Yes, definitely a good point to add.Good list. Some overkill, agreed, but I would also add that it’s worth operating the computer from a non-admin account.
Yes, definitely a good point to add.Good list. Some overkill, agreed, but I would also add that it’s worth operating the computer from a non-admin account.
Yes, definitely a good point to add.
Running as a non-admin really doesn't provide a significant increase in security. Anything that's trying to be done to the system will prompt for a password, so if the non-admin is going to be prompted for a password and then enters the credentials of an administrator account, what's the difference?Good list. Some overkill, agreed, but I would also add that it’s worth operating the computer from a non-admin account.
Ah, ok. I still have a bit to learn on macOS.. it is based on BSD so I was assuming the ACL was a suitable deterrent.On windows (where one needs only click a dialogue box to confirm system changes) yes i agree entirely. On macOS not so useful as admin password is required for system changes. Most linux systems will not allow root account to log into graphical environment.
Ah, ok. I still have a bit to learn on macOS.. it is based on BSD so I was assuming the ACL was a suitable deterrent.
I do not understand why whoever in this forum believes it is better for his Mac to run from time to time or even on a permanent basis any AV application, should be extremely careful in his/her statements.Here is information regarding an incoming infection (a type of infection but apparently not a MacOS infection) blocked today from downloading by Avast for Mac Free Antivirus while using Mojave 10.14.2.
AVAST has blocked a Threat!
Infection: Malware-gen [Trj]
Attached File type PDF
MS Office/Microsoft Outlook
This type of infection doesn't require MS Office or Outlook to spread. Any downloaded file attachment from online email services could spread it.
There has been a lot of misinformation posted here regarding Mac vulnerabilities and whether Mac users need broad spectrum antivirus software protection.
I cannot emphasize enough the importance of utilizing as much security protection that is available along with common sense. Some adjustments can be made to the MacOS settings including enabling the firewall under System Preferences>Security and Privacy.
A major weak point in computer system security is the browser. Safari security has improved in recent years and it's probably better than it ever has been security wise but any software tied to the OS has been a target for malicious exploits in the past. This is why third party browsers can be an excellent option to enhance security and privacy.
Regarding the use of cross platform software such as MS Office... It is often the target of malicious exploits. Email software such as Outlook can also be a route of infection especially with file attachments. Users on a MS Windows platform often transfer infections via file attachments to unsuspecting associates using Macs who in turn can harbor and transfer those same infected attachments to other Windows users.
I highly recommend that Mac users seriously consider using a general broad spectrum antivirus software which includes email and browser protection and anyone who hasn't in the past should seriously consider utilizing the importance of antivirus security. There are many antivirus software options including free, paid subscription and corporate versions. Any recommendations from current Mac AV users to other Mac users who currently don't have Mac AV software are welcome in this thread.
This is not a thread debating whether Mac users do or don't need antivirus software. That has been debated in other threads and ultimately that is obviously up to every Mac user for themselves. This thread is regarding the benefits users have already had from utilizing AV software for their Macs... What AV software they are using or have used and what infections they have seen that have been blocked... or what infections have been found and removed by their Mac antivirus software.
Because it's apparently "heresy" to utter any word or imply in any way that Mac's or the software on them could be vulnerable to malicious infections. Making any post to the contrary of the long time "Macs don't need AV software" narrative makes you the target of severe ridicule and criticism. Your integrity will be questioned. Every word you previously posted will be scrutinized. The more details you explain about your real world experience or your opinion... the more you will be required to defend yourself... word by word.
I do not understand why whoever in this forum believes it is better for his Mac to run from time to time or even on a permanent basis any AV application, should be extremely careful in his/her statements.
A "Personal Computer" wether using MacOS, Windows or whatever is a "Personal" matter.
If someone prefers to use any AV in a mac it's HIS/HER right.
But after so many violent posts in another thread discussing AV software in macs, attacking those believing in any advantage of using AV in macs, we have come to a point in which people are afraid of even using the "Virus" word.
Therefore all kind of turning around cautious wording is employed in any malware related thread as this one to avoid the pack of mac AV haters who will immediate dismiss the slightest possibility of serious malware in macs and ask in repeated violent posts for proofs of the shere possiblity that such an impossible thing might even exist.
I am truly fed up.
If I DECIDE I prefer to run AV software in my mac it is MY RIGHT.
NOBODY FORCES OTHERS TO DO SO.
If you are convinced it is useless or even causes problems and eats up ressources, then don't use it and be happy.
But for God's sake leave those mac AV users in peace instead of insisting (as was the case in that other thread) how stupid they are in doing so!and scaring any further thread starters.
I was interested in what this thread starter found out and therefore read the posts.
If others find it was just a false positive or whatever then let them simply just skip this thread.
Live and let live others.
Ed
Reasonable discussions are of course always welcome.Pointing out factual inaccuracies, in an attempt to educate- in the year 2019 is apparently triggering for some people.
None of the things described in the last two posts actually happened in this thread.
It is a sad day when reasonable discussion is labelled as attacking. Nobody told anyone not to use the AV. Read the posts again. Enough.
Reasonable discussions are of course always welcome.
However people believing in their right to use some sort of AV in their macs were actually described as stupid, not in this thread but in one appeared a short time ago.
Since this thread starter made a reference to that other thread showing he perfectly knew it, I simply said my opinion that nobody should be afraid to use words like Virus when speaking of malware in relation to macOS.
It is a simple fact of liberty of expression and of thought.
I agree that luckily nobody attacked this thread starter but the apologize implied and cautious wording employed in the first initial post triggered my belief to openly declare there should not be any "tabu" related to macs and macOS.
If someone thinks it is better to take measures other consider unnecessary or even contraproductive, he should be free to say what he believes without fearing to be attacked as being stupid.
That was the only purpose of my post even if luckily this thread starter, as you say, was not victim of any of the violent attacks the other thread starter he mentioned was, probably due precisely to the extreme caution he employed when starting this thread to protect himself.
Ed
Pointing out factual inaccuracies, in an attempt to educate- in the year 2019 is apparently triggering for some people.
None of the things described in the last two posts actually happened in this thread.
It is a sad day when reasonable discussion is labelled as attacking. Nobody told anyone not to use the AV. Read the posts again. Enough.
What about if a friend or family member uses your Mac or logs onto your home network with another computer? Hopefully you also restrict your network access to your own secure home network and don't log onto untrusted public networks. It's amazing how many different pathways infections can utilize these days.
The root of the problem has nothing to do with the topic here. The root of the problem is that some folks will lash out and/or accept untruths in order to avoid having to accept that their belief system is inaccurate. <--- That is the problem. Those folks will continue to fight the exact same battles over and again (as we are now seeing in this thread) until they come to a point where they are willing to resolve the real problem: accepting, dealing with and changing a faulty belief system.
I do not understand why whoever in this forum believes it is better for his Mac to run from time to time or even on a permanent basis any AV application, should be extremely careful in his/her statements.
A "Personal Computer" wether using MacOS, Windows or whatever is a "Personal" matter.
If someone prefers to use any AV in a mac it's HIS/HER right.
But after so many violent posts in another thread discussing AV software in macs, attacking those believing in any advantage of using AV in macs, we have come to a point in which people are afraid of even using the "Virus" word.
Therefore all kind of turning around cautious wording is employed in any malware related thread as this one to avoid the pack of mac AV haters who will immediate dismiss the slightest possibility of serious malware in macs and ask in repeated violent posts for proofs of the shere possiblity that such an impossible thing might even exist.
I am truly fed up.
If I DECIDE I prefer to run AV software in my mac it is MY RIGHT.
NOBODY FORCES OTHERS TO DO SO.
If you are convinced it is useless or even causes problems and eats up ressources, then don't use it and be happy.
But for God's sake leave those mac AV users in peace instead of insisting (as was the case in that other thread) how stupid they are in doing so!and scaring any further thread starters.
I was interested in what this thread starter found out and therefore read the posts.
If others find it was just a false positive or whatever then let them simply just skip this thread.
Live and let live others.
Ed
The root of the problem has nothing to do with the topic here. The root of the problem is that some folks will lash out and/or accept untruths in order to avoid having to accept that their belief system is inaccurate. <--- That is the problem. Those folks will continue to fight the exact same battles over and again (as we are now seeing in this thread) until they come to a point where they are willing to resolve the real problem: accepting, dealing with and changing a faulty belief system.
I don't want to derail this thread, so I feel it will suffice to direct others to learn more about cognitive distortions. I feel that identifying and working on cognitive distortions would be the first step toward change. However, most people don't bother with this because they feel it is too much work.. they fail to see the gain.I'm sorry, I'm not following. You're suggesting there's a 'faulty belief system' at play here. So for those of us who are relatively new to this topic, what exactly is the 'correct; belief system and what is the 'faulty' one? (In your opinion)
P.S. I'm not trying to be combative, I'm just genuinely confused by what exactly you're referring to in your post.
I don't want to derail this thread, so I feel it will suffice to direct others to learn more about cognitive distortions. I feel that identifying and working on cognitive distortions would be the first step toward change.
I would be happy to suggest a number of things- which add to the common sense computing habits posted earlier on.
Educate yourself and your staff- this is probably the most important step. Users are the most reliable attack vector. Social engineering, clueless clicking, and dubious browsing habits are how these things cause big problems like ransomware attacks etc.
Keep all windows systems up to date- do not allow windows XP (for example) anywhere on your network. Same for firmwares of network devices. Many companies never upgrade anything until it breaks or is absolutely necessary because of profit margins. If you NEED X version of something ancient- keep it off the network.
Running a vm does not protect you from the VM doing anything bad- EVEN IF you are restoring very regularly (daily) to known clean restore points- If it has access to sensitive data and your network.
Install PFsense or similar firewall onto your network. Something with good intrusion detection also. Learn how to use it- or pay somebody who can do.
Lock down which sites are allowed to be visited. Staff should not be on facebook (for example) at work. A good router software will allow very fine control of which sites are permitted.
Don't allow everyones personal android devices onto your wifi. Or even personal laptops. Work is for work- home is for home.
Use an application firewall on macs which can control both directions of traffic (standard one only controls one way).
Use an ANTIVIRUS software on ALL work computers. Do NOT trust any email attachment ever. Assume malware until proven clean.
Regularly fresh install operating systems.
I could go on all night but i think i have the basics covered for now.
As you can see i have no ideology on if somebody else runs an antivirus on macOS. None of my concern. But i stand by the fact the original infection seems like a false positive after some brief research (as already stated by others). Avast is particularly eager to flag a file as virus by the very nature of its detection methods. Even if real windows trojan- it is the user which then sends it onwards to the windows system- and then, the USER which opens it on an unprotected windows. It cannot do any of this on its own accord.
No, I never have nor do I currently work for any AV software company. I've been posting, reading and replying in this forum on a broad range of Mac related topics for more than six years. I have made my recommendations strong regarding AV software and security for Mac purely from my own past experience and the experience of friends who are professionals in the industry. I wouldn't just waste time posting about it unless I strongly believed that it could benefit other Mac users in this forum. There have been good suggestions in multiple threads from those who don't recommend using AV software as well. It's up to each user to decide for themselves.After reading all you posts attempting to lay fear into the hearts of all mac users (lol, nice try) I can’t help but start to wonder if you work for malwarebytes or some other company thats trying to sell Mac AV software.
I mean, I’m not totally against using AV software, and I have at used it times, but it almost never finds anything, and if it does, I discover its a harmless program that I personally know about and installed.
You just seem to be pushing suspiciously hard on the ‘BE SCARED ALL MAC USERS’ messaging here.
You offered some good suggestions. I am open to alternate viewpoints and differing information as long as the inconvenience doesn't negatively effect work productivity. One reason to run Windows VMs such as XP is for legacy programs that can't run on later Windows versions so not running those older versions kind of defeats the part of the reason for using the VMs to begin with.
Other input is appreciated especially "Use an ANTIVIRUS software on ALL work computers" which I already have done. Although as you already know I have included personal computers and the Windows viruses installed on the Mac also block viruses and malware from getting to the VMs as well since they can scan shared entry points such as the networking interface for email. Using AV software inside the VMs can help as well especially if you want to utilize a different brand of AV software.
What's amazing is the number of infections that have been blocked from getting inside the Windows VMs by the Mac AV software (that includes Windows virus detection). I also don't really notice any slowdown on the Macs. The Mac AV installations were simple and mostly hassle free to manage... Two minutes to install the Mac AV software... Two minutes configuring and then it just has worked trouble free for years and (I have been using free...NOT paid and NOT subscription AV software). The scan settings can be set in the preferences.
In reply to a previous question... NO for the record I don't nor have I ever worked for an AV software or any software company.... The computer industry is not currently part of my business. I simply use and manage my own computers. I still consider myself relatively new to Macs... I consider it an advantage because coming from experience using Win systems you don't take security for granted. I can affirm that Mac systems have definitely been more trouble free than previously used Windows systems... generally more user friendly, cross platform flexible with VM support, good support (from Apple when the Macs were newer), easier to update, less issues with security, etc. .
[doublepost=1548542744][/doublepost]
No, I never have nor do I currently work for any AV software company. I've been posting, reading and replying in this forum on a broad range of Mac related topics for more than six years. I have made my recommendations strong regarding AV software and security for Mac purely from my own past experience and the experience of friends who are professionals in the industry. I wouldn't just waste time posting about it unless I strongly believed that it could benefit other Mac users in this forum. There have been good suggestions in multiple threads from those who don't recommend using AV software as well. It's up to each user to decide for themselves.
He doesn't like AV.I'm sorry, I'm not following. You're suggesting there's a 'faulty belief system' at play here. So for those of us who are relatively new to this topic, what exactly is the 'correct; belief system and what is the 'faulty' one? (In your opinion)
P.S. I'm not trying to be combative, I'm just genuinely confused by what exactly you're referring to in your post.
Well, based on my past experiences, (33 years of owning countless macs, working on dozens of froends macs with ‘issues’’) ... all I can say is my experience with mac viruses (virtually non existennt) is somehow drastically different from yours.
Good tidings in your bubble of fear and paranoia.
There are zero meaningful macOS viruses. Any sensible operating system protects against malware by inherent design. Heck even modern windows systems are WAY more safe than in the past, And Microsoft's own protections are now sufficient for the most part.
However, when it comes to customer data in a work environment, paranoia has a place. In this day and age there are many 3rd world hackers making a living out of stealing money or data from 1st world computers. AV does not, in general protect you from those people. Again, the USER is the security hole.
There's no fear or paranoia coming from here. Not a single Mac that I own or that I have configured for myself, a friend or a family member... and not a single Windows VM on any of those Macs has ever been infected.... But all of them have blocked many potential infections... one being the example I posted to start this thread (which was apparently not a MacOS related infection).
As I mentioned in another recent thread I do know of four people who did get infections on the Macs.... Yes Mac and/or Mac software related infections....not Windows or Windows VM infections. I can't speak for you and others that seem to claim they never get Mac infections but I know I am more relaxed knowing I have Mac AVs protecting my Macs and my Windows VMs.
...I don't want to get back into explaining what those infections were and how I know about them. You can find that information in the other recent thread. This thread was supposed to be about people's experiences with Mac security and regarding their own use of broad spectrum Mac AV software.
The root of the problem has nothing to do with the topic here. The root of the problem is that some folks will lash out and/or accept untruths in order to avoid having to accept that their belief system is inaccurate. <--- That is the problem. Those folks will continue to fight the exact same battles over and again (as we are now seeing in this thread) until they come to a point where they are willing to resolve the real problem: accepting, dealing with and changing a faulty belief system.
And, from the looks of the recent replies, here we are again. Remember the other thread?
OP, how many more times are you going to fight this same battle before recognizing that your belief system needs to change? Never mind, that was a rhetorical question.