Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Virus Question

GGJstudios said:
iAntiVirus is bogus. Don't use it. You don't need any antivirus software on your Mac.
Click to expand...

jackajesusfreak said:
That's what I figured but GG says it's bogus. Let me see what he means.
Jack
Click to expand...

iAntivirus does not scan for threats to Windows. So, if you wish to run AV software to avoid being a hub for windows malware, then iAntivirus is useless.

Also, most of the malware definitions in iAntivirus are for legacy Mac OS (not Mac OS X) or the malware are legitimate software that has to be installed locally with authentication by entering the admin password. So, unless someone that was aware of the admin password installed a legitimate keylogger (not malware, used for legitimate purposes but can be abused) on your system, iAntivirus does not protect from as much malware as it advertises.

The relevant malware definitions in iAntivirus are for trojans that can easily be avoided with user knowledge. Also, definitions for most of these trojans (3 of 4 at this point in time) are included in XProtect that is built into Snow Leopard.

I would suggest using ClamXav if you wish to run AV software on your Mac to prevent forwarding Windows malware via email. ClamAV (same engine as ClamXav) is primarily used on email servers (default AV in Mac OS X server) so its definitions are biased toward threats that are distributed via email. ClamXav's set of definitions for Mac OS X include all relevant threats to Mac.

Do not use the quarantine feature if you set ClamXav to scan emails. The Sentry feature of ClamXav can be used to set up rudimentary real-time scanning for specific folders. A benefit of ClamXav is that it does not require elevated privileges (root) to be effective. Not running as root is important for the security of client side software that receives user defined input (ClamXav = definition updates).
 
Last edited:
You might as well play the lottery, if you get a virus. Those are your odds.
Your only concern should be passing on a virus to another windows user.
 
An alternative anti virus solution

While I have not personally used ClamXav, the free version of Sophos for Mac in my opinion is extremely good alternative. I had to copy a software copy of a school textbook to a number of students USB's (student myself) and as soon as their disks were plugged in Sophos immediately detected the incredible amount of viruses they had on it. Quite shocking really, alas the main thing is that it responded very fast to threats and offered me the option to clean up or maintain in quarantine.

Another time I had viruses but on another Mac I was networked too, that while it couldn't remove them for me (privilege conflicts?) it still gave me every file address as to where it was located.

So bottom line Sophos is a terrifically good AV that uses only a few megabytes of RAM and next to none CPU processes (Universal Binary to 10.4 and higher) and so I highly recommend it for use on your Macbook :D
 
DoFoT9 said:
i read the link, and yes of course its their problem if they dont have their own antivirus, however if you take your laptop into a enterprise environment and share the virus amongst others - who do you think they will blame? you... or them... :rolleyes:
Click to expand...

That email won't do any harm while it is sitting on your Mac, as long as you don't forward it to anyone. And it is not work related, and it doesn't come from any of your friends, colleagues or relatives. So why would you forward it to anyone? Maybe because that image of Britney Spears naked didn't "work" on your Macintosh and now you want to check if it will show on a PC? Or maybe you don't need any Viagra but you think one of your PC using colleagues would?

jackajesusfreak said:
Is there any truth that Windows 7 is their most stable yet? I understand we can run this on the Macs using Boot Camp. We have to have the Windows 7 disk first though, correct?
Click to expand...

You have to purchase a copy of Windows 7. The Windows 7 disk that came with your friend's PC most likely won't work, and definitely is not legal to install.
 
Sophos have also now released a free antivirus for MAC.....

I dont bother with AV on my system.
ALL windows users have their own AV - so if I do pass a virus on it will be picked up at the other end. I dont worry about it TBH - not yet anyways. Maybe in the future as OSX grows we may start to see the odd virus, but I will worry about that time when it comes!
 
Hallivand said:
So bottom line Sophos is a terrifically good AV that uses only a few megabytes of RAM and next to none CPU processes (Universal Binary to 10.4 and higher) and so I highly recommend it for use on your Macbook :D
Click to expand...

I would not use Sophos because the component (and almost all of its components) of the software that receives updates is running with root privileges such that an exploit would be remote root if an exploit was found for that component.

Given that Sophos is 32 bit, the security mitigations can be defeated by bruteforce techniques if an exploitable vulnerability is found in the software.

For example, McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution. Different OS but same principle could be used if exploit found in Mac AV software running as root.

With ClamXav, all of the components do not run as root. The exception is a daemon that scans for changes in folders to initiate launching clamscan if you use the Sentry feature but it does not receive inputs from a remote source.
 
Last edited:
  • Like
Reactions: grahamperrin
munkery said:
iAntivirus does not scan for threats to Windows. So, if you wish to run AV software to avoid being a hub for windows malware, then iAntivirus is useless.

Also, most of the malware definitions in iAntivirus are for legacy Mac OS (not Mac OS X) or the malware are legitimate software that has to be installed with authentication by entering the admin password. So, unless someone that was aware of the admin password installed a legitimate keylogger (not malware, used for legitimate purposes but can be abused) on your system, iAntivirus does not protect from as much malware as it advertises.

The relevant malware definitions in iAntivirus are for trojans that can easily be avoided with user knowledge. Also, definitions for most of these trojans (3 of 4 at this point in time) are included in XProtect that is built into Snow Leopard.

I would suggest using ClamXav if you wish to run AV software on your Mac to prevent forwarding Windows malware via email. ClamXav is primarily used on email servers (default AV in Mac OS X server) so its definitions are biased toward threats that are distributed via email. ClamXav's set of definitions for Mac OS X include all relevant threats to Mac.

Do not use the quarantine feature if you set ClamXav to scan emails. The Sentry feature of ClamXav can be used to set up rudimentary real-time scanning for specific folders. A benefit of ClamXav is that it does not require elevated privileges (root) to be effective. Not running as root is important for the security of client side software that receives user defined input (ClamXav = definition updates).
Click to expand...

I downloaded and put it into the applications folder. It shows it being there but when I try to open it to configure it, nothing comes up????
 
I wouldn't dare waste CPU cycles scanning for viruses that exist for a different OS. That makes absolutely no sense. You don't blame the grocery store if your sealed bag of cereal from Kellogg's has a dead mouse in it, right?

Anywho, OP, partake in an anti-virus solution if you wish, but at the very minimum heed these rules for a trouble free experience:

A) Absolutely no warez. Of course, for experimental purposes, get a small external hard drive and put a fresh OS X install onto it, which can be used as a sandbox (for what? I dunno ;)).

B) Treat your password and your keychain like your home and your girl. Guard em with your life. If something pops up requesting authorization ("Type your password to allow ______ to make changes"), stop right there. Investigate. Ask, Who invoked this? What is this trying to access ? (drill down the details box). Do I trust this application? You will be asked for your password whenever you want to make major changes and the OS wants to make sure you know what you are doing. Recognize, absorb and reflect upon the following: If you give a rouge application root access to your machine, the OS cannot defend itself against actions you authorized.
2B) If others have access to your machine, make sure they adhere to your rules. Limited access account of course. Repeat offenders get parental controled. Serious infractions get termination of access (get your own computer).

C) Learn how to work/tweak the firewall, or atleast keep it enabled. I use wateroof but noobproof works just as well.

D) Leave sharing off unless you have explicit reason to do so.

so on and so forth.

Oh yeah, read this and I promise you'll be better off than 99.9% of the people on this board:
Mac OS X Security Configuration Guide
Don't bother applying the concepts immediately. Spend more time familiarizing yourself with the OS first.
 
jackajesusfreak said:
Is there any truth that Windows 7 is their most stable yet?
Click to expand...
Every version of Windows is touted as the "best evar!" and "most stable!" and all kinds of silly superlatives like that. Last time I checked, each version of Windows was slower and full of more bugs and security holes than the last one. You can compare Microsofts abysmal track record, or you can believe their advertising campaigns. Choice is yours!

The fact is, Windows viruses cannot infect your Mac. And there are no Mac viruses outside of proof-of-concepts that don't actually work. Enjoy not having to deal with this uniquely-Windows hassle.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back