*Thank you to our sponsor Notesnook who offers open source, E2EE notes to keep your ideas safe:* notesnook.com Something we should've made clearer: This video is almost entirely targeting active, always-scanning antivirus products. If you do an occasional on-demand scan of your system for peace-of-mind, there's not much wrong with this! Additionally, individually scanning suspicious files with online file-scanning tools is something that can be a proactive part of keeping yourself safe. Hopefully that clears up the target of the video a bit better. Stay safe out there everyone!
You would have to give antivirus software the same amount of trust you would give data removal services...because the only way they can work is to have complete access to your hardware and complete access to your personal information. And just like Henry said, this makes these services a high value target. Why try to break into 50,000 individual computers to get their personal information when you could just break into one data removal service or one antivirus software?
My problem with using Windows Defender is that it can be bypassed by malware by disabling it (the malware disabling it), plus Windows Defender has been clunky for me when it comes to removing malware in the past
on the other hand is the less invasive av on windows, performance is the same, comes native, is free and actually works for most malware... so i keep mine turned on
I’m pretty sure that if you use an unprivileged account and your admin user has a good password this should be mostly mitigated. Most exploits try to run powershell using your admin status to disable UAC with it, so if you user doesn’t have permission for that you’ll be fine.
@@alexcerzea this is an outdated mindset, there are many ways that you can still be fooled and get a malware and not just by downloading whatever sh!t on the internet, like the InfoStealer that infected Linus which steals his youtube session/cookie and wreck havoc on his youtube account was hidden in a PDF file and his Windows Defender didnt even detect it. malware keep evolving and can be on things you least expected, it can be hidden on files you least expected like documents or images
great vid. platform security engineer here. another often not understood, and not clear reason why not to use third-party AV is kernel-mode drivers. MSFT is good at writing secure drivers for its own OS. third-party devs writing third-party kernel-mode drivers, not so much. poor or dangerous kernel drivers are an even scarier attack vector than a poorly written application due to the lower-level at which they operate: the kernel. highly related to this, which you sort of touched on, are native exploit mitigations. MSFT Defender is always using the most up to date exploit mitigations, which are proactive security, rather than reactive (AV) security. third-party AV often relies on MSFT exploit mitigations. so if MSFT makes changes to exploit mitigations, or adds new ones, third-party devs are always going to be catching up, or worse, deploying code that might cause system instability, or force them to force Windows to disable exploit mitigations to prevent system instability.
Some good points but I take issue with Defender. Yes, better than it was & better than nothing but it is proven that it does worse than all the mainstream AVAM plus is is bad dealing with ransomware ( it will not protect you). You missed emphasizing an important point: an external backup drive should be disconnected from PC to protect it except when doing backups of course.
See, it's not so much whether Defender AV stops working or not; when Windows 10 support goes bye-bye the main issue is security patches. When a terrible exploit is discovered, normally Microsoft will (in all honestly probably outsource the problem to a more competent vendor) research the problem, figure out a solution, then push a security update out to all Windows users. In the case of an out-of-support Windows OS, the terrible exploit will just go unaddressed. AV can't stop exploits. Just viruses. Not that Defender is any good, but even if it were, an exploit would just go around it and break into the OS on a deeper level where AV can't touch it. Then it can shut down any AV you have going and fire its payload (virus, ransomware, or full remote access typically) with no way to defend against it for a home user.
From a technical perspective, I don't disagree with much of what you say. However, I'm curious to know who you intend this message for. You make a good argument for a standard, somewhat proficient home user. However, for a business owner, not so much. The question isn’t technical. It’s a question of optics. I explain this to my business clients all the time. If a data breach happens, and we know they do, do you want to be the person who explains to your clients why you don’t pay for antivirus?
I think you nailed who the message is for. That's why I specifically mentioned businesses being an area where it's easier to justify directly in the video
Last time I tried out various 'prestigious' ones, I was appalled by the degree of unprofessionality in their design. You'd think there are areas where much higher quality standards are essential, but there's still a lot of messiness in those areas. When you have an insider reveal business internals, it tends to be tales of insanity. (For example you might not want to know everything that happens at airports. But the daring ones can check out a bunch of ATC recordings.) Polemically, I would say airport personnel is extremely skilled at barely avoiding grand disaster; out of necessity. User expertise can trumps most technological solutions.
what if ur downloading and using software or games from "unofficial sources"? in that case do you need an antivirus tool or is windows defender still suffice?
I agree except for the advice to keep the OS updated. This is a good advice, when it comes to Linux, but for Windows users certainly not. Windows does not get better, more stable or more secure with new updates; it never did. New updates only add new vulnerabilities to Windows. The new Windows 11 24H2 update will add Copilot to your system, just to give the most recent example additionally to all the bugged Windows patches that crashed the OS in the past. Copilot will open your data to hackers on your own device as well as on the Microsoft servers where lots of your data will end up. With Win11 24H2 you cannot install a Bitcoin wallet or anymore, since your keys would not be secure anymore. The same is true for online banking. Hackers can gain access to screenshots showing all your login data. The first thing you should do, when buying a new PC is disabling Windows Update. Microsoft knows that everybody with some basic understanding would try that, so they made it extremely difficult. It cannot be done in the settings or the control panel anymore and you need more advanced methods to really stop Windows Update. But you really should do it. Fortunately Windows 10 will reach its end of support soon next year. So Windows 10 users will be pretty safe then. keep the OS updated.
I do all your tips except for #1 since my macbook is on Monterey and no longer getting updates. I think I'm still ok since I don't install any old random software.
If you are a decently skilled computer user you don't need it. I'd argue that hardening your O/S to not operate as a privileged super user does far more for you than an A.V. But for those like my in-laws and mom who aren't skilled and click on the wrong things, this is who A.V. is for.
I use linux more then windows was windows free for five years but atm have a windows 11 pc as a workstation. ill admit on it I do use avast one... old habits cuz if iam honest I dont feel i need it
An antivirus is like a thermometer: you don't need to keep it stuck into the *55 24/24h. But maybe you should keep one, just to cross-check if you start to feel something weird. If you're soooo sure and serious about your safety, why remove the tool that would give extra credit to this assesment ? Unless you're sharing files to the net, you indeed don't need a 100% uptime eating-RAM daemon. But having no tool to check the files you download before launching them ? Too much of confidence.
*Thank you to our sponsor Notesnook who offers open source, E2EE notes to keep your ideas safe:* notesnook.com
Something we should've made clearer: This video is almost entirely targeting active, always-scanning antivirus products. If you do an occasional on-demand scan of your system for peace-of-mind, there's not much wrong with this! Additionally, individually scanning suspicious files with online file-scanning tools is something that can be a proactive part of keeping yourself safe. Hopefully that clears up the target of the video a bit better. Stay safe out there everyone!
You would have to give antivirus software the same amount of trust you would give data removal services...because the only way they can work is to have complete access to your hardware and complete access to your personal information. And just like Henry said, this makes these services a high value target. Why try to break into 50,000 individual computers to get their personal information when you could just break into one data removal service or one antivirus software?
My problem with using Windows Defender is that it can be bypassed by malware by disabling it (the malware disabling it), plus Windows Defender has been clunky for me when it comes to removing malware in the past
on the other hand is the less invasive av on windows, performance is the same, comes native, is free and actually works for most malware... so i keep mine turned on
We do the Scan Offline feature every now and then on my kids pcs. Have picked up a few things over the years when doing it.
I’m pretty sure that if you use an unprivileged account and your admin user has a good password this should be mostly mitigated. Most exploits try to run powershell using your admin status to disable UAC with it, so if you user doesn’t have permission for that you’ll be fine.
The best way to don't deal with malware, is to not download wathever shit is in the internet
@@alexcerzea this is an outdated mindset, there are many ways that you can still be fooled and get a malware and not just by downloading whatever sh!t on the internet, like the InfoStealer that infected Linus which steals his youtube session/cookie and wreck havoc on his youtube account was hidden in a PDF file and his Windows Defender didnt even detect it. malware keep evolving and can be on things you least expected, it can be hidden on files you least expected like documents or images
Linux permissions also make it a more difficult target for malware, so long as the user doesn't use root for everything anyway.
Or the good old 777
nah, the only reason Linux PC's are least targeted is because it has less user base. look at how many "Linux based servers" are infected with malwares
Not really. Infostealers don't care.
great vid. platform security engineer here. another often not understood, and not clear reason why not to use third-party AV is kernel-mode drivers. MSFT is good at writing secure drivers for its own OS. third-party devs writing third-party kernel-mode drivers, not so much. poor or dangerous kernel drivers are an even scarier attack vector than a poorly written application due to the lower-level at which they operate: the kernel. highly related to this, which you sort of touched on, are native exploit mitigations. MSFT Defender is always using the most up to date exploit mitigations, which are proactive security, rather than reactive (AV) security. third-party AV often relies on MSFT exploit mitigations. so if MSFT makes changes to exploit mitigations, or adds new ones, third-party devs are always going to be catching up, or worse, deploying code that might cause system instability, or force them to force Windows to disable exploit mitigations to prevent system instability.
Some good points but I take issue with Defender. Yes, better than it was & better than nothing but it is proven that it does worse than all the mainstream AVAM plus is is bad dealing with ransomware ( it will not protect you).
You missed emphasizing an important point: an external backup drive should be disconnected from PC to protect it except when doing backups of course.
Your videos are just [chef's kiss] the best! Keep up the good work!
😄
Will Windows defender stop working as well when windows stops the updates to windows 10?
See, it's not so much whether Defender AV stops working or not; when Windows 10 support goes bye-bye the main issue is security patches. When a terrible exploit is discovered, normally Microsoft will (in all honestly probably outsource the problem to a more competent vendor) research the problem, figure out a solution, then push a security update out to all Windows users. In the case of an out-of-support Windows OS, the terrible exploit will just go unaddressed. AV can't stop exploits. Just viruses. Not that Defender is any good, but even if it were, an exploit would just go around it and break into the OS on a deeper level where AV can't touch it. Then it can shut down any AV you have going and fire its payload (virus, ransomware, or full remote access typically) with no way to defend against it for a home user.
When ever i had virus windows defender wasn't able to remove it and got overwhelmed
From a technical perspective, I don't disagree with much of what you say. However, I'm curious to know who you intend this message for. You make a good argument for a standard, somewhat proficient home user.
However, for a business owner, not so much. The question isn’t technical. It’s a question of optics. I explain this to my business clients all the time. If a data breach happens, and we know they do, do you want to be the person who explains to your clients why you don’t pay for antivirus?
haha yeah exactly 😎
I think you nailed who the message is for. That's why I specifically mentioned businesses being an area where it's easier to justify directly in the video
Last time I tried out various 'prestigious' ones, I was appalled by the degree of unprofessionality in their design. You'd think there are areas where much higher quality standards are essential, but there's still a lot of messiness in those areas. When you have an insider reveal business internals, it tends to be tales of insanity. (For example you might not want to know everything that happens at airports. But the daring ones can check out a bunch of ATC recordings.)
Polemically, I would say airport personnel is extremely skilled at barely avoiding grand disaster; out of necessity.
User expertise can trumps most technological solutions.
Anyone else remember when Windows DCS stood for 'doesn't catch shit"? It's come a long way but I left Windows behind awhile ago.
Common sense information most people never consider.
Highly informative video, only mainstream channel that gives these caviats with antivirus software!
what if ur downloading and using software or games from "unofficial sources"? in that case do you need an antivirus tool or is windows defender still suffice?
Should be sufficient, but not 100% safe
If it's piracy
Then you need one with lower false positives then defender like eset or Kaspersky (unfortunately it's KGB spyware )
Linux, I feel secure using without an AV, but using windows without that layer of security is insanity to me, even with those precautions.
I agree except for the advice to keep the OS updated. This is a good advice, when it comes to Linux, but for Windows users certainly not. Windows does not get better, more stable or more secure with new updates; it never did. New updates only add new vulnerabilities to Windows. The new Windows 11 24H2 update will add Copilot to your system, just to give the most recent example additionally to all the bugged Windows patches that crashed the OS in the past. Copilot will open your data to hackers on your own device as well as on the Microsoft servers where lots of your data will end up. With Win11 24H2 you cannot install a Bitcoin wallet or anymore, since your keys would not be secure anymore. The same is true for online banking. Hackers can gain access to screenshots showing all your login data.
The first thing you should do, when buying a new PC is disabling Windows Update. Microsoft knows that everybody with some basic understanding would try that, so they made it extremely difficult. It cannot be done in the settings or the control panel anymore and you need more advanced methods to really stop Windows Update. But you really should do it. Fortunately Windows 10 will reach its end of support soon next year. So Windows 10 users will be pretty safe then. keep the OS updated.
What if someone uses pirate softwares and games?
Can antivirus then be useful?
Obviously
Choose one with low false positives like ESET , Kaspersky
I do all your tips except for #1 since my macbook is on Monterey and no longer getting updates. I think I'm still ok since I don't install any old random software.
Password manager and proton pass, I always look for what you're using, minus apple products 😅😊❤
Until now i use bulit in windows defender. It's the best software ever. Other third party anti virus consume too much memory
So I shouldn't renew my bitdefender lol?
...make use of the Windows sandbox for high risk internet browsing...or a virtual windows machine
If you are a decently skilled computer user you don't need it. I'd argue that hardening your O/S to not operate as a privileged super user does far more for you than an A.V. But for those like my in-laws and mom who aren't skilled and click on the wrong things, this is who A.V. is for.
In a no windows env I've never had antivirus, my linux install from 2007 never tasted ANY antivirus, but I do hardening in all my setups, CIS 🙃
I use linux more then windows was windows free for five years but atm have a windows 11 pc as a workstation. ill admit on it I do use avast one... old habits cuz if iam honest I dont feel i need it
It's a hot take 😂
Watch out people he must be a hacker or stupid
👍
An antivirus is like a thermometer: you don't need to keep it stuck into the *55 24/24h.
But maybe you should keep one, just to cross-check if you start to feel something weird.
If you're soooo sure and serious about your safety, why remove the tool that would give extra credit to this assesment ?
Unless you're sharing files to the net, you indeed don't need a 100% uptime eating-RAM daemon.
But having no tool to check the files you download before launching them ? Too much of confidence.
Antivirus is like your own terminator, who could possibly see you as a threat!
thank you mr tech lord.
Love Techlore
Wonderful video! Thank you very much 💜
first. great info!!
Don't be stupid online and safe
as i type, then visible once posted?
all clicks and giggles
hmmm can you tell me why my text is black in youtube?
Unless you wrote the code, you are not safe
one more to unsub for not replying right after posting
12 minute vid, but you've been posting on here for about an hour. Are we watching you have a meltdown via the comments section?
ever heard of the edit button?
wake soon, don't be woke...
wok mentioned in an antivirus video ahahahaha you clown
I just use Common Sense AV 2025™