Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

So, my University now requires I have antivirus on my MacBook

12dylan34 said:
Wait, I noticed that it says you live in Colorado. I go to CU. What about you? CSU? UNC? feel free to PM me if you care to reply but don't want to make it public.
Click to expand...

I go to CU. I've asked friends at different schools and apparently all 3 (Springs, Denver, Boulder) have this same restriction implemented.
 
mgartner0622 said:
I go to CU. I've asked friends at different schools and apparently all 3 (Springs, Denver, Boulder) have this same restriction implemented.
Click to expand...

Interesting...Well I go to CU Boulder and I don't bother with antivirus stuff, and it's never given me any issues. It for sure doesn't let you log on without it? Like you've tried it?
 
If they don't have some CIA-like techniques to detect whether you turned on the antivirus, simply install one and disable that during use. Just in case they check, show them the antivirus software.;)
 
School policy is to install a program called "SafeConnect" which then authenticates to the network and lets it know you have antivirus. If you don't have it installed for a week, SafeConnect won't allow you to connect to the WiFi.
 
GGJstudios said:
McAfee - bad
Norton - worse
Sophos - worst

I would refuse to install any of that garbage on my Mac.
Click to expand...

I've tried to. I even went to IT and asked if they was any way they could make an exception. I'm Comp TA A+ computer repair certified, so I'm not new to computers and how to avoid viruses by any means. I also don't believe in pirating so there's no issues there. This has really been annoying me, but it looks like I'll have to install one of the 3.
GGJ, you only rated McAfee as "bad", care to elaborate?
Though Comcast Xfinity, I get free subscriptions to McAfee or Norton each year. Should I be using McAfee instead of Sophos?
 
mgartner0622 said:
I've tried to. I even went to IT and asked if they was any way they could make an exception. I'm Comp TA A+ computer repair certified, so I'm not new to computers and how to avoid viruses by any means. I also don't believe in pirating so there's no issues there. This has really been annoying me, but it looks like I'll have to install one of the 3.
GGJ, you only rated McAfee as "bad", care to elaborate?
Though Comcast Xfinity, I get free subscriptions to McAfee or Norton each year. Should I be using McAfee instead of Sophos?
Click to expand...
I wouldn't recommend any of them, and my "bad, worse, worst" wasn't necessarily a ranking, but rather a comment similar to " the good, the bad and the ugly", except none are what I'd consider good. I would really try running with ClamXav and only consider the others if you're actually denied access. If you're stuck with one of those three, I'd rule out Sophos first.
 
This is what happens when you put academics with no real life experience in charge. My suggestion would be to install Mac OS X with this so-called anti-virus onto a separate partition that you only use when you need this WiFi nonsense.
 
GGJstudios said:
McAfee - bad
Norton - worse
Sophos - worst

I would refuse to install any of that garbage on my Mac.
Click to expand...

I concur with this list, even though I've never used any of them on my Macs.

There's been enough friends that've have succumbed to "fear based" posts in other forums & such that at one point or another, has caused them to install these highly useless & problematic apps.

Not once have any of these installs provided a benefit. Worse, they've all had one or more things in common. They waste time & resources not to mention there's no need for them.

That said I do understand the intent behind the rule, yet unfortunately the rule makers lack the appropriate knowledge.
 
mgartner0622 said:
I've tried to. I even went to IT and asked if they was any way they could make an exception.
Click to expand...
Do you think you'll ever have to use windows programs as part of your college work? If so (and if you have the money), install a virtual windows system w/antivirus, and use that to connect to your college. Your mac laptop then remains untouched, and any college abominations are restricted to the virtual machine.
 
How stringent are this program "SafeConnect"s checks for antivirus? I imagine it wouldn't be too difficult for someone to spoof the reading for one of those 3 programs to come up affirmative. If they're allowing a week of no antivirus they're clearly not that obsessed over this policy, which leads me to believe their program isn't all too mighty. Plenty of speculation of course, but I'd look into it. Raise anarchy, I say!
 
GGJstudios said:
I recommend that you avoid using Sophos, as it could actually increase your Mac's vulnerability, as described here and here.

If you're required to run antivirus, ClamXav (which is free) is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges. You can run scans when you choose, rather than leaving it running all the time, slowing your system.

Mac Virus/Malware FAQ
Click to expand...

This is what I have on my work MBP, works fine and honestly have never even noticed that it's there.
 
Assume that you have the HIV virus in your bloodstream and also assume that you are totally immune to this virus and you will never suffer from AIDS. So if you have the habit to change your partners often, you would still need to use condoms because your partner is not immune to HIV.

Same is with your data payloads that you get via the internet, email, etc. Your Mac is immune to it, but if you forward it or share it Windows PCs and servers , Android Mobiles, etc, will get infected - because of you. An AV product on your Mac stops the spreading of computer diseases. Use a condom / antivirus to protect others!

Regarding Antivirus program detection:
Most Enterprise and Education networks have sophisticated NW admission mechanisms. When you connect to the WLAN, then these systems will query the device whether an Antivirus program is installed. These systems are querying for the existence of up to 40 different antivirus programs. If present, the AV will respond positive. It is also queried whether the AV threat database is up-to-date. If the AV is not present on the connecting device is outdated, then this client is moved to a quarantined Virtual LAN where you only have limited connectivity and cannot access any Enterprise or Education computing resources.

I am using the free Sophos Anti-Virus for Mac Home Edition on all my Macs and I hardly notice that it is there unless it disinfects an infected email attachment.

----------
GGJstudios said:
Read the 2nd post of this thread. Sophos is not recommended.
Click to expand...

That is pure FUD. Never experienced problems with Sophos on Lion or Mountain Lion.

By the way:
When I do a manual full system scan on my MBA 2012 11" i5 running OS X 10.8.2 with Sophos Anti-Virus for Mac Home Edition Version Version 8.0.6C then I get a CPU load of 2.1% - 3.5% for the Sophos process.

You can hardly call this a resource hog.

When it is just running in the background then it is hardly noticeable
 
Last edited by a moderator:
Bigmacduck said:
That is pure FUD. Never experienced problems with Sophos on Lion or Mountain Lion.
Click to expand...
No, it's not FUD. Just because you've never experienced problems doesn't mean the added vulnerability doesn't exist. The fact is that Sophos runs with elevated privileges, which introduces a vulnerability that other AV apps don't introduce.
 
My school ran a check on your computer. If you didn't have antivirus, you couldn't log onto the wifi. This was for both Mac and windows.
 
FUD! It is a theoretical problem only.

Quote from Bob Cook, Sophos Senior Development Manager:

link to Sophos forum

There is also a good explanation why elevated privileges are required. ClamXav btw is not the same product as it lacks a live on-access scanner.


Sophos should be avoided, as it could actually increase your Mac's vulnerability?

Thanks for asking. The poster of that article at Macrumors is characterizing a theoretical problem (and does point out an actual exploit in a product offered by a different company).

There are no such issues with the security of the Sophos product.

The poster's theory goes that if the Sophos software is exploited then malicious software (which exploits a Sophos program) could run with elevated privilges e.g. would be able to modify system settings and software, but you'd never be prompted to confirm those actions.

Its ok to have this concern, however the poster has mischaracterized it to sound much more ominous than it really is for running Sophos software. This potential risk is true for any software which runs as "root". If you open up Activity Monitor and show all processes, you'll see many processes running as "root". The risk described by the poster at Macrumors applies to any of those including those provided by Apple (e.g. Time Machine, Spotlight, etc.).

Everyone running as "root" has an obligation to insure they don't become the vector for malicious software. We (as a responsible security company) are constantly improving our software.

(btw I'm the guy responsible for the software development team for SAV for Mac, and I really appreciate you asking questions; let me know if any of that either doesn't make sense or needs more detail)

----------
Bob Cook
Senior Development Manager
email: bob.cook@sophos.com


----------

If you are still concerned about that theoretical vulnerability, then you should also turn off Time Machine, spotlight, etc as this apple supplied software could theoretically become infected.
 
Bigmacduck said:
There is also a good explanation why elevated privileges are required. ClamXav btw is not the same product as it lacks a live on-access scanner.
Click to expand...
That is false. ClamXav has a Sentry feature which, if enabled, will constantly scan your entire drive or any folders you select. ClamXav doesn't require elevated privileges, and they are not required for such scanning. Despite what Sophos claims, it does represent a potential vulnerability that is absent from other AV apps. It's not a theoretical problem. It's simply a vulnerability that hasn't yet been exploited on that particular app, although it has been exploited on other apps. That doesn't make it any less of a vulnerability.
 
Bigmacduck said:
Assume that you have the HIV virus in your bloodstream and also assume that you are totally immune to this virus and you will never suffer from AIDS. So if you have the habit to change your partners often, you would still need to use condoms because your partner is not immune to HIV.

Same is with your data payloads that you get via the internet, email, etc. Your Mac is immune to it, but if you forward it or share it Windows PCs and servers , Android Mobiles, etc, will get infected - because of you. An AV product on your Mac stops the spreading of computer diseases. Use a condom / antivirus to protect others!
Click to expand...

Yes, that's what I figured. The Macs on the network aren't the problem. However, Mac users who download a virus then end up getting it on the school network are. I think this is what they had in mind with required virus protection. I completely understand where they're coming from, and just wanted to get the best virus protection, meaning the least resource intensive. So far ClamXav has been working very well.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back