Serious question:

Assuming we are (relative) computer pros: do we need an antivirus on Windows other than the built-in Windows Defender?

That is also assuming we're the only people using our computers.

I mean: we'd never click on ads (if we see them at all). We'd never click on links. We'd never install crapware.

Where are the risks we'd need a resource-hogging antivirus program for?

  • 4
    Drive-by infection.

    Some security holes don't need active action by the user, and windows has proven to be prone to that kind of security flaws, probably because of its security model.
  • 2
    My motto: better safe than sorry
  • 2
    I never run AV software within Windows. Never go on any particularly nasty sites, pihole, ublock and no script are my only real 'defence'... As well as vlans to isolate my machine(s) from others in my apartment for this very reason.

    Way I see it, if my computer isnt slowing down or random CPU spiking I don't really care that much. I don't do banking online, or do I do anything with sensitive data really sooo...
  • 2
    While not required, it's certainly not to scoff at ignorantly either.

    - disclaimer: im no security expert, so don't quote me for gospel.

    Windows defendoor does an alright job against most known malware.
    But barely anything against 0day & driveby.
    - at least to my knowledge.

    Also i don't think it does anything to isolate processes, to protect and mitigate snooping from leak, injections..

    Evil maid attacks are another thing to fear.
    - although, probably unlikely.

    Better remember your backups.
    Preferably on a different machine.
  • 2
    @ddephor I'm sure you're right that research has shown that Windows is more prone to such attacks. But don't forget we're the top 0.001% of computer users: we use Linux / Mac / Windows which the rest do not. That's exactly the reason why such attacks happen more on Windows: it's a more widespread platform with almost all monkey users.

    I really wonder if it could happen to me that I download something malicious and actually execute it (without me knowing).

    My past with illegally downloading media and software has taught me a lot about dangers on the internet. I've seen loads of viruses, dangerous websites, hacking attempts and somebody actually managed to use my credit card to buy €500 of children's clothes (criminals have kids too, so it seems). That's when I changed to legit software.

    Legal software has its problems too, but likely not something an antivirus will protect you from.
  • 1
    @lotd Windows Defender does its best to protect you from zero days too. It's no different than other antivirus programs: if it gets an update, it knows about the problem. How well its heuristics (to detect unknown malicious behaviour) are compared to other AV software, I don't know.

    But let me admit that I trust Windows Defender better than some commercial third party, like Kaspersky that has been blacklisted by many governments. It seems even AV software can't be trusted nowadays.
  • 0
    @eeee Yeah, but it still uses a traditional model.
    If it queried a ms server for double checks, like a Lot of the "cloud antivirus" do, it would probably be pretty solid.

    Personally, i like comodo.
    Because it asks me about everything.

    Av-test.org is usually a good source for comparison :)
  • 0
    @eeee Linux and BSD-like OS are better prepared, the security model is robust. These system separate user, roles and processes better. So a security breach in one part usually compromises only a small part of the system, and it's much less likely that an attacker can take over the whole system.

    On windows, security problems usually end up with a completely unprotected system and an attacker than can take over anything he wants.

    And attacks where malicious code is automatically executed by the attacker, is the usual case on Windows, but a rare case on Linux or BSD, the vast majority of attacks need some local user to execute something first.

    I'm not a security expert, but from my point of view, based on security issues that I've read about the last years, windows is much more vulnerable, and the users behaviour can not compensate the security flaws of the OS.
  • 1
    You'll be at risk to cross-site scripting, zero day exploits, and compromised servers. You may not fall for trivial phishing/malware, but you'll always have some exposure to hackers/malware. Think about the Equifax breach. The user data probably wasn't sitting in a text file on somebody's Desktop. It was probably decently protected. Almost no system is perfect.

    I also see developers doing insecure stuff. They'll set up remote access for everything but skimp out on security due to laziness. Some people run web servers from their house with some sort of vulnerability and expose their entire home network to hackers.

    9 times out of 10, you're probably going to be OK. Most hackers are going for low-hanging fruit. But having AV minimize your risk even further.
Your Job Suck?
Get a Better Job
Add Comment