Practical privacy and simple cybersecurity.
TheNewOil.org

Do You Even Need Antivirus Software in 2024?

The internet is full of outdated cybersecurity advice that just won’t die but should, like “public WiFi is unsafe” and “you should change your passwords regularly.” For the more pedantic in the crowd, yes, these pieces of “advice” do have tiny grains of truth under the layers of logical fallacies – public WiFi does come with some small risks (mostly in the privacy department, for the average individual) and changing your passwords regularly can have some potential benefits (mostly for companies). But generally speaking these are outdated pieces of advice from a different era. I’ve written before about how technology changes and those idioms are prime examples: back before the nearly-ubiquitous adoption of TLS, public WiFi presented considerably more risks. But the times have changed and that advice is no longer applicable. So on that note: let’s talk about antivirus.

If you’re like me, you’ve had more than your fair share of Windows computers that come bloated with all kinds of crap you didn’t ask for and will absolutely never use – I’m looking at you, OneDrive and Candy Crush. Antivirus is a frequent offender. Sometimes it’s AVG, sometimes it’s McAfee, sometimes it's someone else, but there’s always a universal constant: nobody really uses it. Even if you do believe in antivirus, there’s almost always a different service you’d rather use so the defaults end up just sitting there, cluttering up your device and swindling the less tech savvy out of their money for an – at best – inferior product.

The more I think about those dark days, the more I realize how much antivirus seems to be one of those outdated zombies. I never see YouTubers shilling antivirus, and the only time I see it pop up online is when people are making memes about it. In fact, I’m fairly sure we did use some of those inferior products back when I was in high school on the family computer and I’m pretty sure that still never stopped me from putting viruses on there like crazy because I was a stupid teenager who didn’t know how to be safe online. I also never read any stories about ransomware or hacks that could’ve been prevented if only the company in question had updated their Norton subscription. So that begs the question: is antivirus even relevant anymore?

Photo by Ed Hardie on Unsplash.com

Veteran readers already know my stance on this. My answer is “no, I don’t think you really need antivirus anymore.” There’s a lot of reasons I feel this way. For starters, modern security measures taken by manufacturers have come a very long way. Macs, for example, are notoriously secure, so much so that there’s a misconception that you can’t get malware on a Mac. That’s not true, but it is quite rare because of the immense number and quality of security measures that are baked into modern Mac devices. Windows has long trailed behind on security but has been making strides in recent years. The built-in Windows defense tool – appropriately called Windows Defender – has gone from being virtually useless to pretty robust and experts agree that it’s adequate for most users. Additionally, Windows 11 has made huge improvements in the security department and has learned from many of the mistakes that made past Windows editions the butt of many security jokes. That’s to say nothing of mobile devices, which have especially avoided many of the shortcomings of computers. Most mobile devices are incredibly hard to infect, instead having to resort to tricking users into downloading a malicious app. Even if infected, the vast majority of such malware can be easily removed by simply removing said app and rebooting the phone.

I also pointed to the news and the existing landscape as further evidence. As I said before, I have never once read a story that said that a company was compromised because they didn’t renew their antivirus subscription. The closest I’ve seen is companies who fail to update their software, but that can happen regardless of what the software is or how current the license is. Instead, the vast majority of compromises occur through phishing, social engineering, and other methods that convince the targeted user to hand over their own credentials or download malicious software or otherwise convince the target to somehow give the attacker access. If I convinced you to unlock your door and then I forced my way inside the house, that’s hardly the same as arguing that the door (or walls or windows) failed or that you should’ve renewed your ADT subscription. That’s basically what happens most of the time.

Now, in the interest of fairness, cybersecurity is a complex topic and this is no exception. I stated earlier that sometimes outdated “best practices” like the dangers of public WiFi and commonly rotating passwords do have some exceptions, and antivirus is no different. For starters, if you’re already infected, antivirus may be the best (or only) way to find and remove the infection. Additionally, if you’re in a high risk situation – being a public figure who gets targeted often or your work requires you to frequently download files – then I could see the value there. But for the average user who sticks to the same handful of trusted sites and programs, I don’t think they have much to gain from antivirus. Readers considering antivirus software should also be aware that such software – ironically – presents a risk just by its very nature. Antivirus software has to have full access to every part of your system so it can scan and remove things. Should the software become compromised, it can become the entry point to allow full access into every sensitive part of your device – and we’ve already seen at least one instance of antivirus companies abusing this kind of access by selling user data to advertisers. There are some niche cases where I could see the value of antivirus, but I would caution users to remember that these are powerful programs with a lot of privileged access. Don’t make that decision lightly.

So for the average user who (according to me) doesn’t need antivirus, what do I recommend instead?

  1. Keep everything updated. Make sure you enable automatic updates wherever possible, and keep everything updated – not just the device itself but the apps, too.

  2. Remove things you don’t need. If there are programs you don’t use on your device – whether bloatware that came with it or stuff you simply stopped using – be sure to remove them. Every app and program could have a vulnerability in it, and as soon as cybercriminals find that vulnerability you’re now at risk. Keeping things updated helps, but if it’s a program you don’t use then the better solution is to simply remove it. They can’t exploit something that was never on your device to begin with.

  3. Use wisely. As I said earlier, the top two ways I see people get malware is by not updating (which I addressed first) or by getting phished in some way. Even as an individual, this remains true. Unless you’re in some sort of high-value role (like being a CEO or working on an important government project) most of these efforts will usually be relatively easy to spot and avoid. This means implementing practices in your life like only using trusted, official websites for online purchases or downloading software and not downloading attachments or clicking links in email unless you were expecting it and verified that it is indeed legitimate. Of course, even official, reputable sites can sometimes be compromised, so for maximum protection I of course recommend checking out some of the pages on my website, but doing some basic due diligence will, in most situations, protect you from the lowest of low-hanging fruit.

  4. If you must... If you’ve read all this and still decided that antivirus software is right for you, be sure to pick one wisely. Objective-See is a non-profit who specializes in open source security software for Mac devices, and iVerify is my recommendation for iPhones. For Android, the Divested Computing Group (the makers of DivestOS) have released Hypatia, a malware scanner which has since been added by default to CalyxOS. For Windows there’s no clear winner I’ve been made aware of from a highly trusted organization, however Malwarebytes offers a free tool that will scan and remove malware for you on demand (but not 24/7 in realtime). If you’re a Linux user, really the only option is Clam AV, which is unfortunately extremely limited compared to some of the more robust offerings on other devices, but there are a number of other actions Linux users can take to help defend their system on top of this.

Again, to be clear, I’m only listing recommendations for people who would prefer to have antivirus, but remember that there are a number of other factors – both things you control (like your habits and actions) and things behind-the-scenes (like your device’s built-in security measures) – that are already helping to protect you (in my opinion) more effectively. For the vast majority of users, I believe that antivirus is no longer a “must have” tool. Antivirus software is a lot like VPNs: there’s a lot of shady companies out there exaggerating the risks and benefits to line their pockets. While they do offer additional protection, for most users you can save the money and protect yourself just as well with a few basic best practices. Whatever you decide is right for you, I hope this post has been helpful in making that decision.

You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...