There is no point in installing any other AV vendor; they all suck, their software sucks, they ask way more than it's worth (nothing) and they frequently break security measures of software all over the ecosystem (some AVs still disable ASLR/KASLR to make injecting their DLL into all processes easier)
I got a new laptop from work recently and I didn't spend a great deal of time looking it over as i was busy and ... of course I hit some random performance problems as McAfee was abusing my machine while I was trying to work. Endlessly installing antivirus programs is getting pretty old.
All AV software has the desire to not negatively impact performance because if it's horribly slow people will uninstall it / quit paying for it.
The parent comment is pointing out that companies which primarily produce AV products benefit from the continued existence and fear of malware (to a degree at least). This is different for MS, as the eradication of Windows viruses will help Windows, which should be large enough a benefit to override any perverse incentives Windows Defender would otherwise have.
I know what you're trying to say is "also, Windows Defender isn't as slow", which happens to be true, but I think that's simply an emergent effect of other factors, such as AV companies feeling the need to "do more" to add value (whereas Windows Defender is funded by MS, so it has less incentive to "stand out").
i'm pretty neutral on this topic, but
doesn't this point by extension mean they have a more direct interest in discovering security flaws and publishing them rather than burying them under the rug if they haven't been seen in the wild?
Where they differ, I think, is the end goal. Non-MS AV need an ecosystem where there is still active threats to make revenue. MS actively doesn't want any threats, because they would realize more profits through their OS being marketable as virus-free.
I'm not saying Non-MS AV is out there introducing threats. But, they are incentivized to play whack-a-mole with bandaid fixes (keeping the ecosystem in check but alive) whereas MS is incentivized to go after root problems (kill the virus ecosystem, profit from OS).
What's the best way of meeting that checkbox for Mac and Linux laptops?
It's better to use lesser known antivirus products with good heuristic detection. I will not mention names but there are a number of products out there, including ones that block every executable not on a whitelist.
I'd much rather trust MS with Defender over some lesser known AV product which likely doesn't have billions of dollars, unfathomably large samples/datasets, and extensive experience with APT's.
As pointed out, no one really has a better incentive to detect and eliminate virus's than MS does in an effort to make their OS virus free.
While I understand that data from well known tests may support your point, as an employee for 2+ years at a security vendor I can say with certainty that defender falls way behind when it comes to fast generic detections and response time.
I quite frequently find myself copying maliciois files to my work laptop with defender activated and the detection rate is pretty poor as shown by the actual number of files that got copied.
Not even mentioning how it quietly scans my files and activates itself even though I singlehandedly shut it down a minute ago
Also, how substantial are these differences? Is it worth (in your opinion) being MitM'd by Kaspersky to realize the supposed benefits?
Ironically speaking, privacy concerned users are mostly IT-versed which can evade most of malware effects by just being attentive and caucios, while my mother, for example, doesn't care about MitM'ing her traffic, while I do care about her vising some shady sites while watching her beloved internet series.
Bottom line, if you are well versed, you probably can limit yourself to the default windows defender, but when it comes to successful unreleased exploits or a computer/user that is likely to download/run unknown executables some high-end vendor might be faster than other researches
There was no browser extension from Bitdefender involved and it applied to all installed browsers. Maybe browsers and Microsoft should actively fight this??
There is also AdGuard for Windows/Mac/Android which does this in order to block ads without the involvement of a browser extension. While this sounds like a bad alternative to uBlock Origin, it could be a necessary workaround in the future if Google succeeds with their Manifest V3 'conspiracy' against ad blockers. On Android it is also a better alternative to DNS/hosts based ad blockers because it won't leave blank ad placeholders in Chrome.
Germany, the country of data protection, and yet their banks force you to use Google/Apple.
Oh sure, I can use terminals or pay money for a hardware device whose manufacturer has an exclusive contract with the bank, but this is absurd considering all they'd have to do is provide a channel for getting the APK straight from their own servers instead of through Google.
...or at least give me an SHA256 of the APK, so I can really be sure that when I use a 3rd party app to download it, I'm not getting a Trojan or something.
On the other hand, I can set up a recurring payment, for free, from one account to a different account, at a different bank. In the US, my bank sends a check. Per snail-mail.
(Also: photoTAN is great. Could please all banks do that if they need an app anyway?)
a good reason to only do banking on an iPad/iPhone...
Unfortunately, Defender is still the worse in system performance impact (1) and I can't bear it especially when you do `npm ci` or the like. Or if you are into gaming, launching Steam with/without Defender enabled and you see 10-20 secs launch time difference.
I don't understand why Microsoft doesn't focus on that. They reached good detection rate but the slowdown induced by Defender still make other AVs worth it (same good detection rate but with less performance impact).