https://www.nytimes.com/wirecutter/blog/best-antivirus/

Updated April 21, 2020

We've updated our original post to better reflect the advice we heard
from experts, none of whom endorsed specific software. Most people can
use Windows Defender alone to keep their computers secure.

nytimes.com You Don�t Need to Buy Antivirus Software

We set out to do a standard Wirecutter guide to the best antivirus
app, so we spent months researching software, reading reports from
independent testing labs and institutions, and consulting experts on
safe computing. And after all that, we learned that most people should
neither pay for a traditional antivirus suite, such as McAfee, Norton,
or Kaspersky, nor use free programs like Avira, Avast, or AVG. The
�best antivirus� for most people to buy, it turns out, is nothing.
Windows Defender, Microsoft�s built-in tool, is good enough for most
people.

We spent dozens of hours reading results from independent labs like
AV-Test and AV-Comparatives, feature articles from many publications
such as Ars Technica and PCMag, and white papers and releases from
institutions and groups like Usenix and Google�s Project Zero. We also
read up on the viruses, ransomware, spyware, and other malware of
recent years to learn what threats try to get onto most people�s
computers today.

Over the years, we�ve also spoken with security experts, IT
professionals, and the information security team of The New York Times (Wirecutter�s parent company) to filter out the noise of the typical
antivirus table-tennis headlines: Antivirus is increasingly useless,
no, actually it�s still pretty handy, no, antivirus is unnecessary,
wait, no, it isn�t, and so on.

Although in any category we usually test all the products we�re
considering, we can�t test the performance of antivirus suites any
better than the experts at independent test labs already do, so we
relied on their expertise.

But ultimately, relying on any one app to protect your system, data,
and privacy is a bad bet, especially when almost every antivirus app
has proven vulnerable on occasion. No antivirus tool, paid or free,
can catch every malicious bit of software that arrives on your
computer. You also need secure passwords, two-factor logins, data
encryption, systemwide backups, automatic software updates, and smart
privacy tools added to your browser. You need to be mindful of what
you download and to download software only from official sources, such
as the Microsoft App Store and Apple Mac App Store, whenever possible.
You should avoid downloading and opening email attachments unless you
know what they are. For guidance, check out our full guide to setting
up all these security layers. Why we don�t recommend a traditional
antivirus suite

It's insufficient for a security app to just protect against a single
set of known �viruses.� There is a potentially infinite number of
malware variations that have been crypted�encoded to look like
regular, trusted programs�and that deliver their system-breaking goods
once opened. Although antivirus firms constantly update their
detection systems to outwit crypting services, they�ll never be able
to keep up with malware makers intent on getting through.

A quick terminology primer: The word malware just means �bad software�
and encompasses anything that runs on your computer with unintended
and usually harmful consequences. In contrast, antivirus is an out-of-
date term that software makers still use because viruses, Trojan
horses, and worms were huge, attention-getting threats in the 1990s
and early 2000s. Technically, all viruses are a kind of malware, but
not all pieces of malware are viruses.

So why shouldn�t you install a full antivirus suite from a known
brand, just to be on the safe side? For many good reasons:

Vulnerabilities: The nature of how antivirus apps provide protection
is a problem. As TechRepublic explains, �Security software necessarily
requires high access privileges to operate effectively, though when it
is itself insecure or otherwise malfunctioning, it becomes a much
higher liability due to the extent to which it has control over the
system.� Symantec and Norton, Kaspersky, and most other major
antivirus vendors have all suffered from critical vulnerabilities in
the past. Performance: Antivirus software is notorious for slowing
down computers, blocking the best security features of other apps
(such as in the Firefox and Chrome browsers), popping up with
distracting reminders and upsells for subscriptions or updates, and
installing potentially insecure add-ons such as browser extensions
without clearly asking you for permission. Privacy: Free antivirus
software has all of the above problems and adds privacy concerns. Good
security is not free, and free-to-download apps are more likely to
collect data about your computer and how you use it and to sell your
private browsing data, as well as to install browser extensions that
hijack your search and break your security and add an advertisement to
your email signature.

For these reasons, we don�t recommend that most people spend the time
or the money to add traditional antivirus software to their personal
computer.

Two caveats to our recommendation:

If you have a laptop provided by your work, school, or another
organization, and it has antivirus or other security tools installed,
do not uninstall them. Organizations have systemwide security needs
and threat models that differ from those of personal computers, and
they have to account for varying levels of technical aptitude and safe
habits among their staff. Do not make your IT department�s hard job
even more difficult. People with sensitive data to protect (medical,
financial, or otherwise), or with browsing habits that take them into
riskier parts of the Internet, have unique threats to consider. Our
security and habit recommendations are still a good starting point,
but such situations may call for more intense measures than we cover
here.

Windows Defender is mostly good enough The Windows Defender Security
Center window: "Your device is being protected." Photo: Kyle
Fitzgerald

If you use Windows 10, you already have a robust antivirus and anti-
malware app�Windows Defender�installed and enabled by default. The AV-
Test Institute�s independent testing gave Windows Defender a
recommendation in December 2019, and a nearly perfect rating in
performance.

Because Windows Defender is a default app for Windows 10, by the same
company that makes the operating system, it doesn�t have to upsell you
or nag you about subscriptions, and it doesn�t need the same kind of certificate trickery to provide deeply rooted protection for your
system. It doesn�t install browser extensions or plug-ins for other
apps without asking. Windows Defender does have the problem of being
the default detection app that malware makers first attempt to work
around. But having layers of security and good habits�especially
sticking to official app stores and not downloading questionable free
versions of things you should pay for, as we cover in another blog
post�should keep you safe from the worst kind of Defender-defeating
malware.

AV-Test dinged Windows Defender in protection back in September 2019
due to its failure to catch some zero-day malware attacks. Windows
Defender rebounded in AV-Test�s December tests, fixing those real-
world testing issues and catching 100 percent of the attacks. In any
case, Windows Defender routinely performs as well in lab tests as any
paid third-party antivirus software, and when a major vulnerability
was discovered in Windows Defender in May 2017, Microsoft was
remarkably fast with the fix�from a Friday-night disclosure to a
Monday-evening patch.

No antivirus software consistently receives perfect scores from every
test lab, every month, in every test, but Windows Defender typically
does as well as (or better than) the competition, it�s free, and it�s
enabled by default. Why Macs don�t need traditional antivirus

Due to a combination of demographics, historical precedent, and
tighter controls, Macs have historically been less vulnerable to
infection than Windows computers:

People have far fewer Macs than Windows computers: Over the past year,
17 percent of Web-browsing desktop computers ran macOS, compared with
about 78 percent for all Windows versions combined, so macOS is a less lucrative target for parties making malware. Macs include a wider
variety of useful first-party apps by default, and both macOS and
downloaded apps receive updates through Apple�s own App Store. Windows
PC owners are more accustomed to downloading both software and
hardware drivers from the Internet, as well as providing permissions
to third-party apps, which are more likely to be malicious. Newer
versions of Windows must make concessions to allow apps made for older
versions of Windows to run, creating a complicated set of legacy
systems to secure. In contrast, macOS has seen less change since the introduction of OS X, and Apple has been less hesitant to render apps
made for older versions obsolete. In fact, with the introduction of
macOS Catalina in 2019, the company rendered older 32-bit apps
useless. Catalina also adds security features that make running
malicious software difficult, including requiring apps to request a
variety of permissions, such as access to files, microphones, cameras,
and other services, as you install them. This makes it pretty
difficult to install something you don�t mean to.

This is not to say Macs lack any vulnerabilities. Mac owners who
install a bad browser extension are just as vulnerable as Windows or
Linux users. The Flashback malware exploited a Java vulnerability and
tricked more than 500,000 Mac users in 2012, affecting about 2 percent
of all Macs. We�ve also seen some reports that Mac malware is growing,
but the built-in security protections of macOS mean it�s typically
more of a nuisance, like annoying adware, than a real problem.

You should still practice safe computing on a Mac and install
applications only from the official Mac App Store. Browser extensions
can also be problematic, so install only thoroughly vetted extensions
that you really need. Most people don�t need added protection

If you spend a lot of time in sketchier corners of the Internet, or if
you think you may have already downloaded malicious software that
Windows Defender didn�t catch, we�ve found that Malwarebytes is mostly unintrusive and can identify malware that Windows Defender may have
missed, or malware that has made its way onto a Mac. But the paid
version is not necessary for most people.

Malwarebytes can detect certain kinds of zero-day exploits that
Windows Defender may miss, which means the two programs running in
tandem can work well together (provided that you set it up correctly).
The premium version adds live scanning of downloads, which is useful
if you download a lot of software or email attachments, but at $40 per
year it�s an expensive proposition for protection against something
most people don�t do often. For most everyone else, you can run the
free version of Malwarebytes and use it to manually scan your system
when you think you�ve possibly downloaded malware. The best protection
is layers and good habits

The idea that any one app could be universally aware of and protect
against all threats is ludicrous. As security journalist Brian Krebs
writes, antivirus �is probably the most overstated tool in any
security toolbox.� Antivirus can certainly catch unwanted programs and
protect your system, but it�s not enough on its own. We�ve written a
guide to the best layers of security and good habits for anyone who
uses a computer.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 14 Jul 2021 20:02:11 +0200 (CEST), Nomen Nescio
<nobody@dizum.com> wrote:

https://www.nytimes.com/wirecutter/blog/best-antivirus/

Updated April 21, 2020

We've updated our original post to better reflect the advice we heard
from experts, none of whom endorsed specific software. Most people can
use Windows Defender alone to keep their computers secure.

nytimes.com You Don’t Need to Buy Antivirus Software

We set out to do a standard Wirecutter guide to the best antivirus
app, so we spent months researching software, reading reports from >independent testing labs and institutions, and consulting experts on
safe computing. And after all that, we learned that most people should >neither pay for a traditional antivirus suite, such as McAfee, Norton,
or Kaspersky, nor use free programs like Avira, Avast, or AVG. The
“best antivirus” for most people to buy, it turns out, is nothing. >Windows Defender, Microsoft’s built-in tool, is good enough for most >people.

We spent dozens of hours reading results from independent labs like
AV-Test and AV-Comparatives, feature articles from many publications
such as Ars Technica and PCMag, and white papers and releases from >institutions and groups like Usenix and Google’s Project Zero. We also
read up on the viruses, ransomware, spyware, and other malware of
recent years to learn what threats try to get onto most people’s
computers today.

Over the years, we’ve also spoken with security experts, IT
professionals, and the information security team of The New York Times >(Wirecutter’s parent company) to filter out the noise of the typical >antivirus table-tennis headlines: Antivirus is increasingly useless,
no, actually it’s still pretty handy, no, antivirus is unnecessary,
wait, no, it isn’t, and so on.

Although in any category we usually test all the products we’re >considering, we can’t test the performance of antivirus suites any
better than the experts at independent test labs already do, so we
relied on their expertise.

But ultimately, relying on any one app to protect your system, data,
and privacy is a bad bet, especially when almost every antivirus app
has proven vulnerable on occasion. No antivirus tool, paid or free,
can catch every malicious bit of software that arrives on your
computer. You also need secure passwords, two-factor logins, data
encryption, systemwide backups, automatic software updates, and smart
privacy tools added to your browser. You need to be mindful of what
you download and to download software only from official sources, such
as the Microsoft App Store and Apple Mac App Store, whenever possible.
You should avoid downloading and opening email attachments unless you
know what they are. For guidance, check out our full guide to setting
up all these security layers. Why we don’t recommend a traditional >antivirus suite

It's insufficient for a security app to just protect against a single
set of known “viruses.” There is a potentially infinite number of
malware variations that have been crypted—encoded to look like
regular, trusted programs—and that deliver their system-breaking goods
once opened. Although antivirus firms constantly update their
detection systems to outwit crypting services, they’ll never be able
to keep up with malware makers intent on getting through.

A quick terminology primer: The word malware just means “bad software” >and encompasses anything that runs on your computer with unintended
and usually harmful consequences. In contrast, antivirus is an out-of-
date term that software makers still use because viruses, Trojan
horses, and worms were huge, attention-getting threats in the 1990s
and early 2000s. Technically, all viruses are a kind of malware, but
not all pieces of malware are viruses.

So why shouldn’t you install a full antivirus suite from a known
brand, just to be on the safe side? For many good reasons:

Vulnerabilities: The nature of how antivirus apps provide protection
is a problem. As TechRepublic explains, “Security software necessarily >requires high access privileges to operate effectively, though when it
is itself insecure or otherwise malfunctioning, it becomes a much
higher liability due to the extent to which it has control over the >system.” Symantec and Norton, Kaspersky, and most other major
antivirus vendors have all suffered from critical vulnerabilities in
the past. Performance: Antivirus software is notorious for slowing
down computers, blocking the best security features of other apps
(such as in the Firefox and Chrome browsers), popping up with
distracting reminders and upsells for subscriptions or updates, and >installing potentially insecure add-ons such as browser extensions
without clearly asking you for permission. Privacy: Free antivirus
software has all of the above problems and adds privacy concerns. Good >security is not free, and free-to-download apps are more likely to
collect data about your computer and how you use it and to sell your
private browsing data, as well as to install browser extensions that
hijack your search and break your security and add an advertisement to
your email signature.

For these reasons, we don’t recommend that most people spend the time
or the money to add traditional antivirus software to their personal >computer.

Two caveats to our recommendation:

If you have a laptop provided by your work, school, or another
organization, and it has antivirus or other security tools installed,
do not uninstall them. Organizations have systemwide security needs
and threat models that differ from those of personal computers, and
they have to account for varying levels of technical aptitude and safe
habits among their staff. Do not make your IT department’s hard job
even more difficult. People with sensitive data to protect (medical, >financial, or otherwise), or with browsing habits that take them into
riskier parts of the Internet, have unique threats to consider. Our
security and habit recommendations are still a good starting point,
but such situations may call for more intense measures than we cover
here.

Windows Defender is mostly good enough The Windows Defender Security
Center window: "Your device is being protected." Photo: Kyle
Fitzgerald

If you use Windows 10, you already have a robust antivirus and anti-
malware app—Windows Defender—installed and enabled by default. The AV- >Test Institute’s independent testing gave Windows Defender a
recommendation in December 2019, and a nearly perfect rating in
performance.

Because Windows Defender is a default app for Windows 10, by the same
company that makes the operating system, it doesn’t have to upsell you
or nag you about subscriptions, and it doesn’t need the same kind of >certificate trickery to provide deeply rooted protection for your
system. It doesn’t install browser extensions or plug-ins for other
apps without asking. Windows Defender does have the problem of being
the default detection app that malware makers first attempt to work
around. But having layers of security and good habits—especially
sticking to official app stores and not downloading questionable free >versions of things you should pay for, as we cover in another blog >post—should keep you safe from the worst kind of Defender-defeating >malware.

AV-Test dinged Windows Defender in protection back in September 2019
due to its failure to catch some zero-day malware attacks. Windows
Defender rebounded in AV-Test’s December tests, fixing those real-
world testing issues and catching 100 percent of the attacks. In any
case, Windows Defender routinely performs as well in lab tests as any
paid third-party antivirus software, and when a major vulnerability
was discovered in Windows Defender in May 2017, Microsoft was
remarkably fast with the fix—from a Friday-night disclosure to a >Monday-evening patch.

No antivirus software consistently receives perfect scores from every
test lab, every month, in every test, but Windows Defender typically
does as well as (or better than) the competition, it’s free, and it’s >enabled by default. Why Macs don’t need traditional antivirus

Due to a combination of demographics, historical precedent, and
tighter controls, Macs have historically been less vulnerable to
infection than Windows computers:

People have far fewer Macs than Windows computers: Over the past year,
17 percent of Web-browsing desktop computers ran macOS, compared with
about 78 percent for all Windows versions combined, so macOS is a less >lucrative target for parties making malware. Macs include a wider
variety of useful first-party apps by default, and both macOS and
downloaded apps receive updates through Apple’s own App Store. Windows
PC owners are more accustomed to downloading both software and
hardware drivers from the Internet, as well as providing permissions
to third-party apps, which are more likely to be malicious. Newer
versions of Windows must make concessions to allow apps made for older >versions of Windows to run, creating a complicated set of legacy
systems to secure. In contrast, macOS has seen less change since the >introduction of OS X, and Apple has been less hesitant to render apps
made for older versions obsolete. In fact, with the introduction of
macOS Catalina in 2019, the company rendered older 32-bit apps
useless. Catalina also adds security features that make running
malicious software difficult, including requiring apps to request a
variety of permissions, such as access to files, microphones, cameras,
and other services, as you install them. This makes it pretty
difficult to install something you don’t mean to.

This is not to say Macs lack any vulnerabilities. Mac owners who
install a bad browser extension are just as vulnerable as Windows or
Linux users. The Flashback malware exploited a Java vulnerability and
tricked more than 500,000 Mac users in 2012, affecting about 2 percent
of all Macs. We’ve also seen some reports that Mac malware is growing,
but the built-in security protections of macOS mean it’s typically
more of a nuisance, like annoying adware, than a real problem.

You should still practice safe computing on a Mac and install
applications only from the official Mac App Store. Browser extensions
can also be problematic, so install only thoroughly vetted extensions
that you really need. Most people don’t need added protection

If you spend a lot of time in sketchier corners of the Internet, or if
you think you may have already downloaded malicious software that
Windows Defender didn’t catch, we’ve found that Malwarebytes is mostly >unintrusive and can identify malware that Windows Defender may have
missed, or malware that has made its way onto a Mac. But the paid
version is not necessary for most people.

Malwarebytes can detect certain kinds of zero-day exploits that
Windows Defender may miss, which means the two programs running in
tandem can work well together (provided that you set it up correctly).
The premium version adds live scanning of downloads, which is useful
if you download a lot of software or email attachments, but at $40 per
year it’s an expensive proposition for protection against something
most people don’t do often. For most everyone else, you can run the
free version of Malwarebytes and use it to manually scan your system
when you think you’ve possibly downloaded malware. The best protection
is layers and good habits

The idea that any one app could be universally aware of and protect
against all threats is ludicrous. As security journalist Brian Krebs
writes, antivirus “is probably the most overstated tool in any
security toolbox.” Antivirus can certainly catch unwanted programs and >protect your system, but it’s not enough on its own. We’ve written a >guide to the best layers of security and good habits for anyone who
uses a computer.

I think the AV boys have begun to price themselves out of the market,
plus their "all in one solution" of damn near totally taking over the
user's machine is starting to screw them big time.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 15 Jul 2021 16:51:25 +0100, "J. P. Gilliver (John)"
<G6JPG@255soft.uk> wrote:

On Thu, 15 Jul 2021 at 00:26:28, Merle@invalid.com wrote (my responses >usually follow points raised):
[]

I think the AV boys have begun to price themselves out of the market,
plus their "all in one solution" of damn near totally taking over the >>user's machine is starting to screw them big time.

Less so on Windows 10, where users are used to the Kool-Aid way of
working. (From what's leaked out so far, 11 more so.)

I suspect there aren't any _paid_ AVs that still work under XP; last I
heard (and _that_ was probably a year or two ago), only one or two of
even the free ones supported XP either.

Avast and AVG still do. There are one or two others but I don't
remember which ones. Just the fact that Avast and AVG still support
XP shows there's still are enough of us XP diehards around to make XP
AVs profitable.

From my fooling around with them lately there is no way I want any
part of any of them. I'm sticking with my sandbox. Those damn AVs
are too expensive and way too invasive and intrusive for my tastes.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 15 Jul 2021 at 00:26:28, Merle@invalid.com wrote (my responses
usually follow points raised):
[]

I think the AV boys have begun to price themselves out of the market,
plus their "all in one solution" of damn near totally taking over the
user's machine is starting to screw them big time.

Less so on Windows 10, where users are used to the Kool-Aid way of
working. (From what's leaked out so far, 11 more so.)

I suspect there aren't any _paid_ AVs that still work under XP; last I
heard (and _that_ was probably a year or two ago), only one or two of
even the free ones supported XP either.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Intelligence isn't complete without the full picture and the full picture is all about doubt. Otherwise, you go the way of George Bush. - baroness Eliza Manningham-Buller (former head of MI5), Radio Times 3-9 September 2011.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 15 Jul 2021 16:51:25 +0100, "J. P. Gilliver (John)"
<G6JPG@255soft.uk> wrote:

On Thu, 15 Jul 2021 at 00:26:28, Merle@invalid.com wrote (my responses >usually follow points raised):
[]

I think the AV boys have begun to price themselves out of the market,
plus their "all in one solution" of damn near totally taking over the >>user's machine is starting to screw them big time.

Less so on Windows 10, where users are used to the Kool-Aid way of
working. (From what's leaked out so far, 11 more so.)

The average computer user down the block doesn't have a clue about
OS's or anything else. Hell, they spend their bucks on those dang AVs
and most of them don't even realize they have to update them, or are
too lazy to do so. I think Usenet and forum users really lose track
of the ignorance of the average user. Not stupidity, but just plain
ignorance. Those users simply don't know nor care that Win 10 is
going to know each day what they had for breakfast, lunch and dinner.

Yeah, it was a bit of an exaggeration - but not by too much.

As for Win 11...forget it.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nomen,

You're either trolling (than again,that would not be your first time), or
you have not actually bothered to read what you quoted.

Both because it contains a nice large blob in it is about non-Windows AV,
but more important: because it first uses some FUD to convince you that you should not use an AV product (the claims are true for most all software),
but later on suggesting that you should be using *two* of them at the same
time - damned be the attack surface, the double slow-down, and FUD fact that free versions have a privacy problems, which than are doubled.

Personally I found the "A quick terminology primer: The word malware just
means 'bad software'
" blurb hilarious, especially when combined with with the last part of the
last line of that same paragraph - as if the light is on, but nobody is
home.

For the uninitiated, the word "malware" is a contraction of the words "MALicious softWARE". With the first word signifying intent. There might
be quite some "bad software" out there (bugs and the lot), but /most/ of it isn't malicious in nature. In other words: just like not all malware is a virus, not all bad software is malware.

As for that last line in itself ? Nope. Someone has not understood what
a (computer) virus is. *Technically* a (computer) virus is just a piece of code which tries to replicate itself (on/into other files). Nothing more. Though it /can/ however be coerced to carry a payload with it.

Compare a virus to a gun : you can try to use it, but without bullets its
not realy doing much. And when you do load it with bullets it may be
wielded to defend your home (for good) as easily as to rob a fellow man with (for bad).

Also funny is the part where coorporate users seemingly need an AV product because of "threat models", but home users do not need it. Actually,
*both* need it, and for the same reason : most people will ignore "safe
habits" at the drop of a hat if it stands in the way of some percieved fun. Including downloading stuff elsewhere because the 'puter refused to do it,
put it on an USB stick and than run the game/cat movie/soundbite from that stick on that 'puter - bypassing all safeguards coorporate (or the IT person
at home) has put into place.

There is one thing I agree with though :

As security journalist Brian Krebs writes, antivirus "is probably
the most overstated tool in any security toolbox."

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 15 Jul 2021 11:14:22 -0500, Merle@invalid.com wrote:

On Thu, 15 Jul 2021 16:51:25 +0100, "J. P. Gilliver (John)" ><G6JPG@255soft.uk> wrote:

Del

I suspect there aren't any _paid_ AVs that still work under XP; last I >>heard (and _that_ was probably a year or two ago), only one or two of
even the free ones supported XP either.

Avast and AVG still do. There are one or two others but I don't
remember which ones. Just the fact that Avast and AVG still support
XP shows there's still are enough of us XP diehards around to make XP
AVs profitable.

There's another one that did extremely well in the AV Comparative
tests: K7 - and you can get this one for $10.50!

Quite a buy for one that did so well in the test.

https://www.av-comparatives.org/comparison/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)