|
Originally Posted by Ward
|
AVs are unneeded. Even for the PC.
I've ran my systems (3 PCs, 2 laptops, 3 PDAs, a wifi router - new) for 4 years now without a virus. The trick is not to use programs or practises which exposes your setup to infection - get a software firewall installed. It will tell you immediately if anything attempts to access the net without your preconfigured permission. Chances are its something new and consequently malicious. Don't use programs with poor security records, i.e. virtually anything MS. Ditch IE for the much better alternatives, Opera and Firefox. Use an email client which doesn't parse HTML and renames executable attachments. Get a good process viewer and familiarise yourself with the running components of your system - learn to recognise newcomers and kill them at the earliest convenience. And finally, make backups!
Unbelievably - all this consumes less time, money and effort than maintaining an AV, accepting the performance hit as a result then repairing the damage when it fails.
Even if you don't agree, paying for a AV is silly - it probably spends 99.9% of its life doing nothing. When you think about it, when it does do its job, how reliably does it do it? Which run of the mill viruses, it usually works if kept up to date. But with 0-day viruses, you last line of defence, quite simply, fails.
|
I'll agree they are not needed yet for PDA, but I dont think people would benefit from following the rest of what you say here. First of all, it takes virtually no time and effort to maintain any modern AV, other than renewing once a year which takes all of a few clicks.
As far as it doing nothing, your experience doesnt represent the general population at all. Most people I know will have their AVs save them from a threat very frequently, most commonly in the form of all the mass-mailer viruses.
There are even cases where commercial software was infected with malicious code, one of these recent cases was for mobile devices actually.
I have never used AV myself either actually, but I understand the need for it. You have to realize the general population is not familiar with things such as client side exploits targeting certain browsers and email clients. As far as knowing which processes should and shouldnt be there, have you looked at the number of ambiguously named processes modern operating systems have running? You expect the average user is gonna know what those things are and what shouldnt be there? :) Furthermore, its not uncommon for viruses to mimic filenames of things that should be there, or inject into process space of exisiting legitimate applications.
Dont forget that a lot of people have children or spouses that are probably even less technical, and at that point your own safe habits are out the window :)
0day viruses arent usually much of a threat, detection for new viruses is very fast and unless by chance youre one of the first infections that isnt much of an issue. Even if you are, with destructive viruses mostly being a thing of the past, youll at least be cleaned shortly after. Better late than never, on the off chance that does happen.
Going without AV on a PDA is ok for now, but going without AV on a PC wouldnt be a very responsible recommendation IMO :)
BTW, software firewalls are quite a bit more useless than AV, as they are very easy to bypass and only warn you of threats that are already on your system. Any good AV will have said threat dealt with before its even on your system.