Antivirus for M1 Macbook? Recovery Disk / Image?

[amitdel]

Hi All!

I am a 25 year windows user transitioning onto MacOS, starting with a M1 Macbook Air (delightful machine!). I have a few queries:

a) I know the conventional wisdom is to not use antivirus on macOS. However, have done a bit of reading up on this, and it seems prudent to have something from a Malware / Firewall / Ransomware perpective?

Question : what antivirus solutions are available for M1 + Big Sur? Key Criteria : Known brand, no significant hit on performance, M1 compatibility.

b) Do I need to create some kind of recovery disk / image, the way we do with windows PC? I have seen laptops with recovery partitions; where the restore image on the partition seemed to have got corrupted / infected also; so I normally always take an offline image on non-volatile media like DVDs.

Question : Is such a thing needed / suggested for MacOS?

Thanks in advance for your time and response.

Warm Regards
Amit

 

[Phantom-fa]

A couple of comments:

macOS Big Sur has a number of built-in features to improve security, including a non-writable system partition on the disk which has checksum protection, and in-built security checking in Safari.

Even if your disk is totally wiped, you can download a new system installation image via a wireless internet connection and restore your system.

Data backups should be performed either using Time Machine to an external disk, or using Carbon Copy Cloner (CCC) to an external disk. Both of these will back up all your data. Time machine is included with macOS, whereas CCC is a paid program but one of the best investments you can buy for USD39.99 for a licence which covers multiple machines. CCC is expected to soon have the capability to produce a full bootable backup of your Big Sur system ( it already has this capability for non-M1 Big Sur systems). You can, of course, use both Time machine and CCC to different disks for redundancy.

Applications can be re-downloaded from App Store or reloaded from original images if purchased outside the App Store.

I have been using Macs for about 35 years and have not used antivirus programs at all, but I am careful about what I download and from what sources. YMMV. If you want to use something then probably the best free option is Avast, or if you want to spend money then have a look at Sophos.

Hope this helps.
Cheers

 

[amitdel]

@Phantom-fa - many thanks for sharing the distilled perspective of 35 years regarding AV / Backup - much appreciated!

I was looking at bitdefender / norton / quick heal, but ofcourse, these are from a windows paradigm. Would definitely check out CCC, and Sophos!

 

[toxotis700]

Don't put anything like that.... you don't need them.

 

[calstanford]

How many viruses are you aware of that run on a Macintosh with an ARM processor no less?

 

[BootLoxes]

How many viruses are you aware of that run on a Macintosh with an ARM processor no less?

I have an idea.... hear me out on this.... OP can install the viruses via rosetta and let us know their experience

 

[Phantom-fa]

I was looking at bitdefender / norton / quick heal, but ofcourse, these are from a windows paradigm. Would definitely check out CCC, and Sophos!

Whatever you decide, make sure you avoid Symantec products. If you feel you really need AV then go with Avast initially but you will likely find you don't need any.

Also, if you do any scanning then VueScan is a great program which supports a huge range of scanners.

 

[acidfast7_redux]

I've used Macs since 2008. No need for any antiviral software slowing them down.

 

[m-a]

Whatever you decide, make sure you avoid Symantec products. If you feel you really need AV then go with Avast initially but you will likely find you don't need any.

Also, if you do any scanning then VueScan is a great program which supports a huge range of scanners.

... I want to use Norton myself on Macs (M1 as well as Intel). Coming from a Windows perspective. - What about Norton would be of disadvantage on a Mac?

 

[Quackers]

I would imagine an appreciable hit on performance with Norton on there.

 

[revs]

As others have said - you can skip AV software.

I do know people that have had malware, but that’s because they downloaded questionable software, which they then manually ran, it asked for their password, and they gladly gave it. You can’t stop people if they are happy to just approve access and give a password to any software without a second though.

MacOS has built in system that does blacklist any known malware.

Mac user for over 30 years. Just use common sense

 

[amitdel]

@calstanford - Viruses are not a concern, but malware / ransomware is. Specifically, my machine may go on a LAN with some degree of vulnerabilties at various endpoints. Additionally, I need to run some legacy software via rosetta 2 (or parallels, when they port to the M1 ecosystem).

@revs @toxotis700 @acidfast7_redux , @Quackers - thanks for weighing in, with the inputs - much appreciated!

I did look at Sophos as suggested by @Phantom-fa , and it seems to be a great middle ground.

 

[revs]

For having a bootable system - semi related topic - you can reinstall the whole OS and all your settings and applications still work fine and dont need reinstalling. It’s pretty awesome.

 

[Apple_Robert]

I would install Malwarebytes for the occasional scan. I see no need to install actual AV software, as it could do more harm than anything else.

 

[gilby101]

I would install Malwarebytes for the occasional scan. I see no need to install actual AV software, as it could do more harm than anything else.

I agree about Malwarebytes. But if you have to install a real time a-v scanner (maybe because your company insists) I would go for the free Avast with only real time scanning enabled. In my experience less load than Sophos, the next best.

 

[Yebubbleman]

Hi All!

I am a 25 year windows user transitioning onto MacOS, starting with a M1 Macbook Air (delightful machine!). I have a few queries:

a) I know the conventional wisdom is to not use antivirus on macOS. However, have done a bit of reading up on this, and it seems prudent to have something from a Malware / Firewall / Ransomware perpective?

You won't need it. If you are a business user (especially for a publicly traded company), you will be required to have something for compliance purposes. If that's you, then you're not going to want to buy something consumer focused, anyway. Otherwise, Apple does have anti-malware protection built into the OS with definitions being updated silently and automatically. So long as you're not downloading stupid screensaver/wallpaper apps or some form of Adobe Flash Player, you should be good. Just stay up to date on your OS updates and updates for your applications whenever possible.

Question : what antivirus solutions are available for M1 + Big Sur? Key Criteria : Known brand, no significant hit on performance, M1 compatibility.

Unsure of what's currently Apple Silicon native. Again, you really shouldn't need it.

b) Do I need to create some kind of recovery disk / image, the way we do with windows PC? I have seen laptops with recovery partitions; where the restore image on the partition seemed to have got corrupted / infected also; so I normally always take an offline image on non-volatile media like DVDs.

Question : Is such a thing needed / suggested for MacOS?

I'm still a little fuzzy on this with Apple Silicon Macs (as it is a fair bit different from how it is/was on Intel Macs), but you have a hidden recovery partition, "Recovery Mode", present on your Mac that you can start to. On top of that, you also have another version of that stored (I believe) in yet another hidden partition, "System Recovery", for when that fails. Since an M1 Mac's SSD is soldered to the logic board (and paired with the M1), having your SSD fail means replacing the logic board anyway. Both are kept as current as the most recent version of macOS that you have installed on your Mac and automatically. If you would like a recovery disk, you can download macOS Big Sur from the Mac App Store and use the installer to make a bootable USB installer. This may prove cumbersome and sort of pointless as this installer gets outdated as soon as a new update or whole version upgrade of macOS is released, so unless you want to keep maintaining this USB drive, you're probably just better off with "Recovery Mode" and "System Recovery" instead.

This will give you more details: Use macOS Recovery on a Mac with Apple silicon - Apple Support

Thanks in advance for your time and response.

Warm Regards
Amit

 

[amitdel]

Thanks @Apple_Robert , @gilby101 - malwarebyte sounds like a good option - I have used it in the past (on windows) and it's been great.

@Yebubbleman - thanks for this comprehensive response - much appreciated!

Reading, and thinking through this carefully, I realize that since apple is the hardware + software provider, I don't need to create a locally archived, machine-specific image (OS+Drivers+Utilities); as the standardized package can be downloaded when needed.

Some habits are so ingrained, that one tends to miss the obvious

P.S. : I am also transitioning from a Dell Latitude E74xx (and Thinkpads prior to that). Amazing machines in their own right!

 

[Yebubbleman]

@calstanford - Viruses are not a concern, but malware / ransomware is. Specifically, my machine may go on a LAN with some degree of vulnerabilties at various endpoints. Additionally, I need to run some legacy software via rosetta 2 (or parallels, when they port to the M1 ecosystem).

Apple has many protections built-in that should render the need for an anti-malware program moot. Just be cautious and smart about where you download your apps from (steer clear of download sites and try to download as much from the horse's mouth as possible).

@revs @toxotis700 @acidfast7_redux , @Quackers - thanks for weighing in, with the inputs - much appreciated!

I did look at Sophos as suggested by @Phantom-fa , and it seems to be a great middle ground.

Again, you really won't need it. If you were in a business environment, I'd recommend JAMF Protect as that is purpose-built for the Mac and leverages Apple's own built-in protections (which are not insubstantial). Most Mac malware comes from stupid screensaver/wallpaper apps. Certainly, everything in the Mac App Store is safe and most popular utilities are as well. Plus, it's a UNIX system, so for a malware/adware app to do damage, you have to actually authorize it.

 

[Yebubbleman]

Thanks @Apple_Robert , @gilby101 - malwarebyte sounds like a good option - I have used it in the past (on windows) and it's been great.

@Yebubbleman - thanks for this comprehensive response - much appreciated!

Reading, and thinking through this carefully, I realize that since apple is the hardware + software provider, I don't need to create a locally archived, machine-specific image (OS+Drivers+Utilities); as the standardized package can be downloaded when needed.

Some habits are so ingrained, that one tends to miss the obvious

P.S. : I am also transitioning from a Dell Latitude E74xx (and Thinkpads prior to that). Amazing machines in their own right!

Sure thing!

And it's not a bad idea to have a recovery drive, should you need it. You just have to make sure that, as macOS gets a new version (e.g. 11.0.1, 11.0.2, 11.1, etc.), you redo your thumb drive accordingly (so that you don't have to waste time running updates on any system that you use the drive with). But beyond that, even with Intel Macs, Apple's drivers for all Macs are already built-in to macOS, so the need for anything specific to your machine isn't there. Your firmware IS machine specific, and if you can't use "System Recovery" and your internal SSD is not bootable, then you will need to restore your firmware (which will, in turn, restore "System Recovery") from another Mac running Apple Configurator 2. But hopefully that's not something you will ever need to do.

 

[mwidjaya]

what antivirus solutions are available for M1 + Big Sur?

I would forgo the antivirus but stump up the money for Little Snitch.

Little Snitch

Protects your privacy and prevents your private data from being sent out to the Internet without your knowledge.

obdev.at

A must for the paranoid among us.

 

[k2k koos]

whatever you do, DO NOT , i repeat, DO NOT install or be lured into MACKEEPER!!! It's the worst ransomware style antivirus known to man, DO NOT DO IT.
Once installed, you'll never get properly rid of it unless you completely wipe your system and start fresh.. It's that BAD!

Use common sense, don't go to sites you don't trust, don't click on suspect links, always , always think twice, that's what has protected me since I first connected to networks using Mac's back in the 1990's.. I've NEVER had an issue. I have been had by a phising e-mail once (pretending to be from my bank) when that was still relatively uncommon, and my MacKeeper experience is by trying to help an unsuspecting friend who had it on his system, thinking it was a good idea. Stay well away from that and you won't need any AV... Mallwarebytes might be OK for a monthly system scan or so, but in general, viruses as they affect Windows, are very, very rare in the Mac world so far..... Almost everything in the Mac world requires some user interaction to allow something to install etc, so just be vigilant about what you do and you should be fine!

 

[dmccloud]

... I want to use Norton myself on Macs (M1 as well as Intel). Coming from a Windows perspective. - What about Norton would be of disadvantage on a Mac?

Everything at this point. Norton has moved so far away from its original purpose that it is now classfied as a trojan by many researchers. In order to completely remove Norton from your system, you have to download a removal tool from the Symantec web site. Norton buries itself so far into the OS that it takes over aspects of your networking stack, affects overall system performance, and is terrible at its core functionality.

If I did want to install some sort of AV software on my Mac, I'd go with Webroot. I use it on my Windows machine, and it runs in the background without slowing down my system, throwing up unnecessary prompts to allow program 'x' from runnning, or affecting my upload/download speeds.

 

[Madmischief]

@amitdel

Welcome to an easier computing, albeit slightly more expensive, life! These forums are a superb resource, full of nice people who can advise if you get stuck.

Most elements of your Qs have already been covered, but here goes ...

I have used Macs privately for 31 years and windows for work - they are vastly different in terms of virus risk.

+1 for Malwarebytes (avoid the rest you listed) & back-up using 2 physical & 1 online options for very strong redundancy using TimeMachine (Appl) & CCC as suggested above by others.

Also look into iCloud, - particularly if you have/getting an iPhone or iPad, it helps make everything play well together.

 

[DBig]

The old "30 years" advice is incorrect. You do need AV protection. Here is a good article explaining what you need to know. I decided on Norton because it gets good marks on protection and impact. Not as good on cost but I already owned it for my Windows PCs and laptops. https://www.tomsguide.com/best-picks/best-mac-antivirus

 

[MiniApple]

Any news if or when Malwarebites and Little Snitch are planning M1 versions?