|
|
|
|
|
|
by simonask
647 days ago
|
|
|
Also, let's not fool ourselves. I'm not sure even most technical people running macOS or Linux would know if they had malware running. I probably wouldn't. It's not like antivirus is commonplace on those platforms. The notion that you can reasonably have knowledge of and control over all the software that is actually running on your machine has not been realistic for decades. |
|
|
My Windows 10 box became so bogged down that I was convinced it was running some undetectable malware. AV detected nothing, but after a critical look at open ports I just decided to wipe and go to Windows 11.
Here are some of the biggest risks today. Running third-party apps at all, unless they are absolutely necessary. I try to do everything possible with Google-provided apps within the Google ecosystem on my Android phone and the other devices as well, which limits the third-party attack surfaces. My Windows machine runs practically nothing outside of MS or Google. I don't need to.
Other big threats are beyond personal devices at this point. Connecting third-party SaaS to your accounts is a real problem. Facebook, Google Workspace, Slack, GitHub, any service that acts as a platform and runs third-party integrations, that's where you'll get bitten nowadays, and your local AV scans are powerless to shield you from footguns. Just to use HP printer features, HP wanted full, unscoped, read/write/delete access to my Google Drive!
Everyone's "hacked Facebook account" has really been just some stupid game that went rogue. Supply-chain attacks through browser extensions and the rest. Extremely difficult to police from the end-user's position, but deadly and dangerous, because they're out on the net and in the cloud.