PDA

View Full Version : Antivirus on my Mac???




qwerf123
Aug 10, 2011, 01:33 PM
I've now had my MacBook Air for a week and I'm just wondering if its worth putting an Antivirus on it?

I am continually told that Mac's don't PC viruses but surely there must be Mac viruses about.

Also, does installing an antivirus slow down a mac or reduces its battery life?

Thanks



misterneums
Aug 10, 2011, 01:45 PM
All anti-virus software will slow down your computer without a doubt. I've been a mac user for around four years now, and I have never experienced any issues with viruses. That may be because I don't go around downloading stupid things and installing them on my computer. It might be because I use click to Flash as much as possible. The majority of the issues with OSX security stem from Flash use.

Nextitsolutions
Aug 10, 2011, 01:47 PM
I've now had my MacBook Air for a week and I'm just wondering if its worth putting an Antivirus on it???

I am continually told that Mac's don't PC viruses but surely there must be Mac viruses about.

Also, does installing an antivirus slow down a mac or reduces its battery life???

Thanks

Although there are a few anti virus for mac solutions around, the need for you to have is slim to none. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install.

Hope this helps

Vanillian
Aug 10, 2011, 01:48 PM
Uhhh what?

Nextitsolutions
Aug 10, 2011, 01:52 PM
Uhhh what?

what don't you understand?

ritmomundo
Aug 10, 2011, 01:56 PM
Mac Virus/Malware Info (http://forums.macrumors.com/showpost.php?p=9400648&postcount=4)

MacRumors Search is your friend.

GGJstudios
Aug 10, 2011, 01:59 PM
surely there must be Mac viruses about.
There aren't. You don't need any antivirus software to protect Mac OS X from malware. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
Mac Virus/Malware Info (http://forums.macrumors.com/showpost.php?p=9400648&postcount=4)
Do yourself a big favor and read the link above. It really is all you need to know to protect your Mac from malware.

Also, does installing an antivirus slow down a mac or reduces its battery life?

Yes.

qwerf123
Aug 10, 2011, 03:11 PM
I was looking around the system preferences on my Mac and saw a setting to turn a firewall on.

Is that recommended to use and does that effect performance/battery life?

GGJstudios
Aug 10, 2011, 03:15 PM
I was looking around the system preferences on my Mac and saw a setting to turn a firewall on.

Is that recommended to use and does that effect performance/battery life?
Yes, turn it on. No, it won't affect performance or battery life.

sloan47
Aug 10, 2011, 03:25 PM
Your best defense is to simply be careful out there and make regular backups. The same goes for Windows. I still have Windows machines and to this day I've never been infected with a virus.

Now is OS X susceptible to viruses? Absolutely. In hacking competitions, macs are usually the first systems to fall. (Even before Windows) (Reference 1 (http://www.zdnet.com/blog/security/safarimacbook-first-to-fall-at-pwn2own-2011/8358))

(Some fanboys won't like my reply... but it's the truth. ;))

qwerf123
Aug 10, 2011, 03:27 PM
Does anyone here use a Antivirus and can recommend a good one?

ZipZap
Aug 10, 2011, 03:28 PM
All anti-virus software will slow down your computer without a doubt. I've been a mac user for around four years now, and I have never experienced any issues with viruses. That may be because I don't go around downloading stupid things and installing them on my computer. It might be because I use click to Flash as much as possible. The majority of the issues with OSX security stem from Flash use.

But typical users do just that...so a little extra protection cannot hurt.

Yes, Yes.....they dont technically need it, but you're smart and they're not.

GGJstudios
Aug 10, 2011, 03:31 PM
Now is OS X susceptible to viruses? Absolutely. In hacking competitions, macs are usually the first systems to fall. (Even before Windows)
It's true that no OS, including Mac OS X, is immune to viruses. However, hacking and viruses are two completely different things and can't be effectively compared. In hacking competitions, the reason why Macs fall before Windows is simply that they schedule attempts on Macs before they schedule attempts on Windows. It has nothing to do with one being easier to hack than the other.

(Some fanboys won't like my reply... but it's the truth. ;))
I wish people would stop this "fanboy" nonsense. Correcting misstatements and posting facts has nothing to do with anyone being a fanboy; it has to do with posting the truth. I, for one, am not a "fanboy" or any other kind of "boy". I don't hold any special allegiance to Apple or any other computer maker. But facts are facts.
Does anyone here use a Antivirus and can recommend a good one?
Did you read the Virus/Malware link I posted? Your answer is there.

getz76
Aug 10, 2011, 03:36 PM
Antivirus? No. Not on my Windows machines, either. It is not necessary.

1. know where you are going on the internet
2. do not download and open files from unknown sources
3. only use Internet Explorer on sites that require it
4. keep physical access limited and password protect your login

sloan47
Aug 10, 2011, 04:44 PM
It's true that no OS, including Mac OS X, is immune to viruses. However, hacking and viruses are two completely different things and can't be effectively compared. In hacking competitions, the reason why Macs fall before Windows is simply that they schedule attempts on Macs before they schedule attempts on Windows. It has nothing to do with one being easier to hack than the other.

I've spent quite a number of years as a software security consultant and I occasionally participate in hacking/"capture the flag" events. While I've never participated in the event I posted, many events when they claim that a system falls before another has nothing to do with the schedule, it's measured from start to finish regardless of when the actual event took place.

And hacking/viruses are two different things... but they are very closely related. If I am able to bypass an application's native permissions and run something as root, I could run a series of terminal commands to achieve an objective. (A buffer overflow comes to mind.) Turn that into a batch file and all of a sudden it's a "virus". (Honestly I hate the term "virus". It's so ambiguous and generic it has no real meaning).

GGJstudios
Aug 10, 2011, 04:57 PM
I've spent quite a number of years as a software security consultant and I occasionally participate in hacking/"capture the flag" events. While I've never participated in the event I posted, many events when they claim that a system falls before another has nothing to do with the schedule, it's measured from start to finish regardless of when the actual event took place.
From the very link you posted:
Bekrar said VUPEN plans to hit Internet Explorer 8 on 64-bit Windows 7 (SP1) later in the contest.
And from this source: Pwn2Own Hacking Contest Host, Security Conference CanSecWest Partly Microsoft Sponsored (http://obamapacman.com/2010/03/pwn2own-hacking-contest-host-security-conference-cansecwest-partly-microsoft-sponsored/)
But it turns out, Microsoft, Palm, and Google are Sponsors of CanSecWest, conference host of the Pwn2Own contest.

Upon further investigation by OP Editor, Pwn2Own seems to show correlation of preferential scheduling for the CanSecWest security conference sponsors and bias against non-sponsors.
Read the rest of the article for more details on the apparent bias in scheduling.

And hacking/viruses are two different things... but they are very closely related. If I am able to bypass an application's native permissions and run something as root, I could run a series of terminal commands to achieve an objective. (A buffer overflow comes to mind.) Turn that into a batch file and all of a sudden it's a "virus".
Good luck with that. It's not that simple. For more technical details on why, I suggest browsing a few virus/hacking threads in which munkery participated. He provides a lot of technical detail and sources, so it doesn't make sense to regurgitate it all here again.

sloan47
Aug 10, 2011, 06:01 PM
It's not that simple.

ROFL! Of COURSE it's not that simple. :rolleyes: I just gave one (very generic) example of a single attack directed toward people who have *no* knowledge of "hacking".

For more technical details on why, I suggest browsing a few virus/hacking threads in which munkery participated. He provides a lot of technical detail and sources, so it doesn't make sense to regurgitate it all here again.

I'm not going to look it up. Primarily because I have first hand experience identifying and preventing against vulnerabilities. I have intimate knowledge of how the BSD/Unix kernel (and various Mach Microkernel derivatives) operates. (I'm associated with a number of academic publications on the topic.) I don't need a refresher. :)

munkery
Aug 10, 2011, 06:05 PM
And hacking/viruses are two different things... but they are very closely related. If I am able to bypass an application's native permissions and run something as root, I could run a series of terminal commands to achieve an objective. (A buffer overflow comes to mind.) Turn that into a batch file and all of a sudden it's a "virus". (Honestly I hate the term "virus". It's so ambiguous and generic it has no real meaning).

I'm not going to look it up. Primarily because I have first hand experience identifying and preventing against vulnerabilities. I have intimate knowledge of how the BSD/Unix kernel (and various Mach Microkernel derivatives) operates. (I'm associated with a number of academic publications on the topic.) I don't need a refresher. :)

Can you post links to the publications to which you are associated?

Achieving system level access via exploitation in OS X is highly unlikely due to the low incidence rate of privilege escalation vulnerabilities in OS X. So far, there has only been 1 of these vulnerabilities in OS X in 2011. For comparison, Windows has 73 so far this year; that is almost as many as OS X has had throughout it's entire lifespan.

accessoriesguy
Aug 12, 2011, 03:19 PM
Mac's don't have viruses. :D
It's very hard to make viruses for a mac and generally they are limited or do little and apple gets rid of them quickly.

The best thing people do, is make a program, that can do things on your computer, they disguise this as something that it isn't. If you download and installed it, it was not because of a virus or spyware or anything else crazy, its because you installed a program designed to do a specific task (and apple generally warns you the first time when installing/running a program from the internet so even then apple is looking out for you) so that does not count as a hack.

I know apple is good because I made all my family and couple of my friends to get macs, and since then I have never administered a single repair for them, unlike their windows counterparts.

GGJstudios
Aug 12, 2011, 03:29 PM
Mac's don't have viruses.
To be clear, Mac OS X doesn't have viruses. Earlier versions of the Mac OS did.
It's very hard to make viruses for a mac and generally they are limited or do little and apple gets rid of them quickly.
Apple hasn't gotten rid of any Mac OS X viruses, because none have ever been released in the wild. Apple can't get rid of viruses, anyway.

Lord Appleseed
Aug 12, 2011, 03:52 PM
....what for?

As many have said before, there are no viruses in the wild, and the few trojans that are existing need to be prompted by the user....so there is no need.

Cheffy Dave
Aug 12, 2011, 04:06 PM
Doesn't anybody MROOGLE?:D

GGJstudios
Aug 12, 2011, 04:09 PM
Doesn't anybody MROOGLE?:D
They never did before, so why start now? :D Actually, it's tougher now that the MRoogle (http://mroogle.edesignuk.com/) site is down. They have use the manual method of adding "site:forums.macrumors.com" to their Google search terms.

ideal.dreams
Aug 12, 2011, 04:14 PM
Does anyone here use a Antivirus and can recommend a good one?

If you'd take the time to read the posts above you it would have already been clear that you DO NOT need antivirus software for your Mac. No viruses exist today that can harm a Mac computer. The few trojans that exist can easily be avoided.

Why slow down your system with unnecessary software?

munkery
Aug 12, 2011, 04:43 PM
Everybody that answers "no" to the poll is wrong.

The two most recent releases of OS X have a basic anti-malware utility installed by default.

I doubt everybody that answered is using Leopard or earlier.

The Catalyst
Aug 12, 2011, 04:46 PM
No anti virus here, livin' life on the edge! :eek:

qwerf123
Aug 13, 2011, 04:58 AM
What are peoples' opinions on Kaspersky Antivirus for Mac?

Anyone used it?

Lord Appleseed
Aug 13, 2011, 05:04 AM
Everybody that answers "no" to the poll is wrong.

The two most recent releases of OS X have a basic anti-malware utility installed by default.

I doubt everybody that answered is using Leopard or earlier.

The question was if he needs AntiVIRUS on Mac, most people answered no, simply because it's not necessary.
The Anti-Maleware utility of OSX is not the topic here and has nothing to do with the answers, especially since it's not optional anyway.

What are peoples' opinions on Kaspersky Antivirus for Mac?


Useless at best.

xraydoc
Aug 13, 2011, 07:09 AM
What are peoples' opinions on Kaspersky Antivirus for Mac?

Anyone used it?

Despite all the evidence that there are NO viruses in the wild for Mac OS X and two trojans that must be installed on purpose by the user, you're still hell-bent on installing an antivirus app on your Mac?

ALL Mac antivirus apps are useless. Why? Tell me what they're going to project you from? There are no viruses in the wild for OS X.

If some are discovered, I'll be first in line to install protection. And trust me, it'll be big news. But until then, just what do you think these apps are going to scan for?

qwerf123
Aug 13, 2011, 07:23 AM
Despite all the evidence that there are NO viruses in the wild for Mac OS X and two trojans that must be installed on purpose by the user, you're still hell-bent on installing an antivirus app on your Mac?

ALL Mac antivirus apps are useless. Why? Tell me what they're going to project you from? There are no viruses in the wild for OS X.

If some are discovered, I'll be first in line to install protection. And trust me, it'll be big news. But until then, just what do you think these apps are going to scan for?

I never said I would install one but as I've got access to a copy of Kaspersky,and I wanted peoples opinions on it.

ECUpirate44
Aug 13, 2011, 07:29 AM
Everybody that answers "no" to the poll is wrong.

The two most recent releases of OS X have a basic anti-malware utility installed by default.

I doubt everybody that answered is using Leopard or earlier.

The topic of this thread is viruses for OSX not malware.

AppleTech22
Aug 13, 2011, 08:03 AM
I do but only because MacKeeper is a program that supports it. If it wasn't supported, I wouldn't really care or have it on.

Dr McKay
Aug 13, 2011, 08:17 AM
Sophos is supposed to be a good anti-virus for Mac.

Sophos for Mac (http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx)

As for using resources, my current Anti-Virus for Windows is currently sat using 0% of CPU, and 6MB of RAM. It only uses resources during its scheduled scans which I put for when I'm not using it, even then it dynamically uses resources depending on what's free.

GGJstudios
Aug 13, 2011, 11:35 AM
Sophos is supposed to be a good anti-virus for Mac.
Sophos is not recommended, as it can actually increase your Mac's vulnerability. See the link in post #7 for details.

Lord Appleseed
Aug 13, 2011, 12:00 PM
Sophos is supposed to be a good anti-virus for Mac.

Sophos for Mac (http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx)

As for using resources, my current Anti-Virus for Windows is currently sat using 0% of CPU, and 6MB of RAM. It only uses resources during its scheduled scans which I put for when I'm not using it, even then it dynamically uses resources depending on what's free.
I'll just leave this here...:

I would not use Sophos because the component (and almost all of its components) of the software that receives updates is running with root privileges such that an exploit would be remote root if an exploit was found for that component.

Given that Sophos is 32 bit, the security mitigations can be defeated by bruteforce techniques if an exploitable vulnerability is found in the software.

For example, McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution (http://www.exploit-db.com/exploits/14818/). Different OS but same principle could be used if exploit found in Mac AV software running as root.

With ClamXav, all of the components do not run as root. The exception is a daemon that scans for changes in folders to initiate launching clamscan if you use the Sentry feature but it does not receive inputs from a remote source.

munkery
Aug 13, 2011, 12:27 PM
Everybody that answers "no" to the poll is wrong.

The two most recent releases of OS X have a basic anti-malware utility installed by default.

I doubt everybody that answered is using Leopard or earlier.

The question was if he needs AntiVIRUS on Mac, most people answered no, simply because it's not necessary.

The topic of this thread is viruses for OSX not malware.

Viruses, worms, and trojans are all different types of malware.

https://secure.wikimedia.org/wikipedia/en/wiki/Malware

Read the title of the poll:

Do you have an Antivirus installed on your Mac???

The answer is "yes" because OS X (SL and Lion) have one installed by default.

It quarantines an item prior to being accessed for the first time by a user. It on-access scans the item in quarantine when the user accesses the item for the first time.

This is an efficient way to implement this type of feature because it provides on-access scanning without the performance cost of other methods that provide full on-access scanning.

The only deficit to this system is that it does not provide the coverage of other systems but other security mitigations offset this deficit.

qwerf123
Aug 13, 2011, 12:32 PM
Everybody that answers "no" to the poll is wrong.

The two most recent releases of OS X have a basic anti-malware utility installed by default.

I doubt everybody that answered is using Leopard or earlier.





Viruses, worms, and trojans are all different types of malware.

https://secure.wikimedia.org/wikipedia/en/wiki/Malware

Read the title of the poll:



The answer is "yes" because OS X (SL and Lion) have one installed by default.

It quarantines an item prior to being accessed for the first time by a user. It on-access scans the item in quarantine when the user accesses the item for the first time.

This is an efficient way to implement this type of feature because it provides on-access scanning without the performance cost of other methods that provide full on-access scanning.

The only deficit to this system is that it does not provide the coverage of other systems but other security mitigations offset this deficit.


Maybe I should reword my question:

Should I have any form of extra protection on my Mac against viruses, malware, trojans and etc.


I just find it a bit strange after being a long tem windows user where you need security packages compared to now not needing a form of protection on a Mac

GGJstudios
Aug 13, 2011, 12:36 PM
Maybe I should reword my question:
Should I have any form of extra protection on my Mac against viruses, malware, trojans and etc.
As already stated, the only protection you need is some basic education and common sense. As long as you're careful what software you install, you're fine. Please take the time to read the link in post #7. That's all you need to know.

I just find it a bit strange after being a long tem windows user where you need security packages compared to now not needing a form of protection on a Mac
Yes, it does take some getting used to, as you feel like you're vulnerable, but you're not. The only Mac OS X malware that exists is in the form of trojans, that cannot infect your Mac unless you actively install them, usually entering your admin password. As long as you're not pirating software or getting apps from less-than-reputable sites, you have nothing to fear.

munkery
Aug 13, 2011, 12:48 PM
Maybe I should reword my question:

Should I have any form of extra protection on my Mac against viruses, malware, trojans and etc.

That depends on if the locations in which you use your computer require that you install antivirus with full on-access scanning.

This is a requirement to access many networks in business and/or academic locations.

If the restriction above applies to you and you can get away with it, I recommend installing the version of ClamXav that includes the "Sentry" feature to provide user defined on-access scanning.

You may be stuck with whatever approved solution that is provided.

If no external force requires that you need this type of Antivirus, then the choice is up to you. You will not get any huge benefit from using third party antivirus software.

I use the version of ClamXav from the Mac App Store. This version only provides on-demand scanning, which I use to manually scan items prior to exposing them to other computers. I also periodically on-demand scan my entire system about every couple weeks just for peace of mind.

On-demand scans only use system resources when performing a scan.

Read the "Mac Security Suggestions" link in my sig for more tips about securing your Mac.

GoKyu
Aug 13, 2011, 01:00 PM
When Sophos came out, I decided to give it a try - I noticed my machine started to lag a bit more often than it had previously, more spinning beach balls, etc.

That shouldn't be happening on an 8 core Xeon, so I uninstalled it after about a week, and my machine went back to being fast and snappy.

One that was actually worse than Sophos was Intego's X5 - it never would fully uninstall, and I ended up reinstalling the OS (around Leopard, I think) to fully get rid of it.

Then I saw GGJ's links about antivirus software, and decided I wouldn't use that kind of software anymore. It's a waste of resources, and unless you're going to sketchy places online anyway, it seems unlikely to catch the few things that ARE out there.

Common sense - don't open files you don't trust, don't click suspicious links in email, even don't click links to banks even if you're sure it's from your institution - make a quick link in your browser to access such sensitive info.

qwerf123
Aug 13, 2011, 01:05 PM
Thanks guys, Won't bother it then as there seems no threat.

But that program suggested on the MAS sounds good especially for some files

Lord Appleseed
Aug 13, 2011, 01:45 PM
Viruses, worms, and trojans are all different types of malware.

https://secure.wikimedia.org/wikipedia/en/wiki/Malware

Read the title of the poll:



The answer is "yes" because OS X (SL and Lion) have one installed by default.

It quarantines an item prior to being accessed for the first time by a user. It on-access scans the item in quarantine when the user accesses the item for the first time.

This is an efficient way to implement this type of feature because it provides on-access scanning without the performance cost of other methods that provide full on-access scanning.

The only deficit to this system is that it does not provide the coverage of other systems but other security mitigations offset this deficit.

You are talking nonsense, simply because no one asked about that.

Yes OSX has a basic Anti Malware protection. But the question was: DO WE NEED ANTIVIRUS. The answers were no. You are just being picky about definitions and detail no one asked about.
Also the Mac's default AntiMalware isn't "installed" per se, but integrated in the system. OP clearly meant if the user himself installed AntiVirus software on the Machine.

Fact is: Macs running OSX don't need AntiVirus software, of any kind.
That was the answer to the thread and to the poll.

munkery
Aug 13, 2011, 02:23 PM
But the question was: DO WE NEED ANTIVIRUS.

Read the thread title:

Antivirus on my Mac???

Read the poll title:

Do you have an Antivirus installed on your Mac???

The answers were no.

Yes OSX has a basic Anti Malware protection.

WTF?

The answer is "yes" because OS X (SL and Lion) have one installed by default.

It quarantines an item prior to being accessed for the first time by a user. It on-access scans the item in quarantine when the user accesses the item for the first time.

This is an efficient way to implement this type of feature because it provides on-access scanning without the performance cost of other methods that provide full on-access scanning.

The only deficit to this system is that it does not provide the coverage of other systems but other security mitigations offset this deficit.


Also the Mac's default AntiMalware isn't "installed" per se, but integrated in the system.

So, Mac OS X isn't installed, per se?

OP clearly meant if the user himself installed AntiVirus software on the Machine.

I clearly replied that antivirus software is already installed by default.

Fact is: Macs running OSX don't need AntiVirus software, of any kind.
That was the answer to the thread and to the poll.

Yes OSX has a basic Anti Malware protection.

WTF? Why are you arguing with yourself? That's weird.

I agree that knowledgeable users can get by without any antivirus software but that does not negate the fact that an implementation of antivirus software is installed by default.

To clarify for the OP:

I've now had my MacBook Air for a week and I'm just wondering if its worth putting an Antivirus on it?

That depends on if the locations in which you use your computer require that you install antivirus with full on-access scanning.

This is a requirement to access many networks in business and/or academic locations.

If the restriction above applies to you and you can get away with it, I recommend installing the version of ClamXav that includes the "Sentry" feature to provide user defined on-access scanning.

You may be stuck with whatever approved solution that is provided.

If no external force requires that you need this type of Antivirus, then the choice is up to you. You will not get any huge benefit from using third party antivirus software.

I am continually told that Mac's don't PC viruses but surely there must be Mac viruses about.

Technically, no true viruses have been released in the wild that affect OS X.

There are a few trojans. These can be avoided using knowledge about safe computing practices.

As a backup in case you make a mistake, OS X includes basic anti-malware protection that is updated daily and detects most of these threats. Do not rely solely on this for protection.

Also, does installing an antivirus slow down a mac or reduces its battery life?

I use the version of ClamXav from the Mac App Store. This version only provides on-demand scanning, which I use to manually scan items prior to exposing them to other computers. I also periodically on-demand scan my entire system about every couple weeks just for peace of mind.

On-demand scans only use system resources when performing a scan.

Read the "Mac Security Suggestions" link in my sig for more tips about securing your Mac.

GGJstudios
Aug 13, 2011, 02:28 PM
munkery and Lord Appleseed: The confusion rests with the fact that the OP asked: "I'm just wondering if its worth putting an Antivirus on it?" instead of "I'm just wondering if its worth putting a 3rd-party Antivirus on it?", even though that's what was intended, since the built-in protection doesn't require the user to install it.

Queen6
Aug 13, 2011, 03:03 PM
Run ClamXav since the get go, and found squat, OS X is safe by default, all the same it`s worth running the ClamXav sentry if you are dealing with a mixed environment, think of it as helping our "Windows" brothers & sisters out :cool:

What`s passed on to you may not infect your Mac, however it may cause issue for family, friends & colleagues...

qwerf123
Aug 13, 2011, 03:29 PM
Guys think I've got the message now!

Never knew there was a built in antivirus and my initial question was about third party AV for those who didn't get it.

I guess there is literally nothing to worry about threats like this on Mac OS at the moment

KnightWRX
Aug 13, 2011, 04:10 PM
I've spent quite a number of years as a software security consultant

...

(Honestly I hate the term "virus". It's so ambiguous and generic it has no real meaning).

These 2 statements said in the same post made me chuckle I got to admit. Seriously, it's been my professional experience that modern "security consultants" have basically no idea of the world of IT security, going as far as to propose ludicrous and costly measures to protect against non-issue while ignoring glaring risk staring them in the face.

Virus is neither ambiguous or generic. Malware is, but that's by definition, malware is the name of the category of software that poses a threat to computers, it has to be both ambiguous and generic. Viruses are well defined.

Yes, with a local privilege escalation, you could technically write a virus, since when you are root, you can pretty much do anything. The fact is, no one ever bothered to write one for OS X, whatever the reason may be. The closest we came is the iChat worm, OSX.Leap.A.

GGJstudios
Aug 13, 2011, 04:18 PM
The closest we came is the iChat worm, OSX.Leap.A.
That one wasn't close, either, as it was a trojan, requiring the user to install it.
The Leap worm is delivered over the iChat instant messaging program as a gzip-compressed tar file called latestpics.tgz. For the worm to take effect, the user must manually invoke it by opening the tar file and then running the disguised executable within.
The executable is disguised with the standard icon of an image file, and claims to show a preview of Apple's next OS.

munkery
Aug 13, 2011, 04:45 PM
Given the confusion around whether or not Leap-a required password authentication to be fully functional, I decided to play around with it.

Leap-a was only effective if the user was running as root. This is because Leap-a required hijacking the apphook bundle located in the /Library/InputManagers folder to be fully functional. The apphook bundle in that folder is only modifiable by system so Leap-a was unable to modify it unless the user was running as root.

If the user was not root (so admin or standard), then Leap-a would install itself in ~/Library/InputManagers with a crippled set of functions rather than prompt for authentication to modify the aforementioned apphook bundle. Leap-a was basically non-functional when installed in this location.

Given very few users run as root and it was only effective in accounts running as root, Leap-a was never a real threat.

joelseph7
Aug 13, 2011, 05:05 PM
When I bought my MBA from Best Buy thursday they gave me a free 6 month subscription for Trend Micro-Smart Surfing.

I haven't installed it yet, so is it worth installing for those 6 months cause its free anyways or should I not even bother with it?

qwerf123
Aug 13, 2011, 05:06 PM
When I bought my MBA from Best Buy thursday they gave me a free 6 month subscription for Trend Micro-Smart Surfing.

I haven't installed it yet, so is it worth installing for those 6 months cause its free anyways or should I not even bother with it?

LOL, Don't ask that here!
Your just asking for loads of people to ramble and get annoyed! :)

From what others have put, not really worth it unless your really adamant for the extra protection

GGJstudios
Aug 13, 2011, 05:23 PM
When I bought my MBA from Best Buy thursday they gave me a free 6 month subscription for Trend Micro-Smart Surfing.

I haven't installed it yet, so is it worth installing for those 6 months cause its free anyways or should I not even bother with it?
Don't bother.

Queen6
Aug 13, 2011, 05:33 PM
This is good pragmatic advice.

You may also opt to manually on-demand scan items as opposed to using the "Sentry" to conserve some system resources between items being scanned.

ClamXav is very customizable, I limit the "Sentry" on demand scan to a very few specific folders; Downloads, Documents, Dropbox & Desktop, unless there is any change in the files the "Sentry" will not consume any significant resource. Same folders are set up for an automated scan daily in the small hours. My older machine is a MacBook Pro 4.1 (2.4Ghz) the impact of ClamXav is negligible at best.

If you are going to be receiving mail/data/documents and forwarding on ClamXav offers an elegant solution that costs you nothing. Once I am happy with Lion & the apps my new Air will pickup the workflow and ClamXav will be on board, in the professional environment passing data with a malicious payload does you no favors; be it corporate or freelance ;)

munkery
Aug 13, 2011, 05:40 PM
My older machine is a MacBook Pro 4.1 (2.4Ghz) the impact of ClamXav is negligible at best.

ClamXav is very light weight. But, the "clamd" process does have a bad habit of holding onto RAM even after it is done using it. That memory will be released if it is needed.

If you are going to be receiving mail/data/documents and forwarding on ClamXav offers an elegant solution that costs you nothing.

If the volume of data you transmit is high, then the "Sentry" is a great solution. Much more efficient than manually scanning each item.

joelseph7
Aug 13, 2011, 06:27 PM
Don't bother.

Alright, Thanks.

beeman07
Aug 16, 2011, 06:53 PM
This may have been said before, but there are only three good reasons to run anti-virus software on a Mac:

1. Your workplace requires all computers on their network to run it.

2. You want to find old virii and trojans in the Windows files that you should have deleted when you left the dark ages by buying a Mac.

3. To remind yourself what running old hardware feels like. (Removing anti-virus software after running it for a while will make your Mac feel like a new machine!)

mentaluproar
Aug 16, 2011, 06:59 PM
Best Buy = ignore everything they tell you.

If you really need an antivirus, sophos is free and won't slow yow you down unless you allow on demand scanning of ZIP files, which makes it downright painful.

GGJstudios
Aug 16, 2011, 08:08 PM
If you really need an antivirus, sophos is free and won't slow yow you down unless you allow on demand scanning of ZIP files, which makes it downright painful.
As has already been explained several times in this thread, Sophos is not recommended, as it can increase your Mac's vulnerabilities. For free antivirus, ClamXav is a safer choice.