Nobody approves any of those apps anyone can add apps to the android store. It has nothing to do with actual security of the os
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Viruses
- Thread starter ghsDUDE
- Start date
- Sort by reaction score
Nobody approves any of those apps anyone can add apps to the android store. It has nothing to do with actual security of the os
They're not saying it's the security of the OS. The point is valid: it's not a function of market share.
So to recap all the discussion, a few people feel that AV isn't needed on the Mac as most malware requires user interaction and Sophos is bad because it may in the future provide an attack vector due to it running with root privileges; even though this is exactly the current attack vector to Mac posed by other software (Adobe for example).
Additionally, some of the people wish to concentrate on whether there's been a virus on the Mac even though the amount of malware that can be deemed a virus on the Windows is minuscule over the the past decade.
Simple facts are that the Mac can be hacked (Charlie Miller makes a living from it), people can be fooled, the concept of viruses is pretty much dead and most people on the web can make themselves very important without little facts to back it up.
Is the Mac any more secure? Stick it on the web as default and it'll fare well, but how many Mac users use a password due to the invincibility they feel?
I use Sophos, which I hate on the Windows platform, because it's free and doesn't slow the system down. It also updates and will provide an additional layer of control to my system if someone else uses it.
Is it a panacea? No, and even on windows anti-malware products aren't required if you enforce a good patch strategy, and take additional controls.
Does Market share make a difference? It depends, Apache web servers are attacked because they're numerous and easy to misconfigure or not patch all the components. Android will always be attacked because it's easy to do it, cybercriminals will always attack a platform when it has a high chance of success. The Mac doesn't have that high chance of success, but I see more Mac users without passwords on their systems and no access control on their iOS devices than I do who implement these controls.
Additionally, some of the people wish to concentrate on whether there's been a virus on the Mac even though the amount of malware that can be deemed a virus on the Windows is minuscule over the the past decade.
Simple facts are that the Mac can be hacked (Charlie Miller makes a living from it), people can be fooled, the concept of viruses is pretty much dead and most people on the web can make themselves very important without little facts to back it up.
Is the Mac any more secure? Stick it on the web as default and it'll fare well, but how many Mac users use a password due to the invincibility they feel?
I use Sophos, which I hate on the Windows platform, because it's free and doesn't slow the system down. It also updates and will provide an additional layer of control to my system if someone else uses it.
Is it a panacea? No, and even on windows anti-malware products aren't required if you enforce a good patch strategy, and take additional controls.
Does Market share make a difference? It depends, Apache web servers are attacked because they're numerous and easy to misconfigure or not patch all the components. Android will always be attacked because it's easy to do it, cybercriminals will always attack a platform when it has a high chance of success. The Mac doesn't have that high chance of success, but I see more Mac users without passwords on their systems and no access control on their iOS devices than I do who implement these controls.
Stay away from stuff like Sophos antivirus, as its not needed, and can actually do more harm than good ...
You can't back that statement up with facts (not opinion or bringing the argument back to to virii) though can you? Adobe and Safari presents most of the ways for Charlis Miller to hack the Mac, will you not use them either as they present an often used attack vector?
Are you in danger of any hacking?
I use Macs for seven years now, and never have come upon one thread, regardless what network I have been in, but that may be due to me being not the appropriate target for hackers.
I ran Sophos for a while, just to test it and see, if anything comes up. The only thing I came upon was Windows malware, not once did it found malware for Mac OS X. And it slowed my computer down regularly.
And the plural for virus might be virii, but for computer viruses "viruses" is used.
But if you don't mind installing some software to feel better, then go ahead. Most users have fared well without such software, though if one is ignorant enough to install any software they come upon, or even compromised and pirated applications, such software might have helped. But using such software is just for using less brain, at least in Mac OS X. The first or second thing I do when I reinstall Windows for someone, is installing some kind of AV software.
So the Sophos AV worked? Would you be happy infecting a friend's windows computer with an infected PDF file or similar? The point about the hacking was brought up by others about Sophos, but popular software used on Mac presents a current threat. If Sophos or any other Mac Anti-malware product can protect mac users against things such as Mac Defender is that not a good thing? There are times we all underestimate the blind faith shown by humans, don't assume that others are as savvy as you obviously are. As I've said, I have Sophos on Macs for the other family members, I don't believe in people wanting to give me millions or that paypal really needs my details.
I guess.
For the seven years I have used Macs, one month or so was with an AV scanner, Sophos.
Never have I got a reply from someone I send an attachment to, that they got infected by something I send. While it is nice to protect others, and I am a sucker for that, the person running one's own computer is also responsible for protecting his or her own computer.
I know, that I am more knowledgable than the crowd using Macs, I see it almost every day, but if someone asks here for advice about AV software for Mac OS X, I just recommend reading that Malware FAQ GGJstudios kindly put together. If that person gets more educated doing so, the better. If the person still wants to use an AV software of some kind, because s/he doesn't understand it or doesn't want to live without AV software, then that is fine too.
But if someone is educated enough and understands the concept of common sense and malware and what to avoid, then why should that person use precious CPU cycles for AV software?
Again, in the seven years I used Mac OS X, I never came upon malware, and I even visited all the shady sites I can't think of, except hacking and coding sites, and am still malware free. I will continue to do so until I might encounter some kind of malware, but until then I am glad not having AV software in my computer. I just don't like the interference.
PS: I am not afraid of being hacked, as I am behind two firewalls, which of course can be hacked by some knowledgeable person, but I am not really a good target anyway. If I would have sensitive data on my Mac, I might have to employ other security tactics. But my current tactics fared me well to this day, so why use AV software?
Exploitation of client-side apps, such as Safari and Adobe, doesn't provide system-level access. System-level access is required to compromise protected data entry and protected data storage.
Exploiting Sophos would provide system-level access because many of Sophos processes run with elevated privileges.
Beyond the issue of Sophos running with elevated privileges, below is a research article on more issues with Sophos.
http://lock.cmpxchg8b.com/Sophail.pdf
Really, what about Flash player?
https://www.adobe.com/support/security/bulletins/apsb11-26.html
You simply can't present sweeping statements as fact, there are vulnerabilities out there that can lead to system compromise; but you can't select the argument to suit your point of view.
Go to CVE, those vulnerabilities don't include privilege escalation so don't allow system-level access.
XSS vulnerabilities don't lead to a system compromise. XSS vulnerabilities abuse the interaction between the client (browser) and server (web server hosting website) and require user interaction to be successful.
The one vulnerability being leveraged in the wild is a XSS vulnerability. XSS vulnerabilities of this type are used in sophisticated phishing emails.
These types of attacks require the user to click on the link in the malicious email and then log into the specific page linked to within the malicious email so that the malicious scripts can take action and/or the login credentials can be intercepted.
These types of threats are easily avoided by not logging into online accounts via links in emails, email attachments, instant messages, & etc even if the certificate appears to be legitimate.
Also, I'm unaware of how a Flash XSS vulnerability could be leveraged for webpages that don't include Flash.
So, it is probable that this vulnerability couldn't be leverage to exploit SSL encrypted logins, such as online banking logins and other security sensitive logins, that don't include Flash on the login webpage for security reasons.
Last edited:
I have an iphone4 & MacBook Pro: Just in case someone needed.
I have read the links on viruses, trojan horse's,etc. and i had a question about differant ways a trojan, hoax or malware is sent. I do get some emails every now and then that has some peoples names i know in bracket's.>>[XY].(Yahoo only), I know not to open them now.. I did click on one about 6month's or so ago (but that was it.. no download and it wasn't in an attachment either), I have not noticed any problems with computer or anything like that.
I have also heard you can get viruses and such, from people you are expecting an email from by accident "so to speak" in attachments that they didn't know they had. Fact or Fiction???
So, my question is, can you intercept any worries of all this by opening Yahoo mail first on an iphone to lessen a risk to a MacBook? If you open the attachment once on phone, their is no need to open in Mac? It is a odd thing to ask, but i always wondered about it. Thanks ahead of time and sorry if i put this on the wrong thread.
I have read the links on viruses, trojan horse's,etc. and i had a question about differant ways a trojan, hoax or malware is sent. I do get some emails every now and then that has some peoples names i know in bracket's.>>[XY].(Yahoo only), I know not to open them now.. I did click on one about 6month's or so ago (but that was it.. no download and it wasn't in an attachment either), I have not noticed any problems with computer or anything like that.
I have also heard you can get viruses and such, from people you are expecting an email from by accident "so to speak" in attachments that they didn't know they had. Fact or Fiction???
So, my question is, can you intercept any worries of all this by opening Yahoo mail first on an iphone to lessen a risk to a MacBook? If you open the attachment once on phone, their is no need to open in Mac? It is a odd thing to ask, but i always wondered about it. Thanks ahead of time and sorry if i put this on the wrong thread.
Yes, you can get viruses and such, but only viruses affecting Windows, not Mac OS X, thus you don't need to worry about them.
If you accidentally download malware like a trojan, you have to manually install it.
Have you read the MALWARE FAQ yet, that has been posted several times already?
It explains, how a virus or a trojan works, and that you only need to employ common sense on Mac OS X to be protected.
You can find the link below in most virus/malware threads in this forum, which will clearly explain details about malware and how it works.
You can't get Mac OS X viruses from any source, since none exist.
Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released 10 years ago. You cannot infect your Mac simply by visiting a website, unzipping a file, opening an email attachment or joining a network. The only malware in the wild that can affect Mac OS X is a handful of trojans, which cannot infect your Mac unless you actively install them, and they can be easily avoided with some basic education, common sense and care in what software you install. Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
And true viruses haven't been the major threat to windows for years either!
You CAN be exploited if you have a vulnerable application, and clicking on a link and/or viewing a file comes into this. Why does Apple release regular security updates?
In answer to the OP, make sure you keep all you're apps and O/S up to date (including adobe ones, which tend to be the biggest vector) and you'll be fine.
As long as you do that, the risk is minimised, as opening up the email on and iOS device first won't protect you necessarily unless you delete the email afterwards.
What is not true?
Maybe quote the post you are responding to next time, especially in such convoluted threads like this.
What does that have to do with this thread? The OP is not talking about Windows, but Mac OS X, where viruses have never been a threat. Ever.
Name one such example.
Why does any software developer release security updates? That has no bearing on the fact that you cannot infect your Mac simply by visiting a website, unzipping a file, opening an email attachment or joining a network.
There's no need to open emails on an iOS device first, since there's no risk in opening them on Mac OS X. The only malware in the wild that can affect Mac OS X requires that the user actively install it. Read the Mac Virus/Malware FAQ for the facts.
What are you referring to?
And true viruses haven't been the major threat to windows for years either!
Viruses have been supplanted by worms given that worms propagate more actively.
Worms are still an issue for Windows systems.
Stuxnet, Duqu, etc . . .
https://forums.macrumors.com/threads/1260318/
Whether or not this manifests in the wild is determined by several factors.
See the post in the following link for more info.
https://forums.macrumors.com/posts/13699396/
Firefox
And true viruses haven't been the major threat to windows for years either!
You CAN be exploited if you have a vulnerable application, and clicking on a link and/or viewing a file comes into this. Why does Apple release regular security updates?
firefox is bad about this yuo can get all kinds of add ons, book marks, and applications simply by closing a popup. i found a random folder filled with different popups. their caused by attmepting to close popups