Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Antivirus...Do you use it?
- Thread starter ayeplussjr
- Start date
- Sort by reaction score
jzuena
macrumors 65816
Its not that gloom and doom. 😀 There are vulnerabilities, but the risk is still fairly small. Defense in depth is your best defense. Running from a non-admin account can be one barrier, running a two-way firewall like Little Snitch can be another, using a hardware firewall another. Run nessus scans of your machines every once in a while. It will tell you if you have something configured in an insecure way. These should protect from automated "casting a wide net" scans finding your machine as a good target. In the words of hikers, you don't have to outrun the bear, you only have to outrun the guy next to you. If the guy next to you has Windows you have a small head start. If it is unpatched Windows, the bear is already having lunch. Stay up to date on patches so the Windows guy doesn't pass you.
If someone is specifically targeting your computer, then your chances go way down, but I still don't think it is hopeless. Leave a decoy Windows machine on to feed the bear. 😀
DoFoT9
macrumors P6
while ill agree that the vulnerabilities are minimal, the fact remains that if somebody wanted to then they could! and very easily...
sure having lots of defensive systems is quite a good idea, the kind of viruses that we would get from everyday clicking is minimal anyways, just annoying things.
that Nessus program looks very interesting, i downloaded it and will install it a bit later. i hope its correct with its analysis.
very nice analogy on the bear 😛 made me laugh.
dejo
Moderator emeritus
DoFoT9
macrumors P6
not everything that happens in the world is on the internet you know... 🙄
and not every mac user in the world posts their experiences/troubles on this forums
haha
jzuena
macrumors 65816
Nessus is one of the tools we use in client vulnerability assessments. Licenses for personal use to scan your home network are free, so I use it at home as well. If you don't trust Tenable to keep it free for home use, there are several forks of the code made from when it was still open source (don't know how good they are).
The bear analogy was just to lighten the mood. I'd rather your next trip to the pub be to celebrate and not to commiserate the state of OS X security 😀
DoFoT9
macrumors P6
I am truely scared now, and i feel more secure that i am not the full administrator of my computer.
iWork '09 Torrent Carrying Trojan
iWork '09 Torrent Carrying Trojan
gnasher729
Suspended
A MacOS X Admin account is somewhere between a Unix/Linux root account and a normal user account.
A root account can and will do anything. So that is dangerous because of possible malware, but even more dangerous because people sometimes do stupid things, so using a root account day to day is just stupid.
A MacOS X Admin account _can_ do anything, but it will only do so after asking you for your permission. So malware can't do anything unless it convinces you to type in your admin password at some point, and if you do anything that could mess up your computer you'll have to type in the admin password as well.
And you can create a root account on the Macintosh, but I have used Macs for years and still would have to look up how to do it (and as I said, it would be a stupid thing to do. You don't need a root account on a Macintosh).
Tallest Skil
macrumors P6
While the general consensus among younger boys is "girls are a virus", her using your computer (Mac, right?) would have absolutely no effect on the necessity for anti-virus.
Simply put, there currently aren't any; end of story.
kastenbrust
macrumors 68030
Why? are you admitting to illegaly downloading it?
Anyway the funny thing is all the fools downloading it by torrent, and its available on Apples website, in full, without any security checks, passkeys etc.
The people who downloaded it by torrent kind of deserve that trojan, anyway its not even a trojan really, because its an app and can be blocked using little snitch, so still no need for antivirus.
ChrisN
macrumors 65816
My sister does some crazy stuff on the computer and my dad just put the antivirus to be safe and sure. She likes to download any and all files that she likes.
windels
macrumors regular
kastenbrust
macrumors 68030
But theres nothing she could possibly do, apart from:
A) Programming her own virus
B) Downloading iLife '09 via Torrent
That would cause you to have any need for an antivirus.
Infact the amount the antivirus program is slowing down your computer is more than it would take to reinstall OS X if you did get a virus.
(i would just like to point out that even if she did program her own virus the antivirus wouldnt be able to deal with it because it wouldnt be a known virus in its database, and also the iLife 09 torrent virus is actually a trojan horse so the antivirus wouldnt be able to help here either.)
C) Getting in some website which pretends to have a new video and which requires to download a codec (which actually is a DNS Changer Trojan)
Not every antivirus does that. Intego (as I heard) and iAntivirus (as I'm using it now) hardly cause any slowdown.
Not really. Modern antiviruses such as Intego and iAntivirus use Heuristic Detection, which can be used to detect new forms of malware. Of course, that's not 100% successful either, but still helps.
jzuena
macrumors 65816
As was discussed earlier in the thread, admin accounts are always prompted for a password in the GUI. But if you go to command line (or if you are a trojan application that is calling Unix services) the GUI is not there to catch all commands and prompt for input. Admin accounts are in the Unix admin group which has write access to most of the applications including utilities like Disk Utility.app and Directory Utility.app. If some changes are made to an app you would normally be prompted for a password anyway and you then ran that app, you would not notice if the now authorized utility also did something like install a rootkit. Now your computer is fully owned by someone else and can be commanded to join a zombie army conducting a Dinial of Service attack, send spam, anything else that Windows machines are regularly turned into from a virus. The rootkit isn't installed automatically like it is from a Windows virus, but it still gets installed when you run the trojan.
Macs always have a root account, the password is just undefined. Ubuntu Linux does the same thing, by putting * in the password field in the shadow file (Macs use LDAP to store passwords, but the idea is the same). You don't create the root account, you define a password so that you can log into it.
I have never use AV on a Mac. I only very recently stated using it on the PC. A good firewall, frequent OS updates and some common sense when it comes to downloading things from shady places is much more important then AV software.
DoFoT9
macrumors P6
no, did i say that? i was saying that people are starting to target macs more and more, and that if anything did happen that i felt safer with my current setup.
fools indeed.
you cant really say that about people you dont know. just because they torrent things doesnt make them a bad person, or even illegal in some countries.
Freis968
macrumors 6502a
True, it is the most annoying anti-virus I ever had the displeasure of using back in the old PC days, I am sure if there is a Mac version of it...it is just as bad I imagine.
Oh, and to answer the OP's question, I have never used an anti-virus on my Mac.
DoFoT9
macrumors P6
oh, you have no idea. problem number 1 is that its still ONLY PPC, so it runs onder Rosetta.. meaning that straight up its going to use twice/three times the resources, it scans pretty much any media that you put into the computer.. and even turning the settings to "dont scan such and such media" didnt fix it, so before you are allowed to eject it you have to wait for it to scan everything!!! gah.... its rediculous.
Jethryn Freyman
macrumors 68020
iAntiVirus doesn't work.
It seems to be able to detect the installer packages for trojans, but once they've been installed, it can't pick them up.
It also lists many proof on concept trojans as dangerous threats, and there are other programs which it detects as a threat which are no threat at all (e.g. password crackers.)
so i'm new to mac...i have vm fusion running with xp...i installed norton on xp, is it necessary?
i dont use it either though i fear with the increasing mac popularity, viruses will start to become a problem