to the requesting app.

      But there are other cases in which the APIs are completely reasonable and needed, but still allow harmful things to be done when misused in certain ways. I'm not sure it is possible to prevent PHAs of that form by anything done in the operating system. There's lots of academic research on data tagging and tainting and other approaches, but it's really not clear that they can work without creating a painfully-unusable system.

      So I don't think it's possible to produce an operating system that is not vulnerable to malware. I'd love to be proven wrong, though, so by all means figure it out and publish about it! If you figure it out you'll get all sorts of academic rewards, and if you play it right you can easily make yourself stinking rich as well. Please do!

      BTW, regarding the claim in the summary that third-party AV tools on Android make sense, I disagree. Third-party tools simply can't have the visibility into the system needed to be really good without rooting, and rooting your device opens it to a raft of exploits. On a rooted device it's possible to disable SELinux, which instantly demolishes much of the compartmentalization of the system. No longer are 5-10 step exploit chains needed, one is enough in most cases.

      What does make sense is to enable the built-in AV tool, Verify Apps.

      Oh, while I'm posting about Android security, I'd like to take a moment to gloat that -- yet again -- Google's phone is undefeated in Moble Pwn2own, despite having (along with iPhone) the largest offered prizes.

      • by dog77 ( 1005249 )
        One big improvement I would like to see is the operating system physically isolated from the rest of the system. In other words the OS would be in its own flash, run in its own physically isolated RAM, own cache, would have its own network stack, would manage its own updates, and would be supported through a single vendor (likely the CPU vendor). So if the rest of the system got a virus, worse case the operating system could pause all running tasks, and perform necessary steps to find and destroy a virus.
      • by Sabriel ( 134364 )

        Now, some of the abusive apps are able to be abusive only because of badly-designed Android APIs. For example, I don't think there's any reason even to have an API that allows apps to retrieve a user's whole contacts database. If an app legitimately needs contact information (say, to make a phone call), they should request a contact from a system API which presents the user with a picker to select the contact whose phone number they wish to provide, and only that number should be provided to the requesting app.

        What if you want to use an app that lets you display/manipulate your contacts database in ways that aren't already supported by the default app included with the OS?

        Tangentially, I'm disappointed that the Google Play Store doesn't let us filter our app searches by their permissions, e.g. "apps that don't demand access to our contacts" and/or "apps that don't demand access to our call history".

      • by ytene ( 4376651 )
        It is my understanding that it is, indeed possible. For example, consider the DoD Orange Book security classifications for Operating Systems.

        See here [nist.gov].

        In fairness, the DoD Evaluation Criteria go back to 1983 - I am sure that there are more recent versions that could be referenced.

        But rather than focus on the Orange Book specifically, consider instead as an example of a principle. That principle was a determined effort to design a set of operating criteria and behaviours that would result in a secure
        • It is my understanding that it is, indeed possible. For example, consider the DoD Orange Book security classifications for Operating Systems.

          Indeed. Consider them carefully, and note the enormous constraints under which they had to be used to be considered secure. No network connections, and no unverified application software for starters.

          If I can limit sufficiently exactly how a system can be used, I can make any system secure.

    • by Megol ( 3135005 )

      So what is that mythological design that is not vulnerable? It can't be a capability system as that is a type of "containerisation" and of course not bullet proof to the degree you are talking about. So what is it?

    • The answer is: because we continue to operate operating systems and software which are acutely vulnerable to malware - and because we refuse to learn from the lessons of past mistakes.

      False. We continue to use operating systems that allow the user control even if it is not in their best interest and criminals exploit this behaviour. You can't make an OS that is not vulnerable to malware without also actively working against the requests of the user. This includes simple barriers including for example: "Sudo", a protection that is easily bypassed by an error message: "Warning to Install this software that you so desperately want you need to type sudo. You will be prompted for a password"

    • by sad_ ( 7868 )

      "Imagine that you had to buy your car and then somehow get it to a brake system specialist and pick and choose a reasonable set of brakes for your vehicle. Oh, and if you chose wrong and your car didn't stop and you rolled into someone - well, that's just your fault... Would that be acceptable to motorists today?"

      not a good car anology. it would be more something like - we think there are too many pedals, so we only give you one, now everybody can drive! all the while there are other cars that still do have

  • by Uteck ( 127534 ) on Wednesday November 14, 2018 @04:18PM (#57645008)

    The latest version of Windows Defender has an option to run it in sandbox mode, so even if it gets infected it can't spread.
    Other AV are becoming the targets of attacks and they do not have the deep links into the OS like Defender has, so their days are numbered.

  • There are antivirus packages with expensive subscription agreements installed in thousands of Linux VMs precisely because of: CYA

    I cannot imagine the need for an antivirus on Linux. Either the code breaks into supervisor mode or it does not. Adding more and more hooks into it can only possibly increase your surface area. And antivirus companies aren't exactly the most trustworthy of vendors (their motivation is for you to get infected... a little bit).

    I hate fear-based architectures.
    • by Kjella ( 173770 ) on Wednesday November 14, 2018 @05:04PM (#57645356) Homepage

      I cannot imagine the need for an antivirus on Linux. Either the code breaks into supervisor mode or it does not.

      Or it does not but can access all the logged in user's data and attached devices and whatnot. Neither Windows, Mac nor Linux is built around a hostile software model, if it's installed it's trusted. So if there's any breach in any software, they can do install a cryptolocker and encrypt all your files or whatever. Sure in theory you could set up a custom chroot jail/SELinux/AppArmor/cgroups setup per application but it's very far from easy. I'd like to be able to install a relatively untrusted closed source game and have it play in a sandbox. Like you can wipe my save games, rickroll me or whatever but you can't access my webcam or delete my family photos. That's the kind of security users want and I think that's where we're going when Apple or Google wants to topple Microsoft on the desktop.

    • I cannot imagine the need for an antivirus on Linux.

      Linux's fundamental protection is that its users are for a large portion people who know what they are doing. An incredible amount (dare I say the vast majority) of malware is spread exclusively through the ignorance of users.

      Get ignorant users on your system and you'll find the malware spreading just as fast as it does on windows. "sudo ./britneyspearsnudes.jpg"

  • ...you wont understand.

  • ..instead you need Behavior-Based Anti-Malware software.

    Traditional Anti-Virus relies on virus definitions which are static and rely on virus hunters to find these malicious programs, create definitions from, and then disseminate them to AV endpoints. Behavior Malware Detection software instead uses the heuristic approach and determines what the file is trying to do on your system to determine whether to block, notify, and/or quarantine the files. Because of this, Behavior-based Anti-Malware can
  • Antivirus companies are the leading cause of viruses and spam. I worked at a company which used Symantec Spam Protector for about 5 years. ~$3,000/yr for the server application with updates. It registered a grand total of 2-3 spams (across all email addresses in the company) per day - it "worked" in that it prevented them from going through, but was still set to log them. Decide it's not worth 3k/yr to prevent an approximate 2% (for the size of the company) chance of a person getting a single spam email
  • I find it annoying how many AV products identify key-generators, cracks and other actually useful non-malicious stuff as malicious and bad.

    I also find it a complete waste of cpu time to run real-time protections. I'm particularly offended there is no way to remove Windows Defender from Windows 10. I should be allowed to make that choice, and I cannot.

    As to the others, most AV products are snake-oil at best, their own type of malware at worst. Millions of dollars sucked out of clueless consumers for nothi

    • I should be allowed to make that choice, and I cannot.

      If you actually thought you should be allowed to make that choice, you'd have chosen software that respects you freedom and lets you make whatever choices you want.

      There are a wide variety of choices that respect your freedom.

      • I should be allowed to make that choice, and I cannot.

        If you actually thought you should be allowed to make that choice, you'd have chosen software that respects you freedom and lets you make whatever choices you want.

        There are a wide variety of choices that respect your freedom.

        This is an empty argument. Historically, Windows has allowed users to do whatever they pretty much want, including disabling built-in "protection" measures, such as the built-in firewall, built-in virus protection, built-in warnings to make backups periodically. All that stuff, it was all tuneable in Windows 7 and every Windows prior to 7.

        It's only with 8 and 10 are we seeing choices taken away. Which I get, I get that most people who use Windows computers have no flippin' clue what they're doing, and Wi

    • by tlhIngan ( 30335 )

      I find it annoying how many AV products identify key-generators, cracks and other actually useful non-malicious stuff as malicious and bad.

      That's because most ARE bad.

      If you get the ones released direct from a topsite, fine, great, they're clean. But if you're like everyone else who uses Bittorrent and such, well, those things are usually wrapped.

      And by wrapped, I mean they are wrapped with a dropper program that will download malware and run the crack/keygen at the same time. So they do infect your machine

      • Maybe your keygens are clean, but most users are getting the infected variety.

        The problem lies in, malware detection always identify keygens, cracks and similiar software as malicious, regardless if it's been 'wrapped' in malware or hasn't.

        I find it pretty worthless that piece of security software can't (or chooses not to) tell the difference between a proper non-malicious crack/keygen, and the ones wrapped in evilness.

  • Why are condoms still a thing?

    And [ in Jerry Seinfeld voice ] "What is the deal with not wanting to get infected?"

    TL;DR: Summary: Questions need for AV then lists many reasons why you should (probably) still use it.
    TL;DR: Article: Dumb.

    • Stop trying to slut-shame Windows. Let it choose whatever lifestyle it wants; let it run around wearing just its Defender, what harm is it doing you? Whatever harm you can accuse, it was consensual; you're just as guilty. Why do you place the blame on Windows?! I blame you; everybody already knows what sort of a date Windows is. You knew!

    • That's a great idea! You would truly have very good AV protection if you covered the ends of your network cables with condoms.

  • and there aren't many of those left. Most of the Abandonware sites I used to frequent have shut down (a lot of them started trading warez and it wasn't long until they got popped). The less, shall we say, NFSW sites are such big business these days that they police their malware pretty well. You're more likely to get popped with a virus on CNN. I used to get hit every now and then by a video and Windows Media Player but I started using Youtube + Media Player Classic and I don't pull videos from untrusted so
    • the folks I know working at computer shops agree. They're seeing a _lot_ less calls to remove viruses. It's more than a bit of a problem actually. Virus removals were the Bread and Butter of a lot of these little computer shops. If you've noticed a lot of them going tits up, that's why.
  • Why is msmash still a thing?

    (Besides posting stupid article like this)

  • you shouldn't run windows. Period.

  • Because dickheads write security policies.

    "Let's have a piece of software, written by a third party, which runs as an elevated user and is capable of intercepting every file access, replacing content, scanning and modifying all memory for every user, even root/SYSTEM-owned processes, which inserts itself into every file, I/O and process hook, which starts as one of the first things on boot, and tells us whether or not other processes should be blindly trusted, by checking against a list of hashes of 'known-

  • it can't hurt to run an AV on it

    Sure it can...

    All AV software consumes resources and reduces performance to varying degrees, this could potentially be crippling in some circumstances.
    AV software has to run with high privileges in order to intercept network traffic and file accesses etc... Because of this, exploitation of any bugs in the av software are likely to result in root access. AV software is also extremely complex, and designed to parse hostile data - there have been many vulnerabilities and more will be found for sure.
    There are a

  • Sure it can. AV churns your disk and slows down your system.

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...