While many of us were enjoying some time off for Thanksgiving, the US government took drastic action against Huawei and four other Chinese companies. The hardest hit are Huawei and ZTE, as the ban prevents any new products from being approved for the US market. The other three companies are Dahua and Hikvision, which make video surveillance equipment, and Hytera, which makes radio systems. FCC Commissioner Brendan Carr noted the seriousness of the decision.
[As] a result of our order, no new Huawei or ZTE equipment can be approved. And no new Dahua, Hikvision, or Hytera gear can be approved unless they assure the FCC that their gear won’t be used for public safety, security of government facilities, & other national security purposes.
There is even the potential that previously approved equipment could have its authorization pulled. The raw FCC documents are available, if you really wish to wade through them. What’s notable is that two diametrically opposed US administrations have both pushed for this ban. It would surely be interesting to get a look at the classified reports detailing what was actually found. Maybe in another decade or two, we can make a Freedom of Information Act request and finally get the full story.
[0xacb] has a fun new technique to share, that he calls REcollapse. It’s all about regular expressions that get used in user input validation and sanitation. Regex is hard to really get right, and is full of quirks in how different languages and libraries implement it. A simple example is an email address that contains “punycode” — non-ASCII Unicode characters. It’s perfectly legitimate for an address to contain Unicode, but many normalization schemes collapse unicode strings down into the nearest approximation of ASCII. Take
example.com. If some part of a web service sees these as the same thing, and another backend service keeps sees them as unique, that mismatch could allow account takeover. Enter your email here to receive a password reset link.
The novel thing here is a structured approach to fuzzing for these problems. [0xacb] suggests identifying “regex pivot positions”, places in a string where there could be unexpected or inconsistent regex matching. A very different example of this is the end-of-string symbol,
$. A developer might use this to specify that a given pattern should only be matched when it’s at the very end of a string. But what happens when there’s a newline embedded in the string? It depends on the language. Yikes!
REcollapse is now available as an Open Source tool, and works great to feed fuzzing inputs into an automated tool. Run it against a target, and watch for different responses. Find something good enough, and profit!
The team at Cybervelia have cooked up yet another way to spear-phish a target. Many of us have smart watches, and one of the most useful functions of those wrist-mounted marvels is to glance at a SMS or other message without fishing out a phone. Could an attacker, with a Bluetooth Low Energy antenna, spoof a text message to a nearby smart watch? After some reverse engineering work, absolutely. With the right message, like “need help, 2nd floor”, the target might just start moving without checking the phone and discovering the spoof.
This one’s fun, as the researchers at Phylum found yet another malicious PyPi package campaign back on the 15th. Their tooling alerted them to the activity very early in the campaign, as packages were being uploaded and the payload was still being fine-tuned. That payload was being developed on Github, so there was only one thing to do.
The union of memes and security research is a wondrous thing. The packages were reported, removed, and it looks like this particular malware campaign was eliminated before it really got started.
This does lead to a hilarious tangent from Phylum, about some of the laughably terrible attempts at malware they’ve discovered in other campaigns. There’s a certain poetic justice to be found in malware refusing to run, because the deobfuscation routine checks for the acknowledgement string and errors out when it’s tampered with.
Lastpass has updated their security incident report, noting that there seems to have been follow-on access of data. They noticed “unusual activity within a third-party cloud storage service”, which usually means Amazon’s AWS. The story here seems to be that a token to the storage service was snagged during the August compromise, and was just now used for more mischief. This does raise some uncomfortable questions about how well Lastpass understands what data was accessed in the earlier breach. That said, cleaning up after an incident is a complicated task, and missing a single AWS token in the action is all too easy.
In the just-what-we-needed category, the latest report from Google’s Threat Analysis Group names Variston as previously unknown player in the commercial malware game. Like NSO Group and others, Variston seems to have access to 0-day exploits in multiple devices and platforms.
A trio of bug reports were opened in the Chrome bug system, and each contained a mature framework and exploit code for a serious bug. Each of these were known and fixed bugs, but piecing together the clues would indicate that they were being used as 0-days by a vendor, probably Variston. It’s not uncommon for the “legitimate” spyware authors like the NGO Group, the NSA, and others, to properly report bugs once they’ve finished exploiting them, or assumably once a target has discovered the exploit.
There’s a concept in encryption, that pretty much any encryption scheme is theoretically breakable, given enough time and technological innovation. As an example, see the rate at which quantum computers are developing, and the predicted breakdown of some classical crypto. The philosophy that spills out of this reality is that crypto just needs to be strong enough, that the secrets being protected are entirely stale by the time technology and computing power catch up. Which finally brings us to the story, that Emperor Charles V got nearly 500 years out of his cipher. Probably strong enough.
It turns out that this cipher had some clever elements, like multiple symbols that didn’t mean anything at all, just to make it harder to figure out. The real breakthrough was finding a cipher text that had been loosely translated. It was enough to finally figure out the basic rules. So what was in the central letter that was finally deciphered? Political maneuvering, fears of assassination, and a conspiracy to spread fake news to downplay a setback. Some things never change.
There was a Reddit post over the break that caught our attention, where a user wired money online from his bank in England to Kenya, to pay for a trip. It was a legitimate transaction, but triggered the fraud protection from his bank. In the conversation with the fraud department, one of the flags for possible fraud surprised the Redditor in question: You have TeamViewer installed on your computer.
Now wait. That’s a bit disconcerting, a website can see your list of installed programs? No, not directly. There is no web API to list applications, at least, not since ActiveX died. However, there is an API to list installed fonts. And since Teamviewer brings its own font, it’s pretty easy to detect when it’s installed. And let’s face it, a remote controlled desktop is a reasonable flag for malicious activity. So now you know, your fonts may just be fingerprinting you.
The Google Play store has ejected a pair of mildly popular apps, that were spying on users’ SMS messages. The data collection was incidental, and the real point was to enable fake accounts on various web services, using the victim’s cell phone numbers. Need a hundred Twitter accounts? Rent access to a hundred compromised phones, to use those numbers for the activation flow.
Need to get something past a plagiarism checker? Just rot13 and change the font! It’s a silly demonstration, but it does indeed work. Make your own font to change the letter mapping, and then apply the reverse mapping to the underlying text. To the human eye, it’s the same, but to an automated tool it’s garbage. Save as PDF, and off you go. While circumventing a plagiarism filter is a bad idea, this could have other, more positive uses, like censorship circumvention.
Black Hat 2022 videos are available, only three months later. There are some fun presentations in here, like the Starlink hack, analysis of real-world malware campaigns, and lots of software getting compromised. Enjoy!
China has reacted angrily to reports that the United States has stopped approving licences for American companies to export most items to China’s hi-tech company Huawei, accusing the US of deliberately targeting Chinese companies under the pretext of national security.
US officials are creating a new formal policy of denial for shipping items to Huawei that would include items below the 5G level, including 4G items, wifi 6 and 7, artificial intelligence, and high-performance computing and cloud items, according to a Reuters report that quoted unnamed sources.
Another source told Reuters the move was expected to reflect the Biden administration’s tightening of policy on Huawei over the past year. Licences for 4G chips that could not be used for 5G, which might have been approved earlier, were being denied, the person said.
In November, the Biden administration banned approvals of new telecommunications equipment from Huawei and ZTE because they pose an “unacceptable risk” to US national security.
At a regular press conference in Beijing on Tuesday, the Chinese foreign ministry spokeswoman, Mao Ning, accused the United States of deliberately using an overly broad notion of national security to suppress Chinese firms.
“China strongly opposes the US’s unscrupulous and unjustified suppression of Chinese companies by stretching the concept of national security and abusing state power,” Mao said.
“Such moves violate the principle of market economy and international trade rules, dampen international confidence in the US business environment,” she told reporters.
A US commerce department spokesperson said officials “continually assess our policies and regulations” but did not comment on talks with specific companies.
Huawei and Qualcomm declined to comment. Bloomberg and the Financial Times earlier reported the move.
American officials placed Huawei on a trade blacklist in 2019 restricting most US suppliers from shipping goods and technology to the company unless they were granted licences. Officials continued to tighten the controls to cut off Huawei’s ability to buy or design the semiconductor chips that power most of its products, although licences were granted that allowed Huawei to receive some products. For example, suppliers to Huawei got licences worth $61bn to sell to the telecoms equipment giant from April through November 2021.
Huawei has faced US export restrictions around items for 5G and other technologies for several years, but the US Department of Commerce has granted licences for some American firms to sell certain goods and technologies to the company. Qualcomm in 2020 received permission to sell 4G smartphone chips to Huawei.
In December, Huawei said its overall revenue was about $91.53bn, down only slightly from 2021 when US sanctions caused its sales to fall by nearly a third.
MUNICH, Germany — As the world’s security elite gathers in Munich this week, they’ll be connecting their mobile phones to Chinese telecoms equipment surrounding the venue.
Heads of state, security chiefs, spooks and intelligence officials head to Germany on Friday for their blue-riband annual gathering, the Munich Security Conference. On the event’s VIP list are U.S. Vice President Kamala Harris, German Chancellor Olaf Scholz, French President Emmanuel Macron and hundreds more heads of state and government, ministers and foreign dignitaries.
The gathering takes place at the five-star Hotel Bayerischer Hof. From its ice-themed Polar Bar on the hotel’s rooftop, you can overlook the city's skyline, spotting multiple telecommunications antennas poking between church steeples. Some of these antennas, within 300 meters of the hotel, are equipped with hardware supplied by controversial Chinese telecoms giant Huawei, POLITICO has learnt through visual confirmation, talks with several equipment experts and information from industry insiders with knowledge of the area’s networks.
One mast, on top of the Hotel Bayerischer Hof building itself, is also potentially equipped with Huawei gear, talks with two industry insiders suggested.
The question of whether to allow Chinese 5G suppliers into Western countries in past years became a bone of contention between Berlin on the one hand and Washington and like-minded partners on the other. This week’s gathering also comes as the U.S. continues to call out Germany’s economic reliance on Beijing, with a new report showing the German trade deficit with China exploded in 2022, and amid sky-high tensions between Washington and Beijing over surveillance balloons hovering over the U.S., Canada and elsewhere.
“The dependence on Huawei components in our 5G network continues to pose an incalculable security risk,” said Maximilian Funke-Kaiser, liberal member of the German Bundestag and digital policy speaker for the government party Free Democratic Party (FDP).
“The use of Huawei technology in the mobile network here runs counter to Germany's security policy goals,” Funke-Kaiser said, calling the vendor’s involvement in German 4G and 5G “a mistake in view of the Chinese company's closeness to the state.”
Huawei has consistently denied posing a security risk to European countries.
Despite extensive reporting, POLITICO was unable to gather on-the-record confirmation of which vendor’s telecoms equipment was used for which masts. Operators and vendors refused to disclose the information, citing contractual obligations, and local authorities said they didn’t have the information available.
The security risks associated with Huawei equipment also vary, and differ even among close allies in the West. Some capitals argue the real risk of Chinese telecoms equipment is the overreliance on a Chinese firm in an unstable geopolitical situation — much like Europe relied on Russian gas for its energy needs.
But others argue that the risk runs deeper and that China could use Huawei’s access to equipment and data in European mobile networks — especially in areas of critical importance and high sensitivity — to put the West’s security at risk. Huawei has been implicated in a number of high-profile espionage cases, including at the African Union Headquarters.
When asked about Huawei’s presence in Munich, Mike Gallagher, a Republican and Chairman of the U.S. House select committee on China, said POLITICO’s findings were “troubling” and “should concern every individual attending the conference.”
The chair of the U.S. Senate intelligence committee, Mark Warner, a Democrat who’s attending the conference, said it was “a timely reminder that we must continue to work with like-minded allies to promote secure and competitively priced alternatives to Huawei equipment.”
U.S. Senate intelligence committee Vice Chair Marco Rubio (Republican, Florida) said U.S. diplomats “should be aware of the risks and take necessary precautions.”
From a 2007 speech by Russia’s Vladimir Putin to U.S. President Joe Biden’s virtual address at the start of his mandate in February 2021, the conference strives to set the global diplomatic and international relations agenda. Its organizers see it as an open space for debating geopolitics and world affairs, with attendees ranging from across the world and an advisory board where Chinese state officials sit alongside Western diplomats and titans of industry.
The conference’s guest list reveals something else too: The gathering is seen as critical by U.S. government officials. This year, the U.S. is sending its largest delegation yet, with Harris flanked by dozens of government officials, security chiefs and congresspeople, including Democrat leader Chuck Schumer, Republican leader Mitch McConnell and others.
For these U.S. attendees — and the Western partners that see eye to eye with the U.S. position on China’s telecoms giant Huawei — the networks around the premises prove troublesome.
An online map on the website of Germany’s telecoms agency, the Bundesnetzagentur, shows 13 locations for masts and antennas surrounding the Hotel Bayerischer Hof. The agency also provides information about which of the country’s three main operators — Deutsche Telekom, Vodafone and Telefónica — use which locations.
POLITICO shared photos of seven masts near the hotel with four experts specialized in telecoms radio access network (RAN) equipment. These experts established that at least two were equipped with gear of Chinese telecoms giant Huawei.
If a network operator has one mast equipped with Huawei in Munich, it likely equips all masts in the area with the same vendor, two industry insiders said. Operators usually use one provider for larger areas. This means at least one other location is also likely equipped with Huawei gear, the insiders said. Three other locations, including the mast on the roof of the conference venue, are used by an operator using Huawei equipment but those locations are part of infrastructure that is shared by several operators, meaning there's a chance these are equipped with Huawei gear but it's unconfirmed.
The findings are in line with accurate reports on Germany’s telecoms infrastructure.
Europe’s largest economy is a stronghold for Huawei in the West. A report by boutique telecoms intelligence firm Strand Consult estimated that Germany relies on Chinese technology for 59 percent of its ongoing 5G network deployment. The country already had a massive reliance on Chinese equipment in its 4G network, where Strand estimated Huawei accounts for 57 percent.
“If you look at the percentage of Chinese equipment in Germany, you could say it is the most unsafe country in Europe,” said John Strand, founder of Strand Consult. “Welcome to the Munich Security Conference: We can’t certain your security,” he quipped.
Establishing with certainty just how many of the 13 masts are equipped with Chinese telecoms gear is extremely difficult. Both German operators and their vendors have a policy to not communicate what equipment they’re using in which locations, citing contractual obligations on confidentiality.
Deutsche Telekom and Vodafone confirmed that they use Huawei in their German antenna networks. Telefónica said they use “a mix of European and international network suppliers” in Germany. Yet, all declined to comment on whether they use Huawei in Munich.
Ericsson, Nokia and Huawei all declined to comment on whether they were providing gear in the greater Munich area, referring questions to the local operators.
Government regulators, too, divulge no details of which suppliers provide gear for certain locations. The Federal Network Agency and the Federal Office for Information Security admitted they don’t know which equipment is fitted to which mast; both referred to the interior ministry for answers. The interior ministry said it “does not usually know which critical components are installed on which radio mast in detail.”
The Hotel Bayerischer Hof forwarded questions about mobile infrastructure on its roof to the security conference’s organizers.
The Munich Security Conference itself said in a statement: “As a matter of principle, we do not comment on the exact details of the infrastructure used for the main conference in Munich. We are in close contact with all relevant authorities in order to secure the conference venue, the participants and the digital space accordingly.”
The Federal Office for Information Security (BSI) does provide its own security networks for official events, but the Munich Security Conference is “outside the responsibility of the BSI,” the BSI said in an email.
Through its 5G equipment it is feasible for Huawei to spy on users of a network or to disrupt communications as the very design of 5G makes it harder to monitor security, the head of the U.K.'s intelligence service MI6, Alex Younger, said to an audience in his second public speech.
But John Lee, director of the consultancy East-West Futures and an expert on Chinese digital policy, said it’s “not a clear cut technical case” as to whether Huawei equipment in current telecoms networks represents a material security risk.
“Some non-Western countries are proceeding to upgrade their telecoms infrastructure with Huawei as a key partner,” Lee said. “This is still mainly a political issue of how much suspicion is placed on the ambitions of the Chinese state and its relationship with Chinese companies.”
In an effort to coordinate a common approach to vendors, the EU developed “5G security toolbox” guidelines in 2019 and 2020 to mitigate security risks in networks. Some major European countries, including France, have imposed hard restrictions for their operators, including by limiting the use of “high-risk vendors” — a term widely understood across Europe to be Chinese vendors Huawei and ZTE — in certain strategic geographic areas.
In Germany, however, policymakers took years to agree on their framework for 5G security. In April 2021 — more than a year after the EU’s joint plan came out — it passed measures that allowed the government to intervene on operators’ contracts with Chinese vendors.
But those interventions haven’t barred the use of Huawei in certain geographical areas yet.
And the interior ministry — which has veto power to ban or recall certain components if they see them as an “impairment of public order or safety” — hasn’t intervened much either, a ministry spokesperson said via email.
Up till now, the spokesperson said, specific orders to cut Huawei from German networks “have not been issued.”
Alex Ward, Maggie Miller and Tristan Fiedler contributed reporting.
One of the world’s leading providers of fifth-generation (5G) mobile technology, Huawei is a Chinese telecommunications giant that has stoked fears of espionage and intellectual property theft in the United States and many other countries. In response, Washington and its allies have imposed sweeping restrictions on Huawei as part of a larger crackdown on Chinese technology companies.
More From Our Experts
Some experts warn that tensions between Washington and Beijing over technology could lead to a “digital iron curtain,” which would compel foreign governments to decide between doing business with the United States or China.
Technology and Innovation
It is the world’s largest provider of 5G networks and a leader in sales of telecommunications equipment. Based in Shenzhen, China, Huawei sells its products domestically and internationally. In the United States, it has helped provide connectivity in rural areas of Alabama, Colorado, Oklahoma, and other states.
Ren Zhengfei, the company’s billionaire CEO, founded Huawei in 1987. With more than 190,000 employees, according to its website, Huawei claims to be a private company fully owned by its employees, though its precise ownership structure is unknown.
In accurate years, the United States and several other countries have asserted that the company threatens their national security, saying it has violated international sanctions and stolen intellectual property, and that it could commit cyber espionage. Many U.S. policymakers view Huawei as a commercial extension of the Chinese Communist Party (CCP).
More From Our Experts
Cyber espionage. The main concern, according to U.S. intelligence agencies, is that the Chinese government could use Huawei to spy. Officials, primarily in the United States but also in Australia and several other countries, point to intentionally vague Chinese intelligence laws that could be used to force Huawei to hand over data to the Chinese government. (The United States has not publicly provided evidence that this has happened.) There are also concerns that Huawei’s 5G infrastructure could contain backdoors that allow the Chinese government to collect and centralize massive quantities of data and deliver Beijing the necessary access to attack communications networks and public utilities. In 2022, an FBI investigation found that Huawei equipment can be used to disrupt U.S. military communications, including those about the U.S. nuclear arsenal.
Congress began receiving warnings about Huawei as early as 2012, when a U.S. House Permanent Select Committee on Intelligence report [PDF] concluded that using equipment made by Huawei and ZTE, another Chinese telecommunications company, could “undermine core U.S. national security interests.” In 2018, six U.S. intelligence chiefs, including the directors of the CIA and FBI, cautioned Americans against using Huawei products, warning that the company could conduct “undetected espionage.”
Technology and Innovation
At the heart of Washington’s concerns is 5G, the latest technology standard for cellular networks, which provides faster get speeds for smartphones, connects devices in smart cities, and supports autonomous vehicles and robots. “5G is a different type of risk versus 4G or 3G. It’s much harder to separate the core from the periphery,” says CFR’s Adam Segal. “Once you have those risks, you have to trust the company much more. But it is difficult to trust Huawei, given the relationship between companies and the Communist Party.”
Intellectual property theft. U.S. companies and global telecom firms have for years accused Huawei of stealing trade secrets, starting with Cisco’s 2003 lawsuit alleging that its source code appeared in Huawei products. (The suit was later settled.) In 2017, a U.S. jury found Huawei guilty of stealing intellectual property from T-Mobile, and in 2020, the U.S. Justice Department charged Huawei with racketeering conspiracy and conspiracy to steal trade secrets. According to the indictment, these violations allowed Huawei to “drastically cut its research and development costs and associated delays, giving the company a significant and unfair competitive advantage.”
Trade violations. The United States claims that Huawei has violated sanctions on Iran and North Korea. A federal indictment unsealed in January 2019 against Meng Wanzhou, Huawei’s chief financial officer and Ren’s daughter, said that Huawei defrauded banks in order to do business with Iran and obstructed justice in the process by destroying evidence. Meng was detained in Canada in 2018 at the request of the United States, which was seeking her extradition. In 2021, she reached a deferred prosecution agreement with the U.S. Justice Department, which later dropped the charges against her.
The government has considerable sway over Chinese private companies through heavy regulation, including the requirement that they establish CCP branches within them, and state-backed investment. Executives of many of the biggest companies are party members, including Alibaba cofounder Jack Ma and Huawei founder Ren, who served as an engineer in the People’s Liberation Army during the Cultural Revolution.
Under President Xi Jinping, the lines between public and private have become even more blurred. Experts have observed that the CCP is working to boost its influence over private industry, especially tech companies. In accurate years, state-run companies and local governments have invested more in private firms. Foreign news organizations have also reported that the government could start pressuring tech companies to offer the party direct ownership stakes and deliver party members even greater roles in management. While there is no evidence that this has happened at Huawei, Beijing has taken a stake in an entity owned by ByteDance, the parent of video-sharing monolith TikTok.
Some experts and U.S. officials also point to vague Chinese laws that could be used to force Huawei to help the government with intelligence gathering. For example, the National Security Law [PDF], enacted in 2015, states that citizens and enterprises have the “responsibility and obligation to maintain national security.” The 2017 National Intelligence Law [PDF] declared that Chinese companies must “support, assist, and cooperate with” China’s intelligence-gathering authorities. These laws have prompted additional U.S. concerns that TikTok could share user data with the Chinese government.
Huawei has distanced itself from the CCP, repeatedly asserting that its equipment has never been used, and will never be used, to spy. In January 2019, Ren said he “would never harm the interest of my customers” and that Huawei would not answer government requests for intelligence. In May 2018, Huawei commissioned a report [PDF] from a Chinese law firm supporting its argument that it cannot be forced to spy, but other lawyers in China and around the world said the law has never been tested. The Chinese government has also gone to bat for Huawei, saying it would “take all necessary measures to safeguard” Chinese companies.
Huawei became the world’s largest telecommunications company over three decades, reporting $138 billion in revenue in 2020, a 12 percent jump from the previous year. This success has helped drive suspicion that the Chinese government has played a more significant role in the company in accurate years than its leaders have let on.
In 1996, both the government and military began treating Huawei as an official “national champion,” a status reserved for firms that bolster China’s strategic aims. The move highlighted a shift in official policy. From then on, Beijing explicitly supported domestic telecom companies—and Huawei even more than others [PDF]—to prevent foreign domination of the industry. The Chinese government ensured Huawei had easy access to financing and high levels of government subsidies—up to $75 billion in state support since the company was founded.
These underpinnings have allowed Huawei to price its network equipment below foreign competitors’ rates; a European Commission investigation found that Huawei has underbid its competitors by up to 70 percent. Experts said that Huawei’s prices would not have even covered the cost of producing their parts without subsidies. Chinese state banks also provide countries with low-interest loans to use Huawei’s equipment.
Huawei says its low prices are the result of technological expertise—a claim with some merit, according to industry experts. Huawei’s annual research and development (R&D) budget is among the world’s largest, and Ren says his firm spends more on it than most publicly listed firms can. At over $22 billion in 2021, Huawei’s R&D expenditures rank alongside those of Alphabet (Google’s parent company) and Amazon; when R&D is measured as a percentage of sales, Huawei’s expenditures are proportionally double.
U.S. government limitations on Huawei have been ongoing since 2017, when Congress restricted some Department of Defense networks from using Huawei or ZTE equipment. In 2018, the Donald Trump administration banned more U.S. federal agencies from using the telecom giants’ equipment. (Huawei sued the United States over the restriction.) That same year, following pressure from regulators, AT&T walked away from a deal to sell Huawei’s smartphones.
U.S. actions against Huawei continued to build throughout the Trump presidency: in 2019, Trump signed an executive order prohibiting U.S. companies from doing business with Huawei, and the Commerce Department added the company to its “entity list,” restricting it from buying U.S. goods. Shortly after, Google said it would restrict Huawei’s access to its products, including its Android operating system; a new Huawei phone unveiled later in the year didn’t come with Android apps.
The department cracked down further in May 2020, issuing new rules to block foreign semiconductor manufacturers that use U.S. machines and software from shipping products to Huawei without a license. Prior to the bans, Huawei said it relied on U.S. software, microchips, specialty lasers, and other products for one-third of its supply chain, amounting to $11 billion. More than one hundred Huawei affiliates have been added to the commerce department’s entity list since then, crippling the company’s ability to obtain critical U.S. goods.
Other government agencies have followed suit. In November 2019, the Federal Communications Commission (FCC) voted to designate Huawei and ZTE as national security threats, which prevents U.S. internet providers from using federal funds to purchase the tech companies’ equipment. Huawei filed a legal challenge, but the FCC’s decision went into effect in June 2020. That same year, Congress provided $1.9 billion to the FCC for the agency to remove Huawei equipment from existing U.S. networks. The Trump administration also imposed visa restrictions on Huawei employees it says contribute to human rights abuses committed by the Chinese government, including against Uyghurs in China’s Xinjiang region
President Joe Biden has upheld restrictions against Huawei and introduced new bans that have further hamstrung the company. In November 2021, Biden signed a bill aimed at preventing Huawei and ZTE from receiving equipment-making licenses from U.S. regulators, including the FCC. A year later, in November 2022, the FCC adopted new rules that prohibited the sale of some communications equipment made by Huawei or ZTE in the United States, citing “unacceptable” national security risk. And in January 2023, the Biden administration stopped providing licenses for U.S. companies to export goods to Huawei. Biden has also taken such measures beyond Huawei, signing legislation that precludes any Chinese manufacturer from obtaining chips or chipmaking equipment made with U.S. parts anywhere in the world.
Despite the restrictions, the Commerce Department has allowed some business activities that it says do not pose significant risks to U.S. national security. Since 2017, the Trump and Biden administrations have allowed over $60 billion [PDF] in transactions between Huawei and U.S. firms.
Some critics say that while the restrictions have handicapped Huawei, they would be even more effective if combined with a U.S.-led alternative. “A principal reason that the United States has not had more success in persuading countries not to use Huawei equipment is that it cannot offer an alternative,” CFR’s David Sacks writes. “The United States does not and will not have a company that is competitive in the full stack of 5G equipment.”
To get more countries to wean off Huawei, Sacks argues that the United States should finance European competitors’ 5G networks and develop open radio access networks, a system that would allow multiple companies to provide different components of a singular 5G network. Meanwhile, it should fund research and development to better compete in sixth-generation (6G) technology, which is expected to replace 5G within fifteen years.
It’s not just the United States that has banned Huawei. Washington has pressured its allies to follow suit, even threatening to stop sharing intelligence with countries that use Huawei. The countries of the so-called Five Eyes intelligence alliance—The United States, Australia, Canada, New Zealand, and the United Kingdom—have banned or are rolling out bans of Huawei. Other U.S. partners, such as Belgium, Denmark, Estonia, France, Lithuania, Poland, Romania, and Sweden have restricted the use of Huawei equipment in the construction of their 5G networks.
Experts say that the bans have caused Huawei to reprioritize its domestic market due to a shortage of international business. In 2020, Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest chip supplier, halted business with Huawei, citing U.S. export controls. TSMC had supplied over 90 percent of Huawei’s smartphone chips. Because of the semiconductor restrictions, Huawei has had “to exit whole lines of business, because [they] don’t have access to advanced semiconductors because of these export controls,” CFR’s Sacks says. While Huawei accumulated a limited number of semiconductors before the bans took effect, it reportedly ran out in late 2022. The shortage has hurt Huawei’s bottom line: in 2021, the company reported $95 billion in revenue—a 23 percent drop from 2019 levels.
Other countries, especially those participating in China’s Belt and Road Initiative, are already using or have agreed to use Huawei’s equipment to build 5G networks.
Many have been attracted by the company’s ability to provide high-quality networks for low prices. Huawei is helping Malaysia and Russia build their 5G networks, and it has signed contracts to build 5G networks for a number of countries in Latin America.
Authorities in potential markets that have not ruled out using Huawei, including several European countries, argue that security risks are inherent in all 5G networks, regardless of the supplier. They acknowledge, however, that the risks are higher for Huawei. Officials in these countries say they prefer to keep their auctions for 5G construction open to all firms and will tighten security measures to minimize any risks.
Analysts say U.S. policymakers have not come up with a better option for low-income countries, especially as 5G networks are dominated by just three firms: Huawei, the Finnish firm Nokia, and the Swedish firm Ericsson. Even after U.S. restrictions went into place, many low-income countries still chose Huawei, which is frequently the cheapest option, to build their 5G networks.
“We still haven't really addressed the larger issue, which is that developing countries and other countries have connectivity demands and Chinese tech is cheap and reliable,” says CFR’s Segal.
You say you’ve installed antivirus protection on all your devices? Hooray! That’s a very good start, but you may want to consider leveling up. Data on your computers is protected behind the antivirus program’s defenses, but once that data leaves your computer those defenses lose their power. A VPN protects that data in transit, and has other virtues as well. If you have kids, you may want a parental control system. Backup is the ultimate security for your data. Upgrading to a full-on security suite gets you a panoply of protection a simple antivirus can’t match.
Some security companies just add the most essential components to create a suite, while others rope in a huge variety of security elements. Just which of these security juggernauts should you choose? We’ve reviewed nearly 40 different suites and pulled together the best, from simple entry-level suites to cross-platform multi-device lollapaloozas. We're sharing the top suites we've tested here, along with what makes them unique and how they can work for you.
This article briefly mentions the many tests we use to evaluate security suites and determine which are the best. If you want more details on the torture tests we perform on every product we review, please read the full explanation of how we test security software.
*Deals are selected by our commerce team
Deeper Dive: Our Top Tested Picks
When you buy a security suite, there’s an implied promise it will keep you safe. Norton 360 Deluxe makes that promise explicit. As long as you choose auto-renewal, you’ve got a certain Norton support will handle any malware that gets past the app’s protection. And that’s some powerful protection—all four independent labs we follow routinely deliver Norton perfect to near-perfect scores. It also aces our hands-on tests.
This suite includes a robust, intelligent firewall, a basic password manager, and a local spam filter, as well as a dark web monitoring system to warn if your private data is exposed. As a standalone, the parental control system is an Editors’ Choice. Your subscription lets you protect up to five devices running Windows, macOS, Android, or iOS. It also gets you five full licenses for Norton’s VPN. That’s a rarity; many other suites make you pay extra to remove limits from their included VPN components. And the 50GB of online storage for your backups is a nice bonus.
Some users were put off by the inclusion of Norton Crypto, an Ethereum-mining component managed by Norton. That's over due to Ethereum's merger and move away from GPU-based mining. Users can keep or cash out any cryptocurrency they've already accumulated, but Norton-backed mining is over.
Norton security products have been around for decades, and the brand has plenty of fans. This is a good choice for anyone who wants a time-tested suite that covers all the bases, but it's especially good for those who wisely opt to protect their connections with a VPN.
Bitdefender’s standalone antivirus packs in more features than some self-proclaimed suites, and Bitdefender Internet Security piles on even more. The core antivirus technology consistently earns perfect and near-perfect scores from independent testing labs, and its ransomware-specific protection aced our tests. Other key features include a no-hassle firewall, a simple spam filter, password management, file shredding, a full-powered parental control system, and more. And it wraps all this protection in an AutoPilot system that lets you sit back and enjoy your protection, with minimal interaction.
Bitdefender does include a VPN, but with limits. You can’t pick and choose among available servers, and you can only use 200MB of bandwidth per day. That’s enough to try out the VPN protection, but if you plan to make serious use of the VPN you’ll have to pay for an upgrade.
Maybe you’re torn between two choices. On the one hand, you want a security suite that packs in every important security component. On the other hand, you don’t want those components clamoring for your attention when you’re working, gaming, or relaxing with a video. Is that you? If so, then Bitdefender Internet Security, with its multitude of components reined in by AutoPilot, is just what you need.
You almost certainly have security protection for your PCs, but have you protected your other devices? Bitdefender Total Security pours all the excellent, well-behaved features of Bitdefender Internet Security into your Windows boxes, and goes on to offer protection for your macOS, Android, and iOS devices. It also kicks its Windows game up a notch with system optimization and an unusual anti-theft component.
You manage your installations (or launch new ones) from the handy Bitdefender Central online console. Installing protection on a Mac you get Bitdefender Antivirus for Mac, an Editors’ Choice in its own realm, as well as the same limited VPN you see in Windows. The password manager and parental control features also support macOS.
Installed on Android, Total Protection brings a comprehensive collection of security features. It scans for malware on demand and also scans every new application. If you lose your phone, you can log in to Bitdefender Central and locate, lock, or wipe it. Scam Alert flags suspicious text messages, Web Protection fends off malicious and fraudulent web pages, App Lock adds a second PIN for your most sensitive apps, and Account Privacy checks known data breaches to see if your email was involved. This is an impressive Android app.
The same Apple-enforced strictures that make writing iOS malware difficult also interfere with creating security software for iOS. As with all cross-platform suites, Bitdefender’s iOS protection is relatively limited. You do get Account Privacy and the same limited VPN as on other platforms. However, there’s no antivirus component, nor does anti-theft make an appearance. Web Protection is limited. On the plus side, as long as you don’t enable Web Protection, your iOS installation doesn’t use up one of your licenses.
Bitdefender Total Security protects your Windows devices just as Bitdefender Internet Security does, which should make anyone happy. But Windows boxes are only part of the picture. Total Security adds award-winning protection for your Macs, a comprehensive suite for your Android devices, and even a modicum of security for iOS. If you need to secure and manage a household full of disparate devices, this one’s for you.
Norton’s security software can protect your devices and your local data, but it can’t reach out into the real world and protect your identity. That’s why you want Norton 360 with LifeLock Select. This suite starts with everything we like about Norton 360 Deluxe and adds identity monitoring and identity theft remediation supplied by identity pioneer (and Norton property) LifeLock.
Once you’ve set up LifeLock, Norton monitors the dark web for any sign that your identity has been compromised. It tracks possible misuse of your SSN, unexpected new accounts in your name, and anomalous financial transactions. If you lose your wallet (or have it stolen) Norton can help deal with the fallout. You get periodic credit reports, along with help freezing your credit if necessary. And if the worst happens and your identity is stolen, Norton will spend up to a million dollars on remediating the theft.
This suite costs about $45 more than Norton 360 Deluxe alone, and you still get just five security suite and five VPN licenses, though storage for your backups rises to 100GB. At the Advantage level, which costs $100 more per year, you get ten of each license type and 250GB of storage, along with enhancements to monitoring and larger payouts for losses. Spend another $100 and you reach Ultimate Plus, which maxes out monitoring options and payouts and lets you install security suite and VPN protection on every device in your household.
Are you horrified to think that some malefactor could masquerade as you, open accounts in your name, spend your money, even get arrested while posing as you? Yes, identity theft can be a nightmare. Norton 360 with LifeLock Select protects your devices against malware and such, and also functions as an early warning system so you can nip identity theft in the bud. What a combination!
You installed security on your PC, and on your Mac, and your mobile devices. But what about your partner’s devices, and all those electronic devices that so enrapture your children? You could be looking at quite an expense to get them all secured. Unless, that is, you turn to McAfee+. This generous suite lets you protect every device in your household, whether it runs Windows, macOS, Android, or iOS. It even supports Chromebooks and ARM-based laptops. That protection includes use of McAfee’s VPN with no limits on bandwidth or server choices, as well as numerous security bonus features. Better still, the antivirus component aces our hands-on protection tests.
McAfee+ comes in three tiers, Premium, Advanced, and Ultimate. You get basic Dark Web monitoring of personal information at all three levels. The Advanced and Ultimate levels include full-scale identity theft monitoring and remediation, roughly parallel to Norton’s LifeLock. It doesn’t monitor quite as many different aspects of your identity, but it hits the important ones. And, like LifeLock, it comes with a guarantee. If you suffer identity theft, McAfee will spend up to a million dollars helping you to a full recovery.
If you live in a Manhattan rent-controlled apartment with your cat, your Mac, and your iPhone, this isn’t the suite for you. But if you have a house full of modern digitally active people, it can be a godsend. More than 10 devices? More than 20? Relax, they’re all covered!
What kind of security do you want for your devices? Maximum security, naturally! Trend Micro Maximum Security has you covered, with protection for Windows, macOS, Android, and iOS devices. All four of the antivirus testing labs we follow consider the Trend Micro antivirus engine important enough to merit examination, though it doesn’t always get the best scores. It did score very well in our hands-on tests defending against malware-hosting websites and phishing frauds.
On Windows, Trend Micro presents a wide array of features, among them: multi-layered ransomware protection; protection for online transactions; a PC Health Checkup system; a scanner for privacy lapses in social media; an advanced encryption system for your sensitive documents; and a file shredder to securely delete originals after encryption. A few of its features aren’t quite as stellar. The parental control system is limited, password management handles just the basic, and spam filtering works only with Outlook. Even so, the collection of security features is impressive.
In cross-platform suites, it’s not uncommon for Windows to get all the goodies, leaving Macs with just a basic antivirus. Not so with Trend Micro. The macOS product gets top scores from the testing labs. It scans for malware on access, on demand, and on schedule, and also scans any removable drives you mount. Other features include ransomware protection, detection of web-based threats, preventing misuse of the camera and mic, parental control, and the same social network scan as on Windows. Android users likewise get a feature-complete security suite, and it offers more protection than most on iOS devices.
On Windows, Trend Micro Maximum Security is feature-rich, but has a few rough edges. But on macOS, Android, and iOS, it outperforms the competition. It’s a great choice if you need to protect across multiple platforms, and even greater if Windows isn’t your primary platform.
Instead of the typical geometric shapes, Avast One decorates its display with color splotches, doodles, and happy people. If you like top-notch lab scores, you’ll be happy too. The labs all keep an eye on Avast, and it takes perfect scores in almost all of them. It rates near the top in our hands-on tests, too, and its full scan is faster than most. If malware interferes with Windows itself, Avast’s boot-time scan takes care of it, and it balks ransomware by banning unauthorized file changes.
Antivirus protects your data locally, while a VPN protects it in transit. Avast’s VPN isn’t the most feature-rich, but you can use it with no limits. Among other unusual security features, Avast can: protect sensitive documents from others including other accounts on the same PC; prevent use of the webcam by untrusted programs; and check to see if any of your passwords got exposed in a breach. You also get a set of performance enhancement features liberated from the limits imposed in Avast’s free edition.
Two independent labs verify that Avast offers excellent protection for your Macs. Many features carry over from Windows, among them ransomware protection, performance enhancements, web-level protection against dangerous sites, and the VPN. And Mac users get an anti-tracker feature that doesn’t appear in Windows. It’s not as comprehensive on Android, though, and offers even less on iOS.
Avast is a household name around the world, with millions relying on its free antivirus. If you’re an Avast aficionado looking to kick your security game up a notch, this suite is the way to go.
An Avira Prime subscription gets you every security tool from Avira, but that’s not all. Any time Avira comes up with a new security product, you get that too. Many of these are available separately in both free and Pro editions—Avira Prime users naturally get the Pro editions. And it supports Windows, macOS, Android, and iOS.
All the independent labs I follow include Avira, and it aces most (but not all) of their tests. In my own hands-on tests, though, it came up a bit short. On the plus side, you can use its VPN freely, with no limits on bandwidth or server choices. System Speedup Pro With HyperBoost aims to fine-tune performance, Software Updater Pro automatically finds and applies needed security patches, and Password Manager Pro adds an advanced security report that’s not available in the free edition.
Other than removing VPN limits, Avira's Pro-level macOS edition doesn’t add a lot beyond what you can get for free. Android users wind up installing three apps: Antivirus Security Pro, Phantom VPN Pro, and Password Manager Pro. On an iOS device, Avira’s scan covers Protection, Privacy, and Performance, but not malware. The password manager and VPN are among the other apps that have an iOS presence.
When Avira Prime is your suite, you don’t have to fear missing out on the latest and greatest features. Whatever marvel Avira’s developers and wizards come up with, it’s yours. Avira is the no-FOMO choice.
That blue-eyed cyborg peering at you from the main window makes it clear that ESET Internet Security leans toward high technology. For example, it offers a Device Control system that gives you granular control over what device types and devices can connect to your PC. You could block USB drives in general, but allow use of those you’ve personally vetted. This suite comes with a big set of security tools, some that are fine for all users and some that require serious tech expertise.
An impressive Network Inspector lets you see all the devices connected to your network, with an option to get notified when new devices connect. It also checks your devices for security problems such as ports open that shouldn’t be. Avast once boasted a similar feature, but no longer does so. Other ESET features include firewall, spam filter, anti-theft for laptops, webcam security, banking protection, and a limited parental control system.
As for the core antivirus protection, ESET slips a bit. Its test scores, from just two labs, range from average to excellent, but it tanked our hands on malware protection test. On the positive side, it scored well when we tested its protection against malicious and fraudulent websites. ESET’s Android edition provides a comprehensive set of security features, and the labs deliver it top marks. As for protecting your Macs, ESET offers antivirus, firewall, parental control, and a simplified device control. However, the labs no longer put it to the test, and it tanked one of our hands-on tests.
Quite a few features in the ESET Internet Security suite require an uncommon level of technical expertise. If you’re that uncommon person whose expertise rises to the necessary level, this suite is for you. You’ll use the Network Inspector to gain full insight into your devices, take system status snapshots with SysInspector, and build a perfect set of device control rules. Not you? Maybe look elsewhere.
I check free space before and after each security suite installation, to see how much space is needed. Results are typically in the 1GB to 2GB range. Webroot SecureAnywhere Internet Security Complete, on the other hand, comes in at about 21MB—less if you don’t install the bundled LastPass Premium. And its antivirus scan takes about five minutes, where the average runs to over an hour. It definitely gets the tiny-and-speedy prize.
Webroot does wipe out known bad programs on sight, but its primary detection mode is behavioral. For any unknown program, Webroot monitors behaviors and journals all changes to the system. Irreversible actions like transmitting data from the system are forbidden to unknowns. Sooner or later, Webroot’s online HQ comes up with a verdict. If it’s guilty, Webroot terminates the program and rolls back every single change. It can even roll back ransomware. This technique is a bad fit for most organized testing systems, which assume that an antivirus will take action immediately or not at all, so Webroot doesn’t have any current lab test scores. In our own hands-on tests, though, it gets excellent scores. You won’t find parental control in this suite, nor spam filtering, and Android security has dwindled from its foreign glory.
Webroot offers 25GB of hosted storage along with a system to back up or sync your files. Its firewall focuses on program control, leaving Windows Firewall to do what it does best. You get some simple tuneup tools, plus a collection of features meant to be used by experts or (more likely) tech support.
Is your dog a teacup poodle? Do you build miniature models of your favorite cities? Or do you just like things that do their jobs quickly? Webroot is the smallest security solution around, and among the fastest.
Buying Guide: The Best Security Suites for 2023
Most security companies offer at least three levels of security products, a standalone antivirus utility, an entry-level security suite, and an advanced suite with additional features. Most entry-level suites include antivirus, firewall, antispam, and parental control. The advanced "mega-suite" typically adds a backup component and some form of system tune-up utility, and some also add password management, a VPN, or other security extras.
When a new product line comes out, we start by reviewing the antivirus. In our review of the entry-level suite, we summarize results from the antivirus review and dig deeper into the suite-specific features. And for a mega-suite review, we focus on the advanced features, referring to the entry-level suite review for features shared by both. Your choice of a basic or advanced security suite depends entirely on what features matter to you, and what you're willing to pay for them.
The suites we've rounded up here aim to protect consumers. You can use any of them in a small business, but as your company grows you may need to switch to a SaaS endpoint protection system. This type of service lets an administrator monitor and manage security for all the company's computers.
Kaspersky offers products at three levels—Kaspersky Standard, Kaspersky Plus, and Kaspersky Premium—all of them rated four stars or better in our reviews. In the past, Kaspersky has been very prominent in this roundup. The products remain highly effective, with excellent scores from the independent testing labs. So where's Kaspersky?
For years, Kaspersky has faced accusations and censure based on its Russian origins, though none of the accusations have come backed by hard evidence of malicious behavior. We at PCMag focused on the capabilities of the products, not on the brouhaha around the company. However, the current war in Ukraine has raised the stakes. Governments and third parties are cutting ties with Kaspersky. The FCC labeled Kaspersky a national security risk.
After consideration, we can no longer recommend you purchase Kaspersky security products. We've left the reviews in place, with a warning, since they provide useful information. But at least for now, we're removing Kaspersky products from our "Best for" lists.
Over the years, the Windows Defender program built into Windows 10 has evolved into Microsoft Windows Defender Security Center. That imposing name reflects the fact that in addition to antivirus protection it manages Windows Firewall and other Windows security features. It doesn't truly qualify as a suite; it's just an antivirus that manages other Windows components. Independent antivirus test scores for Windows Defender have literally come in below zero in the past, but its scores have been steadily improving. You can still get better overall protection from the best third-party free antivirus utilities, but Windows Defender is looking better all the time. Even so, it can't replace a full-scale security suite.
Malware protection is the heart of a security suite; without an antivirus component, there's no suite. Naturally you want a suite whose antivirus is effective. When evaluating an antivirus, we look for Good Score from the independent antivirus testing labs. The fact that the labs consider a product important enough to test is a vote of confidence. The very best antivirus products get high ratings from many labs.
We also perform our own hands-on testing. For one test we use a relatively static set of malware samples that's replaced once per year. We note how the antivirus reacts when we try to launch those samples and score it on how well it protects the test system. For another, we try to get very new malicious files from URLs no more than a few days old. Lab test results, our own test results, and other aspects like ease of use go into our antivirus rating.
A typical personal firewall offers protection in two main areas. On the one hand, it monitors all network traffic to prevent inappropriate access from outside the network. On the other, it keeps a watchful eye on running applications to make sure they don't misuse your network connection. The built-in Windows Firewall handles monitoring traffic but doesn't include program control. A few security suites skip the firewall component, figuring Windows Firewall already does the most essential firewall tasks.
The last thing you want is a firewall that bombards you with incomprehensible queries about online activity. Should I let KiberViyna.exe connect with IP address 184.108.40.206 on port 8080? Incoming or outgoing? Allow or Block? Once, or always? Plastic or paper? Modern firewalls cut down on these queries by automatically configuring permissions for known programs. The very best also handle unknown programs by monitoring them closely for signs of improper network activity and other suspicious behaviors.
These days, most of us hardly ever see spam messages in our inboxes because our email providers filter them out. If you don't get this service from your provider, it can be hard to even find your valid mail amid all the offers of male enhancements and magic COVID-19 cures.
If your provider doesn't squelch spam, it's smart to choose a suite with spam filtering built in. Look for one that integrates with your email client. Client integration lets it divert spam into its own folder, and sometimes lets you train the spam filter by flagging any spam messages that get through or, worse, valid messages that wound up in the spam pile.
The best antivirus in the world can't help you if a fraudulent website tricks you into giving away your security credentials. Phishing sites masquerade as bank sites, auction sites, even online gaming sites. When you enter your username and password, though, your account is instantly compromised. Some clever frauds will even pass along your credentials to the real site, to avoid raising suspicions. You can learn to avoid phishing scams, but it's important to have backup from your security suite for those times when you're not as alert. We test phishing protection using real-world fraudulent sites scraped from the internet.
Steering users away from phishing sites helps protect privacy, but that's not the only way suites can keep your private information out of the wrong hands. Some offer specific protection for user-defined sensitive data, credit cards, bank accounts, that sort of thing. Any attempt to transmit sensitive data from your computer sets of an alarm. Some contract with third-party companies to offer credit protection. Other spyware protection techniques include foiling keyloggers, preventing misuse of your webcam, and supplying a hardened browser that lets you do online banking in an environment isolated from other processes.
We don't penalize a suite for omitting parental control. Not everyone has kids, and not every parent feels comfortable about controlling and monitoring their children's computer use. However, if parental control is present, it has to work properly.
Blocking inappropriate websites and controlling how much time the child spends on the Internet (or on the computer) are the core components of a parental control system. Some suites add advanced features like instant message monitoring, limiting games based on ESRB ratings, and tracking the child's location. Others can't even manage the basics successfully.
Local antivirus and security suites protect your data and documents, but their protection doesn't extend to your internet communications. A virtual private network, or VPN, secures your internet traffic and can also serve to hide your genuine IP address or location from snoops. Most VPN companies have just the one product, but some security suite companies have ventured into the VPN realm.
Typically, though, you don't get full VPN protection as part of your suite. Some install a free edition, or a free trial. Others offer a link that sends you online to subscribe. Norton 360, McAfee+, and Panda Dome Premium are rare exceptions, both offering a VPN without such limits.
One big reason to use a security suite rather than a collection of individual utilities is that the integrated suite can do its tasks using fewer processes and a smaller chunk of your system's resources. Or at least, that's what ought to happen. Few modern suites have an appreciable effect on performance.
For a hands-on measure of just what effect installing a suite has, we time three common system actions with and without the suite installed, averaging many runs of each test. One test measures system boot time, another moves and copies a large collection of files between drives, and a third zips and unzips that same file collection repeatedly. Suites with the very lightest touch have no measurable effect on the time required.
In a sense, having a backup of all your files is the ultimate security. Even if stray debris from an uncontrolled Chinese rocket destroys your computer, you can still restore from backup. Some companies reserve backup for their mega-suite offering, while others include it in the entry-level suite. Read our reviews carefully, as backup capabilities vary wildly. At the low end, some companies deliver you nothing you couldn't get for free from IDrive or another online backup service. At the high end you might get 25GB, 50GB, or even more online storage hosted by the company, along with the separate ability to make local backups.
Tuning up your system performance has no direct connection with security, unless it serves to counteract the security suite's performance drag. However, tune-up components often include privacy-related features such as clearing traces of browsing history, wiping out temporary files, and deleting lists of recently used documents. For a dedicated system-cleaning app, read our roundup of the Best Tune-Up Utilities.
No software solution can certain malefactors won't capture and misuse your personal information. What they can do is alert you when they find evidence your data has been compromised, so you can head off full-scale identity theft. This kind of dark web monitoring is becoming more common.
If the worst happens and your identity is thoroughly stolen, you can get help. McAfee+ includes identity theft remediation at its two higher pricing tiers, and Norton offers suites that include LifeLock identity protection. The top-level Bitdefender Ultimate enhances Bitdefender's already-impressive security suite with identity theft remediation, as well as a no-limits VPN. All three will assign a caseworker to help you recover, and spend what it takes to remediate the problem, typically up to a million dollars.
Windows still dominates the desktop, but many households include Macs as well. Cross-platform multi-device suites deliver you once source of protection for all your devices. Typically you don't get as many features on macOS. In fact, most companies just offer a Mac antivirus, not a full suite. Do take advantage of the option to protect your Macs. They're not immune to malware.
Android devices are ubiquitous, and the Android platform isn't locked down the way iOS is. Even if you stay away from third-party app stores and refrain from jailbreaking your device, you can still get hit with Trojans, ransomware, and other kinds of Android malware. Smart users protect their devices with an Android antivirus. All the best Android antivirus utilities include antitheft features such as the ability to locate, lock, or wipe a lost or stolen device. Some include bonus features like blocking unwanted calls or warning when you connect to an insecure Wi-Fi network.
As for iPhones and other iOS devices, Apple's built-in security makes life tough both for malware coders and antivirus writers. Many cross-platform suites simply skip iOS; those that don't typically offer a seriously stripped-down experience. Given the platform's intrinsic security, it rarely makes sense to expend one of your licenses installing protection on an iPhone.
We've evaluated nearly 40 security suites, including entry-level suites, feature-packed mega-suites, and suites that extend protection across multiple different platforms. The products listed in this article have all received at least 3.5 stars.
In some cases, multiple products from the same company appear in the chart. For example, Bitdefender Internet Security is an Editors' Choice winner for entry-level suites, and Bitdefender Total Security earned the same honor as a security mega-suite. Norton also claimed two entries with two products earning four stars or better.
This article identifies nearly a dozen security suites we recommend, including multi-device suites, mega-suites, and entry-level suites. If you're looking for a suite that covers the basics without getting in the way, Bitdefender Internet Security is our Editors' Choice winner. In the mega-suite range, the Editors' Choice award goes to Bitdefender Total Security, with more features than you can imagine.
Norton 360 Deluxe is our Editors' Choice product for cross-platform multi-device security suite. If you're looking to combine powerful device-level protection with identity theft remediation, our Editors' Choice pick is Norton 360 With LifeLock. With a powerful, integrated suite protecting your devices, you can stay safe and calm without worrying about balancing security against performance.
A Huawei employee rests under his cubicle during his lunch break in Shenzhen, China. This is a common practice at many workplaces in China, photographer Kevin Frayer said.
The Chinese company Huawei is one of the giants of the tech industry. It’s the world's largest provider of telecommunications equipment, a leader in next-generation 5G technology, and last year it passed Apple to become the second-biggest smartphone seller in the world.
But to many, especially in the West, there’s still an air of mystery around it.
And in the United States, suspicion.
For years, Washington has been concerned that the Chinese government could use Huawei equipment to spy on other nations. The US government says Huawei could pose a threat to national security because it’s unable to say no to the Chinese government.
Huawei has pushed back against those allegations, saying it would refuse any Chinese government requests to gain access to the technology it sells to telecom operators. But last week, the Trump administration blacklisted the company, placing it on a list of foreign firms barred from receiving components from US exporters without a license.
In an effort to dispel some of the mystery surrounding it, Huawei has recently opened up its facilities to international media.
Kevin Frayer, a Getty Images photographer based in Beijing, traveled to southern China in April to visit three of Huawei’s campuses.
“My goal was to take people a step beyond the breaking news and Huawei headlines, to deliver them a sense of what the company looks like and to see who works there,” he said.
Huawei has 180,000 employees worldwide. More than a third of them work at the campuses Frayer visited in Dongguan and nearby Shenzhen, which is considered China’s Silicon Valley.
The employees he encountered work in a variety of roles: production, research and development, and finance, just to name a few.
“Jobs at Huawei are coveted,” Frayer said. “It’s among the highest-paying companies in China for highly skilled workers, and many of its employees have been educated overseas and at the country’s top schools. Some of the brightest minds are hired away from other companies, and Huawei has also been luring foreign experts to join.”
Frayer marveled at the size of the campuses he visited, especially Huawei’s headquarters in Shenzhen and the European-style research-and-development campus in Dongguan.
“When you first arrive, it is a bit overwhelming how spread out everything is,” he said. “There are restaurants and cafes, sports facilities and its own transportation system. They have villas and fancy dining rooms for high-level clients and low-cost housing for employees.
“At the new European-style campus, the buildings are designed to reflect the company founder’s training as an architect. And every day after lunch, the lights are dimmed in most offices so workers can nap, which is common at companies in China.”
Frayer said the campuses feel like university campuses: quiet and relaxed, unlike much of the country.
“The only reminders that you’re in China were the crowds at lunch hour and the end of the work day,” he said.
Frayer was able to talk to some employees, and many of them expressed concern about what they see as misconceptions about the company.
“They were very aware of the political challenges and the American view, and they went to lengths to explain that Huawei is a tech company trying to innovate like any other tech company — as one engineer put it, to make things that make life easier.”
Some of the research-and-development areas were off-limits in the interest of protecting intellectual property, and Frayer was asked at times not to photograph some clients. But overall, he said, Huawei was very open in what they allowed.
He called the company a “juggernaut” and a source of national pride in China.
“It’s hard to really know what it’s like to work there, but people generally looked happy and interested in what they are doing,” Frayer said. “You could feel that it’s big and important and it’s growing.”
CNN’s Sherisse Pham and Julia Horowitz contributed to this report.
Kevin Frayer is a Getty Images photographer based in Beijing. Follow him on Facebook, Instagram and Twitter.
Photo editor: Brett Roegiers
A national security report on the Chinese company Huawei has been delayed for months as ministers drag their feet over signing it off.
The report - a crucial part of efforts to ensure that the state-backed tech business is not giving spies a backdoor into British telecom infrastructure - had been released every summer for the past seven years, but did not come out in 2022.
China hawks in the Conservative Party are concerned that Whitehall is neglecting the issue following two changes of prime minister this year.
Iain Duncan Smith, the senior backbench MP, said: “Government must publish the Huawei report without further delay.
“Ministers must not drag their heels any longer while this Chinese company remains part of our country’s phone networks.”
The annual report is written by the GCHQ-supported Huawei Cyber Security Evaluation Centre (HCSEC), an organisation set up in 2010 to sift through Huawei’s software and protect sensitive British communications.
Huawei equipment is used in the “core” of some British mobile phone networks, their all-important heart and lungs that handle calls, text messages and internet browsing traffic.
It is feared that illicit access could allow a spy to eavesdrop on sensitive calls or messages, or even trace the live locations of targeted people.
In previous years HCSEC reports have savaged Huawei for poor quality software coding work, with officials warning that sloppy output by developers could pose a national security risk.
The report for 2020 found that Huawei had made “no overall improvement” on previous UK demands to Strengthen its software engineering and cyber security standards.
Two sources familiar with the HCSEC report said they did not understand why it had not yet been published.
They told The Telegraph that the report has been written but is awaiting final sign-off from senior civil servants and ministers.
A government spokesman insisted the HCSEC report will be published in the near future and said: "We have had thorough oversight of Huawei’s presence in the UK for more than a decade and this will continue but we are reviewing the best mechanism to report on HCSEC's work."
HCSEC is jointly staffed by personnel from Huawei and from GCHQ offshoot the National Cyber Security Centre, and was founded to reduce “any perceived risks to UK national security arising from the involvement of Huawei in parts of the UK’s critical national infrastructure”.
Michelle Donelan, the culture secretary, has extended a deadline for Huawei equipment to be ripped out of Britain’s mobile phone networks until 2027.
British telecoms companies had warned ministers that dismantling Huawei-made mobile phone masts and other network equipment could lead to coverage blackouts.
Alternative Western suppliers such as Nokia and Ericsson face heavy demand as other nations follow suit in swapping Huawei-made 5G mobile equipment for Western gear.
Huawei did not respond to a request for comment.
Auditors KPMG have warned there is a "material uncertainty" about the ability of Huawei's UK operations to stay in business for another 12 months.
The warning came as recently-filed accounts showed that British national security orders have severely hit the company’s UK operations, causing its sales, profits and even staff headcount to halve between 2020 and 2021.
Directors said the business remains a going concern.
Trade sanctions imposed by the US combined with a UK national security order caused business to dwindle at Huawei UK, with the number of employees dropping to 486 from 787.
Sign up to the Front Page newsletter for free: Your essential guide to the day's agenda from The Telegraph - direct to your inbox seven days a week.
China says it is “deeply concerned” over reports that the United States is moving to further restrict sales of American technology to Huawei, a tech company that U.S. officials have long singled out as a threat to national security for its alleged support of Beijing’s espionage efforts.
As first reported by the Financial Times, the U.S. Department of Commerce has informed American firms that it will no longer issue licenses for technology exports to Huawei, thereby isolating the Shenzen-based company from supplies it needs to make its products.
The White House and Commerce Department have not responded to VOA’s request for confirmation of the reports. But observers say the move may be the latest tactic in the Biden administration’s geoeconomics strategy as it comes under increasing Republican pressure to outcompete China.
The crackdown on Chinese companies began under the Trump administration, which in 2019 added Huawei to an export blacklist but made exceptions for some American firms, including Qualcomm and Intel, to provide non-5G technology licenses.
Since taking office in 2021, President Joe Biden has taken an even more aggressive stance than his predecessor, Donald Trump. Now the Biden administration appears to be heading toward a total ban on all tech exports to Huawei, said Sam Howell, who researches quantum information science at the Center for a New American Security’s Technology and National Security program.
“These new restrictions from what we understand so far would include items below the 5G level,” she told VOA. “So 4G items, Wi-Fi 6 and [Wi-Fi] 7, artificial intelligence, high performance computing and cloud capabilities as well.”
Should the Commerce Department follow through with the ban, there will likely be pushback from U.S. companies whose revenues will be directly affected, Howell said. Currently Intel and Qualcomm still sell chips used in laptops and phones manufactured by Huawei.
Undercutting the revenue of these technology companies, which reduces R&D budgets and can lead to layoffs, must be carefully balanced by clear national security gains, said Paul Triolo, senior vice president for China and technology policy lead at the business advisory firm Albright Stonebridge Group.
“In the current climate of U.S.-China relations, that balancing act is being abandoned in favor of viewing technology transactions between the U.S. and China as largely zero sum,” he told VOA.
Huawei and Beijing have denied that they are a threat to other countries’ national security. Foreign ministry spokesperson Mao Ning accused Washington of “overstretching the concept of national security and abusing state power” to suppress Chinese competitors.
“Such practices are contrary to the principles of market economy” and are “blatant technological hegemony,” Mao said.
China has in the past held back on trade retaliations on U.S. actions targeting Huawei, Triolo noted.
“Any actions China would take now targeting the foreign business community would not align with moves towards opening up after zero-COVID policies were dropped, and portraying China as now more open for business,” he said.
Outcompeting Chinese tech
The latest U.S. move on Huawei is part of a U.S. effort to outcompete China in the cutting-edge technology sector.
In October, Biden imposed sweeping restrictions on providing advanced semiconductors and chipmaking equipment to Chinese companies, seeking to maintain dominance particularly on the most advanced chips. His administration is rallying allies behind the effort, including the Netherlands, Japan, South Korea and Taiwan – home to leading companies that play key roles in the industry’s supply chain.
U.S. officials say export restrictions on chips are necessary because China can use semiconductors to advance their military systems, including weapons of mass destruction, and commit human rights abuses.
The October restrictions follow the CHIPS and Science Act of 2022, which Biden signed into law in August and that restricts companies receiving U.S. subsidies from investing in and expanding cutting-edge chipmaking facilities in China. It also provides $52 billion to strengthen the domestic semiconductor industry.
Beijing has invested heavily in its own semiconductor sector, with plans to invest $1.4 trillion in advanced technologies in a bid to achieve 70% self-sufficiency in semiconductors by 2025.
TikTok a target
TikTok, a social media application owned by the Chinese company ByteDance that has built a massive following especially among American youth, is also under U.S. lawmakers’ scrutiny due to suspicion that it could be used as a tool of Chinese foreign espionage or influence.
CEO Shou Zi Chew is scheduled to appear before the House Energy and Commerce Committee on March 23 to testify about TikTok’s “consumer privacy and data security practices, the platforms’ impact on kids, and their relationship with the Chinese Communist Party.”
Lawmakers are divided on whether to ban or allow the popular app, which has been downloaded onto about 100 million U.S. smartphones, or force its sale to an American buyer.
Earlier in January, Congress set up the House Select Committee on China, tasked with dealing with legislation to combat the dangers of a rising China.
U.S. Secretary of State Antony Blinken is meeting his Chinese counterparts next week in Beijing, the first visit by an American Secretary of State since 2018, to maintain open lines of communication amid rising U.S.-China tensions.
This winter season, protect more than just yourself from nasty infections. Your computer is just as susceptible as you are to pesky viruses, which is why it's essential to invest in solid antivirus software. These programs can help protect not only your devices but your information as well, which hackers, scammers and other internet bandits would love to get their hands on. Fortunately, there are tons of great antivirus software programs available in 2023, so you've got plenty of options to keep your computer safe. We've put some of the most popular programs out there to the test to bring you the best antivirus software options.
Windows devices make up three out of every four laptop or desktop operating systems, according to the latest data from Statcounter. Windows-targeted malware has a larger base of devices to infect, giving it more potential in the eyes of cybercriminals, so all our antivirus picks work on Windows.
Note: The pricing structure for antivirus services can be complicated, since providers often offer low introductory prices to entice you to sign up for their services. After the first billing period -- typically a year or two, depending on the plan you purchase -- the amount you pay for the service may increase substantially. The regular rate for the services may be double the introductory rate or sometimes more. Be sure to check the terms of the subscription plan before you buy so you won't get an unwelcome surprise when your subscription renews.
We're here to help you find the antivirus software that best fits your needs. These picks of the best antivirus programs are a combination of recommendations from independent third-party labs AV-Test, AV-Comparatives and SE Labs, as well as CNET's own anecdotal hands-on testing.
Note that antivirus software is only one piece of the cybersecurity puzzle. Cybercriminals are becoming more sophisticated, and the more steps you take to lock down your online security, the safer you'll be. A secure virtual private network can help protect your internet privacy, and a password manager will help you create and keep track of more secure login credentials. These tools are all essential in protecting your personal information.
Whether you're looking for free antivirus protection or are willing to pay for a program that offers more security features, we have you covered. Here's where to start when looking for the best antivirus software for your specific needs.
Free version? Yes, free antivirus built into Windows 10 and Windows 11.
Paid version: Windows Defender Advanced Threat Protection is available to corporate users for a fee.
Honestly, if you practice safe computing -- you keep your software up to date, you use strong passwords (with the help of a password manager), you steer clear of unexpected emails and you don't click suspicious links that may be phishing attempts -- you probably can avoid zero-day attacks and ransomware attacks. And with the free Microsoft Defender Antivirus software running on Windows 10, you have a malware protection safety net if you do let your guard down. In fact, it is one of the best antivirus software options.
(Note: Microsoft changed the name of Windows Defender to Microsoft Defender and has expanded the service to other platforms.) This free antivirus program is built into Windows, and it's turned on by default, the antivirus engine does its thing, and this antivirus solution will cover the basics of internet security. Microsoft pushes new updates frequently. Defender also lets you tune the level of protection you want, giving you control over blocking potentially unwanted apps and protecting folders and files from a ransomware attack.
Windows 10 and 11 will automatically disable its own Windows Defender antivirus when you install third-party antivirus. If you uninstall the third-party protection, Windows will turn back on its own antivirus.
Platforms: Windows 10 and 11 plus MacOS, Android, iOS.
Free version? No, but a free 30-day trial is available.
Cost: $100 per year for ten devices (first year).
For a long time, Norton Security -- now called NortonLifeLock, and no longer part of Symantec -- has earned Good Score from AV-Test, AV Comparatives and SE Labs for virus and malware detection. Norton antivirus provides industry-leading security software for PC, Mac and mobile devices. Their products include Antivirus Plus, Norton Secure VPN, Norton 360 for Gamers, Norton 360 with LifeLock Select and more. A five-device subscription for Norton 360 with LifeLock Select is normally $180 per year, but you can get your first year for $80 off. In addition to malware and virus protection for your computer and mobile device, this antivirus suite provides 100GB of backup to the cloud, safe-browsing tools, a secure VPN, password manager, parental controls and LifeLock identity theft protection and fraud alert. While not all of those services are necessarily best in their respective class, getting them all in one package is a compelling option.
Platforms: Windows 10 and 11 plus MacOS, Android, iOS.
Free version? Yes.
Paid version: $25 per year for three devices (first year).
If you'd like to take a step up in securing your PC without taxing your wallet, it's hard to beat Bitdefender's free antivirus software for Windows 10 and 11. The Windows security software offers real-time monitoring for viruses, malware, spyware and ransomware protection. Bitdefender Antivirus Free Edition is easy to set up and stays out of your way until you need it. And the protection this antivirus product offers is solid. Bitdefender antivirus software consistently earns top marks for its antivirus protection and usability from the respected AV-Test independent testing lab. The free antivirus version covers one Windows PC. For broader protection, you can choose Bitdefender Total Security or Bitdefender Antivirus Plus. The subscription antivirus suite lets you protect five devices (Windows, MacOS, iOS and Android), set up parental controls on a kid's computer and run a VPN.
Platforms: Windows 10 and 11 plus MacOS, Android.
Free version? Yes, after the 14-day trial expires.
Paid version: $34 per year for one device, $59 for two years for one device.
Malwarebytes does protect your PC from a virus or malware attack, scoring reasonably well in accurate independent testing for guarding against malware threats. But that's not really what Malwarebytes is known for. If you find yourself in trouble, the go-to disinfectant for many is Malwarebytes. You can get protection and disinfection for one device for $34 a year, regularly $45. To cover five devices -- any combination of Windows, MacOS and Android -- it's $80 for a year of antivirus software. To get the antivirus company's free antivirus version, download this trial version, which "downgrades" to a no-fee on-demand cleaner with fewer features that detects and removes viruses and malware when you run an on-demand antivirus scan after 14 days.
In addition to the four antivirus apps we recommend above, a handful of other anti-malware tools are worth considering among the best antivirus protection if you find them at a better price or just prefer to use one over our picks above.
Platforms: Windows 10 and 11 plus MacOS, Android, iOS.
Free version? No, but offers a 30-day money-back guarantee.
Cost: One-year subscription: $30 for a single device, $40 for five devices, $50 for unlimited devices, and $90 for advanced unlimited devices (prices increase after the first year).
It feels like McAfee Antivirus has been around forever, first on its own in the '80s, then as part of Intel starting in 2010, and then again on its own when Intel spun it off in 2017. And McAfee Total Protection has been around forever because quarter after quarter it creates solid, modern antivirus software that protects your PC. (In accurate evaluations by AV-Test, it had high scores on both protection and performance.) McAfee Total Protection guards devices against viruses and offers ransomware protection, wards off malicious websites and includes a password manager for $30 (usually $90) for the first year. If you agree to auto-renew your antivirus suite subscription, you get access to McAfee ID Theft Protection Essentials, which monitors for ID fraud.
Platforms: Windows 10 and 11 plus MacOS, Android, iOS.
Free version? No, but a 30-day free trial is available.
Cost: One-year subscription: $50 for five devices. Two-year subscription: $100 for five devices.
Maybe this antivirus provider isn't as well known to consumers because of its focus on enterprise security, Trend Micro antivirus security quietly brings its business expertise to the home with its Trend Micro Maximum Security tools. Trend Micro's software earns Good Score from AV-Test -- consistently scoring well for detecting zero-day attacks and widespread viruses and malware. And Trend Micro does a good job of not taxing system resources. Trend Micro's 10-device subscription for computers and mobile devices is $130, but discounted currently at $60.
Platforms: Windows, MacOS
Free version? No, but a 30-day free trial is available, and college students can get up to 50% off.
Cost: From $50 per year for one device to $90 per year for five devices.
If you're looking for something easy to set up and use, ESET NOD32 antivirus may meet your needs. It earns high scores for usability and offers solid virus protection. A five-device option is $90 for a year, with a 30-day free trial.
Platform: Windows plus MacOS.
Free version? Yes.
Paid version: $45 per year for 10 devices.
The free antivirus version of Sophos Home gives you virus protection for 10 Windows PCs or MacOS devices, and unlimited Android and iOS devices -- using the company's high-scoring anti-malware tool -- plus a 30-day trial of the company's malware-removal tool. Annual subscriptions typically cost $60, but right now you can sign up for less.
Test after test, Avast Antivirus for Windows performs well for malware detection with options ranging from Avast free antivirus software to Avast Premium Security. And we've included its antivirus in our list of recommended security app options before. But Avast was in the news for several months for its non-antivirus business, so we looked at the company, specifically reports at the end of 2019 that Avast allegedly collected user data with its browser plug-ins and antivirus software and then sold data it collected through its Jumpshot subsidiary in early 2020.
In response to the reports that his company gathered and sold the details of its customers' online activities, Avast CEO Ondrej Vlcek said in a statement that he understood that his company's actions raised questions of trust in his company. To address that, Avast terminated Jumpshot data collection in January 2020 and closed its operations because the data collection business wasn't in line with Avast's privacy priorities.
Those reports followed another in 2019 from Avast that its internal network was breached, possibly to insert malware into its CCleaner software, similar to an earlier CCleaner hack that occurred prior to Avast's acquiring the Windows utility.
Avast started saying the right things about taking its customers' privacy seriously, but it only came to that point after reacting to investigative reporting that revealed the Jumpshot practices. (The CCleaner revelations, while concerning, were self-disclosed, which is important to building user trust.) We hope Avast's more privacy-friendly policies mean that there will be no further Jumpshot-style activities and that it returns to glory as one of the best antivirus software options. In the meantime, we'd recommend using one of the many other solid choices in this realm (listed above).
Because the company has been in the news the past few years, let's talk about Kaspersky Lab -- specifically about the federal ban that blocks US government agencies from using Kaspersky Antivirus products.
Based in Moscow, Kaspersky Lab has for years produced some of the best antivirus software for business antivirus needs and home customers. But in 2017 the US government prohibited Kaspersky security cloud software on federal government computers because of alleged ties between Kaspersky and the Russian government.
Notably, the ban does not apply to its consumer products such as Kaspersky Total Security and Kaspersky Anti-Virus. But as with China-based Huawei, the question remains: If the federal government doesn't think the products are safe enough for its own devices, should consumers avoid them as well?
In a statement sent to CNET, the company said, "Kaspersky Lab has no ties to any government, and the company has never, nor will ever, engage in cyber offensive activities. Kaspersky Lab maintains that no public evidence of any wrongdoing has been presented by the US government, and that the US government's actions against Kaspersky Lab were unconstitutional."
In Kaspersky's favor, it continues to earn top scores and awards for virus and malware detection and endpoint protection from independent testing labs. And it's reasonably priced.
In the end, even though no one has ever publicly produced a "smoking gun" linking the company to Russian intrigue, we think any of the options listed above is a safer bet. And if you are a US government employee or work with the federal government, you'll want to steer clear of Kaspersky internet security products -- and perhaps use one of the antivirus software products mentioned here instead.
Picking the best antivirus software for Windows means finding one that keeps your PC safe, doesn't take up a lot of system resources, is easy to use and stays out of the way till you need it. Here's what to look for.
Effectiveness: Antivirus software runs virus scans for known viruses and malware, of course, and can offer real-time protection. And it watches for shady websites and suspicious links to keep you out of trouble. It can also offer ransomware protection and monitor unexpected behavior that may be a sign of new and not-yet-identified viruses and malware. You want antivirus software that can successfully identify these unknown online threats without flagging too many false positives.
Light on system resources: You don't want antivirus software that taxes your PC's resources. If after you install the program, websites open slowly, apps get or open sluggishly or file copies take longer than expected, you may want to try another service. The good news is, all our picks offer a free trial or money-back certain to let you try out the antivirus program, so if your system feels sluggish after installation, you may want to keep looking.
Cost and discounts: Don't just pay the sticker price for antivirus protection. Before you buy, check for discounts on a company's website. Another way to save: The prices we list above are for 10 devices -- if the company offered that package -- but you can trim your cost with antivirus packages if you need to cover three or five devices. You may also find discounts on an app's Amazon page.
Privacy: To be effective, antivirus software needs to monitor what's going on with your PC, check in with company servers about unusual behavior and should provide sound banking protection. The companies say they anonymize this technical data as much as possible to protect your privacy. But if you want to know more, the security companies on our list post privacy policies on their websites, so read their privacy statements to learn what the companies do with the information you share.
Protection for other platforms: Microsoft is by far the biggest target for viruses and malware. But Android is second, with just under 1% of apps installed on Android devices with Google Play Protect in the potentially harmful app, or PHA, category.
The threat to MacOS and especially iOS is low, in part because of the tight control Apple has over its app stores. While the Mac does come under attack via side-loaded apps, it's rare, and if you get apps only from the Mac and iOS app stores and keep your guard up when clicking links and get files, you should be OK without an antivirus app on Apple devices.
To a degree, yes. Some antivirus programs can do things like warn you or block you from visiting a suspected phishing site. Others may also automatically block suspicious emails that appear to come from a malicious sender or contain phrasing common in phishing emails. However, you cannot count on an antivirus program to be a failsafe solution for phishing protection. You still need to be vigilant and know what to look out for on your own when it comes to phishing, because an antivirus program won't be able to catch everything.
Any program running on your computer will require a certain amount of processing power to work, which can affect your computer's overall performance. If an antivirus program is just running in the background, it shouldn't really have any effect on your computer's performance. However, when actively running a scan of your system, an antivirus can noticeably slow down your computer. If this is the case, try to schedule antivirus scans at night, or at a time when you're not using your computer.
There is a common misconception that Macs are inherently immune to malware. But as Macs continue to increase in popularity, they're increasingly attractive targets for cybercriminals looking to deploy malware designed for the MacOS operating system. MacOS has a built-in antivirus solution called XProtect that can detect and remove malware. It works in the background and updates automatically to keep up with the latest threats, but it still may not catch everything that a third-party antivirus program will. So if you want to play it safe and boost the malware protection on your Mac, it's a good idea to add a third-party antivirus solution.