I’ve recently downloaded mullvad. I heard it’s popular in the piracy community. 5 dollars a month is not bad. Currently saving for a good antivirus. What are your favorites?
deleted by creator
On Windows, I’d say nearly every antivirus program I’ve ever seen is actually a scam that is overpriced and will spam you with messages about upgrading to a more expensive plan, and about how vulnerable you are without it if you choose to cancel your subscription.
The best way to avoid malware is to ensure you are properly installing software. While there are zero-click exploits which install themselves without user interaction, they are extremely, extremely rare, even on Windows, and antivirus programs can’t do much against them anyway.
If you want to avoid malware, I’d say instead of installing an antivirus, save yourself some money and just make sure you are downloading from official sources, verify checksums when they’re available, and keep your programs up to date. That will save you from 99% of malware, and the other 1% most likely wouldn’t have been prevented by the anti-malware anyway.
On Windows, I’d say nearly every antivirus program I’ve ever seen is actually a scam that is overpriced and will spam you with messages about upgrading to a more expensive plan, and about how vulnerable you are without it if you choose to cancel your subscription.
Not a scam but it is a somewhat predatory business model to convince most people they need this stuff, much like home security system salespeople convincing you burglars are all over the place and your stuff is going to be hit any day now for certain. Many admittedly are very poor in protection, rely entirely on definitions, and don’t invest a lot in mitigating threats. But some are good and when properly configured can even interrupt or stop many state actor campaigns or at least make a bigger headache for them when paired with other defense in depth steps.
The best way to avoid malware is to ensure you are properly installing software.
Very true. Most malware is through clicking big green flashing ad download buttons and getting malware that way or installing bundled software by not reading the installer terms or simply installing untrustworthy software.
While there are zero-click exploits which install themselves without user interaction, they are extremely, extremely rare, even on Windows, and antivirus programs can’t do much against them anyway.
Not entirely true. Good security suites have anti-scripting and exploit detection and can and will detect and interrupt the exploit chain from fully unfolding, downloading, and executing its payload. The thing is most people won’t encounter this kind of thing. It really depends on your threat model.
If you want to avoid malware, I’d say instead of installing an antivirus, save yourself some money and just make sure you are downloading from official sources, and verify checksums when they’re available.
This is one of the smartest things you can do to avoid even targeted attacks. Virustotal is also a useful tool here.
Ultimately for most people it isn’t worthwhile paying for this stuff but it’s something only the person in question can make a decision about.
I’d say being informed is a requisite even with using good security software. If your HIPS goes off and tells you that this new software is accessing certain registry keys or performing certain actions, unless you know enough about your operating system to understand the implications and what looks like malicious behavior you can’t really make good judgements on the data.
The only antivirus I have is an adblocker like uBlock Origin. If you’re on Windows the Defender program is more than enough, but I’ve been using Windows without it for years with no problem. When pirating with Mullvad I use qBittorent for torrents, you can set Mullvad as the network interface in the settings so when your VPN isn’t on, nothing will connect, so no chance of your IP leaking.
If you want it for piracy I’d recommend a seedbox, I cant recommend any because they are all a bit shady but you won’t have trouble with the law or some shit.
First off the mandatory disclaimer that unless you’re doing weird stuff (piracy for one) most people don’t need an anti-virus other than the one windows comes with. Also anti-viruses just based on definitions and virus signatures are weak and not worth the money, you want one with good behavior control for unknown threats if you’re bothering to pay for one.
I could write this whole thing about hardening and Mandatory Access Controls, default deny for executables, scripts, etc but unfortunately most programs for that also cost money in a subscription sense so you’re not really better off if you don’t already have a game plan there.
Well there’s privacy and then security.
EDIT: One of the best things you can do for web security is adblocking. Install firefox and install ublock origin now. Ads are a malware delivery vector and fuck capitalist ad parasites anyways (note: Chrome has introduced manifest v3 which has essentially broken ad-blocking on Chrome, you really need to use Firefox to get the benefits of ad-blocking these days).
I’d avoid American anti-viruses as their engineering and other staff are stuffed to the brim with “former” NSA, CIA, FBI people and I see them as little more than collection platforms. They also whitelist American government malware, avoid attributing campaigns to them, inform them of campaigns they uncover before going public and are all in all just a part of the intelligence complex at this point.
I would go with either a Chinese or Russian company.
Qihoo or Kaspersky.
Kaspersky I’ve had experience with in the past, it has really good behavioral control for unknown threats, can be tuned well and doesn’t answer to the FBI, NSA, CIA. They’ve also pissed all those off by doing things as simple as detecting their advanced threat campaigns. They helped Iran with NSA malware attacks and if you want to support a company that is as close to anti-imperialist in effect as any in the space they’re a good bet. Kaspersky is also famously friendly and works well with pirated software rather than just listing it all as malware. Right now you can buy a digital license off Amazon for 2 years for dirt cheap (probably because of sanction fears). Never pay for full price for this one, they always have steep discounts. I would go for the Internet Security or Total Security version over just the antivirus which isn’t worth as much (just check whichever is cheaper and get it, they have nearly the same features).
One note on Kaspersky. If you can, change your VPN location to the EU or California when downloading their installers and select the California or GDPR version of their software.
Qihoo I don’t have as much experience with but they’re a competently run company that’s based in China and fights to protect China’s infrastructure against American attacks. For Qihoo you can use the free version or if you want better options the premium version.
I’ll re-iterate again if you’re just doing normal web surfing then simply keeping software up to date is normally enough to keep most people safe. It really depends on what your threat model is like.
I believe that unless you’re doing some extremely important enterprise-level stuff and absolutely need that extra 0.1% of protection, antiviruses are really unnecessary for anyone. The best way to prevent malware is to keep everything up to date and ensure you’re installing software properly. That’ll prevent nearly all malware completely. Most of the stuff it won’t prevent also won’t be prevented by anti-malware programs, so I personally think they’re really not worth it.
I’d agree, with the caveat if you’re pirating stuff (especially software) in that case it often makes sense to have a little more protection and I see it as justified by the savings of pirating software versus paying. Because a lot of pirated software gets stuffed with malware, downloaders which often hit you with ransomware (mitigated best with offline back-ups but few people are perfect enough to maintain such). In that case it can save you great pain (though you still need to pay attention and practice basic safe piracy hygiene).
I’d also offer the caveat that if you’re an activist you could be targeted. A good security software could help in that situation though it really needs to be paired with significant security education, system hardening, etc.
if you’re pirating stuff (especially software) in that case it often sense to have a little more protection and I see it as justified by the savings of pirating software versus paying.
If you’re pirating software and don’t know how to run a VM or don’t have a separate machine to run it on (in case it contains a VM-busting exploit), then yes, it can be useful. However, I would personally prefer to buy a separate machine and run a VM on it than pay for a subscription service.
if you’re an activist you could be targeted. A good security software could help in that situation though it really needs to be paired with significant security education, system hardening, etc.
In this case, I’d say you should probably be running a Linux distro specifically designed for this purpose. Something like Qubes OS would work well.
If you’re pirating software and don’t know how to run a VM or don’t have a separate machine to run it on (in case it contains a VM-busting exploit), then yes, it can be useful. However, I would personally prefer to buy a separate machine and run a VM on it than pay for a subscription service.
Agreed. But ideals are ideals. Part of good security education is realizing whether you like it or not the limitations of your average user and configuring to the reality rather than the optimum.
In this case, I’d say you should probably be running a Linux distro specifically designed for this purpose. Something like Qubes OS would work well.
Qubes is good but it’s not something I’d call beginner friendly. It is an operating system for advanced users. I’d say if you’re going to go the non-traditional OS route, at that point just boot to Tails selectively.
Honestly a lot of advice to be given here is non-specific because we don’t know OP’s situation, their threat model, how educated in computer literacy they are, etc.
But an adblocker with up to date software, security patches applied, basic user education and care leaves most people quite safe.
I use NordVPN to bypass region locks on streaming sites. Works great on Netflix. My country of residence is still not gung-ho about piracy, so I don’t need a VPN for torrents, and I wouldn’t be able to recommend it for that.
