English

Strong R&D Strength And Production Capacity

View All Products

Have A Strong Technical Force In Research And Development And Production Team

View All Products

Respond To Customer After-Sales Demand Or Appeal In The Shortest Time

View All Products

Do You Really Need to Buy an Antivirus App or a VPN Anymore? | PCMag

2022-04-02 07:41:41 By : Ms. Cathy Shi

Isn’t the built-in security on today’s PCs, phones, and tablets good enough? The answer depends on the OS you’re running.

If you’re short on disposable income, you don’t want to waste any of your money on unnecessary stuff. If you’re sitting atop a pile of simoleons, well, you don’t reach that enviable position by spending a lot. Can you justify purchasing antivirus protection for your devices, or should you just rely on built-ins and come-withs? In most cases, you should cough up the cash. Depending on your device’s operating system, adding antivirus protection beyond what’s built in ranges from a good idea to an absolute necessity.

Windows, macOS, Android, and iOS all include protection against malware, in one way or another. For some, protection takes the form of a full-on antivirus. For others, security is baked into the OS thoroughly enough that malware has a really hard time doing anything. Either way, you can improve your protection by installing a third-party antivirus.

Microsoft has offered built-in antivirus protection of one kind or another since the release of Microsoft Anti-Virus for DOS in 1993. The core of that product was purchased by Symantec and became the OG Norton Antivirus. And wow, was it ever simple-minded. At release, it could detect around 1,200 specific viruses, and users had to install any updates manually.

Fast-forward to today, and you get Microsoft Defender, a rather more impressive product. Oh, it went through some rough stages developmentally. When the independent testing labs started including Microsoft Defender, it managed to score below zero in some tests. But that was years ago, and this tool has been steadily improving its scores.

After going through various names, it’s now called Microsoft Defender Antivirus. In addition to providing antivirus protection, it also manages other security features such as Windows Firewall. In our testing, however, we discovered some significant limitations. For example, it scored poorly in our hands-on phishing protection test, which uses real-world fraudulent sites scraped from the web. In any case, its phishing protection and its defense against malware-hosting sites both only work in Microsoft browsers. Do you prefer Chrome? Firefox? Sorry, you get no protection.

Microsoft Defender includes a kind of ransomware protection, in the form of a component that prevents unauthorized changes to files in important folders. Early on, Desktop was included, which proved annoying, as protection kicked in every time an installer wanted to place an icon on the desktop. At present, in Windows 10 and Windows 11, this feature protects the Documents, Pictures, Videos, Music, and Favorites folders. It’s still turned off by default.

Here’s the thing. Microsoft Defender’s own developers seem to consider it a Plan B, rather than a main solution. If you install a third-party antivirus, Microsoft Defender goes dormant, so as not to interfere. If you remove third-party protection, Defender revives and takes up the job of defense again. The best antivirus programs, even free antivirus tools, perform significantly better in testing and offer more features.

Google immediately removes any malware that it finds in the Google Play Store, but the key word here is removes. First, the malware shows up in the store, second, however long this takes, Google removes it. The Play Store doesn’t have the same stringent vetting process that comes with Apple’s App Store. Malware does get into the store, and you may well download it before Google cleans up. In addition, it’s easy enough to set your Android to allow sideloading programs independently of the Play Store.

Google Play Protect, the antivirus built into Android, aims to protect your devices from malware. As far as the independent testing labs have found, it does a terrible job.

Experts at AV-Comparatives tested Google Play Protect along with nine third-party android antivirus tools. They collected thousands of unique Android malware samples and tested each antivirus against that collection. They first let the antivirus scan and eliminate samples it recognized, and then launched any that remained, to give behavior-based detection a chance. They also installed 500 popular (and legitimate) apps to check that the antivirus doesn’t wrongly tag them as malicious.

Avira, Bitdefender, G Data, Kaspersky, and Trend Micro Maximum Security caught 100 percent of the samples. Several others managed better than 98%. Play Protect came in last with 81.7% protection. Google’s entry also exhibited the most false positive results, a total of 12, where most of the rest showed no more than one. All the tested antivirus products received the lab’s seal of approval. All, that is, except Play Protect.

In their reports on Windows, macOS, and Android antivirus products, researchers at AV-Test Institute assign a product up to six points each for Protection, Performance, and Usability. That last one means the product doesn’t freak out the user by falsely accusing valid apps. More than 60% of the products tested earned a perfect 18 points, and almost 80% earned the full six points in the essential protection category. As for Google, it took just two of six possible points for protection. That’s actually an improvement—in most previous tests, Google scored a big fat zero for protection.

The verdict is clear: Play Protect won’t protect you. You need a third-party antivirus on your Android devices. We’ve rounded up some favorite Android antivirus tools, looking specifically at solutions that support multiple platforms.

Sideloading—installing apps from outside the operating system’s store—is common in Android. We’ve even seen security tools that must be installed this way (though we don’t approve). Apple is much more insistent that only App Store apps can be trusted. By default, if it’s not from the App Store you just can’t install it. Yes, you can override that setting, but you really shouldn’t.

For another level of protection, a component called Gatekeeper checks every app you install for malware. Starting in macOS Catalina, Gatekeeper checks apps on every launch, not just at install time, and examines non-malicious apps for security issues. Catalina also makes apps get permission before they can access critical areas. And with Catalina, the operating system resides on a read-only drive partition, separate from all other programs.

To infect another program, a virus needs to modify that program, something that’s not allowed in macOS. To steal private data, a banking Trojan must read memory belonging to your browser, which is likewise not allowed. In the macOS environment, apps are isolated, limited to accessing their own resources. And even if an app managed to break through this barrier and access another program’s memory, features like ASLR (Address Space Layout Randomization) would keep it from finding any treasures stored in memory.

Many manufacturers make PCs, but only Apple makes Macs. The company has full control over the hardware, including the T2 chip present in newer Macs. This chip creates what’s called a Secure Enclave, an area of memory that’s completely unavailable to any process not part of macOS. It also manages Touch ID, encrypted storage, and more.

Despite all these safeguards, macOS malware most definitely exists. At the moment, a sophisticated example dubbed Gimmick (or Storm Cloud) is wreaking havoc in Asia. A few years ago, the Crescent Core attack inveigled its way past Gatekeeper by coopting a certificate that Apple assigned to another developer. And just last year the Silver Sparrow malware downloader made its way onto 30,000 Macs before it was caught.

While Macs aren’t as vulnerable as Windows boxes or Android devices, the old saw that Macs don’t get malware is demonstrably untrue. And unlike Windows, macOS doesn’t include an antivirus utility as such. If you don’t have antivirus protection on your Macs, get it now.

“Only a fool learns from his own mistakes. The wise man learns from the mistakes of others”, said Prussian statesman Otto von Bismarck. Apple has had teams developing operating systems since the 80s, plenty of time to make a lot of mistakes. When the iOS team came along, mistakes from previous groups provided plenty of input about what makes for a secure operating system. Release after release, iOS gets still more secure.

So secure, in fact, that it’s not really possible to create an antivirus to run on iOS. A Malwarebytes report from a couple of years ago reports a strong rise in macOS malware, but notes, “On the iOS side, malware exists, but there’s no way to scan for it.” It goes on to point out that this iOS malware consists mostly of nation-state efforts, not the kind of thing your average user needs to worry about.

Even when malware coders (or researchers) do manage to create iOS malware, it tends to have serious limitations. For example, the checkm8 technique allows a partial jailbreak of many older iPhones, from the iPhone 4s to the iPhone X. However, putting checkm8 in place requires that you have physical access to the phone, which must be connected to a desktop computer. A newer technique dubbed NoReboot lets malware persist through an iPhone reboot, but it works by fooling the user into thinking the phone rebooted when it didn’t.

Don’t look for a roundup of iOS antivirus products—we don’t have one. If all you ever use are iOS (and iPadOS) devices, you really don’t need antivirus. You'll still want to use an iPhone VPN in some situations, however. Speaking of VPNs...

We’ve had readers ask why they can’t just use the free VPN built into their iPhones. Indeed, there’s a VPN configuration page in Settings, but you can’t use it without going through the complex process of manually setting up a VPN profile. The most important element of that profile is the VPN server you want to connect with. And to gain access to that server, you’ll need to pay for a subscription. Which comes with an app. So just use ProtonVPN, or whatever app suits you best! The same is true on Android devices.

If you dig into Settings, you’ll find a spot to control your VPN, but it’s a dead end. On an iPhone, you’re free to tap the switch that seems like it would turn on a VPN connection…but it just turns off again. On Android (at least on the Android device I use for testing) the VPN settings slot simply reports “None.” Sorry, your phone just doesn’t have a VPN client built in.

If you’re using a Windows computer or an Android device, you should most definitely install a third-party antivirus utility. Microsoft Defender is getting better, but it’s not up to the best competitors, even the best free ones. And Google Play Protect is ineffective.

Tight security aside, Mac users need protection too. One recent study showed Macs getting infected at a higher rate than PCs. That could well be due to Mac’s long-standing reputation for resisting malware. As for iOS, Apple got it right, right from the start. This platform has so much security built in that it’s nearly impossible for an attack to succeed (nearly, but not completely). That protection also means it’s nearly impossible to write an iOS antivirus. Use the time and money you saved not installing iOS protection to triple-check all your other devices.

For advice on getting started securing your devices, please read How to Check Your Security Software, Settings, and Status.

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Your subscription has been confirmed. Keep an eye on your inbox!

Neil J. Rubenking is PCMag’s Lead Analyst for Security. As such he evaluates and reports on security solutions such as firewalls, antivirus tools, ransomware protection, and full security suites. Starting with PCMag in 1986, he has also served as Contributing Editor and Technical Editor.

His "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years, supplied readers with tips and solutions on using DOS and Windows, and his utility articles (more than 40 of them) provided both useful applications and instruction in programming. Mr. Rubenking has written seven books on DOS, Windows, and Pascal/Delphi programming.

Rubenking was active in the San Francisco PC User Group when the IBM PC was brand new, serving as president for three years. He is also a charter member and one-time board member of the Association of Shareware Professionals.

Mr. Rubenking is known throughout the security industry as an expert on evaluating antivirus tools. He serves as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international non-profit group dedicated to coordinating and improving testing of anti-malware solutions.

PCMag.com is a leading authority on technology, delivering Labs-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.

© 1996-2022 Ziff Davis. PCMag Digital Group

PCMag, PCMag.com and PC Magazine are among the federally registered trademarks of Ziff Davis and may not be used by third parties without explicit permission. The display of third-party trademarks and trade names on this site does not necessarily indicate any affiliation or the endorsement of PCMag. If you click an affiliate link and buy a product or service, we may be paid a fee by that merchant.

Featured Products

News & Blog