San Luis Valley IT

Websites and IT for Southern Colorado

What's the best antivirus software?

softwaresecurity

The question in the title of this post is very common, but finding an answer is surprisingly difficult. That's because if you search for an answer online, all the results will be blog posts by the usual suspects: Norton, Avast, Kaspersky, etc. They will all say that you absolutely need antivirus, and theirs is the best. This marketing is effective because it uses fear as a motivator. They will tell you that without their program, you will get hacked and have your identity stolen. This deception is highly profitable for these companies, who bill customers on a subscription model and provide little to no protection in return.

What is malware?

Most people use the terms "virus" and "malware" interchangeable. In fact, viruses are a specific category of malware. Because colloquial convention treats the terms as synonyms, this article will too. That said, malware is any software that does a bad thing, or a thing the user doesn't want it to do. There are many types of malware. Here are some examples:

Antivirus doesn't protect you against viruses

This runs contrary to anti-virus companies' marketing, which would lead you to believe that their software is a silver bullet against viruses. "I can't get a virus because I have anti-virus," I often hear people say. They couldn't be further from the truth.

The fact is, antivirus software has a very limited reach in cleaning your computer. There are a whole slew of techniques that virus-makers employ to evade detection. The author intended to list a few examples here, but found that there were a lot and most of them beyond comprehension of the layperson. Therefore, searching online for "antivirus evasion" shall be left as an exercise for the reader.

There is essentially an arms race between antivirus companies and virus creators. The antivirus companies find a new way to detect viruses and the virus makers develop new techniques to evade detection. The unfortunate reality is that the hackers are winning, and always have been. That is to say, even a half-sophisticated virus will evade detection, and only the most pathetic novice-built malware will be deleted in an antivirus scan.

Antivirus software can harm your computer

You may think that if your antivirus software has even a slim chance of detecting and eliminating a virus, that's better than nothing. Unfortunately, there are countless examples of anti-malware being wholly detrimental to your computer.

Based on the previous description of different types of malware, an astute reader may realize that even the most trusted, big-name antivirus software, are actually malware in sheep's clothing. These are just examples of antivirus malware that is known to the public. As a user, it's impossible to tell if your antivirus is acting nefariously or not.

The programs listed above are all well-known and trusted examples antivirus software. If we consider the lesser-known software, the situation is even bleaker. There are endless fake antivirus programs that don't contain any antivirus at all, and instead infect your computer with actual viruses. They are so common that it's impossible to list them all, but probably the best-known example is SpySheriff.

How can I actually protect my PC against viruses

The author is not the sort to present problems without offering solutions! It may sound obtuse to declare it, but the best way to protect your computer from viruses is to avoid infection in the first place. In fact, considering the ever-evolving evasion techniques mentioned above, this is the only way to protect your PC.

To prevent infection, one must consider how infections happen in the first place. There are two main vectors of attack:

Let us consider each of these vectors individually.

Software vulnerabilities

When vulnerabilities are discovered by software-makers, they fix (or "patch") the problem and distribute the patch through software updates. There is always the chance that a hacker discovers a vulnerability before anyone else, and may exploit it at will until it is fixed. These vulnerabilities are called zero-day vulnerabilities or simply zero-days because zero days have passed since the vuln's discovery.

This sounds grim, but the good news is that most vulnerabilities are discovered and patched by the "good guys" before they can be exploited by hackers. As a user, all you have to do to protect yourself from software bugs is to regularly install software updates. This sounds obvious, but the number of major hacks involving already-fixed vulnerabilities is astounding.

For example, the one of the largest cyberattacks in history was the 2017 WannaCry Ransomware attack. This hack infected more than 200,000 computers in a few hours before it was stopped (and many more would have been infected otherwise). How many of these computers had their software updates installed? None, of course, because the hack relied on a vulnerability that had been fixed two months prior. That is, all you had to do to protect your computer from this hack was to dutifully install your software updates.

Getting the user to install the virus

"Well, I would never install a virus!" you might say. Of course, you would never knowingly install a virus. However, anytime you install an untrusted program, it could contain a virus.

Let's say you have some task to perform on your PC, such as cropping a photo or combining two PDFs into one. If your computer doesn't already have a program to do so, you need to install one. So maybe you go online and search for "crop a photo" or "combine PDFs". The search results will have numerous legitimate-looking websites offering a free or paid download of a program that performs the needed task. You download one and find that it works in the way you expect it to.

Yet, behind the scenes, the same program may also be mining cryptocurrency or collecting your data. So how can you tell that the program you installed is benign? If the program's code is proprietary, there's simply no way to tell. On the other hand, if the software's code is publicly available, you can simply look under the hood and read the code and know what that program does. This type of software is called "open-source" because the source code is public. This is opposed to "closed-source" programs, which have private code and can't be independently audited.

Open-source software to the rescue!

In conclusion, there are three ways you, as a user, can protect your machine against malware:

Windows and MacOS are closed-source operating systems, and most of the software available for them is closed-source too. Linux is a free, open-source operating system and has a plethora of free, open-source programs that a user can install guilt-free from the app store. Linux is also faster and less buggy than its proprietary alternatives. So what are you waiting for? SLVIT has many affordable Linux computers for sale, or we can install Linux on your existing computer. That way you can sleep easy knowing your computer isn't doing anything you don't want it to.


< Back to all posts