Separate names with a comma.
Discussion in 'macOS Mojave (10.14)' started by donawalt, Nov 29, 2018.
No you haven't. Not on a Mac.
Non-existent on a Mac.
You might want to take up your argument with MacWorld...
Yes. Got my MacBook Pro 2 days ago and the firewall was disabled by default.
In this whole thread, two folks have defended the use of AV products saying it's okay to use AV products no harm done. There are then those who VIGOROUSLY try and point out to the two of us, that it ISN"T the best thing to do and yet don't see that the two of us really don't care if they use AV or not but they apparently care if we do? You want to talk about a screwed up line of argument THAT is.
Just use one if makes you feel safe... who cares? No OS is safe really so if you think you're protected for being on a Mac you're wrong.
You are aware that this applies to you more than anyone else? It is you that vigorously insists AVs are the way to go, aren't you?
So I agree to your previous statement - we are going in circles here. Never mind
Not a single one of those forms of malware listed is a virus. There has never been a true virus in the wild that can infect macOS/OS X. Prove otherwise by naming just one.
I know... the first thing I do is enable the firewall on all my new Macs but the fact it's disabled...What is that supposed to tell us about default security settings on MacOS?
--- Post Merged, Feb 11, 2019 at 2:28 PM ---
Here we go back to the semantics debate... what is a virus, malware, blah blah... Ok then... prove to me those aren't threats and how would you detect and remove them without using Mac security software? This has been gone over before in other threads... and no you won't be able to answer that question because the others in the "No Mac AV ever needed" fan club couldn't either. I suppose you could try to tell us you have psychic powers of infection detection and removal.
--- Post Merged, Feb 11, 2019 at 2:28 PM ---
Regardless of what you claim, it is not a matter of semantics. If I refer to your car as a submarine, because both are methods of transportation, it's not semantics; it's wrong. A virus is one form of malware, but not all malware are viruses. There is a significant difference, which affects whether or not antivirus/anti-malware software is required as a defense. You appear to be unable to grasp that simple distinction.
You need antivirus/anti-malware software to defend against Mac viruses, which don't exist.
You don't need antivirus/anti-malware software to defend against other forms of Mac malware in the wild.
I never said there is no malware or threats; only that there are no viruses, which require a software defense.
I wouldn't have to remove them, because I would never install them in the first place, because I practice safe computing. You're prescribing medicine to cure a Mac "illness". I prefer to never allow my Mac to get "sick" in the first place, through safe computing.
It is semantics. You are playing word games with your claim that "no Mac viruses are in the wild, prove it". You are saying that because it's the only type of threat that you can offer evidence for that backs your position. The truth is that most security software is called "Antivirus Software" and that long term name has been used for decades... You can try to argue all you want about the semantics of the word "Antivirus" but MacWorld, the computer software industry and most computer users in the real world know what that means. It's become a long time man made marketing term to describe software that protects against a range of computer threats.
The concept of a virus may be based on biological concepts of how an infection is spread but just like the biological world both a virus which takes over cells to spread or bacteria or fungal infections or toxins can all make you sick... and just like the micro-biological world these threats change, evolve and are engineered to take advantages of the weak points in your computer... and most people want a defense against these evolving threats.
In regards to safe computing... We all agree that you want to practice computer safety... don't open questionable programs, untrusted files, suspicious web links, etc. The same is true with biology. Stay healthy, eat quality food, get sleep, keep your immune system strong, stay away from people who are coughing. But regardless of how much common sense you use in regards to health it's good to have microbiological detectors out there for you and your family warning you when it's flu season, where the infections are happening, what areas to avoid where dangerous illnesses are spreading... and hopefully you can block any infection because you at least know it's around you and if you do get sick you may want a solution like some type of medicine to help get you better.
Therefore isn't the best solution to use common sense health practices along with modern threat detection to prevent what you can't see from infecting you... and to have a means to remove or cure illnesses that could be acquired? The intelligent person does both.
This is where the problem lies, and is a serious concern of mine: How does one know if a program is nefarious or not? I'm not talking specifically about "beeaware". I'm talking about software that is designed to fill a need, and does so without an indication that it is adware, a virus, malware, backdoor etc. My example includes software that might be a pay to use application that gains a loyal following, and eventually - maybe at a later date - captures keyboard input and sends it off to a server someplace.
I realize we have no choice other than to trust the major players (this bothers me too because you never know...). It's the smaller developers, that have really good software, that it's hard to decide on.
For example only: In the past, based on user reviews, I have used Little Snitch. I like the program, but how do I know if the developer's are doing anything other than what the software advertises? I don't have the skills, or software, necessary to find this out.
I consider myself to be very cautious with passwords, the software I install, physically securing my computers, but I am on the fence with some of the software I'd like to install, and that is something I'd like to feel confident about.
So what I am saying is this: What is your definition of "safe computing"? Is it a gut feeling? User reviews? Reputable developers (who are they)? Would love to hear your opinion.
EDIT: I only use licensed, non-cracked software. I do surf the web, but avoid clicking on any popups or ads when visiting questionable/porn sites I will force close, and reboot if I feel something isn't right. I never install browser extensions (privacy/security concerns).
For the multi millions of people who don't practice safe computing, apps like Malwarebytes are a godsend (classic example in my earlier post).
The case is less clear for AV apps at this point. If and when a Mac virus occurs in the wild, then obviously an AV app won't at first protect against it ....but you can bet it will do within a few hours.
Then it becomes a question of how likely you personally are to be one of the very first to be caught by it in those few hours. Possible, but not all that likely. Most of the multi millions will be protected from themselves if they run AV.
But they are paying a price meantime in effects on computer, £ and $, etc. It is entirely reasonable for the enthusiasts and informed computer users not to run AV (as I don't) because they know they will hear about it soon enough when it happens.
For the multi millions Malwarebytes is a no brainer (IMO). AV protection less so. I push Malwarebytes to my friends and relatives. I don't push AV to most of them.
Maybe it's not other people being always pedantic and getting stuck in useless semantics debates.
Maybe it's just your huge ****ing lack of understanding of what a virus is and how it differs, fundamentally, from other forms of malware, and how viruses are basically the only malware type you can't protect against by practicing safe computing and are thus the only legit reason for a power user to install AV software.
And maybe the people stuck on semantics are mostly power users trying to get you to shut up, stop quoting ****ing Karen-the-PR-person from Macworld and maybe pick up some education on the subject.
My point wasn't what a virus is or isn't or even someone's strict definition of it. Read my post again. I am explaining that it DOES NOT MATTER to most people if it is a virus or something else that infects your computer. People WANT to be protected from ALL of it. If you don't like the term "Antivirus software" which is a common use simple term to describe software that protects against MANY threats you can complain to the software companies who created the name...and NO MacWorld didn't create the name. It's been around for DECADES.
No, I'm saying that there are no Mac viruses because it's true, and viruses are the only type of malware that require an antivirus/anti-malware app as a defense, since a virus can spread to other computers without the user's knowledge or action. All other Mac malware infection requires the user's action to infect. That is a significant difference.
That's the problem. It's a marketing term, not a factual technical term, and it is false and misleading, propagated by the companies that want to sell antivirus software. "Malware" is the umbrella term that encompasses viruses, Trojans, worms, rootkits, etc. A "virus" is one particular type of malware that can spread and infect without users doing anything, which is why software is required to detect and block it. Trojans, on the other hand, can be avoided by being careful about what you install. A Trojan does not install itself and does not spread to infect other computers without user action.
Exactly. That is why antivirus software is required as a defense for a virus. Unlike a virus, however, other Mac malware is more like food poisoning: you get it because you ate something that you shouldn't. It is not contagious and cannot spread to others. You can avoid it by being careful about what you eat. You don't need medicine to ward off food poisoning; just watch what you eat.
More like days or weeks, based on history. The Flashback Trojan was in the wild with infections being reported for several days before antivirus apps were updated to detect it. By contrast, none of those practicing safe computing (being careful about the source of the apps you install) were affected by it.
And not one antivirus/anti-malware app will protect against all of Mac malware in the wild, but safe computing protects against all of it.
It is misleading to tell people they can install an antivirus app and then they don't have to worry about malware or "viruses" on a Mac. That is simply not true. Even running such an app, their Mac can be infected if they install a Trojan that the app doesn't detect. If you want to keep your Mac safe from malware, you can't be lazy and careless: you need to practice safe computing.
It would certainly be unfortunate if people thought they didn't need to even try to practice safe computing because they had anti malware protection.
Practicing safe computing means using common sense and staying informed.
Keep macOS and your apps updated at all times. Many of these updates include patches to vulnerabilities that can prevent attacks. If you have outdated software, your system may be more vulnerable.
Be careful about what you install on your Mac.
Don’t install pirated software, from bit torrent sites or any other source.
Don’t install anything without investigating to make sure that the app and the site you download it from have good reputations. Asking in this forum is a great way to learn what is safe and what isn’t.
Do install apps from the Mac App Store.
Do install apps directly from developer sites that have a good reputation. Ask in this forum if you're not sure.
Pay attention when installing apps, to make sure you install only the app that you want, and not any unwanted add-on apps that may be bundled with it. If you need help, ask for it.
Don’t let anyone else have access to your computer, and especially don’t let anyone else install something without your permission.
If you need to share your computer, use a guest account.
Use common sense when surfing the Internet. If you’re unsure about anything, ask in this forum or ask someone you know who is informed and experienced.
Be extremely careful anytime you are asked for any password or any personal information, including your name, phone number or email address. Make sure you only enter that kind of information in an app or website that you are certain that you can trust.
Check the URL in the address bar to make sure you're on the site that you think you're on.
Install and use a reputable and effective ad blocker on your web browser
Avoid shady websites, especially any that try to get you to download anything to install, such as a codec to enable your system to play a video.
Only update your apps from within the app itself or from the Mac App Store.
If you are surfing the web and see a message pop-up or receive an email saying that you need to install or update anything, be very suspicious and do not allow it. For example, if a site tells you that your Adobe Flash is outdated, do not update it from that site. Instead, go directly to the Adobe site to install the update.
The same holds true for pop-up messages that tell you that your Mac is infected with viruses or malware. These are lies. No website can scan your Mac to find malware. These are all attempts to get you to buy something or install something that you shouldn’t. Don’t do it.
Adware is software designed to generate and display online advertisements on your computer. While not true malware, adware is usually unwanted and a nuisance, but it can easily be avoided by practicing safe computing (see above).
Antivirus and anti-malware apps are not required to keep a Mac malware-free, as long as a user practices safe computing. Some antivirus apps have themselves been used to introduce malware to Macs, so they can increase vulnerability. Many who have relied on antivirus apps and did not practice safe computing have had their systems compromised by threats that their antivirus app did not detect. No antivirus or anti-malware app has a 100% detection rate, but since Mac OS X (macOS) was introduced, practicing safe computing has effectively defended against 100% of macOS malware in the wild.
If you haven’t been practicing safe computing and you want to check your system for any malware you may have allowed to be introduced, use MalwareBytes to scan your system. It’s free and doesn’t need to be continuously running. Just scan once and practice safe computing from this point forward.
In general, macOS malware is so relatively rare, that only a very small percentage of Mac users have ever encountered any.
Practice Safe Computing... That applies to children, teens, parents who aren't computer smart, other family members, employees, etc.? Can you recommend any classes I can send them to to learn this so called "Safe Computing" that you seem to think everyone automatically should know about and practice?
Once they learn "Safe Computing" principles how can I keep track of them so they don't slip up or forget? Should I install a web cam with a microphone so I can monitor what they are doing in real time? I could watch them with an app on my phone and yell at them if they forget what they learned and open a file from an email that isn't safe to open... or click on an ad that leads to a fake web link.
If MacOS malware is so relatively rare why do I know of four people that got infections on their Macs in recent years? None of them were running Mac security software at the time. When one of those people took it in to a professional certified Apple/Mac service center they ran AV/antimalware/security software to remove the infections and told him he should use Mac security software to help prevent future infections... but you have been telling everyone they don't need Mac security software.
For children, you can use parental controls to prevent them from installing apps. For others, you can simply tell them that before they install something new, ask if it's safe. I do that with friends and family. They know that if they're not computer literate enough to practice safe computing, they ask me if they're unsure about anything or before they install apps or updates. None of them have problems as long as they do that. I can connect remotely to friends/family to install apps for them, if they like.
What malware was it? Was it adware, which is not true malware, but a potentially unwanted program (PUP) and is more nuisanceware? That's 4 out of what? 100 million or more users? Yes, it's relatively rare. Even the Flashback Trojan, which was very widespread, affected only about 600,000 Macs, less than 1% of the Macs in use at the time. By contrast, when I was using Windows, my antivirus app would intercept dozens of malware instances every week, even though I was practicing safe computing.
I took my iPhone to a "professional certified Apple/Mac service center" to have my battery replaced. When the battery life was terrible 6 months later, I took it to an Apple store, who told me the service center damaged my battery so badly, it was too much of a risk to repair it, so they gave me a new phone. Just because it's a "professional certified Apple/Mac service center" doesn't mean they know what they're talking about.
False. I've been telling everyone they don't need antivirus/anti-malware apps as long as they practice safe computing.
You recommend going against the advice of an authorized Apple/Mac service center? Ok, I guess that's your opinion.
Now we will let you answer the real world IT questions here...
How do I know if my family or employees will Practice Safe Computing? Despite telling them over and over not to do it... We have various employees for years that always tried to and actually did install programs/apps on our business computers. Some of the business computers are a remote location that we don't access every day. Our PCs running Windows were unusable much of the time and I had to waste time (an unbelievable amount of hours every year) traveling to those locations to get infected computers up and running again.
We used AV software that helped with the Windows machines but sometimes they would even bi-pass the protection warnings to install their software. Switching to Macs helped for the last five years but we still have found unauthorized applications on them that newer employees installed (games, phone apps, etc..) even though we clearly told them not to when they were hired. (Yes this all really happened).
Note: I have Mac Security software installed on ALL the work computers and it has worked well... never caused a single problem... I actually just spoke to one our employees... a manager... this past week at a remote location... several hours travel away from me and I made sure the MacOS (10.14.x) and the Mac Security software was fully up to date... but since you have been arguing for a few weeks about how we don't need it I figured I would ask if you have another solution.
Also, our local computers... Windows PCs and Macs that have family and employees using them also are kept fully updated with Mac Security software and they too have been completely trouble free from infections (all of them trouble free including Windows PCs).... but I do get calls on the phone several times a year about what to do when the security software pops up with a Warning about a bad link or an infected file being blocked... (the Mac security software blocks the infections usually before the Windows VM security software does).
They have been told the Safe Computing Principles just like you listed but they forget and still open attached files.... some of the attached files need to be opened that come from our vendors, associates and from those remote locations.... the ones that I don't have access to and from the computers... Macs and PCs... and Macs that you suggest DON'T need security software.
I've spent more time arguing with you and others on this topic (hours and days) than time I spent dealing with any infection related problems on our all business and personal computers for five years. Since you have been arguing with me for at least this past week over this I figured I would give you a chance at explaining your solution... despite the fact that using the security software on ALL the machines has kept everyone working trouble free with very little time and effort by me.
All good thoughts. But you do realize you are wasting your breath right? Notice how I have withdrawn from the discussion?
Yes, I've known it for a while. Their posts go in circles and it makes your head spin. Thanks for reminding me.
Of course, the only way you can know if it is the security software that is responsible for the trouble-free computing is if you have a control group without said software, and those computers became infected with malware.
I know your mind is made up. However, some very logical and tested strategies have been explained in this thread in a very clear fashion, yet you choose to deride is as "going in circles" when it's actually very organized and well thought-out. Oh well...
This virus debate is interesting as it's so devoid of emotion. I'm being facetious of course.
So, there are 10s of thousands of Windows viruses and a small fraction of that for OSX. Why?
I've seen some explanations centered around Windows is popular, OSX is not, so Windows is a more lucrative target. I think that was B.S. written by folks in the Windows world. I suspect the core architecture of Windows is the issue and that it can never be corrected. The Registry, Dynamic Link Libraries, etc. are fundamental Windows building blocks that you can drive a viral truck through.
I could be wrong. Any technical experts out there that can offer incite?
Please guys, I beg you, don't use the word "virus" in place of the more general "malware".
Viruses are basically the worst kind of malware, they're able to infect a computer without user action. A virus doesn't piggyback on pirated software. You don't download a virus in the form of a p0rn.exe file.
A virus takes the initiative, it attacks your computer through an attack vector and often uses it as a new base for further attacks on different machines. Your computer being infected by a virus is, literally, not your fault.
The number of viruses that are after your Mac running macOS is 0. Zero. Not a single one. Since Mac OS X was released in 2001, there hasn't been a single viable virus that would target it. So no small fraction.
It's part B.S. part truth. Windows IS much more popular. If the attacker's goal was to gather as many machines as possible to form a botnet, then yes, attacking macOS wouldn't make sense. On the other side, let's face the truth. In most parts of the world, only rich people have Macs. I live in a fairly developed country in Europe, and the base model Mac I'm typing this on cost more than our average monthly wage. If it's money the attacker is after, Macs would allow him to steal/blackmail for/get ransom for more per attack.
There have been some unfortunate architectural choices during Windows development. DLLs and the mess that registry is are some of them. Windows was never meant to be a networked multi-user operating system and throughout its development towards what it is now (a fairly capable OS) it's been hindered by its backwards compatibility philosophy.
Things weren't always this good on the Mac side. Mac OS used to be just as vulnerable and unstable as Windows. Everything changed with Mac OS X. Mac OS X (and OS X and macOS) is part of the Unix and Unix-like family, together with the various BSDs and the distant hippie cousin, Linux. The Unix likes were always meant to be networked and used by multiple users at the same time. The architectural choices one has to make to support multiple users and many thousands of concurrent/parallel processes result in much better security, basically.
(https://en.wikipedia.org/wiki/MacOS_version_history for some details)