This Forum's Perspective on Antivirus Programs

I want to share my thoughts on antivirus programs and why I believe this forum doesn’t seem to recommend them. It’s concerning that a privacy-focused forum would overlook the importance of antivirus software, especially since it plays a crucial role in protecting privacy and ensuring security.

Antivirus programs are essential for safeguarding against a wide range of threats, including malware, ransomware, and phishing attacks. They are particularly important for individuals, activists, and journalists who often handle sensitive information and may be targeted for their work. Without effective antivirus protection, these users are left vulnerable, and their personal information can be easily compromised.

It’s puzzling that this forum, which primarily caters to individuals, activists, and journalists, doesn’t provide a list of recommended antivirus programs. This is similar to asking a programming question on Stack Overflow and receiving no responses because no one cares about the programming issue at hand. Just as developers seek guidance and support for their coding challenges, users need reliable recommendations for antivirus solutions to protect their digital lives.

Many people recommend Windows Defender, likely because it’s free and comes pre-installed on Windows systems. However, for the use cases of many individuals and organizations, Windows Defender may not provide sufficient protection. While it offers basic security features, a paid antivirus program can significantly enhance security.

While tools like VPNs and private DNS servers are valuable for enhancing online privacy, they do not offer complete protection against viruses. Many people find it essential to have multiple layers of security. If one measure fails, having another in place can make a significant difference. If your private DNS or blocking measures fail, a strong antivirus program can provide that extra layer of defense, ensuring that users are better protected against potential threats.

Relying solely on tools like uBlock Origin and a bit of common sense isn’t enough, especially since even IT professionals can get infected.

it’s important to note that a VPN and tools like uBlock Origin cannot protect you from viruses!

It’s as good as, if not better, than other antivirus apps. It also supports more useful features, like Smart App Control. Not sure what do you think WD lacks, especially as it introduces less parties to trust.

Nothing can completely protect you from malware (Badness Enumeration | PrivSec - A practical approach to Privacy and Security). Antivirus software is actually heavily disputed in the security community as a useful tool for preventing malware infections, though it can be useful for other purposes.

It also involves running a third-party program with deep and invasive access to your system and the capability to send your accessed files and links to a cloud-based detection service for intelligence which is why it can be considered anathema to privacy communities too.

1. You do not provide evidence that Defender is insufficient
2. You do not provide evidence paid anti virus is better than defender
3. The forum has general consensus that third party anti virus is bad for privacy, which you do not address
4. DNS servers can provide security protection by blocking malicious domains which may contain viruses
5. No one has said VPNs protect you from viruses, as they protect against different things
6. UBlock Origin protects you from viruses in the same layer DNS servers do - by blocking known malicious domains from loading, among other utilities
7. PG does recommend against third party anti virus on MacOS, but this likely needs updates for Windows as well

If you are going to say the forums perspective is wrong, you need to come more equipped than just opinions. Security is more than slapping on an anti virus and assuming that will solve all of your problems. Journalists face more issues than an anti virus will solve alone, and arguably would not be sufficient enough to address their threat model if set up perfectly.

I liked the part where you provided evidence for the assertions you make. I’ve provided some examples for your convenience:

how?

how?

how? proof?

you find it puzzling because you are operating under the (false) assumption that anti-viruses are some silver bullet

false assumption

proof?

cool, neither do anti-viruses

I agree with the question posed. It’s important to recognize that operating systems other than Windows also exist, and an additional layer of protection can be quite beneficial. Personally, I use antivirus software for my parents to ensure peace of mind while they browse the internet. Although I’m not currently up to date on the best antivirus options, I do make a point to purchase reliable software.

It’s also true that DNS protection or tools like uBlock Origin do not safeguard against viruses; they only block access to known malicious domains. This distinction is crucial. Antivirus software can analyze patterns and detect suspicious behavior, which is why I believe it’s always advisable to have antivirus protection in place, even if DNS security fails. While no antivirus can guarantee complete immunity from threats, it significantly enhances the protection of personal or company data.

This approach aligns with the concept of Defence in Depth, which emphasizes multiple security measures to create a robust defense.

Additionally, I think it would be beneficial to have a comprehensive resource from privacy guides that goes beyond just recommending Windows Defender. There are numerous antivirus testing videos available on platforms like YouTube, showcasing various programs. It would be helpful to see recommendations that cover a wider range of antivirus solutions, not limited to Windows alone.

I typically prefer to remain silent, but I believe the primary focus of this form is also VPNs, the best operating systems and password managers, rather than antivirus programs.

While DNS protection and tools like uBlock Origin are effective at blocking access to known malicious domains or IP addresses, they do not provide comprehensive protection against all types of malware or viruses. This distinction is important.

Different forms of security software, including antivirus programs, are designed to detect and analyze various types of threats, including those that may not rely on known domains. Therefore, I believe it’s wise to have antivirus protection in place alongside DNS security measures, as they address different aspects of cybersecurity.

great thread

next to the age verification thread per the community.

This is already well known and established.

At best, antivirus will detect a class of known attack vectors for programs you have already downloaded and likely ran. Anti virus is a solution oriented towards “I want to protect my operating system by actively and passively scanning for threats on my device”.

I’d agree this advice makes sense in the early 2000s and earlier, where OSs have had a lot less security and we ran most programs on our local machines.

Nowadays, modern OSs have sufficient protection to the point where malware running on your computer is an OpSec problem, not an OS one. Mobile OSs are generally the strongest, iOS and Android (especially GrapheneOS) are pretty solid in permission control. MacOS follows pretty strongly for desktop security. Windows isn’t quite as good but Defender still exists. Desktop Linux is a garbage fire in comparison: SecureBlue attempts to address this through the most sensible secure defaults and QubesOS solves this with VM level isolation.

Hypothetically there is an Linux anti virus software: Unless the anti virus is FOSS, no one would consider installing it, and even then it in and of itself may be an attack vector of installing kernel level permission.

Even nowadays, attacks target applications through the network. See the other thread on a what’s app attack. Anti virus is geared at preventing malicious code running as programs on the machine. This again makes sense in early 2000s when we installed and downloaded everything on our machines. Nowadays, we install apps on app stores in mobile devices with permission controls, or we download pretty much a web browser to interact with everything else.

We only say use Defender as it comes with Windows and you don’t need to trust another third party. If MacOS came with its own Defender, we’d say use that too. But third party kernel level privacy invasive anti virus protecting from attacks that aren’t as relevant anymore is not a good decision in my opinion.

There is a FOSS antivirus, it’s called ClamAV and it’s often used on email servers. However the goal is not to protect the host, but to protect Windows users from malware received by email. Regardless of the platform, AV software is snake oil; it sucks up resources and provides a false sense of security. In nearly all cases involving malware, the problem is between the chair and the keyboard.

This thread reads very much like it was written by GPT-5.
In any case, I think having due diligence to learn how to navigate the internet and know what you’re looking at before clicking on something goes a long way.
I haven’t used antivirus software on any of my machines since Windows XP was a thing.
Defender has been disabled on all of my Windows systems for years.
Anything security-related is handled at my firewall/router, which blocks newly registered domain names and curated lists of domains and IP ranges found to be malicious, kind of similar to how uBlock works, but cooler..

I’m not aware of anyone making such a claim, are you?

You never did address why you believe this forum doesn’t recommend anti-virus.

Most of your post seems to focus on activists and journalists being targeted. I’m going to assume these people are in an authoritarian country where they could be jailed or killed.

Why would anyone in such jeopardy be using a Windows computer? Macs, iPhones and a Pixel running GrapheneOS are far more secure, private options.

Also, activists and journalists would be targeted by spyware such as Pegasus. I doubt if any anti-virus software will offer protection.

For me, I such a situation, there is only one computer option - GrapheneOS without any phone service whatsoever and frequent reboots.

i use simplewall

i have used GitHub - deminimis/minimalfirewall: Minimal Firewall is a portable Windows firewall frontend that alerts users to internet connections without requiring custom kernel modifications or disabling core isolation, striking a balance between Window Defender's security and Simplewall's functionality. and also GitHub - tnodir/fort: Fort Firewall for Windows

i chose to settle on simplewall because its more popular

A cynical way to view this is that antivirus software are just tools required by a MSWindows-Centric/MSWindows-biased government as a means to comply to regulations. Its not better to have them, per se, its just required for governments to have endpoint protections so that they can shift the blame elsewhere.

This isn’t anti virus, it’s network permission control - more akin to a firewall than anti virus.