Skip navigation

I had an anti-virus for my PC....now that I have a mac, do I need to keep that anti-virus?

392 Views 9 Replies Latest reply: Nov 17, 2012 7:03 PM by ocomunepom RSS
arucker17 Calculating status...
Currently Being Moderated
Nov 17, 2012 12:12 PM

I had an anti-virus on my pc that I purchased.  It was Trend-Micro.  It is now time to renew it and I am not sure if I really need it now that I have a mac...

 

Does anyone know if I need an anti-virus software on my macbook pro?

 

Thanks!

MacBook Pro (13-inch Early 2011)
  • mende1 Level 10 Level 10 (89,470 points)

    Welcome to the Apple Support Communities

     

    You don't need an antivirus. If you want to use one (you don't have to do this), use ClamXav > http://www.clamxav.com

  • thomas_r. Level 7 Level 7 (26,930 points)

    There are many different opinions on this matter, but ultimately you're the only one who can decide. You should do so if possession of the full facts. Read my Mac Malware Guide.

     

    Note that although ClamXav definitely won't cause any performance or stability problems, some testing I did recently shows that it doesn't do a great job of detecting Mac malware. See Mac anti-virus detection rates.

  • ocomunepom Calculating status...

    I'd say better having more security than less.

    I'm a security consultant and since years I've considered OSX as saver than anything.

    Unfortunately, let's face reality here, it's not true anymore. Not for a lack of security consideration from Apple. They take it seriously indeed with lots of nice stuff. But with the importance of the target that OSX has become over the years, with all our pleasure to see the apple stuff growing in the field.

    Now Apple's OS is a nice target for malwares, as nie as Android where malwares grow over too many % last year....  Though the attack surface is still less than windows and all, but it's nevertheless attackable.

     

    The issue comes first from the user (saying yes to anything) and from other programs (java, flash, for the main parts), that offers some openings to attacks. The OSX itself could still leave some blind spots, such as the Personal Firewall not active by default...


    For a non connected user, I'd say you can live years without any security setups.

    But for an online user, better adding security than ignoring it!

     

    The safe things to consider (my favorites):

    - use an Antivirus, whether Sophos, Clamxav, Bitdefender, Virus Barrier, .... some free some not. But skip the ones that popup on you browset saying you have been infected !!!! (look at the  I use Sophos but it's honestly difficult to say which one is most effective than an other one.

     

    - use this antivirus WHEN you download any file from Internet, moreover programs... and run a full scan every week. (yeah I know I'm paranoid ! :-)  )

     

    - disable "Open safe files" in Safari... it's a again a shame to consider correctly downloaded files from being "good". Some may be evil and your AV should be here for this... but is it active?

     

    - use a safe surf without add-ons and scripts: not easy today but wise anyway. Use "noscript" in Firefox, "scriptno" in Chrome or "Javascrip blocker" in Safari. You DON'T WANT any site to run any program on your machin, do you? What it means is that some sites can have some bad contents with scripts doing the bad things. Even trusted sites and forums can refer to other sites where these bad things resides without knowing it.

     

    - some add'ons to Safari / Firefow et all: Adblock, noscript, ghostery,

     

    - prevent from login to any site with the same account (say "usualuser@here.com" for example) and use DIFFERENT passwords... Not easy to remember? use Lastpass or similar

     

    - activate the personel firewall (NOT active by default, a shame) to prevent any unwanted entrance to your world. Again if you stay at home, less demanded; but much more important on public wifi (I should say mandatory)... At least it covers the usual inbounds (what enters your machine, defaults are still large). It does not cover the outbounds (what programs use your machine to go to internet...), "Little Snitch" is a good tool to use for this.

     

    Ok I know you can consider that I'm overly paranoid... and you probably right! :-) but what the **** to be safer than not? Nice to consider, isn't it? ;-)

     

    Have a safe OS and surf!

    Ocom

  • pennbank Level 4 Level 4 (1,515 points)
  • Allan Eckert Level 8 Level 8 (39,335 points)

    Except for the fact that all of the AV software currently available can't protect you from something that has not been written yet. The virus must be written and discovered and then the AV software has to be update to detect it. Currently I see the AV software as a waste of comptuer source and offering the users a false sense of security. Hence my recommentation to AV them at the current time.

     

    Allan

  • ocomunepom Level 1 Level 1 (0 points)

    I agree with you on this. Most AV use virus databases that always need to be updated. And these do not cover the most advanced threats over there (we call them APT for Advanced Persistend Threats, such as Duqu, Flame or most commonly known Stuxnet).

    So better having the a security minded behaviour than letting the (best?) tools doing all the job!

    Even the ones that I listed above are not alone here. The user has to be also self conscious that what he does has some importance. If he decides to launch a program that the AV (as an example) told him not to run... he takes the responsibility...

  • Linc Davis Level 10 Level 10 (107,510 points)

    This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an attacker who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.

    All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.

     

    Starting with OS X 10.7.5, there is another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications that are downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Applications certified in this way haven't actually been tested by Apple (unless they come from the Mac App Store), but you can be sure that they haven't been modified by anyone other than the developer, and his identity is known, so he could be held responsible if he knowingly released malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe. Note, however, that there are some caveats concerning Gatekeeper:
    • It can be disabled or overridden by the user.
    • It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
    • It only applies to applications downloaded from the network. Software installed from a CD or other media is not checked.
    For more information about Gatekeeper, see this Apple Support article.

     

    Notwithstanding the above, the most effective defense against malware attacks is your own intelligence. All known malware on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?
    • Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
    • A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. [Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.]
    • “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
    • Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
    Java on the network (not to be confused with JavaScript, to which it's not related) is always a potential weak spot in the security of any operating system. If a Java web plugin is not installed, don't install it unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.

    Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.

    Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
      
    Why shouldn't you use commercial "anti-virus" products?
    • Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the filesystem. Malware gets into the system by being downloaded, not by materializing from nowhere.
    • In order to meet that nonexistent threat, the software duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability and poor performance.
    • By modifying the system at a low level, the software itself may create vulnerabilities that could be exploited by malware attackers.
    ClamXav doesn't have these drawbacks.

  • ocomunepom Level 1 Level 1 (0 points)

    You have very good points in your (long) post. Hey Arucker17, please give you view on such outgoing discussion!!! obviously I found someone with interesting  ideas ;-) (not against mine btw, at least I want to believe it).

    We shoud not rely only on a single antivirus, that is a fact. They do cover a portion of our activity on internet (and elsewhere also). But they do not cover everything.

    And other commin soltware usage are a good thing to monnitor. Eventhough this is a common practise to use either Flash and/or Java, both have security flaws that can be exploited today. And probably more to discover!!! even in those or other softs. Both Adobe (for flash) and Sun (for Java) are not exactly what we call good security minded companies.

    So better rely on less softwares than more.

     

    For Arucker17. You are safer on Mac than on Windows. But pay attention to what kind of content you accept anyway. Its commonly known/practice that MacOS has a better security footprint that Windows but it does not mean immunity either. So using some good security practice will hekp in the future anyway.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.