[Cosmin_C]

A while ago I caved in and purchased and installed Bitdefender, which I knew was all right.

It wasn't. I didn't renew the license and uninstalled it.

FFWD a couple years and my best friend upgrades his PC. Threadripper Zen 2, 128GB RAM, 2x NVME RAID 0 for the system, another NVME for stuff and HDDs for backups. System was incredibly sluggish and unresponsive and his extra NVME was sometimes dropping from the list of drives shown by explorer. Uninstalled his Bitdefender and all the issues disappeared.

It's just complete robbery at this point. Malwarebytes is a good product for example and Windows Defender is enough. But the best stuff is disabling all of these and just use script blockers and safe browsing practices and you get to keep all the processing power you paid for.

[meibo]

BitDefender is one of the bigger scams out there. I wholly believe that they operate based on a "blacklist everything first" policy, because that lets them tout their 99,99% detection rate.

I run a big open source project and the amount of people that complain to us about BitDefender deleting our software is staggering.

[schleck8]

Bitdefender has a good false positive rate though according to av comparatives, in contrast to norton which has the most

https://www.av-comparatives.org/tests/real-world-protection-...

[mrjin]

Well, let's take it from a different angle: We don't need malwares but AV vendors do. If there were no malwares, there would be no AV vendors too.

[wiseleo]

Ransomware is a real problem. I despise malware disguised as mainstream antivirus solutions, but we need to protect users from ransomware and that’s a tough problem. I am working in that space.

[mrjin]

Ransomware is still malware IMO. Put the conflict of interest aside, if current approach to detect malware does not change, no matter how hard we try, we will still be one step behind.

If we can keep the system up to date, configure the user privileges to lowest possible and grant access only when necessary, take backups as frequently as possible, segregate sensitive networks and most importantly educate the users not to run programs from suspicious sources, most if not all ransomware incident will not happen at all.

[wiseleo]

The approach I am taking is background sync of all user-created data into git with automatic one-way replication not accessible through SMB. Git has plenty of tools to manage that and I simply automate all this without exposing the user to the commit process. That way I can just reimage the machine and replicate undamaged data back onto it. The problem is detecting data exfiltration and I don't have a solution for that yet.

[mtoddsmith]

Wont you hit a git repository size limit?

How would you prune data, say older than 1yr from the repo in-order to limit repo size?

[lordnacho]

Not sure this is true. Just the fear should be enough to get people to buy. Look at organised religion.

[mrjin]

You were probably right. But I got that from my interactions with one of the AV vendors over a decade ago. Since then, the only AV on my machine is Windows Defender. It's not because I need it or trust it, but rather it cannot be easily removed. I always disable it but it will become active might be after a major update, which was quite annoying.

[LtdJorge]

You can disable with local group policy, in gpedit.msc which is the policy editor. Search for the exact path, it's just 5 clicks away, doesn't come back up.

[ejanus]

Please link to 'script blockers'.