Viruses

[Macsavvytech]

I'm coming out of the blue with this one, but if i were to use an anti virus, should i use sophos or clamxav?

Neither of them protect your mac, if you are worried about passing viruses onto PC users then go find a free one.
As to why anti virus software is completely useless on a mac: not only are their currently no viruses for mac (strictly speaking), anti virus for mac is useless because you can't scan for something when you don't know what to scan for. When you scan for viruses on a PC is has behaviours which are known threats, or which are suspicious. This can't happen on a mac because there haven't been any viruses which use un-patched holes to scan and use as a example of suspicious behaviour

 

[NickZac]

How much pr0n are you guys looking at to get this worked up over viruses?

If OS X was not secure, and especially if it were having viruses that specifically target it, there would be a gazillion people on this forum bitching about how much OS X sucks and now they have a virus on their computer. And if it were easy to make a virus for OS X, it would already be out as the hackers would love to target the Apple crowd. Windows 7 is very secure, but debating the level of security between Windows and Unix is like debating on the political and social ramifications of a comet that stuck Jupiter and has caused a drought resulting in a 30% decrease in Scandinavian Watermelon sales for the month of July and part of August of 1873.

 

[GGJstudios]

x is like debating on the political and social ramifications of a comet that stuck Jupiter and has caused a drought resulting in a 30% decrease in Scandinavian Watermelon sales for the month of July and part of August of 1873.

You wouldn't take that so lightly if you were in the Scandinavian watermelon biz in 1873! And it was 34%, not 30%!

 

[NickZac]

You wouldn't take that so lightly if you were in the Scandinavian watermelon biz in 1873! And it was 34%, not 30%!

My sincerest apologies to the Scandinavian Win7 Watermeloners

 

[Ccrew]

If you're referring to me, I very clearly said, "there are no viruses that exist in the wild that can run on Mac OS X, and there never has been." That statement is 100% factual.

That you know of. If written well you still blindly traipse along believing that

Just like security holes.. they don't exist either

 

[GGJstudios]

That you know of. If written well you still blindly traipse along believing that

Just like security holes.. they don't exist either

No one has said there are no security vulnerabilities in Mac OS X. Read the thread and the links posted to educate yourself.

 

[wpotere]

Has anyone seen my dead horse? I'd like to beat it.

Some Guy: I think you should buy home owners insurance.

Me: I don't own a house.

Some Guy: But you will someday.

Me: Kind of pointless to pay for it now though isn't it?

Some Guy: Well, you will be prepared for it when you buy it this way.

 

[GGJstudios]

Has anyone seen my dead horse? I'd like to beat it.

No kidding!

Some Guy: I think you should buy home owners insurance.
Me: I don't own a house.
Some Guy: But you will someday.
Me: Kind of pointless to pay for it now though isn't it?
Some Guy: Well, you will be prepared for it when you buy it this way.

The only difference is, homeowner insurance will cover any house you might buy. It's more like buying a shield to protect against wiuoya rays from the 15th planet in our solar system. How can they protect you from something that doesn't exist?

 

[elVince]

I'm not disagreeing with you on anything but the way i look at it is, if X is safe, then shouldnt X + Antivirus = the same thing or a little bit better even at the tiniest bit?

 

[iMackPro]

it took me over an hour to read through this thread, but im glad i did! i learned about a lot of stuff. Thanks GGJ! you are quite intelligent in the computer field! i feel like i learn something every time i read one of your posts lol.

Im also glad that i learned as long as i dont install something that looks sketchy im good to go on my mac. whooop!

 

[Tech198]

Av

My 2 cents worth.

Many people would have mis-conseptions and its true, i'd agree as the same manufactures who makes Windows AV, also make for Mac. So really, manufactures are to blame for this.

However, my take on this is Mac AV s not required.. Manufactures arn't gonna losse money, so there not gonna stop making AV products for Mac, but the "hidden" message here is these Mac versions only scan Windows viruses/malware etc...

While its true that you can copy over an infected file, many people will use this as a 'rule of thumb' to tell you you need AV, but my personal reason behind this is, you don't

As Windows fies can not infect mac.... doesn't matter weather its infected file or not so your safe,

But ya... if you wanna scan the infected file(s). (eg you doing a clean install of Windows on a pc), then go ahead and run a scan on the mac...

Other than using it to detect Windows infections...... its not required...

And the hype you hear online articles doesn't help either..... I have read articles claiming this, but with no download of any thing.. I won't believe it.

 

[wpotere]

I'm not disagreeing with you on anything but the way i look at it is, if X is safe, then shouldnt X + Antivirus = the same thing or a little bit better even at the tiniest bit?

Nope and here is why. Think of it like the flu. In order for doctors and the lab to create the antivirus that they give each year they have to know what the virus is. The same thing happens with computers. You can't check/protect for a virus that doesn't exist or is known as the scanner would have no clue on what to look for. Current scanners only search across a windows database and those viruses are useless on a Mac.

 

[Derango]

Nope and here is why. Think of it like the flu. In order for doctors and the lab to create the antivirus that they give each year they have to know what the virus is. The same thing happens with computers. You can't check/protect for a virus that doesn't exist or is known as the scanner would have no clue on what to look for. Current scanners only search across a windows database and those viruses are useless on a Mac.

That's sorta inaccurate. Modern Antivirus programs use something called Heuristic Scanning as well as your standard database based signature detection. ( http://www.symantec.com/connect/articles/heuristic-techniques-av-solutions-overview ). In a nutshell, it allows the program to determine if something is acting sorta like a virus even if it's totally new or never before seen.

Obviously the success rate is lower in that kind of scan, but you can, indeed, have a chance at detecting something that doesn't exist.

That said, I'm firmly on the side of the "You don't really need an antivirus program in OS X...yet" camp. The benefits are very, very small at this point. I'd only recommend it in 2 cases: 1) You're dealing with an IT department at your work or college that requires some kind of security software to be installed in order to let your computer on the network. And 2) You do a lot of interacting with windows users, passing files back and forth constantly. If somebody passes you a virus, it won't bug your computer but if you then e-mail that out to another windows user, you can infect them. So it's a nice thing to do to be sure you're not passing infected files to you coworkers or something like that.

 

[wpotere]

That's sorta inaccurate. Modern Antivirus programs use something called Heuristic Scanning as well as your standard database based signature detection. ( http://www.symantec.com/connect/articles/heuristic-techniques-av-solutions-overview ). In a nutshell, it allows the program to determine if something is acting sorta like a virus even if it's totally new or never before seen.

Obviously the success rate is lower in that kind of scan, but you can, indeed, have a chance at detecting something that doesn't exist.

That said, I'm firmly on the side of the "You don't really need an antivirus program in OS X...yet" camp. The benefits are very, very small at this point. I'd only recommend it in 2 cases: 1) You're dealing with an IT department at your work or college that requires some kind of security software to be installed in order to let your computer on the network. And 2) You do a lot of interacting with windows users, passing files back and forth constantly. If somebody passes you a virus, it won't bug your computer but if you then e-mail that out to another windows user, you can infect them. So it's a nice thing to do to be sure you're not passing infected files to you coworkers or something like that.

Ah, but as I mentioned much earlier in this thread, Heuristics are actually based off of "known" viruses. Because there are currently none for OSX, there is no way to use huristics unless you use Windows viruses as the definition. Once again, AV is pointless at this stage of the game.

 

[Mactrillionaire]

Has anyone seen my dead horse? I'd like to beat it.

Some Guy: I think you should buy home owners insurance.

Me: I don't own a house.

Some Guy: But you will someday.

Me: Kind of pointless to pay for it now though isn't it?

Some Guy: Well, you will be prepared for it when you buy it this way.

Your point in this example is a valid one, but I would have to caution that false senses of security have led to many preventable calamities throughout history.

 

[wpotere]

Your point in this example is a valid one, but I would have to caution that false senses of security have led to many preventable calamities throughout history.

True, but the point we are trying to make is that you are going to load a scanner on your system that is essentially blind. It has no idea what a Mac virus is or looks like so when or if it sees one it wouln't know what to do. That is the point we are trying to make. Until that first one hits there is nothing that is going to protect you. Thus AV is a false sense of security for a Mac. Now, when/if one does come out, then we will have to see which product is the best. Until then, why worry?

 

[Mactrillionaire]

True, but the point we are trying to make is that you are going to load a scanner on your system that is essentially blind. It has no idea what a Mac virus is or looks like so when or if it sees one it wouln't know what to do. That is the point we are trying to make. Until that first one hits there is nothing that is going to protect you. Thus AV is a false sense of security for a Mac. Now, when/if one does come out, then we will have to see which product is the best. Until then, why worry?

Because a virus is only one type of malware among many and antivirus scanners detect many kinds of malware in addition to viruses.

In any event, you will be safe without an antivirus product on a Mac if you follow this procedure to the letter:

1. Enable built-in firewall and set to stealth settings.
2. Use encrypted Mac Disk Images for all sensitive information on the computer (remember to also select the No Partition option).
3. Only put private files in your encrypted Mac Disk Images (i.e., don't put any files in them that have been publicly distributed).
4. Disconnect from the internet before creating or using encrypted Mac Disk Images and shut down the computer for a few moments to clear the RAM before turning the internet back on after you are done with the encrypted Mac Disk Image.

If you follow those steps then the only danger remains is if a program has been logging what you are doing and is going to send it when you reconnect to the internet. If the firewall is enabled, you will be able to stop this from happening (provided you familiarize yourself with the websites that are ordinarily accessed by the operating system).

 

[gorskiegangsta]

Is it true that you can't get a virus or any problems on a Mac?

Absolutely not.

Concerning Viruses:
While Macs are less prone to malware it is only now and only because Apple's share in PC market is so low; most hackers simply do not want to bother writing separate piece of code for the Macs when there are (relatively) so little of them out there. That being said, there are just as many active exploits for Macs, there's still phishing content and spam.
It is best to exercise good habits while using any computer; don't visit suspicious sites, don't download unknown files (especially software) and don't open suspicious email. I do use both Macs and PCs without antivirus software and I am yet to get a virus on either of them.

Concerning "any problems":
Where there are computers there are problems, this includes Macs as well (though admittedly not nearly as much as Windows PCs.) For some people (such as my aunt, for example) minimizing a window and thinking they closed it is a problem.
One thing about the Macs is that there is virtually zero maintenance required on part of the user which, I must say, really improves user experience.

 

[wpotere]

Because a virus is only one type of malware among many and antivirus scanners detect many kinds of malware in addition to viruses.

There are only a handful all of which require the user to install them. Simply click "no" when you are asked to install software that you have not asked to install.

In any event, you will be safe without an antivirus product on a Mac if you follow this procedure to the letter:

1. Enable built-in firewall and set to stealth settings.

Sound advice.

2. Use encrypted Mac Disk Images for all sensitive information on the computer (remember to also select the No Partition option).

Not really needed and I have seen people lose information using this.

3. Only put private files in your encrypted Mac Disk Images (i.e., don't put any files in them that have been publicly distributed).

Good advice if you are using encryption but still way overkill for most users. I don't recommend using the encryption

4. Disconnect from the internet before creating or using encrypted Mac Disk Images and shut down the computer for a few moments to clear the RAM before turning the internet back on after you are done with the encrypted Mac Disk Image.

Once again, way overkill and not needed.

For everything you just posted I have only one response. Don't install anything that you didn't buy.

Torrents are a breeding ground for malware which is where most of the people got the ones that have recently been around. AV might pick them up, but if you don't ever install them you won't have a problem.

If you follow those steps then the only danger remains is if a program has been logging what you are doing and is going to send it when you reconnect to the internet. If the firewall is enabled, you will be able to stop this from happening (provided you familiarize yourself with the websites that are ordinarily accessed by the operating system).[/QUOTE]

 

[RockPortTech]

Because a virus is only one type of malware among many and antivirus scanners detect many kinds of malware in addition to viruses.

In any event, you will be safe without an antivirus product on a Mac if you follow this procedure to the letter:

1. Enable built-in firewall and set to stealth settings.
2. Use encrypted Mac Disk Images for all sensitive information on the computer (remember to also select the No Partition option).
3. Only put private files in your encrypted Mac Disk Images (i.e., don't put any files in them that have been publicly distributed).
4. Disconnect from the internet before creating or using encrypted Mac Disk Images and shut down the computer for a few moments to clear the RAM before turning the internet back on after you are done with the encrypted Mac Disk Image.

If you follow those steps then the only danger remains is if a program has been logging what you are doing and is going to send it when you reconnect to the internet. If the firewall is enabled, you will be able to stop this from happening (provided you familiarize yourself with the websites that are ordinarily accessed by the operating system).

Thank you for this tip, as a new Mac user I had no idea how to set my firewall. I checked where indicated on your post and indeed it was set to off by default (new macbook pro is only a couple days old) which surprised me but did not alarm me at all since it was easy to enable. Cheers!

 

[superfula]

With all the solid info in here from GGJ and sims, it amazes me that two people are still posting poor or inaccurate info.

 

[wpotere]

With all the solid info in here from GGJ and sims, it amazes me that two people are still posting poor advice.

To be honest and play the devils advocate, if I were converting from Windows and had no UNIX knowledge I would be skeptical as well. Because I work in the industry and actually admin 4 UNIX servers (currently) as well as program in Windows, I have a bit more understanding of how things function. Hopefully we can keep saying what we have been saying for more years to come.

 

[superfula]

To be honest and play the devils advocate, if I were converting from Windows and had no UNIX knowledge I would be skeptical as well. Because I work in the industry and actually admin 4 UNIX servers (currently) as well as program in Windows, I have a bit more understanding of how things function. Hopefully we can keep saying what we have been saying for more years to come.

True. And I can respect that. However the issue in this thread isn't so much people asking over and over. The issue I have is, regardless of all the info out there, people still come in here and pass off completely inaccurate information as if it were true. Even after 5 pages of good info from GGJ and sims. But I suppose you'll get that in any thread. It does nothing but confuse the new users and may convince them to do something or buy software that isn't needed.

 

[GGJstudios]

I'm not disagreeing with you on anything but the way i look at it is, if X is safe, then shouldnt X + Antivirus = the same thing or a little bit better even at the tiniest bit?

This post and this post by munkery describes how running some anti-virus apps can expose your Mac to greater vulnerability.

Your point in this example is a valid one, but I would have to caution that false senses of security have led to many preventable calamities throughout history.

I wholeheartedly agree that Mac users shouldn't have a false sense of security. While there are no viruses that run on Mac OS X, that could change at any time. There are a handful of trojans in the wild, and they can easily be avoided, but not if the user is careless or engages in reckless activities, such as installing pirated software. Users should always be on guard, even though a particular kind of threat doesn't exist at the present time.

1. Enable built-in firewall and set to stealth settings.

I agree.

2. Use encrypted Mac Disk Images for all sensitive information on the computer (remember to also select the No Partition option).
3. Only put private files in your encrypted Mac Disk Images (i.e., don't put any files in them that have been publicly distributed).
4. Disconnect from the internet before creating or using encrypted Mac Disk Images and shut down the computer for a few moments to clear the RAM before turning the internet back on after you are done with the encrypted Mac Disk Image.

All this is extensive overkill for most users and isn't necessary to protect Mac OS X from malware at the present time. If you want to do it, that's fine, but it's not necessary.

While Macs are less prone to malware it is only now and only because Apple's share in PC market is so low

Take some time and read what has already been posted in this thread regarding the "market share myth".

That being said, there are just as many active exploits for Macs, there's still phishing content and spam.

Phishing and spam are not forms of malware, like trojans, worms and viruses. Phishing is easily avoided by the user exercising reasonable care when revealing any information, including logins, passwords and personal data. Spam is spam. You can minimize it, but you can't stop it.

 

[Mal]

Your point in this example is a valid one, but I would have to caution that false senses of security have led to many preventable calamities throughout history.

Yep. And running Anti-Virus software that can't do anything good is a prime example in my mind of a false sense of security. If you expect your anti-virus software to catch anything, then you're fooling yourself at this point.

jW