Any pros and cons regarding AntiVir software on a Whonix Windows workstation?
Particularly because it scans each file and could easily transmit content or stats to any third party which is in control of the software (“help us improve…”).
I know Windows is a risk in itself already as you don’t know what it does (defender, malicious software removal tool, crash reports etc.), but let’s assume Windows is needed, would you add additionally some AntiVir software?
There is so many aspects to this topic… Also depends on threat models.
For some general remarks on antivirus, please see:
The problem with Windows antivirus software is, last time I checked, you need to download them in the clear, i.e. without any form of authentication. No OpenPGP verification, not even SSL. This is bad when using clearnet, this is even worse then using Tor. So how would you download the antivirus software in the first place without getting infected?
There is also very few antivirus software for Windows which is Open Source / Libre Software. The old security through obscurity vs security by design / openness discussion. (While Whonix follows the openness approach.)
In my opinion, antivirus software only detects off-the-shelf malware, which you can also prevent getting infected by with proper security knowledge and a proper security concept. So you’re far better off investing into that. And the more sophisticated tailored malware, that’s something antivirus software cannot help with anyway.
Of course, antivirus software has its market. For the average user who does not wish to learn about security, it keeps its computer not free of malware or spyware free, but at least it keeps x of y malware from its computer and therefore running. I mean, it prevents in lucky cases, that there is not that much malware installed, so the computer is no longer usable due to overload. However, those who know basic stuff about computer security, antivirus will be permanently unemployed.