I advise my techie and non-techie friends alike not to bother with antivirus, but rather to ensure that their files are backed up and their software is up to date.
Those are the most important parts, assuming the user is above the level of downloading and executing malware by themselves.
And with Google planning on banning those fake download buttons, it might alleviate the need for an adblocker. I feel bad installing adblockers on others' computers, but it's helpful for the virus-prone.
Adblockers are a necessity to bring a computer up to the minimum level of security your friends and family need. There is so much malware being served through ads nowadays I wouldn't use any computer and try not to use a phone without adblockers in place
Android phone users may find it useful to know that Firefox for Android works great with uBlock Origin. No more app store popups, audio ads, or sucking down your mobile data.
It's very useful, but I try to encourage everyone I can to root and install a system level adblocker. Not feasible for 100% of people but the more the better.
That article strangely claims it's not Forbes' fault if their pages serve malware. Of course it's their fault and responsibility when they have freely chosen to work with this advertisement provider. Of course they should change the agency, and perhaps claim damages, but one can't transfer the responsibility on third parties.
I used to work for an antivirus vendor and I would not recommend this.
The antivirus engine is the same and the only differences are how it's packaged. They're still shoveling obtrusive, crap software onto your system, just being less obvious about it.
The only reason to have Symantec Corporate Edition Antivirus installed on your system is because your company signed a deal to use Cisco VPN & Endpoint Protection and you're literally forced to use it.
What mostly everyone fails to understand is that antivirus software is not effective as a _preventative_ measure. What they are good at is detecting that you're already infected, but they all have terrible rates of false-positives. Nothing out there is much effective at protecting you from 0-day, despite industry claims to the contrary.
User training/habit modification is the only effective measure at preventing infection (besides being behind a default-deny firewall, but that's not something consumers will do). 99.9999% of infections require user interaction (and the ones that don't require it become instant international news). Adblockers get you most of the way there and do a better job at prevention than antivirus software.
Flaws in AV software have been exploited by rootkits before. AV software is just another point of failure.
No, they aren't good at finding malware installed. I installed Norton on my mother's friend's computer and it found 4 bits of malware. I later installed Malwarebytes and it picked up something like 45 different malware programs! I was surprised so I verified about 12 of them before I realise they were pretty accurate and let it remove them from her system.
That's a very poor detection rate. I mean, I can confirm that at least 12 nasty malware programs weren't detected by a very widely used AV suite!
Many programs, especially "antimalware"-class programs and __especially__ MBAM serve up false positives as valid hits. MBAM serves up common (and innocuous) tracking cookies as malware hits. Nearly everything that MBAM labels as a 'PUP', Potentially Unwanted Program, is bogus. Also, it will serve up data files (metadata, saved data) files from an infection as the infection itself.
Its user interface deliberately does not give its users the proper context to evaluate the severity of a problem. The change came after they made a concerted effort to monetize the app.
MBAM is good at a lot of things (it has traditionally been on top of modern registry hooks and ransomware loaders where other vendors consistently drop the ball) but just because you saw 45 things flagged red doesn't mean you had 45 bits of hostile executable code on your system.
Malware infections aren't a singular entity anymore, they are a stew of items working together to maintain control of your system (exploit, loader, payload [usually a rootkit], defense, c&c). It's often a matter of breaking the chain of processes to 'open up the onion' and regain control of your system.
Yeah, I know. But I definitely counted at least 12 seperate and rather nasty Browser Object based malware programs. Which is a lot better than Norton and Trend Micro, who didn't pick them up at all!
Antivirus nowadays only tells you that you're already screwed, rather than preventing it from happening.
The nastiest of the nasty stuff that's going to log keys, steal info, and so on, tends to be zero days. And after that article that showed how dismal the design of the popular antivirus apps is, there's an argument to be made that using them reduces your security.
Those are the most important parts, assuming the user is above the level of downloading and executing malware by themselves.