Software that purposefully compromises your privacy, damages your data, or
uses your device to perpetrate unlawful activity is called
malware. Viruses are a kind of malware.
Software designed to detect and block malware is called
antivirus. Note that it doesn’t exclusively target
viruses, so ‘antimalware’ would be more accurate, but ‘antivirus’ remains
the more common term.
I find that people often talk about antivirus software like it’s their
first line of defence — even a panacea. Naturally, years of good marketing
by antivirus vendors has helped create this impression.
But in reality, modern devices are designed with security in mind, and
multiple defences must be breached for a computer to be seriously harmed.
The importance of antivirus specifically has long been exaggerated.
How it works
Central to most antivirus software is a database of known malware. As new
kinds of malware are discovered, the vendor creates
definitions for them, and adds these to the
database.
Whenever you download or open a file, the antivirus checks it against its
database. If there’s a match, it blocks the malware from running. This
on-access or real-time
checking means you don’t need to regularly scan your whole computer for
malware.
The limitation of this approach is that the people creating malware are
always ahead of the antivirus vendors. New malware appears every day. To
help combat this, modern antivirus software also looks for suspicious
characteristics in files and apps, as well as exact matches with its
database. This heuristic analysis is necessarily
imprecise, so it may sometimes result in a false
positive, in which the antivirus unwantedly blocks a harmless
file.
An additional challenge is that because it must be embedded deep within the
operating system, glitches in antivirus software can break other apps or, in
rare cases, make your computer less secure.
You now know the basics of how antivirus works, and its strengths,
weaknesses and limitations. You’ve learned that antivirus is not a silver
bullet, and that you should think of it as just part of the overall picture
when it comes to computer security. If anything, consider it your very
last line of defence.
Built-in antivirus
Both Windows and macOS have built-in antivirus software that works quietly
in the background to help protect your computer. Free and commercial
third-party antivirus products may claim to provide superior protection, or
score more highly in lab tests and reviews, but you should not assume they
will be more effective than built-in antivirus in real-world use.
Tablets and phones
Tablets and smartphones run operating systems that have been designed more
recently, and take into account knowledge gained from years of experience
securing computers. Apple and Google have been able to make bold decisions
about the way these devices work, and their limitations — because they are
not expected to be as comprehensive as traditional computers, or provide
compatibility with decades-old business systems.
In particular, iOS and Android segregate individual apps from each other
and from the inner workings of the system. This means not only that tablets
and smartphones are much less likely to be infected by malware, but that
third parties cannot produce traditional antivirus software for them.
So, if you’re wondering whether you need an antivirus app for your tablet
or smartphone, the answer – in a nutshell – is no.
The same is true for Chromebooks, for the same reasons.