Antivirus software is 'increasingly useless' and ...........

Discussion in 'backup, imaging & disk mgmt' started by bgoodman4, Jul 8, 2016.

  1. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,132
    Antivirus software is 'increasingly useless' and may make your computer less safe

    http://www.cbc.ca/news/technology/antivirus-software-1.3668746

     
    Last edited by a moderator: Jul 8, 2016
  2. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    Yes, and I don't think that the mainstream media helps matters...
    When the security of high profile/popular sites are compromised/exploited (In the UK) much of the mainstream news/media will offer the advice of "As long as your Software and OS are kept up to date,and you have an Antivirus enabled then you should be protected".....:thumbd:
    It appears that they used a time-machine to ask the opinion of an expert in 1990.:blink:
    No mention of Sandboxes or Anti-EXEs,and very little advice on how to avoid Social-Engineering cons...
    ....leaving Novice users to believe that they are protected when in reality they are not..
    Even if a Novice user is unfamiliar with security software other than an AV I think that there should be an obligation through Local Councils/National Government to help guide people...the Internet is not likely to disappear in the near future.
     
  3. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    853
    Yes I completely agree. I totally dislike the, at best, unclear status of where you stand with AV. Felt that ways since the dotcom era.

    I beieve there is a need for simple instructions on how to use the internet. And some general guidelines for use of a desktop.
     
  4. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    Yes...,and It wouldn't cost a great deal of time/money to implement the measures that you mention.
    When I am asked to recommend an AV I reply that I would rather recommend "SANDBOXIE + VOODOOSHIELD" first.
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,253
    For the foreseeable future, I'll stick to using antivirus software. It does not noticably slow down any of my computers, and I like that I only ever get notified when a threat is found (or a false positive, which is extremely rare).

    There are better options, but they require time to configure them to work with some of the software you use, or you have to deal with lots of prompts.
     
  6. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,101
    Location:
    Adelaide
    I no longer install a third party AV since using Windows 10. I do however use MBAM Premium as a fallback should anything slip past Windows Defender.
     
  7. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    I'm going on 4 years with no real time AV on my W7 machine without a single issue. No Windows Defender either. I only use TF when I want to test new software.
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    I really don't think that running my AV makes my computer more vulnerable, it is piffle and drivel such a statement. On the other hand I agree that to rely entirely on an AV for total protection is also foolish, one needs several layers of security and, as those people in the article suggested, backing up is essential.

    Last but not least my AV does not slow down the performance of my machine at all, although after upgrading to Win 10, Windows Defender was definitely slowing down the system, therefore choosing an AV according to its performance impact is as important as detection.
     
    Last edited: Jul 10, 2016
  9. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Well vulnerabilities to exploit AVs are being sold, AVs run with system rights, that is even worse than admin rights.
    Even if such an attack would occur, people would blame it on browser or something else, because it is traceless.

    http://www.pcworld.com/article/3020...-could-make-your-company-more-vulnerable.html
     
    Last edited: Jul 10, 2016
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Anything can be hacked, and in my post I have also said that to run an AV as the sole protection may not be enough. If Avira in my case is hacked/neutralized (when uninstalling Avira there is a warning informing me that if it isn't my decision it might be malware), they also have to hack/neutralize Sandboxie, which is theoretically possible but improbable. I think the level of security on a system should be designed according to the importance of the data to protect. Again in my case if crackers manage to encrypt my files they would probably get a virtual middle finger from me as everything is always backed up somewhere else.
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Encrypt your files? More like upload data without you even knowing in the background...

    But really, I agree that for most Antivirus is a plus since 99.9% of the time they install the malware themselves.

    And AV is the easiest way to determine if a file is clean, I would consider using VirusTotal all without real-time protection as still using Antivirus software.
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    My data is worth nothing, and important data should not be kept online for too long. I do agree that the antivirus industry is a multi billion dollars enterprise and I have always thought that malware writers may have more than a symbiotic relationship with AV companies, a bit like weapons manufacturers and wars. Personally I haven't been infected or violated (that I know of) ever since I joined Wilders, on the other hand Eset and Avira (my choices over the years) have detected literally hundreds of malware in third party flash drives, therefore they were not useless...
     
  13. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
    No resident (= Real-time) Anti-Malware, here, too. :cool:

    Sandboxing, Imaging, and several on-Demand Tools. :thumb:
     
  14. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    773
    Location:
    MICHIGAN,USA
    As cheap is paid AV is now days I say why not!! Its saved me many times searching doing research.
     
  15. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    787
    Antivirus alone is not very useful, but in a layered setup it is pretty good.
    To be fair, I think modern antivirus are much more effective than in the past, in the XP pre SP3 days infections were the norm.

    Antivirus helps to determine if a file is clean or not, so the user can keep it, Sandbox and Virtualization cant help the average user in this kind of task.
     
  16. java dude

    java dude Registered Member

    Joined:
    Aug 5, 2011
    Posts:
    75
    This might be a stupid question, but to those of you who don't run any real-time AV software, how do you know that you're not silently being infected through a drive by download or something? I mean sure, it might be sandboxed and wiped out automatically when you close your browser, but what about in the meantime?
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Java dude, personally, I don't mind or put much attention to what takes place inside the sandbox, my only concern has to do with files and programs that I run unsandboxed (which is extremely rare). Pretty much anything that runs in my computers, runs sandboxed. I haven't used anything alongside Sandboxie since Dec 2010 and stopped installing on demand scanners in 2011. In my view, since I sandbox just about anything that runs in my computers, I am safer for not having any other security program running which if I did, they could at times weaken Sandboxie as they conflict or when you have to open holes in one or the other program to make them appear to get along with each other.

    In my opinion, antiviruses are not useless. They play an important role and I think for most people the best way to use Sandboxie is to use it along a simple antivirus. The simpler the AV, the better as the chances of a conflict are lower. I recommend to use Windows defender. This way, the AV handles known threats and Sandboxie the rest.

    I think you are particularly asking about browsing sandboxed. This are my recommendations and they apply whether you are using an AV or not: 1. Dont mix regular and sensitive browsing in the same browsing session. If you are going to do banking or something sensitive, do it in a fresh browsing session, and get out and delete the sandbox immediately after you finish and before going back to regular browsing. 2. Isolate browsers in their own sandbox so you can restrict what can run and connect to the internet. You restrict the dedicated sandbox depending on the browser and what you do with it. If you do this, malware that gets downloaded into the sandbox silently as you browse, its not doing to run. 3. On Sandbox settings, block the sandboxed browsers/programs from having access to your personal and sensitive files and folders. 4. Install as few addons as possible. Dont install addons you hardly ever use. And 5. Learn NoScript or something similar. With NoScript, you block scripts as much as possible but allow all you need to allow to do what you want to do in pages you visit.

    Java dude, to this day, never when I have opened Sandboxie control, I seen anything suspicious running. Or gotten any Sandboxie message about some strangely named exe being blocked from running. NoScript plays an important role on that being so.

    Bo
     
    Last edited: Jul 10, 2016
  18. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    Excellent Post @bo elam :thumb:......Full of very useful tips and information.:)
     
  19. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    787
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,285
    Last edited: Jul 10, 2016
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Thanks, Logethica, I am glad you found useful what I wrote. :)

    Bo
     
  22. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    You are Welcome..I believe that many people will find what you have written useful,Bo:)
     
  23. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    853
    My whole computer is a sandbox.
     
  24. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,101
    Location:
    Adelaide
    As an aside, I think this thread should be moved to the 'other anti-virus software' sub-forum.
     
  25. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    Not a stupid question at all. I'll just answer about detection with Sandboxie rather than my confidence in my actual security setup.

    With Sandboxie, you can define tight rules for what programs can run, and what processes can access the internet. If anything outside of that whitelist attempted to run or access the internet, then you would see a warning box that it had been blocked. Very effective early warning system that also aborts the chain of infection.
     
    Last edited: Jul 13, 2016
Loading...