1 2 Previous Next 23 Replies Latest reply: Mar 29, 2013 6:13 PM by petermac87
sebastian brabetz Level 1 Level 1 (0 points)

I just found out that AVIRA AV was making my time machine backup non-working. During the troubleshooting i found a lot of support community posts that point to AV programms beside AVIRA (ESET for example) when it comes to time machine backup problems.

 

Apple should (like Microsoft does for a couple of years now) provide its own, properly integrated, AV solution.

Maybe partner up with one of the big vendors (Kaspersky or what ever) for definition updates.

 

And dont tell me MAC does not need AV. Read the news


MacBook Pro with Retina display, OS X Mountain Lion (10.8.3)
  • 1. Re: Why does Apple not provide a proper AV for OSX?
    mende1 Level 10 Level 10 (89,570 points)

    Interesting post. OS X has got its own security systems (have you read something about XProtect and Gatekeeper?), so you don't need any additional antivirus. Read > http://www.thesafemac.com/mmg

     

    If you want an antivirus, install ClamXav, but then don't say that you have problems with your computer

  • 2. Re: Why does Apple not provide a proper AV for OSX?
    sebastian brabetz Level 1 Level 1 (0 points)

    Hey,

     

    Gatekeeper is meerly a Firewall which wont protect you from drive by fileformat exploits.

     

    Regulating which software can be installed is also a good idea especially for people without much knowledge to prevent them from installing crap.

     

    But as IOS and OSX market share will grow, they will be targeted more and more for common PC threats (exploits, drive by downloads, malware, botnets, viruses, etc....).

     

    Just observe the Metasploit Exploit Database that is slowly beginning to integrate more and more OSX exploits.

     

    AV like it is used on MS Windows might not be the perfect approach but just doing nothing about OS Security is even worse in my opinion...

     

    ClamAV btw is next to useless if you look at MAC AV test reviews....

     

    I am not trying to start a MAC does not need AV flamewar here  

    Maybe there are better AVs out there or there is more knowledge on Time Machine and AV problems out there...

     

    Update:

     

    I dont mean Apple is doing nothing about OS Security. Sandboxing, ASLR and other mechanismens are something obviously. However Application/Fileformat exploits will always find exploitable bugs and Signature and Heuristic based AV are a viable option to adress those issues.

     

    Message was edited by: sebastian brabetz

  • 3. Re: Why does Apple not provide a proper AV for OSX?
    William Lloyd Level 6 Level 6 (19,355 points)

    There is also the Xprotect framework which has been quite effective at plugging various security holes in Java and Flash.

     

    The fact is, the aggressive AV software causes more problems than it solves on OS X, as you and countless others have seen.

  • 4. Re: Why does Apple not provide a proper AV for OSX?
    sebastian brabetz Level 1 Level 1 (0 points)

    Which is the point of the initial post: Apple should provide a properly integrated AV software that is not too aggressive. Maybe Xprotect is exactly that but then it lacks transperency imho...

  • 5. Re: Why does Apple not provide a proper AV for OSX?
    Csound1 Level 8 Level 8 (35,455 points)

    sebastian brabetz wrote:

     

     

    Update:

     

    I dont mean Apple is doing nothing about OS Security. Sandboxing, ASLR and other mechanismens are something obviously. However Application/Fileformat exploits will always find exploitable bugs and Signature and Heuristic based AV are a viable option to adress those issues.

     

    Message was edited by: sebastian brabetz

    That will happen regrdless of whether AV detection software is installed.

  • 6. Re: Why does Apple not provide a proper AV for OSX?
    Susan Howard Level 3 Level 3 (715 points)

    Got a call from a friend yesterday. His computer was down for three days. He had a virus. He used a company to disinfect remotely. He spent 9 hours on the phone and $189 with the service. Once finished he had to do a lengthy online customer satisfaction survey before he could access his PC.

     

    He called to ask what I use for AV.

     

    A Mac

  • 7. Re: Why does Apple not provide a proper AV for OSX?
    John Galt Level 8 Level 8 (36,415 points)

    And dont tell me MAC does not need AV. Read the news

     

    OS X already includes everything it needs to protect itself from viruses and malware. You already paid for it and you need nothing else. Keep it up to date with software updates from Apple.

     

    Third party products that claim the unique ability to protect your Mac better than the engineers who design and maintain it are attempting to capitalize on ignorance from a generation of Windows users inured to such a need. "The news" is an entertainment product that simultaneously capitalizes upon and promotes prurient interests, fear, and ignorance. This is an abundant and lucrative market and you are an ideal customer.

     

    Gatekeeper is not a firewall and is entirely unrelated to one. Unfortunately you are correct in that it does not prevent you from installing third party anti-virus software, which is responsible for more problems with Macs than anything else.

     

    OS X About Gatekeeper

  • 8. Re: Why does Apple not provide a proper AV for OSX?
    sebastian brabetz Level 1 Level 1 (0 points)

    Okay Gatekeeper is not a Firewall that was wrong.

     

    But if OS X already includes _everything_ to protect itself how come there was a flashback and flashfake? How come Java exploits can compromise the entire OS?

     

    How can it be that evry IOS Version gets Jailbroken over time? Sometimes it was as easy as pointing safari to a webpage (PDF interpeter exploit)....

     

    "The news" might be entertainment. But not observing reality and telling everyone OSX is perfect and does not need any security or does not need to keep up with the security world sound to me like a tale told by generation of MAC users that lived in times when OSX was a niche product...

  • 9. Re: Why does Apple not provide a proper AV for OSX?
    Csound1 Level 8 Level 8 (35,455 points)

    sebastian brabetz wrote:

     

    Which is the point of the initial post: Apple should provide a properly integrated AV software that is not too aggressive. Maybe Xprotect is exactly that but then it lacks transperency imho...

    Please send your opinion to Apple. Feedback

  • 10. Re: Why does Apple not provide a proper AV for OSX?
    John Galt Level 8 Level 8 (36,415 points)

    Java is not an Apple product, and "jailbreaking" turns an Apple product into a non-Apple product. No one can prevent you from installing junk on a Mac or iOS device or modifying their operating systems if you so choose. No anti-virus product in the world will ever be able to prevent you from doing so.

     

    ... But not observing reality and telling everyone OSX is perfect and does not need any security or does not need to keep up with the security world ...

     

    Not only did I not state that, I stated the opposite.

     

    Apparently you do not read, so continued discussion is pointless. I suggest you express your concern to Apple, who I am certain will give it all the consideration it is due: Feedback

  • 11. Re: Why does Apple not provide a proper AV for OSX?
    Csound1 Level 8 Level 8 (35,455 points)

    sebastian brabetz wrote:

     

    Okay Gatekeeper is not a Firewall that was wrong.

     

    But if OS X already includes _everything_ to protect itself how come there was a flashback and flashfake? How come Java exploits can compromise the entire OS?

     

    How can it be that evry IOS Version gets Jailbroken over time? Sometimes it was as easy as pointing safari to a webpage (PDF interpeter exploit)....

     

    "The news" might be entertainment. But not observing reality and telling everyone OSX is perfect and does not need any security or does not need to keep up with the security world sound to me like a tale told by generation of MAC users that lived in times when OSX was a niche product...

    Install whatever crap you choose on your Mac, it is your right to do so. When your Mac fails to work correctly because of it you will face a choice of what to do next. It will not be Apple that put you there.

  • 12. Re: Why does Apple not provide a proper AV for OSX?
    Eustace Mendis Level 7 Level 7 (24,950 points)

    sebastian brabetz

     

    Just observe the Metasploit Exploit Database that is slowly beginning to integrate more and more OSX exploits.

     

    I visited the site very briefly. It is new to me. I wanted to read some of the "more and more OSX exploits" you have found there.

     

    http://www.metasploit.com/modules/

     

    I looked for "Macintosh" in each of the five search fields - one at a time. I found nothing. Please enlighten me. Am I doing something wrong? I do want to know more about these exploits.

  • 13. Re: Why does Apple not provide a proper AV for OSX?
    petermac87 Level 5 Level 5 (4,205 points)

    Susan Howard wrote:

     

    Got a call from a friend yesterday. His computer was down for three days. He had a virus. He used a company to disinfect remotely. He spent 9 hours on the phone and $189 with the service. Once finished he had to do a lengthy online customer satisfaction survey before he could access his PC.

     

    He called to ask what I use for AV.

     

    A Mac

    Hi Susan. What was the virus and who were the Company?

     

    Thanks

     

    Pete

  • 14. Re: Why does Apple not provide a proper AV for OSX?
    MadMacs0 Level 4 Level 4 (3,735 points)

    sebastian brabetz wrote:

     

    Gatekeeper is meerly a Firewall which wont protect you from drive by fileformat exploits.

    It is nothing like a Firewall in any way. It would definitely protect you from any drive-by application that was unsigned, assuming you have it configured properly.

    Application/Fileformat exploits will always find exploitable bugs and Signature and Heuristic based AV are a viable option to adress those issues.

    Signature base detection is no longer as effective as it originally was because the malware developers are getting much better at defeating it. XProtect already provides a signature based system of detecting original downloads to hopefully prevent any malware from being installed. I can only guess that their Malware Removal Tool is also a signature based system to remove the most common forms of installed malware. Despite all the bells and whistles that are being built into modern A-V commercial software, they are still most effective at detecting and sometimes removing already installed infections. Their heuristic routines, no matter how complex, still seem to always fail in the detection zero-day exploits. They may well be better on the PC side of the house, but I have never read of even one success on the OS X side. It normally takes them a day or three  to update their databases with a signature. Intego has promised an article on that subject, but I'm still waiting.

1 2 Previous Next