Security fixes and improvements should be made at the OS level. And it is: Microsoft, Apple and Linux receive fixes very quickly. No software editor will be able to do better than the OS to fix and stop threats.
I stopped using AV softwares a long time ago for the following reasons:
- It slows down your device (memory, cpu, disk access, etc.).
- It annoys you a lot more than it stops or solves any security concern. I've yet to hear from someone telling me their AV software saved them from an actual real virus... If this ever happens it's probably a damn advanced attack that even the AV software doesn't know about.
- It's extremely hard to remove, especially when pre-installed as a bloatware on a PC. Sometimes it's also installed as an extension of other software (browser, etc.).
- It usually takes wrong decisions (false positive) that lead to broken web pages, legitimate software that stops working, etc. And unfortunately the "standard" user has no way to figure out it's due to the AV. I can't count the number of times I had to work with my customers on figuring out what was making my website or software not run (or even not to install) on their machine.
One time I had to write to an AV editor in order for my browser extension to be whitelisted. Never got any answer...
AV softwares can be easily replaced with common sense and a set of very simple rules.
- Have a hardware/software firewall that blocks everything expect what's required (allowing only web when initiated from the machine is enough in 99% of the cases). Every major OS now comes pre-configured with a software firewall which removes 90% of the threats.
- Use a strong email service or software (gmail, etc.). This way you reduce the likelihood that a virus, spam, or fishing email passes through.
- Don't open email attachments coming from unknown or non trusted senders. Even when the sender seems legitimate, double check that the email makes sense (not an unusual behavior), pay close attention to URLs, written language and words. Don't click links without knowing where it goes (domain name, https, etc.). Email remains the most simple way to install a virus or a trojan on someone's computer so be very very attentive when acting upon an email. If you use an email provider (like gmail), report the spam or phishing attack very quickly so that 1/it can be stopped quickly for others and 2/it teaches the Machine learning to do better next time.
15 years I've been applying these rules and I never got any virus without using any AV software. My devices run like a charm (PC or Mac).
While I'm a big defender of freedom and open source, I can easily understand and forgive proprietary OS providers choices with regard to the AV editors.
The thing with the "don't open email attachments" type advice, is that somehow it's not enough (I think it's more complicated actually. You need another bullet point for "keep your browser up-to-date" and/or avoid certain typos of website and certain links. There's several types of traps beyond email attachments) I despair at teaching my old parents how to not get malware infections. They may last a couple of months, but it's only a matter of time before something they do leaves me spending the weekend trying to run virus cleanups. I'm sure my parents' experience is indicative of many other less tech-savvy folk.
But anti-virus isn't the solution either. This happens with anti-virus eating half their CPU. I don't really know a sensible way to let my parents have a windows laptop these days. They use an iPad now, and that's the end of it.
I certainly agree with your top and bottom sentence there. AV software is basically an industry which shouldn't exist (or at least shouldn't be anywhere near as well-known and lucrative as it is). The reason it has existed, is because Microsoft have in been poor on security in general. I think more specifically we can say that earlier versions of windows took an approach of being way too permissive with things like file permissions. It seems to me they've been gradually phasing in more sensible limits ever since, and if they're also phasing out 3rd party AV software, I can see that might be a sensible rationalisation too.
Might be. I'm not 100% sure because, while they are improving general security, the other challenge microsoft has always faced is that hackers target windows first because it's most popular. Previously hackers had a mish-mash of several different AV softwares to stay ahead of. By making every windows machine a highly regularised defender-running target, this might make life easier for hackers.
Funny thing is that I installed ubuntu on my parents very old laptop (from 2001) that lost Windows XP support and it works really well. No virus until now.
I replaced the Graphical User Interface with a lighter one though to maintain decent performances.
I stopped using AV softwares a long time ago for the following reasons:
- It slows down your device (memory, cpu, disk access, etc.).
- It annoys you a lot more than it stops or solves any security concern. I've yet to hear from someone telling me their AV software saved them from an actual real virus... If this ever happens it's probably a damn advanced attack that even the AV software doesn't know about.
- It's extremely hard to remove, especially when pre-installed as a bloatware on a PC. Sometimes it's also installed as an extension of other software (browser, etc.).
- It usually takes wrong decisions (false positive) that lead to broken web pages, legitimate software that stops working, etc. And unfortunately the "standard" user has no way to figure out it's due to the AV. I can't count the number of times I had to work with my customers on figuring out what was making my website or software not run (or even not to install) on their machine. One time I had to write to an AV editor in order for my browser extension to be whitelisted. Never got any answer...
AV softwares can be easily replaced with common sense and a set of very simple rules.
- Have a hardware/software firewall that blocks everything expect what's required (allowing only web when initiated from the machine is enough in 99% of the cases). Every major OS now comes pre-configured with a software firewall which removes 90% of the threats.
- Use a strong email service or software (gmail, etc.). This way you reduce the likelihood that a virus, spam, or fishing email passes through.
- Don't open email attachments coming from unknown or non trusted senders. Even when the sender seems legitimate, double check that the email makes sense (not an unusual behavior), pay close attention to URLs, written language and words. Don't click links without knowing where it goes (domain name, https, etc.). Email remains the most simple way to install a virus or a trojan on someone's computer so be very very attentive when acting upon an email. If you use an email provider (like gmail), report the spam or phishing attack very quickly so that 1/it can be stopped quickly for others and 2/it teaches the Machine learning to do better next time.
15 years I've been applying these rules and I never got any virus without using any AV software. My devices run like a charm (PC or Mac).
While I'm a big defender of freedom and open source, I can easily understand and forgive proprietary OS providers choices with regard to the AV editors.