Do we need an antivirus on OS X?

[grahamperrin]

Responsible disclosure (non-disclosure in this public forum)

You're misinformed. …

No.

I informed Apple; I have not informed you; I'll not disclose in this forum

LOL … schoolyard. …

Of course vulnerabilities exist, that does not mean the sky is falling. …

I made no suggestion of the sky falling.

simonsi, if you imagine that mocking and exaggerating will cause me to disclose details, you're mistaken.

… I can't recommend the Sophos software for OS X …

Completely unrelated to vulnerabilities within Mac OS X: when I last checked, there was also something entertainingly slack about Sophos Anti-Virus on-access scanning and live protection. If I recall correctly, by taking a particular approach in a particular environment, I could download and then open the EICAR test file in an area that the user would imagine to be protected. It was obscure enough for me to not think of it as a vulnerability, but to find that hole in protection was a sign that Sophos had been a little lazy with design and testing.

 

[Ethosik]

25 years of experience tells me when a computer is clean, and so far I haven't been wrong. And I would never trust a computer to be clean that was scanned with Norton, just an FYI.

You want to format your computer every time you pick something up, go ahead. If as you claim that once infected it is impossible to get rid of any virus with 100% certainty I hope you follow your own protocol and erase all of your data as well.

And how can you be so sure? Two malware programs that have 90% detection rate does not give you 180% detection. You can scan with dozens of tools and scanners and there will still be some malware out there that hides from every one of them.

These things are made to hide from all scanners.How can you really trust a system again WITHOUT a format? I am sorry, I will format because there is no question that I am 100% safe after that. There is no worrying. If a client does banking or deals with sensitive data, a format is the only option.

And there is no need to delete my data. I have backups before the infections if I ever get one. I do not store my data with my OS an programs. I have not had an infection in over 10 years now. How? Safe computing. Not because some AV software kept me safe, but my computing habits kept me safe.

 

[Caromsoft]

You can scan with dozens of tools and scanners and there will still be some malware out there that hides from every one of them.

I have backups before the infections if I ever get one.

So if you have backups how can you be sure the malware isn't hiding in your backup? By your own admission malware can hide anywhere for any length of time waiting to pounce. You are just as likely to be infected as anyone else. More likely in my opinion because you believe you are safe. People who know they are at risk take precautions. If you want to be sure delete your data and start over.

There is no such thing as "safe computing". If you do anything online you are vulnerable. Several years ago I was hit with a malware program that was downloaded from a completely innocent website, while looking for recipes for chocolate cookies. It wasn't recognized by any of the antivirus programs, I had to remove it myself. Again, this was a totally "safe" website. The only way to practice safe computing is to unplug your computer from the internet.

 

[chabig]

Several years ago I was hit with a malware program that was downloaded from a completely innocent website, while looking for recipes for chocolate cookies. It wasn't recognized by any of the antivirus programs, I had to remove it myself.

That's a good story, but since this is a Mac forum, let's make it clear that your self-downloading and installing malware incident occurred on a Windows machine.

 

[GGJstudios]

There is no such thing as "safe computing".

Nonsense. Of course there is.

Several years ago I was hit with a malware program that was downloaded from a completely innocent website, while looking for recipes for chocolate cookies. It wasn't recognized by any of the antivirus programs, I had to remove it myself.

That could not have happened on OS X, unless you failed to practice safe computing.

 

[Caromsoft]

That's a good story, but since this is a Mac forum, let's make it clear that your self-downloading and installing malware incident occurred on a Windows machine.

I was just about to edit my post to say this! Yes this was a Windows machine. Since switching to Mac I don't run any antivirus software and I feel safer online than I have in years.

I also want to say that xWhiplash and I actually agree that antivirus programs won't protect you 100%. But they are better than nothing (on Windows).

----------

Nonsense. Of course there is.

You are right of course, safe computing is using a Mac.

 

[GGJstudios]

You are right of course, safe computing is using a Mac.

It takes more than using a Mac. It's what you do when you're using it that defines safe computing. There are plenty of Mac users who do foolish or careless things that introduce malware. Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

 

[Caromsoft]

It takes more than using a Mac. It's what you do when you're using it that defines safe computing. There are plenty of Mac users who do foolish or careless things that introduce malware. Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

So you are saying that searching for a recipe for chocolate cookies was "unsafe computing"? If I have been diagnosed with a disease and I am looking online for information that is "unsafe computing"? Because virtually any website anywhere can be hacked to infect visiting computers, and that has absolutely nothing to do with my computing practices, except that I am using the power of the internet to find information. If your idea of safe computing is visiting three websites that "you" trust not to have been hacked, then I guess I will have to continue practicing unsafe computing practices.

Oh, and I have been in IT for 25 years. I don't need to read your FAQs.

 

[GGJstudios]

So you are saying that searching for a recipe for chocolate cookies was "unsafe computing"?

No, I'm saying that if you had employed the safe computing tips I posted, that infection would never have occurred on OS X. You can visit such sites with confidence, if you've taken the time to educate yourself on how to remain safe from OS X malware in the wild.

Oh, and I have been in IT for 25 years. I don't need to read your FAQs.

Translation: "I think I know it all, so I can't possibly learn anything new."

I've been in IT for over 40 years, and I'm not so arrogant and foolish to think that I don't still have a lot to learn. The length of time in IT is irrelevant, as most of what I learned decades ago is no longer relevant to today's technology.

 

[Ethosik]

There is no such thing as "safe computing". If you do anything online you are vulnerable. Several years ago I was hit with a malware program that was downloaded from a completely innocent website, while looking for recipes for chocolate cookies. It wasn't recognized by any of the antivirus programs, I had to remove it myself. Again, this was a totally "safe" website. The only way to practice safe computing is to unplug your computer from the internet.

How did that malware get on your system? Was it Windows XP? Flaw in IE that was not patched? An older version of Flash or Java? There are some javascript vulnerabilities, but you can usually avoid those by killing the browser process in task manager.

Care to explain to me how it is possible after 10 years I have never had an infection since I practice safe computing? I do not stick to outdated software like some people (I have seen some with IE 7 and Windows XP still). I always upgrade to the latest (IE 11 and 8.1 - even though I do not like 8.1 as much as 7). I do not randomly browse websites on my computers, I use my phone or tablet if it is a site I do not trust. I do not have Flash installed, I use Chrome. I do not have Java installed. I scan regularly and yet have had 0 infections. This is on Windows. So the original question is answered with a NO. On OS X you do not need AV software as it is useless.

I have had ESET running in the background on one of my computers for years and it NEVER popped up with a message that I got malware. Is it killing stuff from Microsoft.com and not telling me about it?

Also:

It wasn't recognized by any of the antivirus programs, I had to remove it myself.

Aren't you just proving my point? Your AV software (since you said ANY, I assume multiple AV programs missed it) did not detect it.

 

[Caromsoft]

I hate getting into forum battles, especially since I often find that the person or people I am battling with and I agree more than we disagree. It usually comes down to splitting hairs

As this has taken a turn into Windows land it seems counterproductive to continue, especially since this is MacRumors. Lets argue about the Apple Watch instead.

GGJ: I have read your FAQs before and I think they provide a valuable resource for newcomers.

xW: ESET is the only antivirus I put any faith in these days.

 

[Ethosik]

I hate getting into forum battles, especially since I often find that the person or people I am battling with and I agree more than we disagree. It usually comes down to splitting hairs

As this has taken a turn into Windows land it seems counterproductive to continue, especially since this is MacRumors. Lets argue about the Apple Watch instead.

GGJ: I have read your FAQs before and I think they provide a valuable resource for newcomers.

xW: ESET is the only antivirus I put any faith in these days.

Likewise, ESET is the only one I would pay for. On my dev machine that only goes online to download windows updates and dev tools (trusted sources like JetBrains for ReSharper, MonoGame, and the Microsoft Download Site) I just use the free AV that is available on Windows. But like I said, I have never had an AV popup in years. So either all my malware infections are being cleaned silently, or my safe computing habits are enough to not require AV software. And on my mac, I do not have one. Windows is different. However, there are some Windows machines that do not have AV software installed that are just fine.

On a regular basis, I only visit two websites. Occasionally I visit other sites that offer products, and if I trust them with my CC number, I do not need to be scared about their downloads (Video Copilot, JetBrains, Microsoft Store, RedGiant, ...). I do not surf online. Sometimes there are news articles that I read that link to external sites as their source that I check out. But, like I said, even with AV software I have never received a popup.

I do not open attachments, you have to pull my hair out to get me to open attachments (unless I am at work, where I have to). If somebody sends me an attachment, I open it on my phone or tablet.

 

[0x100]

What's really dumb with what Apple are doing with Mac OS is the standard configuration of the Firewall is off. That's just idiocy. It should have default as on.

 

[simonsi]

What's really dumb with what Apple are doing with Mac OS is the standard configuration of the Firewall is off. That's just idiocy. It should have default as on.

I don't recall ever having to turn mine on, it has always been on and preserved that setting across updates, you sure it defaults to off (agree with you if a fresh install is off).

 

[GGJstudios]

I don't recall ever having to turn mine on, it has always been on and preserved that setting across updates, you sure it defaults to off (agree with you if a fresh install is off).

Yes, it's off by default on a fresh install, but once you turn it on, it stays on until you change it.

 

[0x100]

I don't recall ever having to turn mine on, it has always been on and preserved that setting across updates, you sure it defaults to off (agree with you if a fresh install is off).

Yes when you get a mac from the factory it's off. The problem I see is that grandma at 95 doesn't know how to enable the firewall without others to help her.

 

[crjackson2134]

Yes when you get a mac from the factory it's off. The problem I see is that grandma at 95 doesn't know how to enable the firewall without others to help her.

{Rant}
Please, let's not age profile. As a Grandpa, my Grandma/Grandpa in the high 90's are alive and well, and know how to configure a firewall. Be it Windows, OS X, or Linux. Age is not the issue, knowledge is the issue.
{/Rant}

BTW, he was a farmer/carpenter, she was/is a housewife.

 

[m4v3r1ck]

{Rant}
Please, let's not age profile. As a Grandpa, my Grandma/Grandpa in the high 90's are alive and well, and know how to configure a firewall. Be it Windows, OS X, or Linux. Age is not the issue, knowledge is the issue.
{/Rant}

BTW, he was a farmer/carpenter, she was/is a housewife.

Roger that! 10-4

 

[Abba1]

I don't recall ever having to turn mine on, it has always been on and preserved that setting across updates, you sure it defaults to off (agree with you if a fresh install is off).

After a clean install, I think mine was on but I'm not sure and I may have just turned it on. Anyhow, all someone has to do is to turn it on if it should be off. What's the big deal?

 

[simonsi]

...all someone has to do is to turn it on if it should be off. What's the big deal?

Errr well if it does default to off and it isn't clear that it is off then many many users will unknowingly run with no firewall, which isn't a good idea.

 

[Abba1]

Yes when you get a mac from the factory it's off. The problem I see is that grandma at 95 doesn't know how to enable the firewall without others to help her.

Hay, don't insult Grandma. Why do you assume that because someone is old/older that she doesn't know her way around an OS. This is not an age or gender related matter but a technical know-how matter as noted by several on this thread.

----------

Errr well if it does default to off and it isn't clear that it is off then many many users will unknowingly run with no firewall, which isn't a good idea.

Yes, that's true. But, isn't it an individual's responsibility to learn at lest the basics of whatever technology s(he) uses?

 

[bigchief]

I bought my first Apple computer this summer, MBP, when I turned it on the firewall was turned off. So I've been wondering ever since is it suppose to be turned on or off. I turned it on and only use it on my home wifi.

 

[simonsi]

But, isn't it an individual's responsibility to learn at lest the basics of whatever technology s(he) uses?

But if you want a population of consumer devices to be protected in the real world it would achieve a better result if it defaulted on.

 

[cynics]

Macs rely on "security through obscurity/minority". Most viruses found on Macs are inert because they are written for windows.

 

[0x100]

Another problem is that when turning the Firewall on the settings show a gigantic varning triangle with a yellow dot like it's saying something is wrong. It should really be reverse, when it's off it should have a triangle there with a yellow or red dot and the on option should have a green dot.