So my workplace is mostly iPhone users and someone asked me what kind of antivirus software I used on my Android, and I said “none” and he flipped out about how unsafe it was. Other people chimed in saying how all androids need antivirus apps and I’ve never heard of such a thing. I do have ad-blockers and a VPN but never downloaded an antivirus. Should I? If so, what would you recommend? Thanks lemmings, love you.
Absolutely not, that guy is eating marketing
Apple sponsored fear mongering, I’d say. It’s almost like they had an interest in keeping people away from the alternative.
No, antivirus in general is not a good idea these days. It is extremely invasive, consumes resources, and doesn’t actually do much of anything.
Don’t sideload random APKs off the web and you’ll be fine.
This. As @Monke bluntly put it, “common sense”
There have been far more severe iPhone exploits in the past year or two compared to Android ones.
Apple will never take the brand hit of allowing third party security software, so maybe let your pals know a brand’s fragile ego is putting them in an arguably more perilous position.
There are corporate security solutions and monitoring available for iOS (ex: CrowdStrike Falcon which I handle at work) but since there are privacy implications, it cannot be installed with full privileges unless the phone is registered to the business in Apple Business Manager and set in supervised mode.
You don’t.
Long answer: https://www.androidcentral.com/phones/you-dont-need-to-install-an-antivirus-app-on-your-phone
Interesting read. Now I wonder how this works in grapheneos.
As long as you lock the bootloader, GrapheneOS operates the same as stock Android in this regard. If anything, you’d be safer on GrapheneOS because of the extra control you get over app permissions.
Maybe against the grain, here, with all the comments saying No, but: If you were interested in trying something out, I would give Hypatia a go. It’s a FOSS-based app, available on F-droid. It’s basically a ClamAV front-end. Pulls from their signature lists for Android, alongside other more general AV signature lists. Just an option.
Absolutely. Everyone here is acting like PDF and JPEG exploits on Android don’t exist.
I agree that OP shouldn’t pay for one, and that most AV apps are, at best, garbage, but there are also reasons to have one, and reasonable ones to install - Hypatia being one of them.
Given the restrictive nature of mobile operating systems, such exploits are much less impactful than on desktop OSs. Furthermore, if you are dealing with those exploits, you are probably victim of a targeted attack, which is well above what normal users worry about.
Seems way more effective than LibreAV, which just looks at app permissions
Not really, as long as you stick to reasonably well-known apps and sources (Google Play Store, F-Droid).
And I’d rather use mobile websites with uBlock Origin in Firefox fornAndroid than using the mobile apps that are infested with trackers and ads.
They have as much need for antivirus software as an iPhone does.
Yes, you need antivirus. I recommend using antivirus called common sense.
Not really. Especially you stick to trusted app stores. It’s only really needed if you frequently sideload apps, and even then only if you feel it’s necessary.
That being said, Hypatia is a good one I like to use from time to time. It’s FOSS too. You can find it on F-Droid if you use the DivestOS official repo.
No amount of antivirus or alternative OSs will save you from unpatched hardware vulnerabilities though. Visiting a malicious web page or downloading a temporarily hostage app from your favorite app store can be enough to allow the bad guys into your device.
As long as you have a currently supported device and keep it up to date, you shouldn’t ever need antivirus.
No amount of antivirus or alternative OSs will save you from unpatched hardware vulnerabilities though. Visiting a malicious web page or downloading a temporarily hostage app from your favorite app store can be enough to allow the bad guys into your device.
Well there’s not just prevention. Antivirus software can detect & remove. Also, by this logic, wouldn’t that mean there’s no point for desktop antiviruses? Seems incorrect to me.
As long as you have a currently supported device and keep it up to date, you shouldn’t ever need antivirus.
And yet sometimes you do need one.
In any case, I never said having one is foolproof. I merely said downloading random apps willy-nilly can increase the risk, sometimes not much at all and other times greatly. It depends entirely on your threat model.
Regarding desktop antivirus, it’s often the case where it is not necessary to have. Windows has Windows Defender built-in, and other operating systems have other means to mitigate any type of viruses. There are actually reports of antivirus causing attacks because their hooks are so deep in the operating system.
Even trusted apps and app stores are prone to being malicious. The upstream packages that they use can have a malicious developer or insecure package, and it gets incorporated in the app, then distributed. Thats why it’s important to use devices that get hardware/firmware updates to help protect against this. If a rootkit is installed, there is no way to ever get rid of it on your system.
Windows Defender is antivirus application, though, so how is it evidence that antivirus applications are pointless? Also, Defender wasn’t always as good as it is. That’s only a relatively recent thing.
Also, there are viruses/malware other than rootkits.
AV is no substitute for proper hygiene. Don’t click random links, don’t install random software, use a VPN on untrusted networks, yadda yadda.
I’m gonna say no, but not for the same reasons as other commenters.
Android isn’t as safe as iOS in that you’re way more likely to get an app that harvests your data on the Play Store. That being said, there’s almost no chance of you getting a device-breaking bug or app on Android vs. on iOS.
Now, if you’re worried about data collection, whether you have an antivirus is the least of your concerns. You need to evaluate every single service that you currently use or pay for and see how they use your data. Google and Meta harvest all of it. Your telecom provider harvests a ton of it. The big retail chains you shop at, your banks, your credit/debit card payment processor, your ISP, etc. all collect data that they then sell to data brokers. Any data that is sent to data brokers can be bought by basically anyone who wants it. Even if all of your data is nuked from these brokers, data breaches at various companies or government agencies can and do happen. Even if those breaches never happen, some of your info is kept in the public record and can’t be erased.
So, if you want to do anything to protect yourself, don’t get an antivirus. Instead, just try to scrub your personal info off the internet the best you can.
I never have. Keep your shit updated, use a digital condom (ad/malware blocker), and dont go to shady websites offering free games and such and you are fine.
Antivirus is badness enumeration. Androids security model is way better than that.
Nope
Not really but if you are really really paranoid try hypatia from fdroid solely for you peace of mind.