do i need anti virus software

Discussion in 'MacBook Pro' started by nevergettoride, Apr 28, 2012.

  1. nevergettoride macrumors newbie

    Joined:
    Apr 28, 2012
    #1
    Hi just bought by new macbook pro 13". First mac, terribly excited. I'm going to be full of ridiculous questions so please humour me.

    Here's my first:

    Noone's mentioned anti-virus software? Do I need any?

    Many thanks
    Dawn
     
  2. Macman45 macrumors demi-god

    Macman45

    Joined:
    Jul 29, 2011
    Location:
    Somewhere Back In The Long Ago
    #2
    There are no known viruses that can attack OSX, this has always been the case. There is Malware out there that can install itself on a Mac, but most like myself adopt good browsing and email habits. I have never had a Malware infection on any of my 3 Macs.


    If you do really want AV software, check out ClamAV in the app store, it's free and seems to update fairly regularly I can't vouch for it myself as I don't use an AV package at all.

    Common sense and you should be fine....Certainly wouldn't pay $$$ for an AV package.
     
  3. estrides macrumors regular

    estrides

    Joined:
    Apr 8, 2012
    Location:
    New York
    #3


    There are FEW viruses. None that you will ever encounter. The ones that are out there are made specifically to test the OS itself.

    But if you want AV software, I do agree with macmans advice on not paying for anything.

    Its just such a far far chance of getting something, you have a better chance of getting malware...
     
  4. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #4
    Helpful Information for Any Mac User
    Portables Fast Start: The New User's Guide to Apple Notebooks
    Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
    1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

    2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

    3. Disable Java in your browser. (For Safari users, uncheck "Enable Java" in Safari > Preferences > Security.) This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

    4. Change your DNS servers to OpenDNS servers by reading this.

    5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

    6. Never let someone else have access to install anything on your Mac.

    7. Don't open files that you receive from unknown or untrusted sources.

    8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

    9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
    That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.
    There are zero Mac OS X viruses in the wild. There are trojans, but no viruses.
     
  5. estrides macrumors regular

    estrides

    Joined:
    Apr 8, 2012
    Location:
    New York
    #5
    I guess I shouldn't interchange Virus and Trojans as they are not the same. Apologies.
     
  6. Puevlo macrumors 6502a

    Joined:
    Oct 21, 2011
    #6
    If you want viruses, then no, you don't need anti-virus software.
     
  7. throAU, Apr 29, 2012
    Last edited: Apr 29, 2012

    throAU macrumors 601

    throAU

    Joined:
    Feb 13, 2012
    Location:
    Perth, Western Australia
    #7
    I'd install a scanner.

    The OS X market is ripe for the plundering as far as malware goes, due to the lax attitude of its users toward security ("typically: there are no viruses, we'll be fine, lalalalala"), and as it gains market share, this is getting more likely to happen.

    Sure, you will probably be fine without one for some time - but it is a risk. Just like we have airbags fitted to cars, in the hope that we never need them, having a virus scanner is an additional layer of protection.

    Mountain Lion will certainly improve this situation with the optional requirement for applications to be code-signed, but it is not here yet.


    Sure, you can disable flash, java, silverlight, javascript, etc to secure your mac, but in the real world people need/want those things to be able to use their computer.

    No, a virus scanner will not necessarily protect you from as-yet unreleased malware, but definition are updated regularly, and its quite likely you'll get he definition update before you get infected. Certainly you'll be a lot more likely to detect the infection than if you have nothing...


    edit:
    quibbling over viruses vs trojans is missing the point. I prefer to use the generic term "malware". which DOES exist for mac.

    My point is this: Windows gets malware. There is nothing inherently different to the mac that will magically prevent this: it is still written by humans, and human programmers do make mistakes from time to time. thus, we still see regular security vulnerabilities and patches published by apple. the fact that there is, as yet a limited amount of malware out there for the mac is not because it is inherently immune, it is more to do with the fact that the market share has not been worth bothering with. Criminals will go after the bigger rewards first, and that means targeting windows with its 90% or so of the market.

    However, the mac is gaining share. The malware wave is coming, and unfortunately the vast majority of OS X users are still stuck in the mindset of thinking they're not likely to get infected. Now the mac even runs the same CPUs as PCs, similar exploit code (or rather techniques) are likely to be more easily ported. A malware writer now no longer needs to learn the (comparatively) obscure PPC instruction set to write code to take advantage of a buffer overflow.
     
  8. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #8
    For those with a lax attitude toward security, installing an antivirus app isn't going to protect them against poor user decisions. This was proven with MacDefender, when those running antivirus apps were infected because they actively installed the malware, which antivirus apps didn't identify as malware when it was first discovered.

    Rather than a lax attitude toward security, I recommend a careful and cautious attitude, practicing safe computing as described in my earlier post. Those who have been doing so have not been affected by MacDefender or any other Mac OS X malware that has ever been released in the wild, even without running any antivirus apps.
    The market share theory has been completely debunked. It's a false premise.
     
  9. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #9
    Mac OS 7, 8 and 9 had several real viruses (by actual definition what a virus is), and Mac OS Classic had a lot less market share than current Mac OS X.

    The Mac OS X Malware Myth Continues
     
  10. Ice Dragon macrumors 6502a

    Ice Dragon

    Joined:
    Jun 16, 2009
  11. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #11
    Disable Java (not JavaScript) in Chrome. Here's how.
     
  12. Ice Dragon macrumors 6502a

    Ice Dragon

    Joined:
    Jun 16, 2009
  13. Mal macrumors 603

    Mal

    Joined:
    Jan 6, 2002
    Location:
    Orlando
    #13
    You can also use the excellent Click to Plugin extension, which allows you to enable Java more easily when you do encounter a use for it.

    jW
     
  14. Queen6, Apr 29, 2012
    Last edited: Apr 30, 2012

    Queen6 macrumors 603

    Queen6

    Joined:
    Dec 11, 2008
    Location:
    Enjoying Better Things
    #14
    Same question, same rhetoric;

    There are several reasons to run antivirus/malware on OS X especially if you are dealing with a mixed environment passing on malicious code even inadvertently does you no favours in the profesional world, let alone family and friends. What does not hurt your Mac & OS X may bring a PC to it`s knees.

    You do need to be careful on the choice of application; ClamXav is extremely light and only looks in realtime at what you specify and it`s free. The sentry is presently utilising 0.2% of CPU consuming just over an hours worth of CPU time over several weeks and this is on a machine over four years old. Does anyone seriously still believe that running ClamXav on todays modern hardware impacts performance! The paid for packages I agree are a waste of $ offering little more than a placebo with a heavyweight user interface. ClamAV the parent of ClamXav protects numerous servers globally, which is a pretty good tip...

    ClamXav will have no impact on a modern Intel based Mac. To have a free, low headroom, accurate scanner that offers a lot of flexibility and not utilize it seems somewhat stubborn at best. The retorts of AV being a resource hog, boils down to one thing, research; ClamXav will not bog your system down, if it does you have some other inconsistencies that need addressing, or your hardware is so old it`s well and truly time to upgrade, on my Early 2008 MBP ClamXav is simply invisible, there is absolutely no degradation of performance, as for the new i7 2.4 MBP it`s completely transparant.

    I have literally decades of work on my systems, I have no intention of losing any data, ClamXav is but one tool in a multilayered safety net. Lets face it, if and when OS X is compromised it will spread like wildfire as many fundamentally believe that OS X is invulnerable. I am not entirely sure posts that overly renforce this sense of security are helpful to the average user, even Apple recognise the threat, however the updates are too slow to be considered a preventative measure...

    I have never had a positive hit in all the years I have run ClamXav equally OS X is gaining traction and it`s simply a matter of time before someone figures it out, thinking otherwise is simply naive. ClamXav cost me nothing monetarily nor time in productivity, this is a safety net that costs little more than five minutes of your time.

    Virus/malware gains traction by exploiting vulnerabilities on unprotected systems. I don't believe for one second that CalmXav is the single security solution for OS X, it is however the de-facto standard for many mail servers globally (ClamAV), and the app is rapidly updated.

    Apple has included ClamAV with OS X server since 10.4 and continues to do so today (http://www.apple.com/macosx/server/specs.html) with OS X 10.7.3 Lion Server. ClamXav is transparent on a Intel based Mac, adds another level of protection at zero cost.

    Apple also clearly list Calmav-137-1 on their 10.7.3 Open Source page (http://www.opensource.apple.com/release/mac-os-x-1073/) admittedly it is not implemented in the Lion client release, equally I would not be surprised if it was quietly implemented in a forthcoming release of OS X as was XProtect implemented in Snow Leopard. Apple may simply choose to integrate ClamAV into Xprotect and the vast majority will never know the difference. As of OS X 10.6 your Mac is running anti malware like it or not ;)

    There are many compelling reasons to run ClamXav and few if any not too, personal choices aside I fundamentally believe that suggesting that OS X is safe to all and does not need such tools is very much a step in the wrong direction; not all are technically minded, neither do all users who may have access to machines follow the same rules and guidelines. The vast majority simply point and click to get to where or what they want ClamXav simply serves as a barrier to protect those that are unaware and some cases unconcerned, ultimately such safeguards protect the community as a whole.

    Install, dont install it`s down to you now...............
     
  15. throAU macrumors 601

    throAU

    Joined:
    Feb 13, 2012
    Location:
    Perth, Western Australia
    #15
    We'll see.

    Comparing the security of OS9 (and previous) which lacked even basic memory protection and multi-user security to OS X is not exactly a fair comparison. Of course at equal market share <OS9 would be a lot more likely to be infected.

    However in terms of security features, OS X has no more than Windows (one could even argue that Windows, with its managed C# platform available offers potentially better security assistance for developers), which is still getting hit with malware on a regular basis.

    When OS X starts getting hit (and eventually, it will), as posted above, unless current mac user thinking changes, it will spread like wildfire.

    I agree a scanner isn't a silver bullet - there IS NO SILVER BULLET, but it is an additional layer that you would be extremely foolish not to make use of these days. The overhead simply isn't there any more.
     
  16. DVD9, Apr 29, 2012
    Last edited by a moderator: Apr 30, 2012

    DVD9 macrumors 6502a

    Joined:
    Feb 18, 2010
    #16
    As to anti-Virus software...it's a scam. It doesn't work and cannot work. It is always way behind any curve you can think of. It only identifies a known malware (viruses are no longer relevant) which is only likely to effect 12yr olds or those with the same mentality.

    Most trojans -what you need to worry about- are never discovered. If it is never discovered then an "anti-virus" software program will never alert you to its existence even though it just scanned it on your system!
     
  17. throAU macrumors 601

    throAU

    Joined:
    Feb 13, 2012
    Location:
    Perth, Western Australia
    #17
    Yeah, sure this is why we've cut the malware down on our WAN drastically since having centrally managed AV software (essentially, rather than rebuilding 1-2 boxes per week due to malware infection, it has dropped to ONE in the past 18 months - out of 550 PCs).

    You have heard of heuristics, right?
     
  18. DVD9 macrumors 6502a

    Joined:
    Feb 18, 2010
    #18
    There are sites where you can upload a trojan and have it scanned by every known anti-virus program. That's what the writers of such programs do. Then they make corrections to it until it passes the scan.

    They even do this at the Pirate Bay. Someone will notify others that it failed a scan by say AVG. Someone else will chime in as well and before long the same uploader will upload another distro of that program notifying them that this one is "clean", "go ahead and scan it". Often he apologizes for "missing the infection".

    Oh sure it scans clean, now that he modified it.
     
  19. cmChimera macrumors 68040

    cmChimera

    Joined:
    Feb 12, 2010
    #19
    Do people just like to debate this issue with GGJstudios? Is there any real question that he is correct? No offense to the OP, you're obviously just seeking information, but it amazes me every time I see someone argue with GGJstudios about this. Same argument, always fails.
     
  20. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #20
    Directly from the Mac Virus/Malware FAQ:
    ... which is evidence of the fact that an average Mac user will rarely, if ever, even encounter malware. If they practice safe computing as described earlier, they will have never been affected by any Mac OS X malware that has ever been released into the wild.

    The rest of your post sounds like a commercial advertisement for ClamXav. If you prefer to use it, by all means do so. If someone has a desire to run antivirus software, it's probably the best choice, performance issues aside (some have reported performance degradation while running the Sentry feature, some have not). The two things to keep in mind about running any 3rd party antivirus software: 1. AV apps are not required to keep your Mac malware free. Safe computing habits alone can do that. 2. Running AV apps will not assure that your Mac will be malware free, as their detection rates are not 100%. Don't let the running of AV software lull you into a false sense of security.
    That additional layer provides zero additional protection over practicing safe computing. There is no Mac OS X malware in the wild that AV software can detect that can't be completely avoided by practicing safe computing.
     
  21. Queen6 macrumors 603

    Queen6

    Joined:
    Dec 11, 2008
    Location:
    Enjoying Better Things
    #21
    For someone who in general offers sound advice you stance is simply baffling; the whole point is that the majority of people do not follow safe computing habits, many dont have the luxury of a dedicated Mac, some are simply too young, too old, dont care or for the most part uninformed. Even if people hit on your posts the vast majority will simply skim over and say my "well my Mac is safe after all" and click away, not everyone is tech savvy...

    Taking the stance that it`s the Windows user`s responsibility is all fine and well when it`s the guy next door; passing on malware embedded into a document compiled from several sources to a client will obviously do wonders for your credibility, of course you can always try teling them "well after all it`s your own fault" I am sure it would be received very positively. Bottom line your work wont even be viewed; it will be scanned and quarantined. This senario wont apply to all, however those that it does will undoubtedly suffer from this sage advice, not all professionals are IT pros, nor do they need to be, ask any IT department.

    I have never had a positive yet, it`s simply a matter of time Apple is becoming a bigger target by the day, as has been said before and very much reinforced by this attitude that it wont happen to me as I am a responsible user. Somewhere, someone is going to figure it out, it`s just code and when it happens it will be an epidemic, thanks in part to posts such as this. ClamXav may or may not save the day depending on the speed of detection, however it`s another tool, another barrier, another layer, one you are advocating as being unnecessary.

    Versions of "Flashback" self terminate simply due to ClamXav being installed, should a similar scenario occur with an exploite directly attacking OS X, given the same circumstance your machine will be infected/intruded, mine will remain safe, it`s that simple. So why does Flashback self terminate? Easy detection, the last thing the owner of the malware wants is for the code to be detected on a system, he/she wants to keep the malicious code undetected as long as posible in order to spread and harvest as much personal data so possible, no one as yet knows the repercussions of Flashback, those with ClamXav installed wont need to be concerned.

    Equally if you want to omit a layer of protection so be it, however if you practise safe computing you are most definitely adding a layer of protection by running the likes of ClamXav this is common sense, the more barriers the less likelihood of intrusion. Same as the real world those with malicious intent always look for the most vulnerable, and today I have one more line of defence than you ;)

    I have no connection with ClamAV or ClamXav other than being an end user, use, dont use it`s a personal choice. The whole assumption of this debate by some is that there will never be a "Zeroday" attack on OS X, however if there is and like Flashback the owner chooses to keep his code hidden as long as possible by avoiding the likes of ClamXav this line of defence will prevail.

    I remember as a young boy my father waking me, telling me I had to see something that would change my life, I was astonished even at this very early age as I watched Neil Armstrong walk on the moon 2:56 UTC July 21, 1969 simply amazing I could hardly belive my eyes ;)

    ----------

    I know, he never learns ;)
     
  22. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #22
    We're not addressing those people, as they're not reading this forum. We can only address those who come here, looking for advice.
    Even if people hit on your posts, the vast majority will simply skim over and say "well if I install an antivirus app, my Mac will be safe", even if they don't practice safe computing, which is not true. You simply cannot pass the responsibility of protecting your Mac to some 3rd party antivirus app and expect it to take care of you. It's the user's responsibility to practice safe computing, if they want to be protected. For as long as Mac OS X has been around, the safe computing tips I posted have been 100% effective in defending against all Mac OS X malware released in the wild, which has not been true for running antivirus apps.
    For decades I've exchanged files with clients while both they and I were running all versions of Windows. I've had floods of emails from infected client systems, as well as files sent by other means that contained all manner of malware. I was never affected by any of it, as I ran antivirus on my Windows systems, and instructed clients to do the same. With countless thousands of files exchanged, I've never sent a single infected file to anyone, whether from Windows or from Macs. That's because I don't exchange files with people I don't know and I recommend antivirus for all Windows users. The only way you can send an infected file to a Windows user is to first receive it from a Windows user.
    They also self-terminate if MS Office or Skype or other non-AV apps are installed, or even if none of them are installed, but the path exists. That doesn't mean that ClamXav is detecting the malware.
    Yes, and we all know how well MS Office and Skype work in detecting malware...
    That's the fallacy of the antivirus argument. "I have it installed, so I don't need to be concerned." That false sense of security is dangerous to those who think that AV will save them from unsafe computing habits. Sophos was not one of the AV apps listed that caused Flashback to uninstall itself, so those with that installed were unprotected. The next variant could just as easily ignore the presence of ClamXav, just as it ignored Sophos before. MacDefender was not detected by any antivirus app as malware when it was first encountered, yet those practicing safe computing were unaffected.
    There is no Mac OS X malware in the wild that ClamXav can detect that I'm not already completely protected against by practicing safe computing. So that extra "layer of defense" is completely redundant. As I said before, if you or anyone wants to run antivirus, by all means do it. Just don't be mistaken in thinking it will protect you from unsafe computing habits, or from malware that doesn't yet exist.
     
  23. cmChimera macrumors 68040

    cmChimera

    Joined:
    Feb 12, 2010
    #23
    Nope, you're just as wrong as anyone else that I've seen debate GGJ.
     
  24. Queen6 macrumors 603

    Queen6

    Joined:
    Dec 11, 2008
    Location:
    Enjoying Better Things
    #24
    Yes we are as this is public forum and free for all to see, and therefore a level of responsibility should be applied.

    I have never suggested for one second that safe computing habits should be abandoned in favour of a third party solutions, merely another string to the bow that you refuse to condone.

    Fine and good as long as you can detect the malware, following your advice the OS X user will never be aware as there is no active scan, just because you know someone does not preclude their system from malware. I have never infected another system as I dont "roll the dice" and scan what I send be it from a Mac or a PC. All files should be considered as suspicious be it from a Mac or a PC, unless you have explicite knowledge of origin.

    Exactly the owner of the malware wants the code to remain undiscovered and the fact that ClamXav is on the list is only a benefit to those with the application installed, or do you disagree?

    Same, same, only the creator of Flashback knows why, likely these applications are ones that he/she asumes will be guarded and or clash with the code.

    Simply repartition to validate your point of view, in this case ClamXav did prevent systems being exposed to malicious code. Once again no one is saying that you can forget safe computing habits by simply installing a third party solution. By omitting a level of security the system is inherently weaker, it costs nothing in $$$ or time.

    You dont know, nor do I and that is a fact; your safe computing habits can be breached at any time, by a Zeroday Attack as can CalmXav the difference is I admit it. I employ safe computing and a third party solution, please explain how this is possibly detrimental to a OS X system performance, productivity, total cost of ownership or is it simply a case of this is my point of view and therefore unnecessary, like it or leave it....
     
  25. mac26 macrumors 6502

    Joined:
    Dec 27, 2011

Share This Page