Apple Event: May 7th at 7 am PT
Ok, I've been reading a lot of articles debating over whether or not MBP needs an antivirus, long story short I came to the place where I figured the more knowledable people could help.
So does MBP need an antivirus? And if so which one would be recommended?
MacBook Pro (13-inch Late 2011), OS X Mountain Lion
Perhaps it is unknown malwear.
It's always possible that you have discovered malware that nobody in the security community has even heard of. However, as it sounds like this happened some time ago and not just yesterday, it's quite unlikely that nobody has heard of it yet.
In any case, though, if you are insistent on running anti-virus software on your Mac, there are only two I would recommend: ClamXav and Sophos. Both are free and excellent. Many of the popular packages for Windows (Norton, Avast, Kaspersky) have bad track records on the Mac.
And please be sure to read my Mac Malware Guide, which I referred to earlier. As it will point out, anti-virus software cannot protect you fully, so you need to be informed about how to protect yourself.
Most Malware writers now are looking to steal information like bank details, passwords, etc and there are plenty of programs that will do that on the Mac, just like Windows.
That is not actually true. There are actually very few "trojanized" keyloggers for the Mac. Very little malware of any kind at all. I've been tracking it for years, and I only know of 30 different malware programs (not counting slightly modified variants of each) for the Mac. At this point, all of those are either extinct or exceedingly rare. Most of the recent Mac malware has been used for targeting specific organizations, and is almost guaranteed not to be seen by anyone else.
How do you know that the freeware program you just downloaded doesnt contain a keylogger or some other process that allows them to send data back to the internet somewhere.
Because of Gatekeeper, if you're running Mountain Lion. If you use the default settings, it will prevent software that is not signed by a registered developer from running. There's no way any hacker is going to register with Apple so that they can digitally sign their highly illegal software! And even if they did, Apple would simply revoke the certificate and add that software to their XProtect definitions so it would be identified as malware.
Look for an AV program that goes beyond that with some Network protection (the apple firewall is questionable IMHO), Mail, and hopefully browser protection.
Note that firewalls have no role whatsoever in protecting you against malware, and most "network protection" software isn't doing a whole lot that is useful. A lot of malware these days is distributed through legit sites that have been hacked, and dedicated malware servers hop around. Buying software that will block access to known malicious sites isn't a reliable way of protecting yourself.
That is not actually true. There are actually very few "trojanized" keyloggers for the Mac. Very little malware of any kind at all. I've been tracking it for years, and I only know of 30 different malware programs (not counting slightly modified variants of each) for the Mac. At this point, all of those are either extinct or exceedingly rare.
Its actually very true. I am not talking about Trojanised keyloggers, i am just talking about keyloggers in general. Do a google search and you will see that anyone can buy a keylogger and include it in their own open source software which 90% of people run without even thinking, and without even scanning because they believe Mac's dont need Malware scanners.
Most of the recent Mac malware has been used for targeting specific organizations, and is almost guaranteed not to be seen by anyone else.
Its very dangerous to think that just because you are not a big company, you are not a potential target. There is just way too much evidence to suggest the contrary.
Because of Gatekeeper, if you're running Mountain Lion. If you use the default settings, it will prevent software that is not signed by a registered developer from running. There's no way any hacker is going to register with Apple so that they can digitally sign their highly illegal software! And even if they did, Apple would simply revoke the certificate and add that software to their XProtect definitions so it would be identified as malware.
Like others have suggested here in this thread, the reality of Gatekeeper is that most people cannot use it because the software they need is not available on the Apple store. Anyone with even a passing interest in open source software will not be able to turn it on. It might be fine for the mom and pops out there, but most wont have it enabled. I agree if all your software falls under this banner than your security profile is lifted quite substantially, but otherwise if you are any sort of power user on a mac you will most likely have it disabled.
Note that firewalls have no role whatsoever in protecting you against malware, and most "network protection" software isn't doing a whole lot that is useful. A lot of malware these days is distributed through legit sites that have been hacked, and dedicated malware servers hop around. Buying software that will block access to known malicious sites isn't a reliable way of protecting yourself.
I agree with you here, but thats not what I was trying to say. There is no silver bullet for Malware protection, but if you are going to actually get some AV software, at least make sure you have some added protection that will be of use.
No one single function will save you, but multiple layers of security is always a benefit.
Having a firewall is not about reputation, its about ensuring you understand what communication is happening on you computer. Just because you cant rely on reputation for ensuring that you are protected against traffic going to malicious sites doesnt mean you should just throw your hands up in the air and get rid off all security alltogether.
At the end of the day, nobody cant stop targeted, well designed malware, but it doesnt hurt to have as many layers of security as possible to ensure you are not going to become a victim.
This thread has some great discussion in it, but anyone who thinks just because they are on a Mac they are automatically protected is just a potential victim in waiting.
Is it going to take an even greater Mac virus outbreak before people realise this? I for one would rather be a bit more proactive than this.
Do a google search and you will see that anyone can buy a keylogger and include it in their own open source software which 90% of people run without even thinking
That is certainly possible, but that software would then soon be discovered to be malware (there are a lot of people who examine such things carefully) and blocked by the OS and any anti-virus software that might be running. Plus, open source software wouldn't be a likely choice for adding a keylogger to, since the source code is open, and thus visible to anyone who wants to look.
Its very dangerous to think that just because you are not a big company, you are not a potential target. There is just way too much evidence to suggest the contrary.
Who said anything about big companies being the only targets?
What I said was that many of the recent Mac malware programs have been created and used to target certain people; specifically, certain Asian human rights organizations. If you are not part of one of those organizations, you are almost guaranteed not to see certain malware.
I also said that other malware is extremely rare or extinct. Most Mac malware that has ever existed is either no longer functional on a modern system or is no longer in active distribution.
Like others have suggested here in this thread, the reality of Gatekeeper is that most people cannot use it because the software they need is not available on the Apple store.
That is not at all true. Gatekeeper's most restrictive setting allows only software obtained through the App Store. However, its default setting allows any software that has been digitally signed by a registered developer, whether that software is distributed through the App Store or not. This includes a lot of software, though certainly not all software by any means. Those who need to install software from developers who are not willing to register with Apple so they can digitally sign their apps will have to take their chances. Of course, at this time, those chances are still quite good.
Having a firewall is not about reputation
Of course not! And once again, I never said it was.
A firewall is about blocking unrequested incoming connections to your computer. As such connections have nothing whatsoever to do with becoming infected with malware, a firewall serves absolutely no purpose for preventing malware infections.
This thread has some great discussion in it, but anyone who thinks just because they are on a Mac they are automatically protected is just a potential victim in waiting.
Again, I did not say that either.
I would highly recommend that you read the guide I keep recommending before refuting implications that I have not made.
I use Sophos free for Mac home use
http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition.aspx
you can always use Clamav but I do not think that has an on access scanner
Does Macbook Pro need an antivirus? And if so what program is recommended?
