Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Opinions and facts are two separate things...

Source of the quote? Also, I think it rather less likely that a security firm like Sophos would get hacked than me as a user inadvertently picking up a run-of-the-mill virus or other forms of malware. Has any legit anti-virus program been hacked in the way the quote suggests?
 
erm... No need to read my own links, for I know nVIR is obsolete 🙄, but the point is that viruses on the Mac are not unknown. As the saying goes, those who ignore history are doomed to repeat it. Because viruses are a pain in the a$$, I prefer to use a free anti-virus program.
No antivirus app can protect you from a virus that does not exist, because it doesn't know what to look for. If a Mac OS X virus is introduced in the future, no AV will protect your Mac if you are exposed to the virus before it can be analyzed and a defense is created.
What warning about Sophos in this thread?
Sorry, it wasn't in this thread, but another running concurrently with this one. It is, however described in the Mac Virus/Malware Info link posted in this thread:
Sophos should be avoided, as it could actually increase your Mac's vulnerability, as described here and here.
Also, I think it rather less likely that a security firm like Sophos would get hacked than me as a user inadvertently picking up a run-of-the-mill virus or other forms of malware. Has any legit anti-virus program been hacked in the way the quote suggests?
Yes. Read the links I posted.
 
Last edited:
No antivirus app can protect you from a virus that does not exist, because it doesn't know what to look for. If a Mac OS X virus is introduced in the future, no AV will protect your Mac if you are exposed to the virus before it can be analyzed and a defense is created.

Granted. My hope is that my other security practices would delay any infection of my Mac until Sophos has created the relevant anti-virus signatures.

I agree that common sense is the best protection, but I don't buy the argument that using an AV program makes one more vulnerable. Again I ask has anybody ever been able to exploit the root privileges of AV software from a legitimate firm? If not, then isn't citing this potential threat more scaremongering than citing any threat from viruses and other malware (for which there are at least a few actual instances)?
 
Again I ask has anybody ever been able to exploit the root privileges of AV software from a legitimate firm?
Yes. Read the edit to my last post. Also, why expose your Mac to the risk, when other antivirus apps, such as ClamXav don't have the same issue? If you're all about using software to be your line of defense, at least choose one without that elevated risk.
 
Ah... finally read about the MacAffee exploit. (The obvious comeback being that I asked about a legitimate security firm 😛). OK, so now I am not trying to argue but simply to get information. Has the MacAffee (or any other root exploit) been seen in the wild? The link you showed only has a PERL script...
 
Last edited:
Granted. My hope is that my other security practices would delay any infection of my Mac until Sophos has created the relevant anti-virus signatures.
This is no different than those who choose run without antivirus until such a threat exists and the virus definitions have been updated, using only safe computing practices as their defense. The difference is those who run without antivirus installed until that time aren't giving up system resources to an antivirus app that isn't needed.
Ah... finally read about the MacAffee exploit. (The obvious comeback being that I asked a legitimate security firm 😛). OK, so now I am not trying to argue but simply to get information. Has the MacAffee (or any other root exploit) been seen in the wild? The link you showed only has a PERL script...
I haven't bothered to research it, but I'm sure you can, if you're really interested. The bottom line is this:

Antivirus software isn't needed to protect current Macs from malware; only a user employing safe computing practices is needed.

If you want to run antivirus, you can choose between ones that run with elevated privileges, possibly exposing your Mac to greater vulnerability, or you can choose an antivirus without that possibility.

It's your Mac, so you can do whatever you like. However, many come to these threads for accurate information and best recommendations. Based on the facts, I wouldn't recommend Sophos, when there are alternatives, such as ClamXav, which do the same job without the added possibility of risk associated with elevated privileges.
 
The best anti virus is one's common sense 🙂

I agree. Obviously won't do anything too stupid but I mean I have anti-virus on my Windows machine and if any websites or attachments to contain stuff then *touch wood* so far it has managed to block them.

But what I don't get is, just let's say hypothetically. My friends laptop been hacked / stolen or whatever and he / she sends me something (attachment). Is it possible to get infected or attacked that way then even without anti-virus on Mac? 😕

Cause with windows, it can still look like a normal file but have stuff hidden inside them (but anti-virus kept stuff in check, usually).

Just hypothetical. But I mean is it still safe then without anti-virus?
 
Just hypothetical. But I mean is it still safe then without anti-virus?

Typically, malware requires system level access to be successful. Examples of malware that require system level access include rootkits, such as keyloggers that bypass user space security mechanisms.

System level access is gained either by social engineering or elevation of privilege exploitation. Social engineering includes tricking the user to password authenticate the installation of the malware. Elevation of privileges via exploitation is dependent on privilege escalation vulnerabilities which are rare in OS X; this type of exploitation being used independent of user interaction has not occurred in the wild in OS X.

Not all malware requires system level access but examples of this type of malware, such as MACDefender, rely on phishing techniques to gather sensitive user data. This type of malware requires the user to actively install it before it can attempt to phish the user for sensitive data. Any malware that relies on user interaction to function is avoidable via user knowledge.

Also, the file quarantine feature in OS X Snow Leopard includes a basic anti-malware scanner to detect malware that relies on user interaction. I also recommend installing ClamXav to periodically run on-demand scans just as a precaution and for peace of mind.

So, AV software with on-access scanning is not required as long as the user applies safe computing practices. No AV solution should be solely relied upon for protection.
 
Last edited:
Thanks for the explanation.

Just didn't understand before how it can be so safe without AV as I'm use to Windows... cause yes safe practice is good but you never knew with Windows, visit some website or file that you think it's legitimate and bam comes my AV warning message that it has intercepted a potential virus.

Obviously if I installed or agreed to open a file then it would be my fault. Just that with Windows it tends to just appear from no where, ie. some websites suddenly downloading cookies or god knows what (if it wasn't for AV, with Win that is).
 
I hate all of the virus threads. i've seen like 6 of them in the past couple weeks.

NO, YOU DON'T NEED ANTI-VIRUS!!!!

search the damn forums
 
Thanks for the explanation.

Just didn't understand before how it can be so safe without AV as I'm use to Windows... cause yes safe practice is good but you never knew with Windows, visit some website or file that you think it's legitimate and bam comes my AV warning message that it has intercepted a potential virus.

Obviously if I installed or agreed to open a file then it would be my fault. Just that with Windows it tends to just appear from no where, ie. some websites suddenly downloading cookies or god knows what (if it wasn't for AV, with Win that is).

This is because Windows XP admin accounts run with elevated privileges so elevating privileges to the system level via exploitation is not required to install more stealthy and dangerous malware.

Also, the warning messages of AV software make users feel that every piece of malware puts them at imminent risk even though a lot of malware requires users to actively install it before it can infect the system.

These two factors combined have produced the bias in many Windows users converting to Mac that AV software is required to be safe.
 
hey guys I bought my first mac today and I heard all the horror stories about macs getting viruses...e

All those stories are WRONG. You can prove me wrong be pointing at just one real virus that spreads outside of a controlled demo.

Virus are not some kind of universal computer problem. They are unique to Microsoft Windows.

Thwre is nothing special about Macs that makes them resistant. It is Windows that is "special" You never see virus in Solaris, Linux, BSD Mac OS X, AIX or any other OS but Windows
 
Virus are not some kind of universal computer problem. They are unique to Microsoft Windows.

Thwre is nothing special about Macs that makes them resistant. It is Windows that is "special" You never see virus in Solaris, Linux, BSD Mac OS X, AIX or any other OS but Windows
This is not true. Viruses are not unique to Windows. Macs are not immune to viruses. There have been viruses in the past that affected Macs. In fact, the very first virus introduced in the wild was for Apple computers. There simply have been no viruses released in the wild in the 10 years since Mac OS X was introduced. That doesn't mean it's impossible.
 
Thanks GGJstudios for the explanation. I'm going to be a Mac convert real soon. Just didn't understand, not because of the whole recent scare but just in general. Since I've been a Win user for the past 13 years and never touched a Mac before.

Just intrigued that I won't need to buy AV every year (£20-£30 / year) and still be safe.
 
This is not true. Viruses are not unique to Windows. Macs are not immune to viruses. There have been viruses in the past that affected Macs. In fact, the very first virus introduced in the wild was for Apple computers. There simply have been no viruses released in the wild in the 10 years since Mac OS X was introduced. That doesn't mean it's impossible.

Those old Apple computers had nothing to do with Mac OS X. The you remember the history viruses back then were something youe set up as kind of a demo to show it could happen, remember just how few computers were on the nIternet back in early 80's

I'm still waiting for someone to point to a Mac OS X virus that exists outside of a demo environment.

The thing to remember is how this anti-virus software works. Typically it has a list of "patterns" inside and you need a subscription to keep that list up to date. There is a pattern for each known virus. The key word is "known". They can't make the pattern without a virus first. OK so now just what would be inside Mac OX X anti-virus software? An empty list were one day maybe a pattern could be stored.

We can't predict the future but today there is not need.
 
Those old Apple computers had nothing to do with Mac OS X.
It wasn't just the old Apple computers. There were viruses that existed for Mac OS 9, 8, 7, etc. The point is, Macs are not immune and viruses are not unique to Windows. Other platforms have had viruses, and there could be new viruses introduced for Mac OS X in the future. There is nothing that makes that impossible.
 
Ok then, as this thread is full of the typical rubbish yet again, let's make up an imaginary question from an imaginary character who has an imaginary Mac, and see if we can get some different replies?

Hello my name is Tom, I'm disabled and don't have much money, however I have a very creative mind.

My parents bought me a lovely iMac last year, was sweet of them, but really I can't afford the software that I want to run.

I'm forced to admit, I download most of my software illegally on the torrent sites. I don't make any money from them, they are just for my personal use and pleasure to keep me occupied as I can't get out much due to my disability and lack on income.

I'm worried that when I install and say yes to installing these hacked/cracked programs that I may be putting some virus/malware onto my system.

Is there anything I can run, in the background that will pop up a warning, if some specific virus/malware is detected or is about to run, either during or after installation of the software I've downloaded?


Note: this is a made up scenario.
 
Ok then, as this thread is full of the typical rubbish yet again, let's make up an imaginary question from an imaginary character who has an imaginary Mac, and see if we can get some different replies?

Hello my name is Tom, I'm disabled and don't have much money, however I have a very creative mind.

My parents bought me a lovely iMac last year, was sweet of them, but really I can't afford the software that I want to run.

I'm forced to admit, I download most of my software illegally on the torrent sites. I don't make any money from them, they are just for my personal use and pleasure to keep me occupied as I can't get out much due to my disability and lack on income.

I'm worried that when I install and say yes to installing these hacked/cracked programs that I may be putting some virus/malware onto my system.

Is there anything I can run, in the background that will pop up a warning, if some specific virus/malware is detected or is about to run, either during or after installation of the software I've downloaded?


Note: this is a made up scenario.

Yes, you can run TextEdit, which will magically destroy any malware within 32 feet of your Mac, regardless of the device on which the malware exists.

Note: this is a made up reply.
 
Yes, you can run TextEdit, which will magically destroy any malware within 32 feet of your Mac, regardless of the device on which the malware exists.

Note: this is a made up reply.

The reason I posted that made up scenario, as it's a very common scenario.
Leaving aside the disabled nature of the person in the story and if or not they work/have money.

I'm not, and I suspect most people here are also not stupid enough to feel that every single Mac user has legitimately purchased every single Mac application on their machine.

I have no reason to think that a large percentage Mac owners would be any more lightly to legitimately purchase Photoshop to edit their holiday snaps than a PC user.

Given that Torrent sites are overflowing with pirate versions of Photoshop for the Mac, I think that in itself would tell anyone what really goes on.

With that in mind, that there will be a percentage of Mac users who do install such things onto their machines, and click "YES" or "OK" to the install prompts that come up, which could I suppose contain something nasty.

The statement "Macs don't get this kind of stuff, ha ha, only PC's get it" is a bit silly.
Hence my query, which is no good to me as I don't own a Mac currently, but I guess a question that some Mac owners want to know is, what "IS" a good program to be running to detect bad things that might get installed without your knowledge when installing things from less than official places.
 
The reason I posted that made up scenario, as it's a very common scenario.

Hence my query, which is no good to me as I don't own a Mac currently, but I guess a question that some Mac owners want to know is, what "IS" a good program to be running to detect bad things that might get installed without your knowledge when installing things from less than official places.
Again, my only recommendation is don't pirate software. There's never a good justification for stealing software. If you choose to do it, for whatever reason, you must assume the risks that go with it. While some may choose to, I would not make a recommendation intended to enable or facilitate someone successfully pirating software, or make their experience with such stolen software more palatable. I know people do it, and nothing will stop that. I don't pass judgement on them. I just choose not to assist that effort in any way.
 
Again, my only recommendation is don't pirate software. There's never a good justification for stealing software. If you choose to do it, for whatever reason, you must assume the risks that go with it. While some may choose to, I would not make a recommendation intended to enable or facilitate someone successfully pirating software, or make their experience with such stolen software more palatable. I know people do it, and nothing will stop that. I don't pass judgement on them. I just choose not to assist that effort in any way.

Oh, don't get me wrong, I agree with you that it's not right to pirate software.
It's just that, living in the real world as opposed to a perfect world we have to accept people don't always to 100% the right thing all the time.

It has been argued a number of times that Microsoft with Windows and Adobe with Photoshop, to mention just two products actually owe their popularity to piracy in the early days which established their software as a standard product that the industry decided to go with. Or course, no one would ever officially state such a theory for obvious reasons 🙂

Despite this, if we do accept, and be realistic that a percentage, be it 5%, 10%, 20% or more, who knows may have some pirate versions of very expansive packages on their macs, and they are using them for personal use, not to make money with, not that this gives them justification, however I can see the logic behind the reasoning used in such cases.

It does everyone good. Even those who buy everything for their systems, If any Virus or Malware is detected/stopped/blocked on other people's systems in case it's transferred or in some way distributed onto other Mac users machine.

Everyone wins if these malicious programs are detected/wiped out.
So it would be good if such people did have software running on their macs that would detect these things, either during the install process, or upon running the program and perhaps activating the code.

So, whilst I do agree with your sentiments, I think it's good for everyone if people can suggest good security software that people can run on their Mac's to warn them of such things.
 
Alright so I am 100% safe without no anti virus? Sweet 😀

It is still possible to purposefully download and approve installation of software that has a malicious payload.

Don't do that. Install only software from known-good sources. Avoid dicey warez websites and "free" copies of costly software. If it's too good to be true, it probably is.

The Mac is 100% safe against spontaneous contagions of the sort that beset Windows machines for many years. For example, with a Mac, you won't get infected just from getting an email with a bad attachment... unless that attachment is software that YOU decide to install.

No computer is safer than the wetware sitting at the keyboard!
 
So... at the end of the day it is still possible to get infected if you agreed to install something even though you thought it was legitimate?

I mean, again if you have AV installed, then at least if you're tricked by a file then maybe AV will protect you?

I remember ages ago on MSN Messenger, my friends computer had viruses and would try to send me stuff in the middle of the chat and one could easily just download and open it thinking it was legit.

Only reason why I didn't accept was because it felt bit weird / out of the blue and I asked and he said he didn't send me anything. Only then did I realise and himself that he had a virus / bug on MSN Messenger.

Couldn't something like that happen to Mac? Or like email attachments?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.