dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4668
share rss forum feed

daveinpoway
Premium
join:2006-07-03
Poway, CA
kudos:2

Is Antivirus Software a Waste of Money?

"Jeremiah Grossman is the kind of guy you’d expect to be super paranoid when it comes to computer security. He was on the front lines at Yahoo more than a decade ago when a hacker named MafiaBoy was abusing the site with DDoS attacks. Now Chief Technology Officer at security consultancy White Hat Security, Grossman spends his time fighting web intruders for his company’s clients.

When it comes to computer security, he’s paranoid — and for good reason. He’s seen what the bad guys can do. But when he met with Wired at the RSA Conference in San Francisco this week, he said something surprising: He doesn’t use antivirus software.":

»www.wired.com/wiredenterprise/20···+2%29%29


lorennerol
Premium
join:2003-10-29
Seattle, WA

1 recommendation

I've found it increasingly less effective over the last five years, to the point that I certainly won't pay for it any longer.

Running as a non-admin with UAC enable is much more effective.

I cannot remember the last time I saw any AV *prevent* an infection. At best it seems to report small issues long after the infection has taken place, and then I use freely available tools for cleanup.

I chuckle every time we get an email from McAfee (we're a VAR) going on and on about how great they think they are doing.



therube

join:2004-11-11
Randallstown, MD
reply to daveinpoway

> Is Antivirus Software a Waste of Money?

Yes, for me.
Yes, IMO.

(I do have Malwarebytes Anti-Malware running, realtime, though only because I won myself a license for it.)


slajoh01

join:2005-04-23

1 recommendation

There alot of security experts that do not even run an AV program.

What matters most is YOU. The USER or the OPERATOR.
It is the behavor of the user what matters the most. Then you must have a firewall (router and software), and patching up Windows and software programs.



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

1 edit

1 recommendation

reply to daveinpoway

answer to OP's question:

yes
yes
yes

for all of the reasons above

my suggestion fwiw:

Panda CloudAV free ,
PCtools ThreatFire,
Google Chrome browser with Ghostery and Ad Block Plus add-ins

(users with privacy concerns substitute FF for chrome)
or just switch to linux

(edited formatting)



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
reply to daveinpoway

I stopped buying AV software went they went to the yearly subscription model. I also agree with the other posters above that it's become mostly useless.

In the early days of PC's infections mostly came from infected programs or floppies with malicious boot sectors. That's not true nowadays. Today's it all about getting you click on a link to a malicious website (in email or otherwise) or scanning IP's for unpatched vulnerabilities. Those who realize this (hopefully the posters/reader in this forum) protect themselves by behavior and firewalls etc.

The other thing to remember is that AV software vendors are in the business of making money. Nothing wrong with that but it doesn't necessarily follow that they have your best interests at heart. I also think the signature model that almost all use is flawed. How many nasties are discovered that AV software fails to detect until after the details are published?
--
Don't feed trolls--it only makes them grow!



Blogger

@mpionbroadband.com

"Is Antivirus Software a waste of money?" I guess it depends upon the context of the statement.

I've all ways thought that among security precautions that AV and malware protection all though important was overrated in that the even though treats existed for the experienced home user the level of the threat has all ways been exaggerated.

Between the real level of threat and the advancement in various free quality security applications such as AV and anti-malware or anti-spyware that it is not necessary to pay for those products.

One can custom build among many fine free products their own personalized security suite that will do such fine.

The one thing that is important above is to check yearly with the rating of the various products one uses as at times products that have been good each and every year for years suddenly "go bad" and at that time one needs to choose a replacement.


daveinpoway
Premium
join:2006-07-03
Poway, CA
kudos:2
reply to StuartMW

I essentially have 3 AV programs running (my Linux-based UTM [Unified Threat Management] appliance scans the data for viruses as it leaves the cable modem, using signatures from 2 different vendors), plus I have an AV installed in my computer.

None of this has cost me anything (the UTM software is free and the AV in the computer is a free application). The advantage of scanning the data with 3 sets of signatures is that (perhaps) one vendor will have a defense for some new malware before the other ones do.



DarkSithPro

join:2005-02-12
Tempe, AZ
kudos:2

1 recommendation

reply to daveinpoway

Have you guys noticed the shift in tactics the criminals use? Correct me on time lines, but it went something like this:

1. They where targeting web browsers as they used to be very insecure. Drive-bye infections where the norm. Then the browsers became more secure with better Operating Systems and the bad guys shifted to something else.

2. Rouge Anti-Virus programs started to pop up everywhere. People where getting tricked into downloading fake programs. Eventually word got out and people weren't so gullible, so they moved on.

3. They stared to attack plug-ins like adobe flash. They realized the browser itself was secure, but the add-ons where not. Then the people got smarter, the add-ons got more secure and some companies outright stopped using them, and yet again they moved on.

4. Social engineering, tricking people by email into downloading malware, or some type of winnings, or linking to fake bank sites to steal money.

5. The big shift from targeting the individual consumers to going after the companies. Major websites being cracked due to poor security policies and lack of care. Passwords and cc numbers not encrypted being stolen. Stealing digital certificates to fool consumers.

6. The shift to Smart-Phones, exploiting fragmented versions, by using local root exploits, taking advantage of an open market.

So what's next?



psafux
Premium,VIP
join:2005-11-10
kudos:2

1 recommendation

said by DarkSithPro:

So what's next?

Targeting runtimes is very popular right now and likely will be for some time. Adobe Reader & Flash as well as Java are among the most common infection paths.

The same systems that we used to repeatedly see for malware has drastically dropped since we have started updating all runtimes after we commence our work with the system(s).

Unfortunately the end users don't continue the practice.

Oh - to answer your question, I suspect hardware malware will becoming more popular.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 recommendation

reply to DarkSithPro

said by DarkSithPro:

So what's next?

I think you have to look at the motivation for hackers.

1) Monetary. This covers a wide range of activities but the primary purpose is to provide income for the hacker(s).

2) Espionage. This could be at the corporate level or country (spying) level. The intent is to obtain information (secretly).

3) Law enforcement/political. In this case the idea is to track/monitor a users activities (secretly).

4) Revenge. An individual or organization is trying to disrupt or destroy another entity.

5) Kicks. This type of hacker is simply boosting their ego by doing what hasn't been done before.

So, to answer your question one has to identify which of the above apply in your situation. Then you have to consider how the objectives could be accomplished and setup countermeasures.
--
Don't feed trolls--it only makes them grow!


DelmarPip
Premium
join:2011-10-15
Brownsville, TX
reply to daveinpoway

i say yes it is cuz of a couple things

1 they made the antivirus a thing that slows down the internet speed alot by integratin it into the browser

2 the also made it attach itself to IM messngers useless since i dont even know how to set that up

3 it cost money that i aint willing to pay unless its like 2 bux or something sensible like that


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to AVD

said by AVD:

Google Chrome browser with Ghostery and Ad Block Plus add-ins

(users with privacy concerns substitute FF for chrome)
or just switch to linux

If someone really actually likes crude Chrome better than sophisticated Fx but also wants privacy then they should use Iron instead of Chrome.

»www.srware.net/en/software_srware_iron.php
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

wat0114
Premium
join:2012-02-20
Calgary, AB

2 edits
reply to daveinpoway

Click for full size
Waterfox Low IL
IMO, yes, it's a complete waste of money.

BTW, a good buddy of mine gave me instructions on how to use chml to run Waterfox/Firefox at Low IL, including the plugun-container.

No problems so far Secure the browser, run as a Standard user, and employ a whitelist approach for the O/S (AppLocker for me) and antivirus is rendered obsolete


Buddel
If it ain't broke, don't fix it.
Premium
join:2004-03-06
EU
kudos:3

1 edit

1 recommendation

reply to daveinpoway

If you're tech-savvy enough to know what you're doing, the answer is probably yes, it's a waste of money. If not, keep your anti-virus software religiously up to date. Just my to cents.


Zyrtec

join:2011-05-05
Annapolis Junction, MD

1 recommendation

reply to daveinpoway

Indeed! A WASTE of $$$ [money], in MY PERSONAL opinion.

For all these years, I was using ESET NOD32. I honestly CAN'T remember when NOD32 stopped a virus from infecting my computer. Let me clarify, I do not mean that any of my PCs/laptops ever became infected, in fact, I do not know what a PC virus infection looks like other than some fiends' computers that have gotten hit by those nasties and I have helped them to clean those PCs.

NOD32 NEVER had to save me from viruses, not because my PC got infected and it did not detect the virus BUT, because I managed myself to learn HOW to use a computer responsibly and avoided myself headaches since I bought my first PC back in 1996. I

I used a better weapon against computer viruses than an AV and it's called: COMMON SENSE.

Furthermore, over the years, NOD32 detection rate went South and the amount of FPs grew exponentially. For example, my employer granted me the installer for Office 2007 on a removable device to install it on my home PC; once at home, I plugged in the removable device on to my PC just to find that NOD32 detected on LEGITIMATE file, belonging to the MS Office installer as a..."virus" and, WITHOUT any prompt for action, it DELETED the file making it irrecoverable and rendering my Office install files useless. You guessed it, I could NOT install Office on my PC and the next day had to come up with an excuse to my employer. In the end, I decided to let my ESET subscription to expire and will NOT be renewing ever.

I have to stress the fact that even when I mention NOD32 in this reply, by any means this post is meant to bash NOD32, on the contrary, I am using it as an example of what problems you might encounter with any anti-virus, be it NOD32, Avast!, Avira, AVG, McAfee, Symantec, etc.

I finally went without AV and have been happy with my computer performance, responsiveness and short boot times.

Although, I do use Sanboxie, AppGuard and a back-up program for my computer, in case things go sour, I only have to re-load that pristine Windows image to be back on business.

So, bottom line: Rela-Time AV = Waste of time and resources.

P.S.: This is my PERSONAL opinion. I respect those who rely on and need an AV running real-time 24/7. Everyone's mileage may vary.


PX Eliezer7
Premium
join:2008-08-09
Hutt River
kudos:13
Reviews:
·callwithus
·voip.ms

1 recommendation

reply to daveinpoway

The one time that I got a virus, my AV did NOT stop it.

It was in the late 1990's, I think.

My paid Norton AV flashed that I had the [Datacrime] virus, which was not a new one! That virus was already several years old, Norton should have handled it.

But I ended up having to reformat my machine.

And when I contacted Symantec (Norton) support, they basically denied that such a thing could have happened....!

(I think that I got the virus from a floppy that my niece had given me, it had a DOS game obtained from her college's network.)

Yeah, I use AV. It's mentally very hard not to! But I don't think it's useful for much....

Common sense and good firewalls count for much more.



lordpuffer
RIP lil
Premium
join:2004-09-19
Rio Rancho, NM
kudos:2
Reviews:
·CableOne
reply to daveinpoway

I run antivirus programs on my Macs as well as on my PC. They haven't had to stop any viruses to my knowledge, and I'm pretty smart how I handle my PC, but just to be safe, I do.

I also think that the average computer user should run an antivirus program.

Also, I run Chrome on all 3 machines. I'm not paranoid like some.
--
PR is back in town



Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to daveinpoway

I think there are 3 questions here:

1. Do you use an AV program at all?
2. If so, then is it paid or free?
3. If so, do you have the real time scanner running in the background all the time or do you have that disabled and just do manual scans every once in a while?

As for me, I have a few different machines.
1. On all of them I have AV installed.
2. I use only freeware stuff.
3. On some of them I have the real time scanner enabled and on some it is disabled and I just do manual scan of entire system from time to time.


Reimer

join:2006-08-14
Toronto, ON
reply to Mele20

said by Mele20:

said by AVD:

Google Chrome browser with Ghostery and Ad Block Plus add-ins

(users with privacy concerns substitute FF for chrome)
or just switch to linux

If someone really actually likes crude Chrome better than sophisticated Fx but also wants privacy then they should use Iron instead of Chrome.

iron.php

or better yet, download Chromium which is the open-source product that Iron is based on.

»www.chromium.org/getting-involve···chromium

If anything, Iron is nothing but Chromium with a few strings changed around and an adblocker thrown in.

Don't trust the Srware guys. They purposely lie and mislead on how Iron differs from Chrome (ex. URLtracker, RLZ-tracker).

»neugierig.org/software/chromium/···ron.html


Mim

@threembb.ie

Or just use Google Chrome and disable what you consider a privacy issue. Then you have a sandboxed browser, with built in PDF reader and flash plugin.



martg

join:2005-11-19

I think an AV program is still needed to advise you that a virus has made its way onto the computer, even if it didn't stop it getting there in the first place. It would hopefully pick up on it once virus definition updates had caught up enough to detect it. Otherwise, I feel that a virus could sit on the computer and perhaps not be known about.

I don't use an AV program as a first line of defence though. That roll falls to Sandboxie for me. In theory, an AV program might only be called on to do its job if malware got out of the sandbox.



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to wat0114

said by wat0114:

BTW, a good buddy of mine gave me instructions on how to use chml to run Waterfox/Firefox at Low IL, including the plugun-container.

thanks for sharing
--
--Standard disclaimers apply.--
google this "(sqrt(cos(x))*cos(200*x)+sqrt(abs(x))-0.7)*(4-x*x)^0.01, sqrt(9-x^2), -sqrt(9-x^2)"


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to martg

a good virus disables the AV functionality



ExitProc

@sky.com
reply to daveinpoway

Without taking the elitist altitude( I dont need them therefore they are totally worthless).

I would like to state i do not need them ergo they are a waste of money for me personally.

That said my elderly parents and most of my social circle/family are unable to use brain.exe and because of PEBKAC then there is a market for applications to do the thinking/judgment for them.

Is it flawed system ? Yes..

Will it fail ? Almost certainly..

As long as there are PEBKAC's(They outnumber knowlegable users greatly) then there will always be a need for *brain.exe* in a can applications



sectionsix
Premium
join:2004-11-03
Tempe, AZ
reply to daveinpoway

Been running LUA with Sandboxie on my Windows 7 desktop for the occasional browser surfing while gaming. Everything else internet related I'm now doing under Ubuntu.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Reimer

As for that ANCIENT 2009 protest (which I knew about before I installed Iron a long time ago) against Iron, gee, that doesn't address ANY OF THE REAL ISSUES surrounding Chrome and privacy. I am somewhat suspicious of the Iron author, and coupling that with how pitiful (IMO) a browser Chrome/Iron is I no longer use them. NO browser should cause BSODs but Chrome/Iron does and it is such a CRUDE browser that it STILL does not allow one to choose the link colors they prefer. Instead it forces a HIDEOUS VERY DIFFICULT ON THE EYES BLUE COLOR for unvisted links.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Mim

Who wants a sandboxed browser? Not me! Plus, I do NOT want builtin Flash or PDF. I have Flash enabled ONLY on IE and ONLY used for my ISP's speed test (they are cheap and can't be bothered to purchase a decent Java test instead). I use a Linux PDF reader that has been ported to Windows and I NEVER read PDF in a browser.

The WORST privacy issue in Chrome though canNOT be disabled! I do not allow Microsoft, or any software vendor, to force feed me updates and that is what you are forced to accept if you install Chrome. I am not an ignorant of computers user who thinks a computer is a toaster. I update my applications when I decide to update and I am in control of the update. That is impossible with Chrome and for that reason alone it is EXTREMELY INVASIVE OF PRIVACY. Chrome is intended for the ignorant of computers crowd, a very bare bones browser with many privacy violations.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


wat0114
Premium
join:2012-02-20
Calgary, AB
reply to AVD

said by AVD:

thanks for sharing

Sorry for referencing other forums, but here is some info for hardening Chrome using CHML, with a download link to CHML.exe:

www.wilderssecurity.com/showpost···count=34

...and here is some info for accomplishing the same for Firefox/Waterfox:

ssj100.fullsubject.com/t463-redu···tensions

Just scroll down to post #8.

It's very similar to IE's Protected mode, where the child iexplore.exe runs with a Low IL.

A big thank you and credit to m00nbl00d


Mim

@threembb.ie
reply to Mele20

I dont see how that would be a privacy issue and anyway its not impossible. »support.google.com/a/bin/answer.···r=187207