Do you run third-party antimalware on Windows 8?
Call me stupid. Someone typically does in comments. But let me give you reason: I don't run third-party malware detector in Windows 8. Should I? I asked my colleagues what they use, and the general consensus is nothing -- just rely on Microsoft Defender. Are we all nuts, or is there no cause for using something else?
Today is my 12th day using Surface Pro as primary PC and first serious commitment to Windows 8, which I really like on this machine. I didn't rush to install antimalware, like earlier versions. Somehow, I feel safe using Windows 8 Pro. My question: Do you?
There are several reasons for this sense of security, with Internet Explorer 10 being high among them. After years of ActiveX hell, IE on Modern UI is generally locked down from plugins. From a security perspective, Microsoft chose wisely, even though third-party browsers are largely shut out.
I love Chrome, but with exception of all the sync benefits (and they are many), I don't miss the browser as much as expected. IE10 is fast, fluid and fun -- at least on Modern UI. There's something to be said for browser developers conforming to web standards (or at least pretending to). I'd like to see Microsoft rally for a plug-in-free world. That's a dream.
I don't feel as safe about any browser on the Desktop. We'll see how I warm up, or not, over time. Chrome isn't gone from my life, being primary browser on phone and tablet, and I'll eventually want some sync benefits on Windows 8. But I must emphasize, with surprise: IE10 feels pretty good, which says as much about browsers reaching a necessary utility standard.
The cloud is another reason for my sense of Windows 8 safety. All my email comes through trusted services that scan for malware. Images and attachments don't load by default. Then there is the browser, which I consider to be better protection than apps like Outlook. Call me stupid, if you must. But I feel pretty confident about cloud and browser.
Related: Good computing habits. I don't go to bad Internet neighborhoods, rarely click on email attachments (sorry, Ma, but I trashed those cute kitty pics unopened) and carefully check sites in search before clicking links. The latter is important, as SEO poisoning is a real risk to anyone.
That brings me to fourth reason: Defender and SmartScreen, which are built-in to Windows 8. The one provides traditional protection, while the other is more proactive, such as (by default setting) blocking untrusted apps without administrator password. I don't doubt third-party antimalware can do better, but they're not necessary if what Microsoft provides, including hardened kernel, is good enough.
But good enough is the question. Is it? I never ran antimalware on OS X, nor do I on Nexus devices -- and I don't feel anywhere as safe with Android, outside of Chrome. Anything can be cracked, hacked or phished with enough effort, no matter how many layers of protection. There's a question of how safe do you need to be. I could just as easily be mugged as my PC infected. I don't carry a gun or wear a bullet-proof vest. Perhaps if I were a high-value target, something would be needed.
Perhaps my point is this: I've finally reached confidence level about Windows' safety. Microsoft has hardened the frame, put in airbags, requires seatbelts and added other safety measures. No protection can stop me, or you, from driving recklessly or getting creamed by some idiot plowing through a red light. Generally, I feel safe enough. But do you? Please take the poll above and answer in comments below.