9 Replies Latest reply: Nov 15, 2012 1:56 PM by baltwo
BillShaw Level 1 Level 1 (0 points)

I have started replacing my customers PCs with iMac's and Mac-Mini, and I have always operated on the assumption that anti-virus software is not necessary, but I fear that my opinion might need revisiting.  So I would pose the question again, does the community and/or Apple have an opinion on the need for Anti-Virus, Malware and all the other nasty inflictions.  If you, as a group or individually do recommend, what product would you recommend?  Thank You --- Bill Shaw - Kansas City, Mo.


iMac, OS X Mountain Lion (10.8.2)
  • 1. Re: What is Apple's position on Anti-virus software for the mac?
    WZZZ Level 6 Level 6 (12,225 points)

    I don't think Apple has an official position on this.

     

    Excellent read here.

     

    http://www.reedcorner.net/mmg/

     

    http://www.reedcorner.net/mac-av-detection-rates/

     

     

    Keep current with updates and you will be best protected. Keep Java, not JavaScript, disabled in the browser--if you even have Java on any of your Macs. It doesn't come installed anymore.

  • 2. Re: What is Apple's position on Anti-virus software for the mac?
    Klaus1 Level 8 Level 8 (44,495 points)

    And this also:

     

    There are many forms of ‘Malware’ that can affect a computer system, of which ‘a virus’ is but one type, ‘trojans’ another. Using the strict definition of a computer virus, no viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions. The same is not true of other forms of malware, such as Trojans. Whilst it is a fairly safe bet that your Mac has NOT been infected by a virus, it may have another security-related problem, but more likely a technical problem unrelated to any malware threat.

     

     

    You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:

     

    https://discussions.apple.com/docs/DOC-2435

     

    The User Tip (which you are welcome to print out and retain for future reference) seeks to offer guidance on the main security threats and how to avoid them.

  • 3. Re: What is Apple's position on Anti-virus software for the mac?
    varjak paw Level 10 Level 10 (169,765 points)

    The closest thing Apple has to an "official position" can be found in these two documents:

     

    http://support.apple.com/kb/PH11256

     

    http://support.apple.com/kb/PH11432

     

    As to the necessity for protection, the other posts have it covered pretty well.

     

    Regards

  • 4. Re: What is Apple's position on Anti-virus software for the mac?
    Linc Davis Level 10 Level 10 (118,400 points)

    This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an attacker who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.

    All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.

     

    Starting with OS X 10.7.5, there is another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications that are downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Applications certified in this way haven't actually been tested by Apple (unless they come from the Mac App Store), but you can be sure that they haven't been modified by anyone other than the developer, and his identity is known, so he could be held responsible if he knowingly released malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe. Note, however, that there are some caveats concerning Gatekeeper:
    • It doesn't apply to software that comes packaged as an installer. Treat all third-party installers with caution.
    • It can be disabled or overridden by the user.
    • It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
    • It only applies to applications downloaded from the network. Software installed from a CD or other media is not checked.
    For more information about Gatekeeper, see this Apple Support article.

     

    Notwithstanding the above, the most effective defense against malware attacks is your own intelligence. All known malware on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?
    • Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
    • A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. [Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.]
    • “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
    • Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
    Java on the network (not to be confused with JavaScript, to which it's not related) is always a potential weak spot in the security of any operating system. If a Java web plugin is not installed, don't install it unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.

    Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.

    Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
      
    Why shouldn't you use commercial "anti-virus" products?
    • Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the filesystem. Malware gets into the system by being downloaded, not by materializing from nowhere.
    • In order to meet that nonexistent threat, the software duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability and poor performance.
    • By modifying the system at a low level, the software itself may create vulnerabilities that could be exploited by malware attackers.
    ClamXav doesn't have these drawbacks.

  • 5. Re: What is Apple's position on Anti-virus software for the mac?
    baltwo Level 9 Level 9 (60,125 points)

    WZZZ wrote:

    Keep Java, not JavaScript, disabled in the browser--if you even have Java on any of your Macs. It doesn't come installed anymore.

    Nonsense. Java's installed by default. What isn't installed is the Java Runtime Environment (JRE) component. FWIW, I've never disabled JRE and haven't had any issues.

  • 6. Re: What is Apple's position on Anti-virus software for the mac?
    thomas_r. Level 7 Level 7 (27,985 points)

    Nonsense. Java's installed by default. What isn't installed is the Java Runtime Environment (JRE) component.

     

    The JRE is the only thing that matters for most users, since you can't run Java apps or web applets without it. So although it may not be technically correct to say Java isn't installed by default, that's a minor distinction that is irrelevant for the purpose of this topic.

     

    Repeatedly calling people wrong for saying Java isn't installed is not helpful, and merely serves to confuse the issue.

  • 7. Re: What is Apple's position on Anti-virus software for the mac?
    baltwo Level 9 Level 9 (60,125 points)

    Thomas A Reed wrote:

    Repeatedly calling people wrong for saying Java isn't installed is not helpful, and merely serves to confuse the issue.

    Not IMO. Most users don't have a clue what Java or JRE are all about and just panic because of those overblown malware scares. Repeatedly stating that Java isn't installed by the OS causes more confusion than me correcting those who misstate that condition.

  • 8. Re: What is Apple's position on Anti-virus software for the mac?
    Linc Davis Level 10 Level 10 (118,400 points)

    By no stretch of the imagination is Java installed by default with OS X 10.7 or later. What's installed is the glue that connects Java VM's to the user interface. All that can happen when you try to run a Java program on a default installation is that you'll be prompted to download Java. Nothing else.

  • 9. Re: What is Apple's position on Anti-virus software for the mac?
    baltwo Level 9 Level 9 (60,125 points)

    My experience (and not by stretching my imagination) says that when prompted all you get to download is the JRE. By default, these are installed (might not be the only ones), and they're what makes Java viable:

     

    /Applicatons/Utilities/->Java Preferences.app

    /Library/Java/

    /Library/Internet Plug-Ins/->JavaAppletPlugin.plugin

    /System/Library/CoreServices/->

          Jar Launcher.app

          Java Web Start.app

          JavaVersion.plist

    /System/Library/Frameworks->

          JavaFrameEmbedding.framework

          JavaScriptCore.framework

          JavaVM.framework

    /System/Library/LaunchAgents/->

          com.apple.java.InstallOnDemand.plist

          com.apple.java.updateSharing.plist

    /System/Library/Java->

          Extensions

          JavaVirtualMachines

          Support

    /System/Library/PrivateFrameworks/->

          JavaApplicationLauncher.framework

          JavaLaunching.framework