Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Do I need to buy any protection software?
- Thread starter mearsj
- Start date
- Sort by reaction score
I have used Intego software since PowerPC and NEVER noticed any drag on the system.And your system will thank you for that in the long run by generally being more snappy and responsive... as long as its paired with smart safe computing.
Good Choice!
It just monitors silently in the background.
Come on! The user had to deliberately install the Trojan. You know that means it was disguised as cracked/pirated software. If you use responsible sites your odds of getting this Trojan approached zero.
Yeah....people are suckers for anything free unfortunately.......?
Install illegal software, you deserve what you get.
I agree, it wasn't a good example at all.
This is a better one:
All the Mac malware we know about
Wondering how many viruses exist for the Mac? Here is a list recent Mac malware attacks, viruses for Apple computers, and security threats that Mac users have suffered
www.macworld.co.uk
I only posted that to remind people that MacOS can get viruses and malware. I don't agree that there are no mac viruses in the wild, nor is MacOS invulnerable by itself. If MacOS becomes more of a player in the general computing market, there will be people attacking it and they will find vulnerabilities. MacOS is just WAY too complex to have no bugs that can be exploited. Sure, you can stay pretty safe if you're careful, but you can't bet on everyone being careful and a virus on a LAN, has a much easier time of spreading via file sharing.
We’ve moved beyond that. Some people are “recommending” that other folk - who don’t know any better - forgo using any sort of Anti-Malware solution.
Total nonsense. You not heard of malvertising? Malicious adverts that deliver malware? Even big name “reputable” companies have been caught out.
Just because it’s not happened to you, doesn’t mean it’s not happened period.
How is the delivery of the malware you posted about total nonsense. The example you gave to suggest that Apple’s built-in malware protection wasn’t good enough required the user to run an installer. The most likely way that the malware gets installed is because a user thinks they are getting pirated software for free.
Has malware been embedded in advertising in the past? Sure. Do you have an example that wasn’t prevented by Apple’s malware detection and removal?
You have citations for that?
Why are Apple so concerned with patching Zero-Days then? I mean, according to you they’re not really much of a risk because Malware only comes when looking for pirated software, right?
I didn’t say anything of the sort. I merely responded to your example as not adequate to explain why Apple’s malware prevention was insufficient.
Apple is concerned about patching zero days to prevent malware. Is that something that is hard to understand? It goes hand in hand with Apple supplying malware prevention as part of macOS.
So why did you claim malware is most likely to from people looking for pirated software?
Given that Zero Days happen, and Malware IS being deployed, it appears that Apple’s protections - as good as they are - are still lacking.
Context is important. One of the most likely ways that people install a Trojan is through pirated (or what they think is pirated) software. It isn’t the only way but most malware today comes as Trojans.
No anti-malware can prevent zero days or they aren’t zero days. The anti-malware might be able to detect the payload but Apple’s anti-malware can do that as well.
To be clear, nobody needs anti-malware software on an up to date Mac OS machine. But fear is the best marketing tool for malware companies as well as paid “experts”. I’ve been hired many times to fix the work of these consultant clowns who completely screwed up user machines with a bunch of “patches”, hacks and junk software.
Howard Oakley has been an invaluable resource for many years. He's always good enough to respond to any questions you may have on his website, so feel free to discuss things with him, even if you go off-topic. His utilities are first rate, and SilentKnight is invaluable for checking your system for security weaknesses.
One security-adjacent setting that I forgot to mention was to enable "Protect Mail Activity" in the "Privacy" menu of Apple Mail. Not only does it enhance privacy, but it prevents spammers from knowing that you opened their e-mail, thus making it less likely to be targeted with phishing e-mails.
Also, most folks probably know this already, but disable "Open safe files after downloading" in Safari's "General" menu. Instead, open them manually inside your downloads folder, or wherever you save them.
Having that setting enabled resulted in my 9-year old nephew clicking on a fake Adobe flash update while he was searching for free games, on an ancient MacBook Pro that was still running Sierra without the latest protections. That old Mac is okay for what he does, since he doesn't do anything that requires a secure system. Still, I ended up nuking and paving the hard drive, since I couldn't trust it after that. Not everyone is as technologically inclined as the folks at the MacRumors forum, so we need to take measures to protect the regular users in our lives.
My printer doesn't have AI or a Wiki. I did change the password though.
Yeah no. That's not a universal truth, at all.
No, viruses are a form of malware, just like trojans, worms, etc.
Which piece of "malvertising" has been known to compromise a Mac, without any user interaction?
This is not true.....well for me anyway.
My Mac has always ran speedy with AV installed......
Maybe it's because it's a 'Pro' machine with more oompph..
I just had to respond to this. If you want to get into semantics, every virus is malware, but not all malware is a virus. It is not a scare tactic to use them interchangeably, it is just a simplification. Nobody wants protection that is just from a technical virus (which by definition must self-replicate and spread), but protection from anything that is harmful or malicious. Even Apple uses the term malware: https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web
Can you elaborate on how you know there are no Mac viruses in the wild? Thanks!
Rich S.
So there's 2 separation discussions in this thread.
1. Protection on Macs specifically.
2. Other devices on home network - there was talk about leaving default passwords etc.
Regarding #2 - I always thought that the most important thing was good router security.
i.e. if someone can get through your router, then you are pretty much already screwed, regardless of connected devices having default password or not?
Do I understand correctly? Or it's not correct?
1. Protection on Macs specifically.
2. Other devices on home network - there was talk about leaving default passwords etc.
Regarding #2 - I always thought that the most important thing was good router security.
i.e. if someone can get through your router, then you are pretty much already screwed, regardless of connected devices having default password or not?
Do I understand correctly? Or it's not correct?
Router security is important, but security on individual PC's is at least important. The PC is where most exploits take place, either from the user downloading something they shouldn't have, to browser exploits, to ad exploits, to email phishing. Sure, a conscientious user can avoid all those except browser exploits, but the user can't stop them all. (assuming internet access -- if no internet access via a browser, never mind.)
I've used MalwareBytes in the past in contexts where we were required to have anti-malware software installed to check an IT security box.
For personal use, I have never used any 3rd party software. I can see how it would be useful for some of my relatives who really will click on anything online or in an email (I also set them up as a standard account so they can't install software). For myself, I think a good amount of self-vigilance plus macOS' pre-existing safeguards are enough for now. I only install software from the Mac App Store aside from some big developers (Plex, Password, Firefox, etc.). I don't download content from the internet outside of well known venders (e.g. downloading YouTube videos, buying from Bandcamp, etc. - no torrents). I also use content blockers in Safari to eliminate most ads or intrusive web grossness.
For personal use, I have never used any 3rd party software. I can see how it would be useful for some of my relatives who really will click on anything online or in an email (I also set them up as a standard account so they can't install software). For myself, I think a good amount of self-vigilance plus macOS' pre-existing safeguards are enough for now. I only install software from the Mac App Store aside from some big developers (Plex, Password, Firefox, etc.). I don't download content from the internet outside of well known venders (e.g. downloading YouTube videos, buying from Bandcamp, etc. - no torrents). I also use content blockers in Safari to eliminate most ads or intrusive web grossness.