Jump to content



Photo

Best Mac Anti-Virus Thread

antivirus

  • Please log in to reply
76 replies to this topic

#76 +snaphat (Myles Landwehr)

snaphat (Myles Landwehr)

    Electrical & Computer Engineer

  • Tech Issues Solved: 29
  • Joined: 23-August 05
  • OS: Win/Lin/Bsd/Osx
  • Phone: dumb phone

Posted 30 December 2013 - 15:47

This is the very definition of anecdotal evidence.  I haven't had malware on my Windows machine in over 10 years, therefore it doesn't exist.  I don't know anyone who owns an iPhone, therefore they don't exist.  I don't know anyone who owns a PS4 either, so obviously nobody has one.  See how this works? 

 

Note that Sonne is shifting the goalpost. Originally the claim was that there wasn't any viruses for Mac in the wild. It was then pointing out to him that most Malware infections aren't actually viruses and further shown that Malware does exist for Mac (by you, goretsky, and me). Since we've shown him that Malware does exist for Mac, the only logical course is for him to move the goalpost and show that he, himself, doesn't need anti-malware software and to try to make a hasty generalization out of his specific case.

 

I'm not saying that it means you need full time running protection.  I don't use a resident AV suite on my Windows machines either, I use other means to keep my systems secure.   (I agree with wasted resources.. if you're relying on an AV suite to tell you that you got malware, you probably already messed up.)  But it doesn't mean you're immune to malware and you can just do whatever you please with anything you do or download either.  Malware does exist for other operating systems.  OSX has had it's attacks, even Linux has had some.  (Kernel.org and a few other high profile sites being taking down due to a rootkit anyone?)   There is no such thing as an operating system that's immune to malware or exploitation.  User error, gullibility, vulnerabilities in software, or just plain carelessness, all sorts of ways to do damage to somebody's system.  The only reason Windows machines get targeted the most is due to the sheer number of users, most current malware is money or data theft oriented, they tend to go where the most people are.

 

Well said. I still think Sonne is doing a disservice to Mac users by making it seem as if one doesn't have to bother to do anything and is simply immune to attacks. Anti-malware software is no substitute to being smart about what you install/etc. but many folk simply don't have the background to know how to keep safe in the first place.

 

Apple itself offers suggestions on how to be safe from Malware for this reason: http://support.apple.com/kb/PH11432. And even disabled installing applications from unknown sources per default in Mountain Lion.




#77 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 12-March 04
  • Location: Southern California

Posted 31 December 2013 - 07:20

Hello,

 

No properly-written anti-malware software for OS X interferes with the continuity, integrity or reliability of the Apple Mac on which it is installed, nor does it consume excessive system resources such as processor utilization, memory capacity, disk I/O or network bandwidth.

 

I can provide some external proof of this:  If you visit Apple's web store, you will find some security programs for sale in it.  Apple will not and does not allow programs which cause problems with its computers to be sold through its store.  I know this because about four years ago, one of my employer's programs was removed by Apple from its webstore for this reason.  As you might imagine, our developers worked very dilligently to fix the issue.  This is not limited to anti-malware software, of course; I'm sure other kinds of programs have been pulled by Apple from its web store when they caused issues with Apple products.

 

Now that we have gotten the specter of compatibility issues out of the way, let's look at some of the reasons a person might run anti-malware software on their Mac:

 

  • They work with proprietary or confidential data, and have concerns it might be altered, deleted or stolen.
  • They frequently download and run pirated software.
    (If you take a look at the last five or so Microsoft Security Intelligence Reports, you can see that the greater a country's piracy rate, the more likely they are to experience malware.)
  • They were affected by malware once and as a result run anti-malware software on all their devices (smartphone, tablet, PC, etc.)
    (The "once-bitten, twice shy" approach.)
  • It is a requirement mandated by school, employer or other source.
  • They work with, or otherwise exchange data with, computers that run more heavily-targeted operating systems, such as Microsoft Windows.

I am sure you there are plenty of additional reasons, but those are just a few off the top of my head.

 

One thing that I think is important to keep in mind, which is an issue we have kind of side-stepped so far, is why exactly is there a need for anti-malware software on OS X?  Well, the obvious answer to that is because there is malicious software for OS X.  And that, in turn, leads to the real crux of the question:  Why exactly (e.g., for what purposes) is malicious software being written for OS X?  Outside of PoCs, the answer seems to largely fall into two camps: 

 

The first is for criminal reasons, which is to say, somehow illegally making money off the computer.  Examples of this might include things like DNS redirection to certain search engines, stealing account credentials, using the Mac as zombie in a botnet or some other higher-level tiered function such as a drop zone or a C&C server, and so forth.

 

The second reason is for surveillance or espionage.  This can be both by governments and corporations, and, as for reasons, well, whatever reasons those sorts of folks like to spy on other folks.  Between the links I provided earlier and all the news involving Edward Snowden, I don't really think there's anything additional which needs to be said here.

 

If you go to any of the conferences which specialize in discussions of malicious software (CARO, EICAR, ISOI, VB and so forth) you will see a lot of security professionals running Apple MacBooks of various kinds (even I have one), and they are all running anti-malware software on them.  I think that would be a much better venue for determining whether or not a given operating system needs security software, because those are the folks who see the threats day and day out.  There are a lot of Mac-centric forums with some very security-savvy people on them, but the overall focus of such venues is usually the Mac ecosystem, not system security, information integrity, continuity of operations or all the other things which go on under the umbrella of information security.

 

Before I conclude this message thread, there are a couple of things I wanted to mention:

 

Firstly, you seem to be under the assumption that I am advocating anti-malware as the primary and sole means of securing Apple Macs.  That is incorrect.  A layered-approach is necessary to defend any computing resource, and that includes user education, staying up-to-date with OS and application patches, performing backups, testing your disaster recovery plans and so forth.  These are just as important as anti-malware software, it not more so.  Anti-malware may be an important tool in your information security arsenal, but its only one tool out of many.

 

The second thing is, you keep saying "antivirus" or "A/V" when discussing anti-malware software.  I realize the reasons for doing so (public literacy levels, familiarity with computer viruses versus other kinds of threats, marketing, etc.), and am often guilty of doing it myself in casual conversation.  However, in this particular conversation, it makes your writing less persuasive.  It would be as if we were having a discussion about cars and you kept talking about them as horseless carriages.  The criminal world has largely moved on from computer viruses because they have better types of malware to use for stealing and their other criminal enterprises.

 

Regards,

 

Aryeh Goretsky

 

 

 





Click here to login or here to register to remove this ad, it's free!