Anti Virus for Mac?

[Mikey86uk]

Is it needed?

ive had Macs since 2010 and haven't had a virus (as far as i no) but with the latest scare, is it worth it? If so which one?

Many Thanks

[GGJstudios]

Quote:

Originally Posted by Mikey86uk

Is it needed?

ive had Macs since 2010 and haven't had a virus (as far as i no) but with the latest scare, is it worth it? If so which one?

Many Thanks

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.

Mac Virus/Malware FAQ

1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall
   
   
2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General
   
   
3. Disable Java in your browser. (For Safari users, uncheck "Enable Java" in Safari > Preferences > Security.) This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)
   
   
4. Change your DNS servers to OpenDNS servers by reading this.
   
   
5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.
   
   
6. Never let someone else have access to install anything on your Mac.
   
   
7. Don't open files that you receive from unknown or untrusted sources.
   
   
8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.
   
   
9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.

That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.

[Mikey86uk]

Quote:

Originally Posted by GGJstudios

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.

Mac Virus/Malware FAQ

1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall
   
2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General
   
   
3. Disable Java in your browser. (For Safari users, uncheck "Enable Java" in Safari > Preferences > Security.) This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)
   
   
4. Change your DNS servers to OpenDNS servers by reading this.
   
   
5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.
   
   
6. Never let someone else have access to install anything on your Mac.
   
   
7. Don't open files that you receive from unknown or untrusted sources.
   
   
8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.
   
   
9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.

That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. Y

you don't need any 3rd party software to keep your Mac secure.

Thanks very much

Much appreciated!

[Mattie Num Nums]

ClamXav is the best IMHO. Its super duper light weight and does the job.

The above advice is banking on the user being the issue and thats not always the case. Some people may not want AV but you need it regardless. I run an environment with over 4000 users and we haven't had any malware of virii outbreaks.

[GGJstudios]

Quote:

Originally Posted by Mattie Num Nums

The above advice is banking on the user being the issue and thats not always the case. Some people may not want AV but you need it regardless

No, you don't need 3rd party antivirus software to keep your Mac malware-free, and having antivirus software installed will not provide as much protection as will practicing safe computing. This was clearly illustrated with the MacDefender issue.

Quote:

Originally Posted by Mattie Num Nums

I run an environment with over 4000 users and we haven't had any malware of virii outbreaks.

That's because there are no Mac OS X viruses in the wild, and there never has been any.

[wnorris]

Quote:

Originally Posted by GGJstudios

No, you don't need 3rd party antivirus software to keep your Mac malware-free, and having antivirus software installed will not provide as much protection as will practicing safe computing. This was clearly illustrated with the MacDefender issue.

That's because there are no Mac OS X viruses in the wild, and there never has been any.

I really believe this is bad advice to be giving persons on a message board. I use the free version of Sophos and my wife has ClamXav.

NO SOFTWARE is 100% secure. There will be persons that read your advice and are infected with some sort of malware. As great as it would be to have a perfectly secure system it is not meant to be. You have given great security tips, but overall bad advice without knowing a persons background and computing habits.

I lock my doors at night and also when I leave the house because I do not know who or what may try to enter. I do not think this is paranoid behavior, just common sense. I try to do the same to ensure my OS is as secure as possible without negatively impacting the performance of my system. To date, I have not noticed any negative effects with running the above mentioned AV solutions.

Best of luck, but I would rather be safe than sorry. -W

[GGJstudios]

Quote:

Originally Posted by wnorris

I really believe this is bad advice to be giving persons on a message board.

If you believe that, you're uninformed.

Quote:

Originally Posted by wnorris

I use the free version of Sophos

Now this is bad advice. Sophos should be avoided, as it could actually increase your Mac's vulnerability, as described here and here.

Quote:

Originally Posted by wnorris

NO SOFTWARE is 100% secure.

And no antivirus app is 100% effective.

Quote:

Originally Posted by wnorris

There will be persons that read your advice and are infected with some sort of malware.

If they follow the safe computing steps I've posted, they will have zero malware on their Mac, as those steps prevent all Mac OS X malware that has ever been released in the wild.

Quote:

Originally Posted by wnorris

You have given great security tips, but overall bad advice without knowing a persons background and computing habits.

I don't need to know their background or computing habits. If anyone follows those tips, they will avoid all existing Mac OS X malware.

Quote:

Originally Posted by wnorris

I lock my doors at night and also when I leave the house because I do not know who or what may try to enter. I do not think this is paranoid behavior, just common sense. I try to do the same to ensure my OS is as secure as possible without negatively impacting the performance of my system.

By running Sophos, you're unwittingly leaving a door unlocked. Depending on antivirus software in the absence of safe computing practices is less effective than practicing safe computing without running antivirus software. This was proven with the MacDefender malware, as no antivirus app identified it as malware when it was first discovered. Yet those practicing those tips were completely unaffected. The same is true for the recent Flashback trojan. Not all antivirus apps detected it, but those practicing those tips were completely protected.

I really encourage you to read what I've posted and the links provided. Educating yourself about Mac malware is your best defense, rather than depending on some antivirus company, whose motivation is to sell you software.

Quote:

Originally Posted by wnorris

Best of luck, but I would rather be safe than sorry.

I would, too, which is why I practice safe computing, which provides more complete protection than that offered by any antivirus app.

[VirtualRain]

Quote:

Originally Posted by GGJstudios

If you believe that, you're uninformed.

Now this is bad advice. Sophos should be avoided, as it could actually increase your Mac's vulnerability, as described here and here.

And no antivirus app is 100% effective.

If they follow the safe computing steps I've posted, they will have zero malware on their Mac, as those steps prevent all Mac OS X malware that has ever been released in the wild.

I don't need to know their background or computing habits. If anyone follows those tips, they will avoid all existing Mac OS X malware.

By running Sophos, you're unwittingly leaving a door unlocked. Depending on antivirus software in the absence of safe computing practices is less effective than practicing safe computing without running antivirus software. This was proven with the MacDefender malware, as no antivirus app identified it as malware when it was first discovered. Yet those practicing those tips were completely unaffected. The same is true for the recent Flashback trojan. Not all antivirus apps detected it, but those practicing those tips were completely protected.

I really encourage you to read what I've posted and the links provided. Educating yourself about Mac malware is your best defense, rather than depending on some antivirus company, whose motivation is to sell you software.

I would, too, which is why I practice safe computing, which provides more complete protection than that offered by any antivirus app.

Hi there, I work at Sophos on the Mac AV team and I don't know enough about the engine's inner workings off hand to either confirm or deny what you or the source you're linking to is saying, but I will look into it early next week and get back to everyone. (I expect there is misinformation being passed around or someone is jumping to unfounded conclusions).

I can tell you we have one of the best reputations in the commercial business space where malware can have significant real world impacts and I've never heard of anything like this before. We offer the same engine in our free consumer Mac AV Home Edition product that fortune 5000 companies rely on for protection everyday across every sector from Government to Finance, to Tech, Retail, Medical, etc. In addition we have a dedicated team of Global threat analysts monitoring threats 24/7 including Mac OS X specific malware. And with our Live Protection you can get real time updates the second we see a new threat. These are important aspects of an effective security solution.

But, at the very least, install some kind of AV protection and practice safe computing.

EDIT: As a follow-up, this has been addressed in the past... here

[FeaRThiS]

Never use wifi always use the ethernet port and put a condom on the cable works a treat.

[DataMiner]

sorry for a newbie question but if I am running Win7 virtually do I need to treat it the same as Win7 on a PC; do I need to worry more or less about malware than if I was not running Win7 on my Mac?

[simsaladimbamba]

Quote:

Originally Posted by DataMiner

sorry for a newbie question but if I am running Win7 virtually do I need to treat it the same as Win7 on a PC; do I need to worry more or less about malware than if I was not running Win7 on my Mac?

You need to treat it as running Windows on a separate computer or via Boot Camp, thus AV software is advised. You could use Microsoft Security Essentials for that.

[DataMiner]

Quote:

Originally Posted by simsaladimbamba

You need to treat it as running Windows on a separate computer or via Boot Camp, thus AV software is advised. You could use Microsoft Security Essentials for that.

Thank you.

[Garoolgan]

I wasn't hit by the virus but I asked the guys I was with when I was in the Wonderful World of Windows. = http://www.f-prot.com/ in Iceland.

They said that they were working on a Mac version and would let me know when it was up and running.

Garoolgan

[SuperJudge]

Quote:

Originally Posted by VirtualRain

But, at the very least, install some kind of AV protection and practice safe computing.

Can you, or anyone else here for that matter, explain to me the threats I am protecting myself against when I install AV software on a Mac? What dangerous threats exist in the wild for Mac OS X that don't require user intervention to install. Or perhaps you can point to a specifc security vulnerability on an OS level that could lead to such things.

Go on, I'll wait. I've been waiting for the better part of a decade for a good reason to install AV software on any POSIX-compliant/compatible system. What's a little while longer?

At the core, anti-virus software is to protect a system from threats that can't be screened simply by having good computing practices. In a system like Windows that grew up and out of a single-user/single-system paradigm, we're talking about an architecture that is insecure from the outset. There was a time when an unpatched XP box could be pwned in less than 30 seconds of being online.

When you're talking about multi-user/multi-system paradigm systems, like UNIX and all of its offspring, you've got a much smaller attack surface to exploit because a lot of those bugs have been worked out for nearly 30 years.

Antivirus for Macs (and Linux, BSD, Solaris, &c.) is lipstick on a pig. It can't protect from the number one threat to those kinds of systems: the user.

[GGJstudios]

Quote:

Originally Posted by Garoolgan

I wasn't hit by the virus

That's because there ARE no Mac OS X viruses in the wild. Read my earlier posts.

Quote:

Originally Posted by Garoolgan

They said that they were working on a Mac version and would let me know when it was up and running.

You don't need it.

[chevalier433]

Quote:

Originally Posted by Mikey86uk

Is it needed?

ive had Macs since 2010 and haven't had a virus (as far as i no) but with the latest scare, is it worth it? If so which one?

Many Thanks

you don't need one at the moment if you are not a porn expert

[MisterMe]

Quote:

Originally Posted by chevalier433

you don't need one at the moment if you are not a porn expert

Porn experts don't need antivirus software any more than other Mac users.

[VirtualRain]

Quote:

Originally Posted by SuperJudge

Can you, or anyone else here for that matter, explain to me the threats I am protecting myself against when I install AV software on a Mac? What dangerous threats exist in the wild for Mac OS X that don't require user intervention to install. Or perhaps you can point to a specifc security vulnerability on an OS level that could lead to such things.

Go on, I'll wait. I've been waiting for the better part of a decade for a good reason to install AV software on any POSIX-compliant/compatible system. What's a little while longer?

At the core, anti-virus software is to protect a system from threats that can't be screened simply by having good computing practices. In a system like Windows that grew up and out of a single-user/single-system paradigm, we're talking about an architecture that is insecure from the outset. There was a time when an unpatched XP box could be pwned in less than 30 seconds of being online.

When you're talking about multi-user/multi-system paradigm systems, like UNIX and all of its offspring, you've got a much smaller attack surface to exploit because a lot of those bugs have been worked out for nearly 30 years.

Antivirus for Macs (and Linux, BSD, Solaris, &c.) is lipstick on a pig. It can't protect from the number one threat to those kinds of systems: the user.

A good read...

http://rogunix.com/docs/Pentesting/M...20Handbook.pdf

[SuperJudge]

Quote:

Originally Posted by VirtualRain

A good read...

http://rogunix.com/docs/Pentesting/M...20Handbook.pdf

I'm not saying that Mac OS X (or any other POSIX system) is perfectly secure. I've read that before and I'm familiar with several of the exploits mentioned, all of which require penetration or user intervention. What I'm saying that there is no tangible benefit from running AV software and that book doesn't really say otherwise.