The antivirus industry is the biggest player of the modern adware/malware crisis.
The dark patterns used in software like AVG and avast, both making every system I see them on so slow that they might as well be unusable, are all focused on getting more installs, be it to force people into getting whatever "premium" subscription or harvesting data(e.g. attaching themselves to every sent email like a virus).
There are very few that I could actually recommend, like Malwarebytes - for most users, Windows Defender will be more than enough nowadays. I haven't used a mac in a while, do you actually need AV on them today?
I mean there is mac malware and some of it is quite sophisticated. The compiled apple script bitcoin miner being one of the more ingenious ones. But those were distributed through pirated applications. There are probably a few zero days as well that maybe an AVE package could help stop if a signature is rapidly distributed. Ignoring the fact that the AV engine itself is a target too.
Most people using only the app store helps cut that down.
>Transmission representative John Clay told Reuters via email that the ransomware was added to disk-image of its software after the project's server was compromised in a cyber attack.
>"We're not commenting on the avenue of attack, other than to say that it was our main server that was compromised," he said. "The normal disk image (was) replaced by the compromised one."
My work laptop runs Windows. It runs Outlook, Chrome, Slack, and Exceed to connect to a remote Linux server where I do all of my work. At random times throughout the day the fan will get really loud. When I run the process viewer tool during this time I see things using 100% CPU. It's a Core i5-8350U with 8GB RAM and during these times it gets almost unusable. I've googled a few of them and they always seem to be antivirus things.
At home I have over 8 Linux machines and the only times their fans get louder are when I am actually running a video encoding program or something CPU intensive like that. Some of them are slower with only 4GB RAM and they are always responsive.
The built-in Windows Defender is absolutely painful on low end machines. Yours should be absolutely fine, but on a 2010 macbook with an ancient core2duo and 2gb ram, it's very noticeable.
Out of interest why is the performance of a basic a/v be affected by “older” cpu.
Isn’t it basically finger printing files and intercepting IO and so the resources it uses just depends on the activity of the device not the age of the CPU
That is strange. Until fairly recently my daily driver was a low end ex-lease HP machine from 2013 or so with an i3 with 4gigs of RAM. Never saw much issue with Defender or the updates. Not unusual for updates of any kind to be all over and done with in <5mins from clicking update to a fully usable desktop. Win10 has improved a heck of a lot over previous versions even on old hardware. My work-supplied Mac on the other hand, even with much better specs than my lowly home machine, usually takes at least 30mins to do updates (with most of the time spent during the reboot which means I can't use it at all). One of many reasons why I moved away from Apple for my own hardware.
> There are very few that I could actually recommend, like Malwarebytes
Malwarebytes installs a program with elevated privileges that starts on boot and always runs in the background, and regularly sends data home - despite that it is an ON DEMAND scanner.
I have written to the company to understand this virus-like behavior, and have gotten no response.
Commercial Malwarebytes isn't on-demand, it's an actual anti-exploit/rootkit solution. I assume the free version, which only has the on-demand features, comes with these components anyways? Might explain that behavior.
My reason to trust them is that they seem to be generally respected still, I've been using them for a long time and they've yet to start annoying me with dark patterns and upsells - of course that's not a super great indicator.
> * The antivirus industry is the biggest player of the modern adware/malware crisis.*
This is so true it hurts. Veracode releases an annual report ("State of Software Security"), part as marketing material, part as an industry insight leaflet. The worst offenders for software security and defect rate are, year after year, security products.
As an infosec veteran, it's obvious to me that the "industry" at large is not obeying the rules they set for others. The shoemaker's children have no feet.
> There are very few that I could actually recommend, like Malwarebytes
This used to be the case, but the commercial/enterprise cloud version of MBAM (required by my company) is godawful. It seems to call out to its cloud back end every time an executable launches, and it murders performance. It's most obvious in terminals when it causes a simple command that should run in < 1 second to take 4-5 seconds.
If anyone ever tries to install Sophos on your Mac, do your best to avoid it. Corporate IT seems to like it. It slows everything down. It's a nightmare to get rid off again.
The problem is for a lot of jobs you don't get a choice. The employer enforces it, no dark patterns necessary. And then you end up with a computer that is 70% busy doing AV-stuff and leaving 30% for actual work.
The dark patterns used in software like AVG and avast, both making every system I see them on so slow that they might as well be unusable, are all focused on getting more installs, be it to force people into getting whatever "premium" subscription or harvesting data(e.g. attaching themselves to every sent email like a virus).
There are very few that I could actually recommend, like Malwarebytes - for most users, Windows Defender will be more than enough nowadays. I haven't used a mac in a while, do you actually need AV on them today?