Has anyone tried Sophos Anti-Virus for Mac ?

Thomas Reed, our resident Mac maleware guru (see his Mac Malware Guide) recommends only to av apps - ClamXav and Sophos. I would read his pages before making a decision to install it - you could likely get by just using ClamXav (which is what I use) but if your ultra-paranoid, I don't think that Sophos is too risky to use - unlike a handful of other av software for the Mac.

Good luck - read Thomas' guide...

Clinton

Careful, Clinton! Speak of the devil and he appears! 😉 (Although I agree with what you've said, I would like to deny being a "maleware" guru! 😀)

I haven't tried Sophos in Mountain Lion yet. However, I did install it in Lion for a while, for testing purposes. I was favorably impressed. It did not affect the performance of my machine in any noticeable way, and the way its on-access scanning works is slick. However, because it uses kernel extensions, it is possible that it could cause problems in certain circumstances, such as following system updates or in the presence of other third-party kernel extensions that are poorly written. I ended up removing it, among some other things, because of some sporadic problems I was having, but I have no evidence that Sophos was the culprit.

Can't hurt to try it, and if you don't like it or it causes problems, it's very easy to uninstall.

Sorry to be so late in the evening (or, rather, early in the morning) getting back to you.

Personally, and I use Parallels 8 running Windows XP, I rely on ClamXav only. I don't see the need for Sophos, and Thomas is our malware guru whether he admits to it or not! I downloaded ClamXav from the developer's website, not from the App Store. That versoin has a neat little feature named ClamXav Sentry that allows real-time scanning of folders - I have it scanning my downloads and email folders.

So before you install Sophos, try ClamXav. I might actually scan my whole computer once every 2-3 months or so - but I'm always checking Thomas' page for any updates.

Good luck,

Clinton

I actually plan to install the anti-virus on MacBook Pro Lion OS that runs Parallels 7 (Windows 7) as well.

Whether or not you're running Windows isn't really important for determining what anti-virus software to run on your Mac. Either Sophos or ClamXav would work well on the Mac, but it's important to understand that no Mac anti-virus software will protect your Windows installation, whether you are running Windows through Boot Camp or in a virtual environment in something like Parallels. That Windows system will still need its own anti-virus software.

How about flashbacks ? Is this something I need to worried about based on as issue with flashbacks in Java earlier this year that infected a number of Macs all over the world ?

Flashback is now extinct. It hasn't been seen since late spring/early summer. Since it required active distribution, and could not reproduce and spread itself (no Mac malware is capable of that), and since the security vulnerabilities it used have been closed by updates, you won't be seeing it.

Java is a concern these days, as most of the Mac malware that has appeared in 2012 has relied on Java. If you don't need Java, keep it disabled. Or, better yet, don't install it in the first place.

Apologies for the many questions as I’m new to Mac and am a bit paranoid about protecting my Mac fro threats

Take a look at my Mac Malware Guide, which Clinton referred you to. It will help a lot with understanding what the threats are for Macs and how to protect yourself.

I have used sopho free for home use for ages

no problems at all

there have been a few gliches with an update recently from them which caused two sophos logos in the toolbar, then when sophos updated it dissapeared from the tool bar, but sosphos did rectify it.

The sophos forum is interestering, as are the mac forums.

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition.aspx

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/bd-p/FTT_MAC_MAGNE T

We license it for our Mac users where I work. Our install base for it is about 25,000 machines and we receive may 5 support inquiries/requests a month on the application. So absolutely no complaints from us, it's been very hassle free from a support perspective and our users don't complain. Considering the absurd volume of complaints we got before about Norton and other 3rd party clients it's been a huge upgrade.

Charles2Cool wrote:

How do I disable Java and do I need to disable Java on both the Mac and Parallels 7 (Windows 7) sides ?

For Mac Browsers see Scared Of Flashback? Here’s How To Disable Java On Your Mac And Stay Safe. Probably even more important on Windows if you browse the Internet from there, but you'll have to Google or wait on somebody else to respond as to how to disable.

To completely disable Java open Java Preferences which is either in /Applications/Utilities/ or System Preferences, depending on what version you have, and uncheck all boxes. If you don't have Java Preferences then you never installed Java in the first place.

On the ClamXav and Sophos websites, it states the following but you said that no Mac anti-virus software will protect your Windows installation. So are the below information incorrect ?

The information is correct, and they will both find Windows malware on the Mac side of your installation, but they are not reliably able to scan your Windows installation. That's why it's best to run Windows A-V software for that portion of your setup. ClamWin uses the same database and scan engine as does ClamXav.

Charles2Cool wrote:

Jason - are you referring to ClamXav or Sophos ?

I'm referring to Sophos.

Charles2Cool wrote:

JasonFear - what are your thoughts based on the recent article on critical vulnerabilities in Sophos anti-virus product ? Since you work for Sophos, does installing and running the Sophos anti-virus slowdown the Mac ?

http://www.computerworld.com.au/article/441141/researcher_finds_critical_vulnera bilities_sophos_antivirus_product/

To be clear, I've not made any reference to working for Sophos. Rather I stated we licensed it for our Mac users where I work. I actually work at a major university in California. Anyway, regarding that article.

http://nakedsecurity.sophos.com/2012/11/05/tavis-ormandy-sophos/

Sophos has stated that they've addressed most of the issues except for a select few that they hope to address by the end of November. I'm not on the security team that makes the decision on which AV solution we license but from my own digging around on the Internet it's pretty rare that a commercial product doesn't experience critical securities flaws at some point in its life cycle. The bigger question is how quickly and effectively are they addressed by the manufacturer/vendor.

Regarding system performance, I've not been impacted during routine usage. If I force Sophos to do a full system scan and I try to multi-task with a dozen different things while running a VM it gets bottlenecked but any other AV solution would do the same so I don't fault Sophos or the product for that.

Charles2Cool wrote:

Do you have any views on Avast or Avira Anti-Virus for Mac ? The reason is that I just found out that both of these are free for Mac directly from their website. Not sure whether by installing or running either of these anti-virus program, it will slowdown the Mac or not.

I can't exactly speak for Thomas, but I have read his opinion on this one.

He currently only recommends Sophos and ClamXav on the free side. Overall, he doesn't recommend any of the A-V software rushed to market in the Spring by formerly windows only vendors because they have not demonstrated a full understanding of OS X yet and there don't seem to be any independent lab evaluations / reviews to provide for proper comparison.

Specifically, with regard to Avast, there have apparently been reports of files being falsely identified as infected, including at least one file associated with the System.

As far as slowdown is concerned, they all slow things down when they are at work. The question is whether it will slow down your specific Mac and OS to the point of not being able to accomplish whatever it is you want to be doing simultaneously. So it's both dependant on your setup and work habits as well as your tolerance for waiting when necessary. You will find many users who will tell you it does not slow them down and others that say they had to uninstall. I personally don't allow any of the four A-V apps I have to operate in real-time. They use too many resources on my setup and the threat is currently almost non-existent. Obviously I'm ready to change that at a moment's notice, should I feel threatened.

Thank you for providing the link on the Sophos vulnerabilities. It's not clear that the findings apply to the Mac version, but it certainly is something users need to pay attention to.

JavaScript Blocker is a third-party Safari Extension. If you choose Safari Extensions from the Safari menu, it will take you to a page where you can find such extensions, including JavaScript Blocker. Note that using it is a royal pain in the butt, though... It will break many big sites if you are not totally, 100% permissive about what scripts to allow, which kind of ruins the point. Not that there's any better solution, it's the best there is for that sort of thing. But I no longer use it myself.

I do not recommend Avast, as it has a history of false positives, and know too little about Avira. If you're going to use anti-virus software, at this point I only recommend ClamXav or Sophos. (And the news about ose Sophos vulnerabilities has been blown out of proportion.)