Posted on: 2025-09-24
What was the last time you consciously thought about anti virus software? For most people the answer is either: "A long time ago" or "never". It could also be: "Just a few hours ago, as it opened a pop-up window on my PC"
What is the function of anti virus software? It protects you from malware. Viruses in the classical sense have almost died out, but there's plenty of worms, Trojans and information stealing malware around where this software may or may not protect you from. But we still call it anti-virus.
A lot has changed since the introduction of the first anti virus programs. Few people still copy EXE files around with floppy disks or USB sticks. Software signatures are now verified on Windows and Mac. (Linux never was big about copying binary files around in the first place). Also most small tools are now either web applications or smartphone apps, negating the need to install anything on your PC in the first place. But believe me, on Windows you do really want anti-virus software, even in 2025. But anti-virus is no longer the lone fortified bastion, the only thing standing between your PC and total chaos and destruction. It's now a small piece of a defense strategy. Windows even comes with its own anti virus solution which works quietly in the background, updating quietly with Windows Update, not bothering you until it is needed. But when needed, it is there for you. Most people will never encounter it, as - like mentioned before - they don't download and run random EXE files.
Another reason is that your private PC is no longer the real target. It's your accounts, your IoT devices, your personal information... But that's a different topic. Anti virus software will not help a lot here.
That raises the question: Why pay for it? And that's a good question! Imagine paying for volcano insurance. There is no known volcano nearby ... but there might be! But wait, your rent includes volcano insurance, but not with full coverage. Few people have money to burn, so unless the service really is needed or at least makes the user feel it is needed, people will say: "Why am I paying for this? I never use it."
But software vendors have come up with a solution:
First, the software will show up every once in a while, telling you that it did something. It could tell you that it downloaded an important update making your PC safer. It could tell you that it deleted some "dangerous" cookies. Or that it cleaned up some temporary files or registry keys. It could just do all that in the background, mind you, but it has to tell you about it. So you know it's there.
You might also notice that not all of this has to do with malware protection. That's the another part of the scheme, they add more functions like PC optimization, a password manager, a VPN, ... All of that to stay relevant, to make people pay for something where they feel they might need it. It's no longer just anti-virus, it's the all in one security solution for your PC.
But is that a good idea? Anti-virus is built in. Windows now does a pretty good job optimizing itself. Browsers have built-in password managers and there are great open source solutions like KeePassXC. And do you really need a VPN? It's only really useful to stream movies from other countries. Or you are in a country with Internet censorship, like China, Iran, Russia - or as of 2025 the UK, Italy and some US states. Otherwise you don't need it.
Even if you want to pay for any of those things, get it separately. No reason to lock yourself in with a single vendor. And use the built in anti-virus. It's fine. Really.
Now how do we get from that to WordPress, the other part of my blog post?
WordPress itself is a pretty decent CMS. It's not one of my favorites, but it works reasonably well. After doing a lot of growing up, the codebase has matured, the featureset grew immensely and security issues pop up way less frequently than in the 2010s and before. And if you want it to do something more, there are plug-ins. Lots and lots of plug-ins. Many of them are commercial - and they all compete for your money and attention. They need to constantly tell you how important they are, why you need them and that they make your website so much better with the Pro version.
See the pattern?
If you've worked with CMS like Backdrop or Drupal, you will notice a stark contrast. They have tons of small plug-ins which do exactly one thing. They fit together, they don't annoy you and don't try to do everything at once. Like one module does image compression. One implements a CDN. You pick them because you know, you need them for a specific task. That's it.
WordPress has a lot of those all-in-one plug-ins. Most of the annoying ones revolve around speed and SEO, because that's what people care about. Website owners want to be on top of the Google search results. But it's not like the effect of the plugin is immediately noticeable. Those plug-ins don't add contact forms or smileys or whatever. It's not like you notice a 0.1 seconds faster page load or a 10kb smaller CSS file. Most WordPress websites aren't accessed by millions of users daily where the effects would add up. But the software has to make you feel like it's doing something important so that you continue paying for it.
I also notice this pattern in Windows vs Linux. Traditionally Windows Software comes in big packages which try to do everything at once, but come with limitations. The design of Linux and BSD, inherited from UNIX, is more to have many little programs which you fit together yourself to accomplish complex things. None of those approaches is inherently better, it depends on the use-case and personal preference.
Whats the takeaway from this? Whenever some software tells you that you REALLY NEED IT, do your own research. Maybe you do, most likely you don't. Maybe buy the parts you need separately. But make that decision yourself, don't let some scareware tell you what to buy.