I’ve found the web scanning to be mixed bag, at least with Avast. I noticed that the EV security certificates for sites that had them weren’t showing up properly - a sign of a man in the middle attack. I finally traced the problem to Avast, which had installed it’s own cert and was, in fact, doing a man in the middle attack on my browser - it was using the attack as a substitute for a hook in the browser to examine the incoming traffic, but it also made it impossible for me to verify that my secure connections weren’t being intercepted by a different man in the middle attack. Uhg. Security involves trade offs, and that trade off just wasn’t worth it to me at the time because I was really worried about credential theft.
I used to use Avast but became frustrated with it, honestly i don’t remember why. I think it was that i knew that it wasn’t catching certain viruses and i ended up having to rely on online antiviruses to scan my computer to make sure nothing had been missed.
Currently i have the paid version of Kaspersky and i really like it. It also has an app for managing and generating passwords, i even have it on my phone 
1 Like
I assume that it will protect you from most threats that aren’t exploits used the by Russian government. I wish I could assume US based AV doesn’t deliberately overlook at least some state actor level malware, but I can’t.
1 Like
I do have to say i was concerned over the reports you’re referencing to and i did consider switching to something else like Malwarebytes. I still might i’ve just been lazy about looking around, but ultimately i’d say that its worth paying for an antivirus. I was never really happy with the free versions and i could never really trust their efficacy.
1 Like
Yeah- but what antivirus exists for an android phone?
It’s an entire class of app or software I have no knowledge of. Can you sugguest anything? Can anyone?
I’m using AVG antivirus. Seems pretty good, though the free version annoyingly comes with ads.
That’s one bridge i haven’t crossed myself, though honestly i should actually consider it.
The following is based only on the behaviour I observed, which was using Chrome on Android
It’s unlikely, I think. If the attackers were able to exploit browsers without user interaction - just by someone loading the page - then they’d have done so. They blew their cover by making the hack obvious, from which I concluded that they didn’t have the chops to target computers subtly.
Phone OS’s are sketchy as you observe - they’re very opaque, with the owner of the phone essentially considered one of the “adversaries” of the vendor. So it’s hard to get good antimalware functionality, since the level of power that would require is at odds with the vendor’s view of their customers as opponents.
1 Like
This dates back to the original iPhone, and AT&T’s concerns expressed to Apple about the device spreading malware over the network. Seems paranoid, nowadays, but it was part of the reasoning for making the iTunes App Store instead of allowing for sideloading apps.
It is a philosophy that carried over to Google as well, that the store should be the first line of defense against malware, that browsers should be sandboxed as much as possible, and so on. Which is why malware needs to trick both the user to grant rights as well as trick the rudimentary malware protection in modern browsers.
And that’s why iOS does not have any antivirus software, and those on the market are snake oil. I don’t know about the Android market, alas.
1 Like
This topic was automatically closed after 5 days. New replies are no longer allowed.
