To Thread - Forum Home

The Mudcat Café TM
https://mudcat.org/thread.cfm?threadid=173659
11 messages

Tech: Combining computer security programs?

09 Nov 24 - 09:53 PM (#4211349)
Subject: Tech: Combining computer security programs?
From: Stilly River Sage

I searched to see if any old threads touch on this, but it was a tour of now-obsolete tech questions. Since nothing turned up, here goes. I'm on a Dell desktop XPS, up to date, using Win10 still.

This week in November of 2024 I have switched from Spectrum Internet to AT&T Internet. Spectrum offered a Security Suite for free to download and run on the computer and browsers. It has antivirus and real-time browsing features (such as F-Secure Browsing protection) as part of it.

Since I've switched from Spectrum (cable) to AT&T (fiber optic) I am changing the antivirus software in my computer to what is provided free to subscribers by the company. I was using Spectrum's Security Suite and F-Secure browser extensions.

AT&T offers a McAfee suite - I'm not fond of McAfee because if it's behavior in the marketplace, how it comes bundled in so many programs (you have to de-select it for some downloads) and preinstalled (my new phone, for example). But this is a regular security suite of stuff that AT&T offers free to users of the fiber services.

Meanwhile, I've paid for Malwarebytes for several years after using free for many years before that. It includes VPN and I have it on four devices with real-time protection, and some other stuff.

Spectrum's Security Suite didn't like Malwarebytes and anytime I turned on the computer it popped up and said it wanted to remove the conflicting software. I told it to not ask again and turned off the request. They seemed to work ok, and this brings me to this question:

Malwarebytes Premium Plus does a lot but it isn't a true-antivirus. I did some research to ask the Interwebs if McAfee and Malwarebytes can be used together and it seems like they're ok. I'm wondering if any of our usual techie folks have real-world experience or thoughts on this?

I cancelled the Spectrum account today (it's hard - you're battling a hard-core sales person who's trying to offer you incentives to stay - they should have said "yes" when I called last week and asked them to lower the price because they were unable to deliver the 600meg they said they upgraded me to - they never managed 500 that I was paying for - it rarely got over 300meg). AT&T is up and running and I set up their modem to passthrough so I'm using my existing router firewall and network setup, having turned off the AT&T Firewall and WiFi. And I uninstalled the Spectrum security software on my desktop and am now looking at McAfee. I don't want to pay for another program, I'll use this if it seems adequate and not likely to conflict with the Malwarebytes that I do choose to pay for.

Any thoughts or suggestions? (It has been a busy day - talking to the AT&T installation tech and his sidekick who arrives to "set you up" - except I made it clear he wasn't going near my equipment or selling me anything else to go along with the internet service. They back off when realize you've been doing this since before they were born.)


10 Nov 24 - 12:23 PM (#4211397)
Subject: RE: Tech: Combining computer security programs?
From: Stilly River Sage

It took sorting through their site to find the actual security they offer. For fiber or others it can be McAfee, but they target the fiber modem with something called ActiveArmorST. And it seems to want to only protect its own named network. It sees one "Device" that is my passthrough router that the entire network runs on. Does this bode well or ill for everything that comes through the router? I think I'm going to turn off the feature and look for a standard antivirus.

Talking to tech support is always more helpful than talking to sales people. It still seems that the apps on the phone are the main way to turn things on and off (I had to use the phone to turn off the ActiveArmor). She agreed I'd set it up correctly for the passthrough, so I think I'm good to go and will set up the separate ID I need to get their McAfee and see how that works on the computers.


10 Nov 24 - 05:48 PM (#4211409)
Subject: RE: Tech: Combining computer security programs?
From: Stilly River Sage

Still not there as far as being able to load McAfee, but enough time has been wasted today. I'll put in a free anti-virus for the moment just to have something and try again tomorrow.

It is looking like some parts of AT&T only want to talk to my computer via its own network (whether wired or WiFi) and not through my router, so I have to fiddle with that a bit before I try again.


11 Nov 24 - 03:12 AM (#4211427)
Subject: RE: Tech: Combining computer security programs?
From: Backwoodsman

I have McAfee and Malwarebytes on my Dell Inspiron Laptop. They’re fine together, never had any kind of problem. But mine’s a simple stand-alone computer, fancy schmancy networks might be a different kettle of fish…


11 Nov 24 - 03:33 AM (#4211430)
Subject: RE: Tech: Combining computer security programs?
From: DaveRo

I'm wondering if any of our usual techie folks have real-world experience or thoughts on this?
I don't have any recent practical experience of Windows anti-malware so my thoughts on it are purely theoretical. I think running two products that use the same privileged deep access the operating system is a bad idea. Hopefully each of those products is tested with Windows and their authors are aware of changes and planned changes in Windows. But I doubt if they are tested in combination with each other. Microsoft certainly advise against running defender and another AV product.

Which products have 'privieged deep access' and which use normal user-level file access (albeit with elevated 'root' permissions) you have to judge. Malwarebytes was just a file scanner when I last knew it 15 years ago.

For the same reason, I would think twice before installing any non-microsoft 'security' software because Microsoft does not, I assume, test 3rd party products with each update to Windows.

I went looking for expert opinion. Not from the product suppliers themselves, or from sites that have an interest in these products' existance - for example they take adverts (computer magazines as they would once have been). Brian Krebs for example. I've certainly read opinions that 'security' products - even the fact that Microsoft provides deep-level interfaces for them - actually decrease security. But I didn't find anything recent.

My wife has just bought a Win 8 laptop to replace her 10 yo Win 10 Thinkpad. Investigating how to restore her backups to it I discovered that Microsoft had deprecated File History Backup since 2017! Microsoft wants us to use, and pay extra for, OneDrive storage. I thought File History was the best feature in Win 10 and she's used it ever since. But I discover it still works in Win 11 if you can find it. (They did something similar to the previous Windows Backup.)

I'm not even sure that Defender still exists as a separate thing. 365 seems to offer something in this area but I'm not sure what. If the AV features (eg signatures, blacklists) are included in Windows that's fine but Microsoft are deliberately(?) unclear - they want to see cloud services.


11 Nov 24 - 06:53 AM (#4211438)
Subject: RE: Tech: Combining computer security programs?
From: MaJoC the Filk

> But I didn't find anything recent.

There's yards and yards on the recent Crowdstrike quality-control snafu taking out a hefty percentage of the corporate MS-Windows systems, precisely because their AV software requested and required extreme-deep-level access. But that's not the case with Stilly, I presume.

Ultimately, we all have to trust *something*, and it's up to each of us to choose what we trust. This message will self-destruct in fifteen sec*FOOM*


11 Nov 24 - 09:22 AM (#4211448)
Subject: RE: Tech: Combining computer security programs?
From: Bill D

I've spent years avoiding McAfee like the plague due to its checkered history... but I'm still on Win7 Pro, so I just plug along with Avast and their regular attempts to sell me upgrades.
   I'm beginning to think that being a relative Luddite about new versions of Windows will suffice.


11 Nov 24 - 09:29 AM (#4211449)
Subject: RE: Tech: Combining computer security programs?
From: DaveRo

I don't know whether crowdstrike used an official MS-provided interface or whether it just interfered with Windows. I suspect, but don't know, that MS allows such products to work - rather than locking them out - for commercial reasons. But Windows uses a publicly available boot procedure (EFI) - which Macs do not.

Wirecutter in 2020 quotes Brian Krebs: "You Don’t Need to Buy Antivirus Software":
https://www.nytimes.com/wirecutter/blog/best-antivirus/
But the Krebs article referred to was from 2012:
Tools for a Safer PC
And this is interesting - but from 2010:
Anti-virus Products Mostly Ignore Windows Security Features
What's the situation in 2024?


11 Nov 24 - 10:00 AM (#4211452)
Subject: RE: Tech: Combining computer security programs?
From: MaJoC the Filk

The interface in question is official, I believe, otherwise CrowdStrike would have to rewrite the hooking-in process for every last minor update of MS-Windows.* Methinks there's heavy padlocks on that back door.

That comment from Krebs reminds me of an occasion when one of our customers asked whether there was an anti-virus solution for Linux (as mandated by the University for all users' computers). One wag commented that he thought using Linux *was* an anti-virus solution, but with a heavy smiley.

* As do Nvidia with their out-of-tree drivers for the Linux kernel.


11 Nov 24 - 10:47 AM (#4211455)
Subject: RE: Tech: Combining computer security programs?
From: Stilly River Sage

Good remarks, and align with what I'm discovering. I looked at turning on Windows Defender, but as long as I have Malwarebytes it won't do it's deep protection thing, though it will run regular scans. I played with it and gave it more information to pay more attention to other kinds of threats - my information on the Dark Web, etc., but I have a separate account (not loaded on the computer) to do that.

I didn't put in a free antivirus, I did the Windows Defender thing to see what was up with it.

In my various attempts to try to reach the AT&T version I followed a link to the McAfee site and it asked for my email address, but I couldn't get it to link to AT&T. McAfee sent an email this morning telling me my free trial is up and running - what bollox. Now I'll be pestered by the company until I get them to go away. I'll make one more effort to contact AT&T Tech support when I have a free hour later this evening.

I kind of miss the blue line that arrived on the screen any time I contacted a banking institution. You couldn't use another browser to connect to another institution at the same time, but that was ok. Only a couple of times did I have to backout of where I was and go refer to the other place before opening the secure browsing again. Yes, it's supposed to always be secure, and the green thing no doubt pops up any time the banking URLs give it the sign - but it did do something that seemed helpful.

Now to keep out the rest of the crap that's out there that Malwarebytes might not be set up for.


11 Nov 24 - 05:52 PM (#4211487)
Subject: RE: Tech: Combining computer security programs?
From: Stilly River Sage

I see that Malwarebytes offer a free antivirus. It wasn't included in the premium plus package I bought for my devices. I'm reading reviews of that now. It would be the easiest approach; McAfee would have a lot of redundancies to what I'm already getting with the Malwarebytes-fee product.

Follow-up - it looks like the antivirus is not necessary with the rest of their program.