Which antivirus on GrapheneOS

fl0at0xff Because of how Android works, for an anti-virus program to actually work, it would itself have to effectively BE a virus. It would have to obtain root privileges through some exploit (hack) in order to be able to scan anything beyond its own data.

You can use Hypathia from DivestOS. It is not very intrusive but therefore not very effective either.

In all the years I've used Android, Ive never used an anti virus tool. I'd only ever consider it on a hackathon system like Windows, but because I haven't used Windows since 2007, it's a no issue for me.

I don’t, and never have used one.

fl0at0xff

One could ask, on what analysis do you trust an antivirus? And if you trust it now, what about going into the future? Many popular apps get bought out for their user pools and used for quite nefarious purposes.

The answer is: use none, but extreme discretion. And minimalism.

Also, AV is hand-holding - a version of a parent gently guiding and protecting their child. "No, don't touch that, sweetie. It's bad". We grow up and expect this to continue, as a society, via Big Gov, Tech, etc. It's exactly why the news of E2EE banning are so prevalent now - we are begging for someone to guide and protect us...

Take charge. Make sound decisions. And don't click on Nigerian Prince links.

SoulKeeper Just use a strong ad blocker

Both ad-blockers and anti-viruses rely on the same flawed approach called Badness enumeration, therefore Ad-blockers are as useless as Anti-viruses for security.

SoulKeeper any recommendations for a good adblocker

Resurr pihole works ok for me for browsing blocking
https://pi-hole.net/

[deleted] Ad-blockers are very nice in terms of removing the pollution from your screen though, and improving network performance (since all those ads don't have to be loaded). Even if they do still let some crap through.

4ano5gnice as i see pihole is only for linux. Any android alternatives?

fl0at0xff You don't really need an anti-virus, the Google playstore has a powerful one, and if you miraculously manage to catch one, simply restart your phone to eject it.

[deleted] is baldness enumeration perfect? No. Is it going to save you from someone targeting you specifically? No chance. Is the average user better off by having it's adblock save it from 80 or 90% (but not 100%! It's a flawed technique!) of the malware-ridden sites or phishing sites it might encounter during its daily web browser? Please describe me a scenario where the answer would be no.

Hb1hf Is the average user better off by having it's adblock save it from 80 or 90% (but not 100%! It's a flawed technique!) of the malware-ridden sites or phishing sites it might encounter during its daily web browser?

I believe that on a monthly basis I run into zero of either. Browsing habits differ, though. Perhaps some users do run into malware every day?

Hb1hf Please describe me a scenario where the answer would be no.

1. Off-device ad blockers have a pretty good record of a device's browsing history. Some people might not want that. And they may impose a bit of latency.
2. On-device ad blockers inherently have various privileges. Some people might not want that. And they consume a bit of battery life and storage.

An average user might not encounter malware often enough that some gets through a browser's built-in protection.

Anti virus on android is about as useful as a bikini is to an Eskimo.

de0u I believe that on a monthly basis I run into zero of either.

How could one possibly know this?

Let me give you an example:

• search something like "how to run a vm on apple sillicon"
• it might give you helpful-looking links to sites like howtogeek or makeuseof
• you open makeuseof
• it shows up in my uBO running scripts from 18 different domains. If I allowed all, they each might call additional domains, and we could be running scripts from 30 domains.
• some of them might be malicious. As "cancerous" as makeuseof might seem, you might want to give it the benefit of the doubt. But any of those 30 domains could be compromised by an external actor, and be running rogue scripts.

The attack surface in a simple web search is just huge.
So, do you run a malware analysis on every single site/script you run while browsing? Or have any concrete evidence to show everything you access is clean?

Resurr Use a DNS that supports ad blocking like Adguard or NextDNS

Hb1hf [...] makeuseof [...]™shows up in my uBO running scripts from 18 different domains. If I allowed all, they each might call additional domains, and we could be running scripts from 30 domains. some of them might be malicious.

The claim that some of them might be malicious is irrefutable. My next-door neighbor might be an axe murderer (we know axe murderers exist).

What's the likelihood?

As "cancerous" as makeuseof might seem, you might want to give it the benefit of the doubt. But any of those 30 domains could be compromised by an external actor, and be running rogue scripts.

Irrefutable.

Hb1hf So, do you run a malware analysis on every single site/script you run while browsing?

If there is a population of people who are blocking ads served by makeuseof because malware analysis reveals that on average they serve one piece of malware per {minute, hour, day, week}, that makes sense.

If there is a population of people asserting everybody should block ads served by makeuseof without presenting any data on how often they contain malware, that is interesting.

Hb1hf Or have any concrete evidence to show everything you access is clean?

Fundamentally, concrete evidence of malware is possible, but concrete evidence of absence is not. So evidence of how often makeuseof serves malware in ads would be welcome.

Then it would be possible to evaluate what fraction of that malware would be successful against Vanadium.

Hb1hf Then use an Anti-virus, Ad-blockers are for ads. Ad-blockers also can't block phishing because phishing doesn't require ads or even trackers.