The Pros & Cons of Anti-Virus Software

When most people think of protecting their computers, they think of anti-virus (AV) software. Viruses are a real problem, of course, but how well do AV apps protect you? And are there any downsides to using AV software?

In older times, AV software was essential and generally did a good job at finding malware on your computer. Generally speaking, the core function of AV software is to recognize known malware and automatically quarantine the offending software. Some AV software is smart enough to use heuristic algorithms to recognize malware that is similar to the stuff it already knows is bad, or recognize suspicious behavior in general and flag it as potentially harmful. A popular new feature for a lot of AV software is to monitor your web traffic directly, trying to prevent you from going to malicious web sites or from downloading harmful software.

That all sounds good, but the devil (as always) is in the details. Firstly, in the ever-connected world of the Internet, malicious software is produced so frequently and is modified so quickly that it’s really hard for AV software to keep a relevant list of known viruses. Also, the bad guys have moved to other techniques like phishing and fake or hacked web sites to get your information – attacking the true weakest link: you. AV software just isn’t as effective as it used to be.

But the problem is much worse than that. In many cases, the AV software itself is providing bugs for hackers to exploit. Recently, Symantec/Norton products were found to have horrendous security flaws (which they claim to have since fixed). Increasingly, AV products are offering to monitor your web traffic directly, but this means inserting themselves into all of your encrypted (HTTPS) communications, which has all sorts of ugly security and privacy implications (see Superfish and PrivDog as examples).

So… what are we to do? My recommendation (Tip #23 from my book) is to install basic, free anti-virus software. There are still plenty of old exploits out there that hackers will always try, and AV software will help defend you against these. But I don’t believe that the for-pay AV software is really worth it – and many of them may do more harm than good.

For PC users, I highly recommend Microsoft’s Windows Defender (or Security Essentials for older PCs). For Mac, I would go with Avira or Sophos Home. Be sure to completely uninstall any other AV software you might have before trying to install new AV software. I don’t believe any of these programs will offer to monitor live web traffic, but if they do, I would NOT enable this feature. The security implications of doing this incorrectly are horrendous.

At the end of the day, your best protection is to follow basic safe-surfing practices:

  1. Don’t click on links or attachments in emails unless you specifically requested them.
  2. Be wary of anything that sounds too good (or too bad) to be true. If you get a scary email about one of your accounts, log into your account by manually typing the web address or use a favorite/bookmark (do NOT use any links provided!) and look for alerts there. You can also search snopes.com to check for known hoaxes and scams.
  3. Use unique, strong passwords for each of your web accounts. Use a password manager like LastPass to generate and manage those passwords.
  4. Keep your operating system and apps up to date. This includes smartphones and tablets.
  5. Back up all your files.
  6. Use an ad-blocker. Unfortunately, bad guys are slipping malware into ad networks. I use both uBlock Origin and Privacy Badger.