This is an very detailed overview why you not need any AV product. Depending on the environment I'm not saying that scanning could't help/prevent from an infection in the first place but what I do say is that there is no guarantee that such products can hold what they promise which then makes the software useless. Main problems: * AV stops the industry to find/implement better ways into the OS. * Paying for products without really using it? * It also can cause even more security problems into your Browser. Which also holds the Browser developer/industries back since they need to 'waste' time to find workarounds for this. * AV may introduce security holes by itself, popular story was Freak/LogJam attack. * They are not protecting against router attacks. * Software security is impossible. * Zero-Day is overrated by itself but an good argument to play with fears. Because most attacks require additional bypasses, such as ASLR, Stack Cookies, memoy bypasses and additional control-flow integrity attacks. * Fixing the user isn't an good idea. * Sandboxing or Application whitelistening makes more sense. E.g. via Applocker. * Some malware/spying tools working before the OS boots. The AV tool can only check for manipulations, but not for additional hidden sectors, if the OS not recognized it. Suggestions: * Use an free AV solution (if you really want such a program). * Better thing about in general about using a whitelist or sandbox. * On high sensible security locations not use any tools, since each tool can include more holes and also could send stuff back like telemetry. The goal here would also be to only allow whitelisted programs. Research: * https://security.googleblog.com/2015/07/new-research-comparing-how-security.html * https://www.indevis.de/files/inhalt...rotect-yourself-from-AntiVirus_WhitePaper.pdf * https://bugs.chromium.org/p/project-zero/issues/detail?id=908 * http://www.wsj.com/news/articles/SB...79542140235850578?mod=WSJ_TechWSJD_NeedToKnow * https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&cat=SIRT_1&actp=LIST * http://securitywatch.pcmag.com/security/323419-symantec-says-antivirus-is-dead-world-rolls-eyes * https://community.rapid7.com/commun...7755-juniper-screenos-authentication-backdoor * https://gist.github.com/CHEF-KOCH/e82b03438d3c6b6a94105780babf11cb * https://esposystems.blogspot.com/2016/08/the-death-of-commercial-av-products.html * https://www.yahoo.com/tech/delete-antivirus-says-ex-firefox-175055537.html
Many people claim to get on fine without AV, but they’re very experienced users. And though I agree they’re not perfect at catching everything and also have some disadvantages, for the average user they’re a necessary evil. I fully agree that you don’t need to pay for premium products, there are fully capable free ones. And watch you don’t go to the other, paranoiac, extreme of constantly scanning with a multiplicity of tools, as you’ll inevitably get false positives, whose deletion can damage the system.
@CHEF-KOCH thanks for the heads up dude, your thread is very useful for several users and I agree if user need some AV free is the better option; well I don't use AV I think it is useless I believe that with Adguard Premium + Firefox + (extension) download virus checker is ok only my 2 cents
Simply add a malwarebytes check, maybe every weekend... Any real threat will almost without exception always be a zero-day-threat, which neither a free nor a paid-for av software can detect. I am amzed how often I have to explain to people that there is a differnce if an e-mail attachment is a .exe file. The one important thing is never explained, maybe that is intentional?
I disagree with the premise that you can get along fine without any anti-virus software if you are extremely careful. A user would never know if and when their computer is infected (except in the case of ransomware which holds your computer hostage). Scanning does not prevent infection, it only checks for infections. Anti-virus (or better yet Anti-Malware) software needs to run live in order to protect against infection. To me the best Anti-Virus product is Malwarebytes Anti-Malware Pro (which is now Malwarebytes 3.0 Premium). I have a lifetime premium subscription and I never have to pay for it again (I only paid $15 a few years ago). It incorporates 5 levels of protection: Anti-Virus, Anti-Malware, Anti-Rootkit, Anti-Exploit, and Anti-Ransomware. It is a complete Anti-Virus product but I would also recommend installing K9 Web Protection (which is free for personal use). K9 will block popups and unwanted online material (such as pornography). It also has some Ant-Malware blocking capabilities. I would not take an unprotected computer online. You are definitely asking for trouble. One more thought. If you are going to sandbox your online activity then I would recommend Sandboxie. I have a lifetime license for this as well and have not had any problems using it. An online user needs to have protection against those who trying to take you down! Sincerely, brosmith
Something often overlooked is that many ISPs scan and filter for malware the traffic thru them. This particularly helps those not using their own resident AV. So the main threat that remains, as usually, are the zero day viruses.
I believe many that post here do not need an AV, but AV's are for those peeps that click on any advert on a web page, or are gullible to believe any email they get. They get something from "Apple ID" and you must go to this "link" to confirm your ID log in....so they believe and do that or end up on a malicious web page These are the peeps that need and should have a good AV
well i wasnt using anti virus or any kind of digital protection for the last two three years, until a few days ago a malware or bug of some type infected my browser, when ever i click a web link a separate page opens which loads with ads and then the original reloads, have a to click 3-4 times to open a page , its a mess i installed kaspersky and adguard the problem still persists, i dont know where i got it from because i dont usually browse strange sites i guess it could have been avoided if i had a anti virus of some sort on
well I'm suspect but without fanboysm look here: https://www.ghacks.net/2017/01/24/firefox-51-find-out-what-is-new/
The Browser based sandbox not protect you against: * XSS attacks, aka manipulated login fields (Not even NoScript fully protects you against all of 'em) * Not against malware on the system by itself, e.g. USB or other drive-by which might compromise your Browser as well * Against fake downloads like Browser and other things which might need admin rights for the installation * ... Of course Firefox now working on a big thing, but that's for years and user in meantime switched to Chrome and they love it. And it has the same stuff Mozilla is working on now since the first day (almost). A OS based Sandbox is still the best solution because mentioned reasons. Try to isolate all processes which require internet connection and then (theoretically) there are less attack scenarios.
Delete your antivirus, says ex-Firefox developer — who claims it’s worthless read here.... https://www.yahoo.com/tech/delete-antivirus-says-ex-firefox-175055537.html
I do not use AV nor a firewall, I do not believe in malware, therefore I can not get infected by something, that does not even exist.
And what you call or what it is for example, Petya or Virlock? For the record I don't use any sort of A/V program.
So in your own concept, a software that encrypts my files and asks for paying to recover them, that very action is only a scare? Isn't it an action of doing malicious activities to cause harm to the victim? For me, scare is very different to do malevolent actions. So I still don't get your concept.