How Security Systems Work


Local time
2:50 AM
Windows 11 Pro
In relation to this,

All security programs need full privileges. Otherwise, they can't work correctly. In place of that, one user has to act as administrator and monitor every instance of the system, looking for problems.

New malware are usually zero-day, which means "something malicious going on" might not even be detected. That's what happened to one bank, where malware operated quietly for weeks before striking.

It's not a matter of trusting every app but what to do if one trusts no app. For example, some security programs provide default-deny, such that they or the user will deny priviliges to some apps because they're questionable. If the user mistakenly denies privileges to an app that's actually safe and needed, then the system might end up malfunctioning, or worse stop running.

So, to recap, and with additional points:

Security programs need full privileges. Companies that make security programs are for-profit and operate in countries where there are major privacy issues. In which case, expect all security programs to be intrusive and their developers to monetize their use. The same applies to various commercial apps and operating systems, as well as what's offered for free.

Go open-source if you need to do so, but expect a lot of maintenance work and figuring things out (like what apps to use in place of those you can no longer use, or where to find drivers for new hardware components), and even having to switch from one system to another if development is dropped.

Malware can operate quietly and without users knowing it, and not just encrypting data but even stealing them. That means just because your system has been running fine the last few months doesn't mean it isn't infected. Also, restoring from backups don't negate stolen data. And there's also malware that operate without user interaction, with some possibly even able to bypass the system and attack the software embedded in the device.

Arguing that something is fine because it offers enough protection doesn't help because all you need is one malware to infect the system, and that'll be the one that the security program fails to detect.

False positives can be as disastrous as infection. Imagine a user blocking an app because the security program advises him to do so, only to find out that the app is not malware and critical to the system. BSOD takes place and the system no longer boots.

You can't trust everything but you have to trust something against all of them. Unless you can run like a security program and hire others to maintain your devices, then the best you can do is look for a security program that offers the most features (most protection plus lowest false positives), the best protection (highest detection and removal rates), and the lowest systems impact.

What's good now might not be so in the future.

Finally, in several cases, with more features and protection, your system and/or apps might run slower. The same applies when you do things like turn on HTTPs scanning or even similar in the browser. For now, this is what I considered:

Test the free or trial versions of the AVs that score highest in combinations of usability, protection, and performance to test performance. You'll have to install one, benchmark, and completely uninstall before trying the next. If you don't have time to do that, then go for the top three AVs; otherwise, trust performance results.

If you decide to get paid AVs, then watch out for increased second-year subscription costs and the number of devices you need to protect.

Turn off HTTPs scanning and instead install a security addon in the browser.

Do full/differential/incremental backups of the system, preferably to an external HD. You can have another backup of at least data to a secure cloud account.

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    Custom Build
    Gigabyte B-760M
    16 GB
    Graphics Card(s)
    RTX 4060
    Sound Card
    Monitor(s) Displays
    AOC 27 gaming
    Screen Resolution
    1920 x 1080
    Hard Drives
    Kingston 2 TB M.2
    Thermaltake 700W
    DarkFlash C285P

Latest Support Threads

Top Bottom