Virus Protection, Better or worse?

[yourlife]

Not to put a too fine a point on it, anti-virus programs suck, Why? Well for a number of reasons:

• Lulls the user into a false sense of security, which ends up making them careless
• They are fucking expensive
• The "better" ones use up gigabytes
• They can only protect you if your not a fucking dumb ass (N/A)
• They need constant updating, which means when your owning someone on Counter Strike, you get a lag attack and get ass pwned
• They can not protect you from the lesser known viruses
• Most are subscription costs
• High resource use

So are anti-virus programs any use? I guess it depends on what you do, and your level of computer experience. I personally do not use anti-virus, and I have successfully removed that fucking RECYCLER virus just by playing with the system files.

Take that Norton, your as fucking bad as Microsoft.

[piratePenguin]

9. There is so much money now in computer security, and so many companies making a profit, that it gives these security companies a self-interest in CREATING viruses and making people be insecure and feel insecure, without their security "solution".

(This isn't something I believe, but it is interesting to note)

Indeed, the ultimate solution is to lift the awareness, and the carefulness of all users - and that is an almost impossible task*. Still, it would be an interesting one. Has anyone searched for sites that try to do this for users? That would be an interesting venture, I'm sure other users here will agree. What we may call common sense by now is afterall, the best form of real security, and something most people don't pick up on. PC mags have their occasional "10 DON'TS for computer security" - but they are well deficient compared to a resource that aims to get readers to understand, which is what I have in mind (I'm sure these resources are out there).

* it really is, however there are things the software can do to get users interested in their security. For example, it was only when I switched to GNU/Linux that I really understood why a user should never be the root/admin for daily tasks, and it was that point where I began to understand everything I know about security. I'm positive there are an abundance of users still nowadays who wonder, perhaps frustratingly, why they need to be 'root' to make changes to the computer, and they search, and they find an answer that teaches them, and they certainly will understand not to use the root account for their daily needs.

[worker201]

What you call common sense is really just the actions of the educated and informed being so ingrained that they feel natural.  An internet forum's user-base is de facto better informed than the average computer user - what seems obvious to us is like a foreign language to many.  And it's not just kids and grandmothers - there are plenty of intelligent adults who spend their whole workday using computers, yet absorb absolutely nothing about how they work.  Those people have to have their hands held at all times - training won't do any good.  You best hope is to contain them, and try to minimize the damage they can do to themselves.  Ergo, Windows and antivirus shells. 

[piratePenguin]

A quality resource (adapted from a quality web resource) could also be distributed to every household (governments, also companies such as google have an interest in better internet security - not a small pool, if this undertaking of distributing a resource ringed a bell with them. Internet security companies would certainly like to sponsor this, I suppose, requiring their products to be pimped up especially).

As I said, I'm certainly not talking "10 don'ts on the internet", I'm talking get a group of people to work out what will get a lot of people to pick up the concepts of security - what phishing is, how to avoid being phished (the location bar is the answer, that's simple), why viruses are prevalent, how to be careful enough to avoid them (dont run stupid shit you get on the internet, run a virus scan if you have one, perhaps) etc... perhaps also how these people make money (adware, fraud). Necessarily, the aim is to make something people will be interested in reading.

Maybe only 5% of households will pick up something, 20% of web visitors (in comparison a smallish pool), in any case 5% of households is serious, if that's a realistic number (I don't know).

Now, I'll be surprised if this isn't done and done. The key is doing a specially good job of presenting the information, and volume.

What you call common sense is really just the actions of the educated and informed being so ingrained that they feel natural.  An internet forum's user-base is de facto better informed than the average computer user - what seems obvious to us is like a foreign language to many.  And it's not just kids and grandmothers - there are plenty of intelligent adults who spend their whole workday using computers, yet absorb absolutely nothing about how they work.  Those people have to have their hands held at all times - training won't do any good.  You best hope is to contain them, and try to minimize the damage they can do to themselves.  Ergo, Windows and antivirus shells.

Indeed that is the majority of computer users - for sure. But increasing the general competencies wrt security of a fraction of people, that is a result.

These are important competencies, perhaps the answer is to teach about them in school. I can certainly see a place for that..

[Aloone_Jonez]

I agree AV software is shit, I've not used memory resident AV for years without any problems. The last time I had a virus was my own fault for downloading something from a suspicious source but that was a few years ago and it was less inconvenient and harmed my machine's performance less than having AV software installed.

There's a myth about the effectiveness of AV software which is most likely perpetuated by the AV software companies themselves. Go to most Windows security blogs and you'll get offered plenty of advice, unfortunately most of it will be around which AV software to use, rather than tackling the real issues, such as don't use the Internet or email from an administrator account.

Memory resident AV is shit because the performance hit is unacceptable. In my experience, it makes a machine as slow as one purchased for a similar price a few years ago. Downloading updates every hour and scanning almost every file read from the hard drive is a total fucking waste of time. The only thing that needs to be scanned is executables on removable media, emails and downloads.

The only AV software I now use is Clamwin and I have it set so it doesn't automatically download updates and it's not a real time scanner so doesn't use up any memory or reduce my machine's performance.  The trouble is, Clamwin's detection rate is shit, I would use a better scanner but I've not been able to find a free one (price) which can be set not to do real time scanning or auto updates.

[reactosguy]

9. There is so much money now in computer security, and so many companies making a profit, that it gives these security companies a self-interest in CREATING viruses and making people be insecure and feel insecure, without their security "solution".

I had that feeling. I do remember reading the first 30 pages of Kevin Trudeau's Natural Cures book, saying that money hungry pharmaceutical companies sell drugs with side effects, so they can make more money, and then when the drug taker gets sick, they take more drugs and then the cycle repeats.

I feel in the same way, security software corporations make viruses and accuse other people, so that the user can download or buy their software, which goes berserk and costs the PC user CAD$200 in repairs, wasting the user's money, and then the cycle repeats.