
Ask HN: Do you still use Antivirus in 2017? - rhlala
Do you still use Antivirus? Why? 
And witch OS are you using?
======
ocdtrekkie
Yes and no. I technically have antivirus, but Windows Defender is a built-in
OS component, so I'm not paying for it or installing any third party software.
The OS pretty much maintains itself.

------
bradknowles
IMO, the classic antivirus solution stopped working years ago.

You can't just scan for known bad fingerprints anymore -- most malware these
days is polymorphic and has already gone through a virus checking service run
by other blackhats (kind of like VirusTotal).

You can't just analyze the code in a virtual environment -- it's too easy for
a malware author to determine if they're running in some sort of VM and then
choose not to activate.

Moreover, most antivirus software is poorly written and is a bigger security
risk than not having it at all. Many malware authors will specifically attack
antivirus software, because that's the easiest way to get maximum permissions.

I do use anti-malware programs on my Mac. But it's all based on looking for
system activity signatures that are typical of malware attacks. Classic
antivirus software just isn't that useful.

Little Flocker is a good start, but has recently been sold to F-Secure, and
I'm not sure if it will remain good.

BlockBlock is good. So is KnockKnock. And OverSight. And RansomWhere. All by
the same author. Lots of these things are also covered by Little Flocker, if
you prefer that option.

Little Snitch is great, but takes a bit of work at first to train it for what
kind of behavior is okay on your system.

I still have ClamAV on my machine, but it is far from the first line of
defense. It may catch the dreckage that is still out there and hasn't been
updated with more modern obfuscation methods, but that could still be a net
positive.

Of course, I also have FileVault turned on for volume encryption, and the
Sierra network/application firewall enabled, and GateKeeper to ensure that all
apps have good crypto signatures or they can't be installed or run.

And then there might be some other things that I won't talk about publicly. ;)

------
beauchef
I use Bitdefender on Windows. In 2017 more than ever, you definitely need
protection. Sure, Windows is the most obvious target for viruses. But
Microsoft is also the company that invest the most in security. If you know
just a tiny bit about security, you know that MacOS is not more secure than
Windows. It's just less attacked: [http://www.ibtimes.com/nope-apple-
computers-arent-more-secur...](http://www.ibtimes.com/nope-apple-computers-
arent-more-secure-windows-theyre-just-attacked-less-2334220) And then you got
this kind of report (to be taken with a grain of salt:
[http://thehackernews.com/2015/02/vulnerable-operating-
system...](http://thehackernews.com/2015/02/vulnerable-operating-system.html)

Don't listen to hearsay... you need protection.

~~~
max_
I use Windows Defender.. I am interested to know your opinion on it.

~~~
NTripleOne
It's decent barebones protection but it doesn't play nicely with some software
(games usually), with "antimalware service executable" gobbling up CPU as (I
assume, at least) it scans stuff as it's being executed.

------
tgragnato
ClamAV [[http://www.clamav.net](http://www.clamav.net)] is my aid, I use it on
macOS and OpenBSD.

\- [https://raw.githubusercontent.com/Homebrew/homebrew-
core/mas...](https://raw.githubusercontent.com/Homebrew/homebrew-
core/master/Formula/clamav.rb)

\- [http://cvsweb.openbsd.org/cgi-
bin/cvsweb/ports/security/clam...](http://cvsweb.openbsd.org/cgi-
bin/cvsweb/ports/security/clamav/Makefile?annotate=1.112)

It's _unobtrusive_ , and I can fully control its behaviour (under usual
circumstances a simple `freshclam && clamscan -i -r $PATH` is enough).

~~~
NTripleOne
Thank you for your consideration. Remember, non-windows users, just because
you're not the target, doesn't mean you're not an attack vector.

------
Artlav
No. Why would you even use Windows in 2017?

~~~
romanovcode
Don't want to be a buzzkill but MacOS malware is growing faster then Windows
malware ever was. 2016 MacOS malware up by ~750%[0].

2017 will be even bigger. The more users you have - the more malware you get.

[0] [https://www.macrumors.com/2017/04/06/mac-malware-
up-744-perc...](https://www.macrumors.com/2017/04/06/mac-malware-
up-744-percent-in-2016/)

~~~
behnamoh
Percentage increases don't tell you the whole story.

For example suppose you have only "1" malware for your OS. Next year you have
"2", a 100% growth rate.

Now suppose you have a shitty OS with 1000 malware. Next year it has 1200
malware, a 20% growth rate.

Someone without this knowledge would go about and claim the second OS is
"safer", but the truth is both OS's are just experiencing an exponential
growth rate, the first OS is just at the first stages of the curve.

~~~
romanovcode
I was not implying that. What I said is that MacOS malware grows like crazy.

------
Blinks-
At work for windows/Mac machines I use Webroot, after an infection though I
will run superantispyware or malwarebytes from an external media device (they
seem to have a higher detection rate). I usually run a software side firewall
like tinywall on Windows or littlesnitch on Mac just to see what's making
requests in the background. Interestingly enough at work Macs receive a lot
more detections per machine then windows boxes these days.

------
dnel
I installed AV once on my android phone after doing something stupid, luckily
I got away with it and uninstalled soon after due to irritating pop-up
annoyances from the AV app.

Desktop-wise I've been on Linux for well over a decade, I've never used AV
except to (rarely) clean out infected files I might share and infect others
with, not necessarily for my own protection.

------
marssaxman
I gave it up a long, long time ago; it just isn't necessary. I use Linux
(Ubuntu, in recent years) and Mac OS.

------
0x54MUR41
No, I don't. Currently, I use Linux Ubuntu and OS X El Capitan. Linux Ubuntu
for my personal development and OS X for working in the office (it's my first
time using it). I don't know about those two. I believe that virus on Linux
are rarer than Windows.

------
carlmungz
I use Sophos on my Macbook. I'm on Sierra.

------
ubersec
ESET has multi-platform support, that along with carbon black Defense seems to
be legit.

------
soulbadguy
No

------
probinso
on windows i used sophos.

on linux i mostly feel content with SELinux

------
sayelt
No.

I'm a GNU/Linux user since 2000.

