Response time to Mac Defender

Discussion in 'Mac Apps and Mac App Store' started by Trebuin, Aug 25, 2011.

  1. Trebuin, Aug 25, 2011
    Last edited: Aug 25, 2011

    Trebuin macrumors 65816

    Trebuin

    Joined:
    Jun 3, 2008
    Location:
    Okinawa, Japan
    #1
    I was going to specifically cite Antivirus only, but since so many people insist that OSX itself is the perfect virus protection...or else blame it on the user, I've decided to include it as well. As I'm frequently busy, I could use some help.

    I put this together because I haven't really seen any good benchmarks for any of these software. What really needs to be tested are response time, memory usage, disk usage (including all components), usability, and stability. Here's examples why: Norton took 1GB of my SSD...a significant amount of space. Intego Virusbarrier had fun crashing my computer all the time...at least norton didn't do that. There are reports that others sap 100% cpu usage. OsX itself would have left my computer shut down for about 20 or so days until a definition was released...had mac defender been an actual virus.
    Here's the list so far:

    Mac Defender Released: ~2 May (it's the trojan)

    Responses

    Sophos: 2 May 2011
    Intego Virusbarrier V5 & V6: 2 May 2011
    MacScan: 4 May 2011
    Apple OsX: 31 May 2011

    Kasperky: NLT (no later than) 4 May 2011
    Norton:
    iAntivirus:
    ClamXav: NLT 8 May 2011
    Avast:
    MacKeeper:
    McAfee:

    Don't be worried about the fact that some of these have NLT and some later date than others...I simply can't find when they updated their definitions to include Mac Defender.
     
  2. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #2
    do you really need an antivirus software for Mac Defender? Its not a virus but malware. And malware for OSX you have to knowingly allow the installation, i.e., prompted for your password
     
  3. Trebuin thread starter macrumors 65816

    Trebuin

    Joined:
    Jun 3, 2008
    Location:
    Okinawa, Japan
    #3
    Personally, probably not...my dad and a lot of other more simple users who can be fooled...probably. Considering if you had an AV installed...you have a very small chance if fooled to install that think...eg, less than a day for the definitions to be produced. If you don't have AV, you have close to 30 days of exposure.

    Also, considering these things can be put into hijacked sites, you actually have a greater chance of catching it. EG, if macupdate was hijacked by either proxy spoofing or just hacked with no modifications other than a few files changed...this could become a real reality. One day vs 30 is a huge difference then.

    Finally, the country I'm in, about 40-60% of the sights are modified for data collection and computer hijacking. None of Macupdate's files pass any file validate because they are all modified. I have been briefed that I cannot do any banking over here and believe them considering my Paypal account was hijacked within 30 mins of using it. Such is the reality of not being in the good old US of A.
     
  4. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #4
    You've started with a false assumption: that you were the first to encounter the malware.

    From the time malware is first encountered in the wild until it's reported and defenses are developed is a matter of days or, at the worst, weeks. During that time, people are made aware of the malware's existence through news media, forums, etc. Not everyone encounters malware on the day it is released. On the contrary, most will never encounter any Mac malware during the entire time they own a Mac. Only a handful will initially encounter malware and by the time the majority of the public knows about it, defenses are already in place.

    You don't need any antivirus software to protect Mac OS X from malware. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:
     
  5. Trebuin thread starter macrumors 65816

    Trebuin

    Joined:
    Jun 3, 2008
    Location:
    Okinawa, Japan
    #5
    Thank you for going off topic. This thread is about places that are a little more hostile than America and for least common denominators won't don't like to read news, yet still spend too much time going places they shouldn't.


    You've started with a false assumption: that you were the first to encounter the malware.

    Good, apple will always be the first to find and deal with this...they wont take nearly 30 days.
    http://www.pcworld.com/article/2291..._defender_security_updateeverybody_relax.html

    From the time malware is first encountered in the wild until it's reported and defenses are developed is a matter of days or, at the worst, weeks. During that time, people are made aware of the malware's existence through news media, forums, etc.

    Good thing this country allows access to malware education:

    Web Page Blocked


    You have tried to access a web page which is in violation of your internet usage policy.

    URL: www.foxnews.com/
    Category: Prohibited News

    To have the rating of this web page re-evaluated please click here.


    Not everyone encounters malware on the day it is released. On the contrary, most will never encounter any Mac malware during the entire time they own a Mac.

    And the Titanic will never sink.

    Only a handful will initially encounter malware and by the time the majority of the public knows about it, defenses are already in place.

    Thank goodness 2 May is after 31 May


    You don't need any antivirus software to protect Mac OS X from malware. No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install

    So my dad clicking on install on Mac Defender (because he doesn't read news) would have done nothing since protection was in place and antivirus would have done nothing in addition to anything else?



    All these responses are sarcastic, except the part about my dad...he really is a least common denominator.
     
  6. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #6
    You're not making any sense. There is nothing in your original post about "places that are a little more hostile than America". Read your own posts. My response is on-topic for what you posted.
    No, Apple won't always be the first, but as I already said, most people have never encountered Mac OS X malware.... ever.
    Again, you're not making any sense. What are you talking about?
    Again, what's your point? Although in one way, your analogy works: 1,517 people died when the Titanic sank. That's 1,517 out of the entire global population of billions of people. Your chances of encountering Mac OS X malware is likely the same percentage.
    You're not making sense again.
    Your dad doesn't need to read the news to be protected from MacDefender. Read the bolded text above. All he has to do is to only install software from reputable sources. The fact that an install started that he didn't initiate should have been enough warning not to proceed with the installation. Antivirus software would have done nothing to protect him, since it didn't recognize MacDefender as a threat when it was first encountered.
     
  7. aristobrat macrumors G4

    Joined:
    Oct 14, 2005
    #7
    AFAIK, Apple's initial Mac Defender response wasn't what most would consider timely, but in the end, they did deliver a solution that updates itself daily, removing new known malware from Macs.

    IMO, the system works well enough that it seems like a lot of Apple blogs are first hearing about Mac Defender variants by looking at that Mac OS X malware daily update (vs. reblogging a press release from one of the usual computer security firms).
     
  8. Trebuin, Aug 25, 2011
    Last edited: Aug 25, 2011

    Trebuin thread starter macrumors 65816

    Trebuin

    Joined:
    Jun 3, 2008
    Location:
    Okinawa, Japan
    #8
    GGJstudios, I'm sorry you didn't read the last line of my last post. I'll give you one on my second post being off topic...that's actually the reason why I'd like some AV protection. Adobe keeps popping up that it wants to install an update, 10.2, which doesn't exist. I've been briefed never to install updates here.

    Back on topic.

    aristobrat: Good point, Apple actually does a decent job of response compared to windows. Also, you're right, it was the scare that the media took ahold of. Check this:

    http://www.zdnet.com/blog/bott/an-applecare-support-rep-talks-mac-malware-is-getting-worse/3342

    Apple had a bit more calls, but like you and this article mentions, the majority of the response was just from scares and questions.
     

Share This Page