Which antivirus on GrapheneOS

Themble

You can use Hypathia from DivestOS. It is not very intrusive but therefore not very effective either.

[deleted]

In all the years I've used Android, Ive never used an anti virus tool. I'd only ever consider it on a hackathon system like Windows, but because I haven't used Windows since 2007, it's a no issue for me.

Blastoidea

I don’t, and never have used one.

[deleted]

fl0at0xff

One could ask, on what analysis do you trust an antivirus? And if you trust it now, what about going into the future? Many popular apps get bought out for their user pools and used for quite nefarious purposes.

The answer is: use none, but extreme discretion. And minimalism.

Also, AV is hand-holding - a version of a parent gently guiding and protecting their child. "No, don't touch that, sweetie. It's bad". We grow up and expect this to continue, as a society, via Big Gov, Tech, etc. It's exactly why the news of E2EE banning are so prevalent now - we are begging for someone to guide and protect us...

Take charge. Make sound decisions. And don't click on Nigerian Prince links.

[deleted]

DeletedUser301 Just use a strong ad blocker

Both ad-blockers and anti-viruses rely on the same flawed approach called Badness enumeration, therefore Ad-blockers are as useless as Anti-viruses for security.

csis01

[deleted] Ad-blockers are very nice in terms of removing the pollution from your screen though, and improving network performance (since all those ads don't have to be loaded). Even if they do still let some crap through.

Hb1hf

[deleted] is baldness enumeration perfect? No. Is it going to save you from someone targeting you specifically? No chance. Is the average user better off by having it's adblock save it from 80 or 90% (but not 100%! It's a flawed technique!) of the malware-ridden sites or phishing sites it might encounter during its daily web browser? Please describe me a scenario where the answer would be no.

Resurr

DeletedUser301 any recommendations for a good adblocker

4ano5gnice

Resurr pihole works ok for me for browsing blocking
https://pi-hole.net/

DeletedUser301

Resurr Use a DNS that supports ad blocking like Adguard or NextDNS

Resurr

4ano5gnice as i see pihole is only for linux. Any android alternatives?

[deleted]

Resurr https://docs.pi-hole.net/guides/vpn/openvpn/android-client/

Ixirup

fl0at0xff You don't really need an anti-virus, the Google playstore has a powerful one, and if you miraculously manage to catch one, simply restart your phone to eject it.

de0u

Hb1hf Is the average user better off by having it's adblock save it from 80 or 90% (but not 100%! It's a flawed technique!) of the malware-ridden sites or phishing sites it might encounter during its daily web browser?

I believe that on a monthly basis I run into zero of either. Browsing habits differ, though. Perhaps some users do run into malware every day?

Hb1hf Please describe me a scenario where the answer would be no.

Off-device ad blockers have a pretty good record of a device's browsing history. Some people might not want that. And they may impose a bit of latency.
On-device ad blockers inherently have various privileges. Some people might not want that. And they consume a bit of battery life and storage.

An average user might not encounter malware often enough that some gets through a browser's built-in protection.

[deleted]

Hb1hf Then use an Anti-virus, Ad-blockers are for ads. Ad-blockers also can't block phishing because phishing doesn't require ads or even trackers.

Hb1hf

de0u I believe that on a monthly basis I run into zero of either.

How could one possibly know this?

Let me give you an example:

search something like "how to run a vm on apple sillicon"
it might give you helpful-looking links to sites like howtogeek or makeuseof
you open makeuseof
it shows up in my uBO running scripts from 18 different domains. If I allowed all, they each might call additional domains, and we could be running scripts from 30 domains.
some of them might be malicious. As "cancerous" as makeuseof might seem, you might want to give it the benefit of the doubt. But any of those 30 domains could be compromised by an external actor, and be running rogue scripts.

The attack surface in a simple web search is just huge.
So, do you run a malware analysis on every single site/script you run while browsing? Or have any concrete evidence to show everything you access is clean?

User2288

fl0at0xff

This can be a bit confusing for people unfamiliar with android as was for me as to how an antivirus could not be useful on android given how absolutely necessary it is on windows systems.

To put it in simplest terms, in android, apps just cant find their way into your phone and cant just "run", and when installed they just dont have access to anything. This combined with the fact that in android apps are always downloaded from reputable and trustable sources makes antivirus totally irrelevant. That is unless you go out of your way to install a dangerous app.

Antivirus on android also cant detect deep root access attacks staged by sophisticated actors which makes it un-useful. It also doesn't have root access so it cant protect the system and to give it root access actually compromises the system.

Bottom line: android's security structure is more robust that most systems with antivirus systems. Its build also in such a way that it isn't able to integrate with anti virus programs. So no antivir.

Just add a good firewalling/adblocking ability to GOS and be mindful of your practices and you are as secure as having an antivirus.

[deleted]

Anti virus on android is about as useful as a bikini is to an Eskimo.

de0u

Hb1hf [...] makeuseof [...]™shows up in my uBO running scripts from 18 different domains. If I allowed all, they each might call additional domains, and we could be running scripts from 30 domains. some of them might be malicious.

The claim that some of them might be malicious is irrefutable. My next-door neighbor might be an axe murderer (we know axe murderers exist).

What's the likelihood?

As "cancerous" as makeuseof might seem, you might want to give it the benefit of the doubt. But any of those 30 domains could be compromised by an external actor, and be running rogue scripts.

Irrefutable.

Hb1hf So, do you run a malware analysis on every single site/script you run while browsing?

If there is a population of people who are blocking ads served by makeuseof because malware analysis reveals that on average they serve one piece of malware per {minute, hour, day, week}, that makes sense.

If there is a population of people asserting everybody should block ads served by makeuseof without presenting any data on how often they contain malware, that is interesting.

Hb1hf Or have any concrete evidence to show everything you access is clean?

Fundamentally, concrete evidence of malware is possible, but concrete evidence of absence is not. So evidence of how often makeuseof serves malware in ads would be welcome.

Then it would be possible to evaluate what fraction of that malware would be successful against Vanadium.

Hb1hf

de0u
For you specifically, there's an easy way to find out. Create a free account in Adguard-dns/etc and set all your browsers to it. But configure it to only use malware lists, uncheck all ads, trackers and annoyances lists. Then log in after a month to see how many requests were blocked.

On a population level, you can check malware lists against Alexa Rank. I figure the lists are big, so you'd need a script for that.

[deleted]

csis01 It would have to obtain root privileges through some exploit (hack) in order to be able to scan anything beyond its own data.

That's not true. Anti-virus can scan apks of any apps, including system apps; but It cannot delete them itself and it also cannot read internal data of them (both /Android/data/<package_name> and /data/app/<package_name>).

csis01

[deleted] No it cannot "read apk" of ANYTHING.