What do we think about computer antivirus protection?
 

Do you use one on your personal computer? Which one and why? Or why not? Does it protect against identity theft as well?

I used to have Kaspersky and really liked it. Now I'm just using Defender. As for identity theft? I don't know that I have anything on my system that could lead to identity theft. Never gave that any consideration.

No A/V here

But then I dont run Windows either

Defender also here.
It comes with comcast internet....if it didn't, I wouldn't pay for it.

Defender comes with Windows

Oops...my bad.

Pretty robust if you keep the auto-update function on.

I did see something that says Windows 10 support is going away 10/2025, FWIW.

I use Defender, and the backup program I use is Acronis. It makes a clone of my boot drive to my RAID-5 and also my "work" drive. It comes with an identity protection that I really don't use.

It can make a backup to the "cloud" but I don't like the idea of putting my information on a site I don't control. When the CIA, FBI, Apple, Microsoft, AT&T, and healthcare companies have been hacked, I don't see the security. I have never been hacked!

My credit is locked on all the sites, and I use complex passwords. My router updates it's Firmware regularly, and I have strong protection on it.

I have little doubt my information is out on the dark web from hacks of my healthcare system, and other high profile hacks.

Similar, except / is on a SSD stand alone, and /home is on a software RAID-5 volume. I can pull the drives that make up /home and stick 'em in any machine, boot with a LiveDVD image and get back everything I care about immediately.

When I had a Windows box (it's been ~5 years) I used the free Microsoft thing. I think there were a couple of different names including Defender and Windows Malicious Software Removal Tool. It had been MANY years (at least a decade) since I used anything else. If I was still running Windows, I'd probably still be using the microsoft stuff.

If you are running windows, another possibility would be to not have your usual login have admin permissions natively. Have a separate login for full admin permissions. I'd hope that by now, Windows allows you to elevate your permissions when required. That makes it a lot harder for a lot of bad stuff to happen.

Have [several] Mac’s. The work one has a LOT of A/V stuff on it.
The others - nothing that apple doesn’t provide ootb.

The only difference I’ve noticed is in cpu utilization.

Does Apple provide anything ootb in MacOS? I haven't seen anything (other than the general design/operation of the OS).

Xprotect is built in.

Interesting. This was the first time that I'd heard of it. But I assume that's because it's not something that you install. Like you said, it's already there. I've always (in my MS days) had admin rights. At some point after I moved to Mac, I disabled admin rights for my user after creating an admin user. I think that's another layer of protection. I don't natively have full access and the OS will ask me to elevate my access.

https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web

It’s mandatory now a days

I use SentinelOne from my company, then 7 other layers of defence above that, but I’m in IT…

I wouldn’t pay money for it.

Don’t use your machine on the administrator account.

Think about how the ‘virus’ got access. Truth is you allow the wrong binary or script to run your machine you can be owned in a way that the antivirus won’t see.

Be really careful about what binaries you allow on your box. We’d like version updates to be painless but they’re fraught.

This thread and more specifically this post by Super Bob got me thinking about my system and updating to Win11. No can do! It appears my laptop doesn't meet the requirements to upgrade. Seems you need TPM 2.0 (Trusted Platform Module) and my system doesn't have it. I've checked Dell's support site which recognizes my system configuration and my system isn't compatible. Guess I'll be buying antivirus protection in 2025. I've done too many updates to my system to just go out and buy a new one.

I have one very old computer I built back when Win 7 came out. It was updated to Win10 but is not able too run Wiin11. It has some software on it that does a few mapping tasks that the new software is stupid expensive. So I will keep using it, and use some aftermarket anti-virus. My laptop iis the same way.

ESET - NOD 32 has been top rated for years..

Symantec and MacAfee are crap. They cause more issues than they protect you from in our enterprise but they are manageable enterprise wide with policies..... For a private machine, Defender comes with windows and at least it's SUPPORTED, kinda, not like the above that are useless ;-)
On a Mac, nothing much,maybe Avast or whatever once every year to double check, then I remove it.

Former Product Manager for Norton Anti-Virus here...

On my Windows 11 machine I run Windows Defender. I keep the firmware on this system updated and I run Secure Boot and all the other Device Protection security items from Microsoft. Microsoft is doing a pretty good job nowadays on this, and while there may be some vendors out there doing something better than Microsoft at any point in time, in my judgement the risks of adding another vendor to the mix greatly outweigh any potential benefits.

I rely on the built in security software on my Mac (XProtect?).

I do occasionally scan the computers with Malwarebytes, but it has been many years since it found anything notable on my systems.

None of the user accounts on the computers in my house have Admin privileges

I run DD-WRT on my router and I keep it updated, and have it set to use OpenDNS for all DNS lookups for all our devices. I do not use an ISP provided router or DNS and I do not have any ISP provided hardware (such as a wireless access point) on my side of my router.

All of my IOT devices are on a private VLAN so they cannot interact with my computers. I have a separate wifi network for our guests to use that is on a different private VLAN.

I do not use any VPN, Identity Protection or other security software. I am not convinced that any of them are worth using.

That said, I am thinking about deploying OPNsense: https://www.youtube.com/watch?v=dTUvlFfThPw

You reminded me to go to my motherboard maker, enter the serial number of my motherboard, and download the latest BIOS update. It had been 9 months since my last update. It is always a bit scary, as it takes a while, and I know a simple mistake can brick my computer. Or require me to buy a new BIOS chip and start over.

My router is one I own, and not from my internet provider. I bought my modem as well, but a model identical to one they use. I prefer to own it, and not rent it forever.

My router is set to update the firmware automatically when a new version is available, and to do it at 2:00 AM when we are in bed asleep.