Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Should Average Consumers Install More Than One Antivirus Program On Their System?

Posted by msmash on from the what-would-you-say dept.

Even though you would assume that people would know better, an anonymous reader writes, in my experience, I have found many who think installing more than one antivirus program on their computer is the right way to go about it. Some have installed as many as three third-party security suites, which among other things, takes a toll on the performance. This week the New York Times' tech tip section addresses the matter. From the article, which could be paywalled, but you don't have to read it in entirety anyway: Installing more than one program to constantly scan and monitor your PC for viruses and other security threats can create problems, because the two applications will likely interfere with each other's work. Clashing antivirus programs can cause the computer to behave erratically and run more slowly as the applications battle for system resources. Microsoft advises against running its Windows Defender security software on the same system with another installed third-party antivirus program. Likewise, antivirus software companies also warn against using other system security products when you are using theirs; Bitdefender, Kaspersky Lab and Symantec all have articles on their sites explaining the potential problems in detail. Programs that do not constantly patrol your operating system, like mail scanners, may not be an issue. What do you folks recommend to people who are not as tech-savvy?

32 of 159 comments (clear)

  1. For once use the microsoft shit by Anonymous Coward · · Score: 5, Insightful

    Ever since microsoft came out with their windows defender I have seen no need to install any other virus software.

    1. Re:For once use the microsoft shit by gweihir · · Score: 5, Informative

      Indeed. The buy the same signatures everybody else has. Also, installing two AW solutions may well result in them interfering with each other. Not a good idea.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:For once use the microsoft shit by Anonymous Coward · · Score: 2, Insightful

      The Microsoft AV solutions serve the one legitimate purpose of AV software: They absolve the person who installed the system from accusations of negligence when the user inevitably gets the system infected. No AV suite can prevent that, but if you don't install any, the lusers think you're the reason their computers got infected.

      Other than that, MS AV is the least taxing on the system, but also lags behind on recognition rates. The former matters, the latter doesn't.

    3. Re:For once use the microsoft shit by Anonymous Coward · · Score: 2, Informative

      More important than anti-virus (except for Window's built-in): an ad blocker (ublock) & NoScript (or equivalent).

      It is easy to convince non-tech users to us an ad blocker, the NoScript gets more resistance since they have to think about which sites to give permission or not (my children hate NoScript).

    4. Re:For once use the microsoft shit by arth1 · · Score: 4, Insightful

      Microsoft Security has one thing going for it: it's lightweight.
      Every now and then other AV software appears that is light and fast, but invariably they will bloat into a hideous five-headed hippo, simply because they are run by (or bought by) corporations that have to sell, and marketing departments thus demand more and more features. Eset NOD32 is a prime example. It was the leanest meanest and most effective AV program out there. Now it's underperforming bloatware. Norton Antivirus is another example. Peter Norton's software was usable, but what Symantec and an army of outsourced coders turned it into was a monstrosity.

      There's no MBA alive that has understood that featuritis is a deadly disease. I know the schools teach it, including examples from several industries, but every single corporate executive believes that it doesn't apply to them.

      But Microsoft doesn't have to sell on competition. It's a free (as in toilet paper) product. Their incentive is to reduce the number of people who calls Microsoft support with infected or bogged down machines.

    5. Re:For once use the microsoft shit by TheRaven64 · · Score: 4, Insightful

      If they offered zero security, then that would be one thing. In fact, they often offer negative security. Last year, there was a vulnerability in Norton Antivirus that allowed arbitrary kernel-mode code execution. It would detect new files in the filesystem and scan them in the kernel (stupid design decision number one: the code scanning untrusted and expected-to-be-malicious data should be an unprivileged userspace process with read-only access to precisely one file). Unfortunately, their image decoder contained a vulnerability, so if your web browser or mail client dropped a png file on the filesystem, even if the user didn't ever open it, the system was compromised. Other AVs have had similar vulnerabilities. You're running some code that hooks into the OS, written by people that don't have access to the OS source code and don't know how many of the internals work, with maximum possible privilege. Does that sound like a good plan to you?

      --
      I am TheRaven on Soylent News
    6. Re:For once use the microsoft shit by nctritech · · Score: 2

      To be completely fair, NoScript is a real pain in the ass to use. Some websites have 20-30 external domains from which they load JS snippets. Figuring out which one the comments section loads from, for example, is sometimes just impossible. If it's facebook.net or disqus.com or fyre.co it's kind of obvious, but if it's douchebagmediamagicsnortingcdn.tv it's not nearly as simple to figure out.

    7. Re:For once use the microsoft shit by AmiMoJo · · Score: 2

      Most of the AV companies offer a free, stand alone scanner that doesn't need installation. Grab a couple of those and run them periodically.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    8. Re:For once use the microsoft shit by freeze128 · · Score: 5, Funny

      Their incentive is to reduce the number of people who calls Microsoft support with infected or bogged down machines.

      Haven't you heard? Microsoft actually CALLS YOU, and tells you that you have a virus!

    9. Re:For once use the microsoft shit by fustakrakich · · Score: 2

      Some websites have 20-30 external domains...

      This precisely is what clogs the tubes more than anything else. It is the single biggest problem in internet traffic today. It's like DDOS in reverse. Take a.fsdn.com, please...

      --
      “He’s not deformed, he’s just drunk!”
    10. Re:For once use the microsoft shit by gweihir · · Score: 3, Interesting

      That is a possibility to avoid interference. For suspicious files, you can also upload them to VirusTotal to basically get almost all scanners. Still, unless you behave in a very risky way, what MS offers is quite enough.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    11. Re: For once use the microsoft shit by KGIII · · Score: 2

      Isn't that a bit like the fox guarding the henhouse?

      --
      "So long and thanks for all the fish."
    12. Re:For once use the microsoft shit by MrL0G1C · · Score: 2

      Indeed. The whole mantra that "you should run AV" is BS, because they offer preciously little protection anyway. But at least MSE does not get in the way.

      2nd this, AV gives people a false sense of security. They run risky executables and think that the AV will stop them when a lot of the time AV will sit there and not even notice, or it'll notice a month later that you've got a trojan but all it will do is tell you because the nasty things are so hard to eradicate once they're in.

      --
      Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
    13. Re:For once use the microsoft shit by tlhIngan · · Score: 2

      Other than that, MS AV is the least taxing on the system, but also lags behind on recognition rates. The former matters, the latter doesn't.

      No, it only lags behind on so-called "heuristic" or "machine learning" or "artificial intelligence" recognition tests. These tests don't use known virus signatures, they use programs designed to mimic virus activity. The hope is that your AV solution will catch one of these "bad programs" doing its thing and quarantine it, so potential future threats are blocked.

      Everyone passes on the signature tests, that's expected.

      But the "unknown virus" test is also the most controversial, because guess what? They're the ones that can ruin your day. Everyone (except maybe Microsoft) has released a dud update that kills some essential Windows file and thus rendering the host PC unbootable or unusable. This happens because the heuristic test thought some windows standard file was behaving in a virus-like manner. I was attacked by one at work - basically IT got suddenly overwhelmed by people complaining their PCs were very slow that day. Disabling the anti-virus fixed it so IT had to roll back an update, but by that time, half a day was gone on everyone.

      And those also lead to false positives - someone wondered why a game stopped working on their PC - took them a while to realize an update flagged the game executable as a virus. Of course, the definition page listed it as a "This is when the antivirus thinks the program is a potential virus" virus.

      Chances are, by the time you come around one of these threats, either you're doing normal things and will only get it after it's well known, or you're doing stuff that's risky online anyways in which case it doesn't matter because one will always slip through.

      Recognition rates of heuristic/AI/machine learning templates don't mean diddly squat. It just meant among the contrived programs they wrote to test it, it detect them. Who knows against a real target that's unknown?

  2. stating the obvious,... by Selur · · Score: 5, Informative

    - don't install shit you don't want/need (true for all os)
    - don't use windows for browsing (especially if you browse to sites you don't trust)
    - don't click and open every damn email and attachment you get ...

    1. Re:stating the obvious,... by geekmux · · Score: 5, Insightful

      - don't install shit you don't want/need (true for all os) - don't use windows for browsing (especially if you browse to sites you don't trust) - don't click and open every damn email and attachment you get ...

      Telling the masses to not use Windows for browsing is like telling people to not drive 4-wheel vehicles for transportation. No matter how stupidly easy alternate OSes could be to operate, they're not mainstream, and therefore they are not the dominant option for the illiterate masses. And because users are obscenely lazy, a Windows alternative will have to become the default option.

      As far as installing shit you don't want/need, that describes 95% of the inventory in every app store. Installing pointless shit has practically become a tradition in the mobile universe. I don't see that behavior changing unless marketing crap suddenly becomes unprofitable.

    2. Re:stating the obvious,... by EricTDuckman1414 · · Score: 4, Insightful

      I've got an old laptop, around five or six years old, that I refurbished and tried to load Linux on. No matter what distro's live iso I tried, the internal screen would go black after the initial text menu. An external monitor plugged into the laptop would work fine, but what's the friggin point of a laptop that only works when plugged into an external monitor? None of the dozens of suggestions I found on the web helped one bit. This is apparently a bug that goes back years. I gave up, installed Windows 10, and the damn thing works great. Linux is a long, LONG way from being acceptable for the casual user who just wants to use their computer and isn't interested in fidgeting with and tweaking an OS just to get it to load on their hardware, and calling them "obscenely lazy" for it is arrogant, elitist, and pointless.

  3. No (Betteridge's law) by JcMorin · · Score: 4, Informative

    https://en.wikipedia.org/wiki/...

    1. Re:No (Betteridge's law) by burtosis · · Score: 2

      Still waiting on the headline "Does Betteridge's law still apply to news?"

  4. One is one too many by Anonymous Coward · · Score: 2, Informative

    Antivirus programs are a threat, not a mitigation.

    1. Re:One is one too many by geekmux · · Score: 2

      Antivirus programs are a threat, not a mitigation.

      The largest threat is the idiot behind the keyboard.

      Good luck with that mitigation. The masses don't give a shit about security. Never have. Never will.

  5. No by louic · · Score: 4, Insightful

    Some people even argue that antivirus programs cause more vulnerabilities that they solve and advise not to install any. Besides that, they will make your computer ridiculously slow, and might interfere with each other, possibly causing crashes and false positives.

    1. Re:No by JaredOfEuropa · · Score: 3, Insightful

      Some are horrible in that respect, but others like Kaspersky and BitDefender are well behaved and very unobtrusive. Kaspersky has the very rare issue with false positives.

      I wouldn't recommend doubling down on them though. What I would like to see, in addition to using a virus scanner, is a consumer grade device (or something in the router) that performs some useful intrusion / exfiltration detection on the LAN.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
  6. Two: one ignores NSA's viruses, the other KGB's by Anonymous Coward · · Score: 3, Interesting

    Assuming that US-provided ones have been "assisted" by the NSA, and that at least one other has been "helped" by the KGB, a mix of the two might keep a few more evesdroppers at bay.

  7. Bouncers by dargndorp · · Score: 2

    When talking to the uninitiated, I like to bring up an analogy using bouncers.

    When you have bouncers from just one security firm, things are alright. He'll do his best to keep the baddies out, things can carry on mostly undisturbed. Things ain't perfect, but hey, whatcha gonna do.
    On the other hand, if you hire additional bouncers from a different security firm, those two groups will spend most of their time shouting at each other, getting in scuffles, fucking things up for everyone.
    This analogy is simple enough to sink in with mom & pop.

  8. Re:NYT? by arth1 · · Score: 4, Insightful

    Not being a newpaper, but a person who started my career writing AV software in the days when AV software writers worked for themselves, not corporations, my recommendation is to not trust any antivirus software, and particularly not the popular ones.

    The virus writers have access to AV software and design and test malware so it slips through as many major AV products as possible. The end result is that the AV software will only get signatures added for the threat days or weeks later, after the malware has ceased to be a threat.

    Instead, use the internet with caution. Think of it as the worst district in the nearby city. Don't drive around looking for things to do. Don't trust the guy on the corner who tells you where there's fun to be had. Only go where you planned to go, and don't loiter idly, looking for fun. Someone will have fun, but it won't be you.

  9. No by Archtech · · Score: 2

    Less than one would be better.

    --
    I am sure that there are many other solipsists out there.
  10. Sticking to... by XSportSeeker · · Score: 2

    Avira and Malware Bytes currently.
    For the most part on anti-virus, Windows Defender will do, but for the average user these days it's more important to have a good anti-malware installed.
    Because the average user keeps going into porn websites and shady Google results which install a whole ton of ad-ware, spyware toolbars and whatnot. Those won't be detected by anti-virus.

    But these softwares have been stagnant for quite a while... this is one area that could use AI to teach and prevent a whole ton of users from commiting the same exact mistakes that people have been telling not to do since early Internet days.

    I'd be particularly keen on an anti-malware software that would write a warning in big red letters when people click on obvious fishing scam e-mails something like: "ARE YOU FUCKING DUMB? STOP USING THE PC RIGHT NOW, YOU ARE NOT QUALIFIED TO IT".

  11. recommend by markdavis · · Score: 2

    >" What do you folks recommend to people who are not as tech-savvy?"

    Run Linux or just get a tablet. That has been my recommendation for many years now.

  12. Re:Security software won't stop social engineering by nctritech · · Score: 4, Insightful

    You missed the point. Manipulating the person behind the keyboard always wins. Actual malicious software is nowhere near as big of a problem as it used to be. The bad guys figured out a long time ago that it is way easier and safer to manipulate the user into willingly giving up their credentials and money than to attempt to exploit software flaws in their computers. Sure, there are still malicious things out there, but getting infected with them is a symptom of the same problem: the person using the mouse willfully takes an action that harms them.

  13. The real question by OneHundredAndTen · · Score: 2

    The real question is whether antivirus software does anything other than making money for vendors.

  14. Never! by Vektuz · · Score: 2

    Some of the worst possible performance I have ever seen in my life has been from multiple antivirus softwares fighting with each other for access to a file. For example, you browse to a folder that contains a zip file... Windows Defender starting to scan the file (it gets first dibs because hey, written by operating system manufacture, what do you think?), other antivirus hooks CreateFileW and starts to scan it too. Now you have two applications seeking back and forth over the ZIP FILE trying to unzip it so they can peer inside and "make it safe". It extended what should have been small browsing operations from just a few seconds to many, many minutes.

    If you're evaluating antivirus software, a good measure is how much raw data reads they do when you're just browsing your file system and not opening any actual files. Some of them halt processes and scan the entire file when the file is even just queried from the file table (not even when actually opened), and you end up with file iteration taking as long as it takes to read the entire file contents.

    There is no place in this world for antivirus.

    If they're so dumb that they can't stop from clicking on executables, install windows S on their computer and let them suffer it. Its still more effective than antivirus is.