Do I need to use Anti-Virus Software?
For years I have been the on-call tech guy for family members, and most of my "repair" jobs involve clearing out malware infestations. You probably know the kind: hijacked browsers, rampant pop-ups, seriously impaired computer performance.
The irony is that there's usually some kind of security software running on their machines, be it McAfee, Norton, or the like. But after hearing me mutter under my breath about PEBKAC errors(though less so nowadays -- see "A rude awakening" below), I get the inevitable question: "Well, what security software do you use?"
Crazy? Crazy like a fox, thank you. This has been my modus operandi for years, and I swear on a stack of Wikipedias I have never had a single issue. No viruses, no spyware, no rootkits, no browser hijacking. No identity theft, no keylogging, no trojans.
Have I had to reset passwords following database breaches like this one? Of course. But that's beyond my control. What I can control is my own PC and how I interact with the Internet. After nearly a decade of running virtually no third-party security tools, here's the score: Broida, 1; Hackers, 0. And a year after I shared this "shocking" revelation, the score remains the same.
I realize this flies in the face of conventional wisdom, which insists you do not even boot your PC unless it's shielded by a comprehensive security suite. Meh. I am fine with it in principle, and some users definitely need it, but I balk at both the cost and the performance impact (though both have decreased admirably in recent years).
My security secretHow do I get away with this online offense, this browser blasphemy? There's no trick to it; it's just a simple trick.
My computer runs Windows 8.1, as secure an operating system as Microsoft has ever released. (together, now: "That's not saying much!") In addition, to its built-in firewall, the OS offers anti-virus protection in the form of Defender (formerly the standalone Security Essentials), plus SmartScreen for protection from malware and phishing scams. Internet Explorer also provides plenty of safeguards against hijacking and the like, though I am a Google Chrome user.
Speaking of which, all modern browsers -- IE, Chrome, Firefox -- employ robust security features of their own, and let us face it: your browser is the gateway to many, if not most, infections. Chrome, for example, will warn you about suspicious sites before letting you through to them, and its sandboxing helps prevent malware from "escaping" one tab and infecting all the others.
Web of Trust helps alert you to potentially unsafe sites. And that's it. Seriously. Between Windows, my browser, and my router (which has its own firewall, natch), I am good. But there's one small tool I do use, if only to buffer myself against momentary lapses of caution, and that's Web of Trust. Available as a plug-in for all major browsers, it vets the search results displayed by Google and other engines, the idea being to prevent you from clicking through to a site that might be unsafe. Speaking of which...
Where others failVery often I find myself scratching my head, wondering how my peeps end up with such nasty incursions when I am sailing along unscathed. The most likely answer: they are allowing it to happen, although unknowingly.
The two main culprits, in my opinion, are unsafe links (like the kind found in phishing emails) and spyware-infested downloads. One click of the former can steer you to a site that, just by viewing it, installs malware on your PC. As for the latter, many software sites are rife with advertisements masquerading as download buttons. You innocently click one, thinking you are downloading a particular program, but when you go to install it, bam: malware city.