Do we need an antivirus on OS X?

[Abba1]

Hay, don't insult Grandma. Why do you assume that because someone is old/older that she doesn't know her way around an OS. This is not an age or gender related matter but a technical know-how matter as noted by several on this thread.

----------



Yes, that's true. But, isn't it an individual's responsibility to learn at lest the basics of whatever technology s(he) uses?

Yes!

I wish more people would take advantage of Apple's "One to One" when they get a Mac. It's designed for newbees with little or no technical skill. And, for those that can't afford it, there are the free group classes in the store.

However, this does not help the individual who does not live anywhere near an Apple Store or whose health does not let them get out to take advantage of such programs. In that case, there are simple books that beginners can use. Also, many junior colleges (now self-classified as colleges or universities) and even some colleges and universities do give extension courses; however, I suspect these are mainly but not totally for IBM clones rather than Mac.

For those that do nothing to learn, I have little sympathy. But, don't classify them by age or gender, just by ignorance, arrogance, or worse.

 

[Traverse]

This debate needs to be closed, it's really just arguing the same positions over and over again. No one's going to change anyone's stance.

Personally, I'm more inclined to side with GGJstudios, safe computing is currently sufficient unless you torrent a lot. There are no known virus and when the zero day exploit occurs an AV won't stop it. Trojans can be avoided with some caution.

If you download and share files all the time than I could see an AV mainly for stopping Windows threats. I don't download many files and apps and when I do I go to the developer and not torrent sites or third parties like Cnet. Also, I don't like (but am not opposed) to running third party software all the time. An AV is supposed to be an added layer, but often they can introduce their own vulnerabilities and they do use resources. I tried Avast on another Mac one time and it generated 4GB of inactive RAM in 30m. No. I don't need constant scanning when I take much from the Internet.

I don't have Java or Flash installed on my system and try to limit plugins.

 

[Abba1]

This debate needs to be closed, it's really just arguing the same positions over and over again. No one's going to change anyone's stance.

Personally, I'm more inclined to side with GGJstudios, safe computing is currently sufficient unless you torrent a lot. There are no known virus and when the zero day exploit occurs an AV won't stop it. Trojans can be avoided with some caution.

If you download and share files all the time than I could see an AV mainly for stopping Windows threats. I don't download many files and apps and when I do I go to the developer and not torrent sites or third parties like Cnet. Also, I don't like (but am not opposed) to running third party software all the time. An AV is supposed to be an added layer, but often they can introduce their own vulnerabilities and they do use resources. I tried Avast on another Mac one time and it generated 4GB of inactive RAM in 30m. No. I don't need constant scanning when I take much from the Internet.

I don't have Java or Flash installed on my system and try to limit plugins.

I too no longer have Java or Flash installed as I did in the past, although they are useful in some instances; and, like you, I limit plugins. I too go to the developer, and only once did I make the very stupid mistake of going to CNET (after which I spent considerable time making sure my Mac was clean as it turned out to be. I was so lucky).

I also agree with you that this debate needs to be closed. It seems as if opinions on both sides of the argument are fixed and we may well be arguing just for the fun of it.

 

[Traverse]

I too no longer have Java or Flash installed as I did in the past, although they are useful in some instances; and, like you, I limit plugins. I too go to the developer, and only once did I make the very stupid mistake of going to CNET (after which I spent considerable time making sure my Mac was clean as it turned out to be. I was so lucky).

I also agree with you that this debate needs to be closed. It seems as if opinions on both sides of the argument are fixed and we may well be arguing just for the fun of it.

I used to trust Cnet, then they started bundling adware with their downloads and I cut them off. Really sad, but it's wrong to bundle that with their "secure downloads"

 

[Abba1]

I used to trust Cnet, then they started bundling adware with their downloads and I cut them off. Really sad, but it's wrong to bundle that with their "secure downloads"

I agree! I also understand that they sometimes come wrapped in more dangerous downloads, including Trojans, which is very frightening. The adware is bad enough to cut them off in any case, and I would never open their site again much-less download. What a pity.

 

[Weaselboy]

I used to trust Cnet, then they started bundling adware with their downloads and I cut them off. Really sad, but it's wrong to bundle that with their "secure downloads"

I agree! I also understand that they sometimes come wrapped in more dangerous downloads, including Trojans, which is very frightening. The adware is bad enough to cut them off in any case, and I would never open their site again much-less download. What a pity.

Yep... Softonic is doing the same thing. Sadly Apple apparently has made the conscious decision not to block adware like this using XProtect.

 

[Traverse]

Yep... Softonic is doing the same thing. Sadly Apple apparently has made the conscious decision not to block adware like this using XProtect.

Which surprised me. I never install anything before I scan the .dmg with ClamXav from the MAS, but I surprised to find something like "OSX.spygot.A" or something like that. X-Protect is lacking.

 

[Ethosik]

Which surprised me. I never install anything before I scan the .dmg with ClamXav from the MAS, but I surprised to find something like "OSX.spygot.A" or something like that. X-Protect is lacking.

What exactly do you guys install that makes you so worried that you scan the .dmg file with anti-malware software before running it? I never once did that, and I do not do that on Windows either.

Do I need to scan Visual Studio regularly to see if Microsoft did not give me malware? What about plug-in software?

 

[Traverse]

What exactly do you guys install that makes you so worried that you scan the .dmg file with anti-malware software before running it? I never once did that, and I do not do that on Windows either.

Do I need to scan Visual Studio regularly to see if Microsoft did not give me malware? What about plug-in software?

No, but any app downloaded from a third party developer could have been compromised. CNET used to be a great place to get software, but they started bundling adware with their apps. Without scanning the .dmg I never would known that was there until it changed my search engine and installed like 3 browser add-ons.

----------

It's just a good practice to scan downloaded stuff. With ClamXav from the MAS it takes less than a minute to update and scan (depending on the number and size of the files). I am working on my thesis and downloading many PDFs from my schools reference library and other sources. I scan each one before I open them.

 

[Ethosik]

No, but any app downloaded from a third party developer could have been compromised. CNET used to be a great place to get software, but they started bundling adware with their apps. Without scanning the .dmg I never would known that was there until it changed my search engine and installed like 3 browser add-ons.

----------

It's just a good practice to scan downloaded stuff. With ClamXav from the MAS it takes less than a minute to update and scan (depending on the number and size of the files). I am working on my thesis and downloading many PDFs from my schools reference library and other sources. I scan each one before I open them.

I never download free stuff from websites. I always download trials or products that I paid for. I do have some free stuff, but those are from the Mac App Store (Xcode for example).

 

[Abba1]

I used to trust Cnet, then they started bundling adware with their downloads and I cut them off. Really sad, but it's wrong to bundle that with their "secure downloads"

In addition to what I said before, it's not only wrong, it may well be Cnet profiting at our expense; and in any case, it is definitely harmful. Yes, it is sad because they used to be trustworthy.

 

[cammyg123]

No antivirus needed really. Use common sense, stay off the bad stuff, and practice safe computing and you will be safe.

 

[Abba1]

Yep... Softonic is doing the same thing. Sadly Apple apparently has made the conscious decision not to block adware like this using XProtect.

Apple should be blocking it, but is not. Do you really think it is a conscious decision or just something overlooked? I just don't know!

----------

What exactly do you guys install that makes you so worried that you scan the .dmg file with anti-malware software before running it? I never once did that, and I do not do that on Windows either.

Do I need to scan Visual Studio regularly to see if Microsoft did not give me malware? What about plug-in software?

Given today's world and the amount of cyber crime be it malicious hack attacks or actual thievery, it is wise to scan almost everything except Apple downloads or those downloads you get from a trusted website or source, not an automatic downloader.

----------

No, but any app downloaded from a third party developer could have been compromised. CNET used to be a great place to get software, but they started bundling adware with their apps. Without scanning the .dmg I never would known that was there until it changed my search engine and installed like 3 browser add-ons.

----------

It's just a good practice to scan downloaded stuff. With ClamXav from the MAS it takes less than a minute to update and scan (depending on the number and size of the files). I am working on my thesis and downloading many PDFs from my schools reference library and other sources. I scan each one before I open them.

A very good and wise practice. But, isn't it nice to be able to download them. When I did my dissertation, a Xerox machine (only one) had just become available in my university's library, and using it was too expensive for me.

As an addition, let me recommend that you keep at least one copy of your thesis on an external HD and keep it in the vault or somewhere safe that is not your home or office. About once a week, take it out so you can update it and then put it back immediately.

 

[Weaselboy]

Apple should be blocking it, but is not. Do you really think it is a conscious decision or just something overlooked? I just don't know!

I think it is a conscious decision so they do not break the business model of adware supported applications (some are legit). From this info, it appears they will block adware it if starts to interfere with system functionality.

 

[Ethosik]

Apple should be blocking it, but is not. Do you really think it is a conscious decision or just something overlooked? I just don't know!

----------



Given today's world and the amount of cyber crime be it malicious hack attacks or actual thievery, it is wise to scan almost everything except Apple downloads or those downloads you get from a trusted website or source, not an automatic downloader.

----------



A very good and wise practice. But, isn't it nice to be able to download them. When I did my dissertation, a Xerox machine (only one) had just become available in my university's library, and using it was too expensive for me.

As an addition, let me recommend that you keep at least one copy of your thesis on an external HD and keep it in the vault or somewhere safe that is not your home or office. About once a week, take it out so you can update it and then put it back immediately.

And like I said, I paid for pretty much every one of my downloads. I do not see the need to scan. If the company had malicious intent, they have my credit card number since I purchased the product.

So if I only visit 2-3 sites on a regular basis, and only install stuff I pay for or from the Mac App Store, explain to me why I still need to have an AV program installed. Like I said, I have ESET on one of my windows machines and I have NEVER received an infection popup.

 

[Abba1]

I think it is a conscious decision so they do not break the business model of adware supported applications (some are legit). From this info, it appears they will block adware it if starts to interfere with system functionality.

I suspect you are correct.

----------

And like I said, I paid for pretty much every one of my downloads. I do not see the need to scan. If the company had malicious intent, they have my credit card number since I purchased the product.

So if I only visit 2-3 sites on a regular basis, and only install stuff I pay for or from the Mac App Store, explain to me why I still need to have an AV program installed. Like I said, I have ESET on one of my windows machines and I have NEVER received an infection popup.

Because there are some downloads you do not pay for, you do need an AV program. For example, do you use Java or Flash or Adobe Reader? Also, do you get email? Some emails come with malicious attachments that install if you so much as open the email.

Also, regarding companies from which you purchased having your credit card: they might not be doing anything wrong, but they could have been hacked without their being aware of it or with their being aware of it but too late to help you.

I know of one company many of whose customers received bills in their email; but, the bills were generated by a hacker. Once altered, the company had to notify its customers that those bills were not from them. I do not know how many people had been taken in by that scam, but it is frightening.

Unfortunately, this is not a safe world.

 

[Ethosik]

I suspect you are correct.

----------



Because there are some downloads you do not pay for, you do need an AV program. For example, do you use Java or Flash or Adobe Reader? Also, do you get email? Some emails come with malicious attachments that install if you so much as open the email.

Also, regarding companies from which you purchased having your credit card: they might not be doing anything wrong, but they could have been hacked without their being aware of it or with their being aware of it but too late to help you.

I know of one company many of whose customers received bills in their email; but, the bills were generated by a hacker. Once altered, the company had to notify its customers that those bills were not from them. I do not know how many people had been taken in by that scam, but it is frightening.

Unfortunately, this is not a safe world.

Again, like I said, you need to pull my hair to get me to open an email attachment. At work I have to, but on my other computers I do not open attachments. I got rid of Flash and Java.

So you are saying an AV program is 100% required? Funny, how come I never received an infection popup in well over 10 years now? Are these programs removing viruses from the Visual Studio 2013 installer and not telling me about it?

Here is the idea. If you do not trust the site enough to where you feel the need to scan their product before running it, do not download that product. What exactly are you downloading?

Safe computing makes having an AV program useless. Unless you can show me proof that all of these 10+ years that these AV programs are silently killing malicious content without NOTIFYING ME. I have never received an infection popup.

 

[Abba1]

Again, like I said, you need to pull my hair to get me to open an email attachment. At work I have to, but on my other computers I do not open attachments. I got rid of Flash and Java.

So you are saying an AV program is 100% required? Funny, how come I never received an infection popup in well over 10 years now? Are these programs removing viruses from the Visual Studio 2013 installer and not telling me about it?

Here is the idea. If you do not trust the site enough to where you feel the need to scan their product before running it, do not download that product. What exactly are you downloading?

Safe computing makes having an AV program useless. Unless you can show me proof that all of these 10+ years that these AV programs are silently killing malicious content without NOTIFYING ME. I have never received an infection popup.

Regarding email attachments, you no longer have to open them to be infected. Some very bad ones are set up to open as soon as you look at the email: you don't even have to open the email much less the attachments.

Even if you only open trusted websites, they sometimes get hacked. You have been lucky so far. As they say in the Market, past performance is no guarantee of future performance (or something to that effect)!

 

[GGJstudios]

Regarding email attachments, you no longer have to open them to be infected. Some very bad ones are set up to open as soon as you look at the email: you don't even have to open the email much less the attachments.

Please post a link to an example of this.

 

[Abba1]

Please post a link to an example of this.

Can't do so! I scan and then delete!

 

[GGJstudios]

Can't do so! I scan and then delete!

I didn't think you could, as there is no such malware in the wild that can infect OS X.

 

[simonsi]

I didn't think you could, as there is no such malware in the wild that can infect OS X.

Don't let any facts get in the way of a good story.....

 

[ChrisA]

Regarding email attachments, you no longer have to open them to be infected. Some very bad ones are set up to open as soon as you look at the email: you don't even have to open the email much less the attachments....

I'm pretty sure this is technically impossible. When you are reading emails all that is running is the email client.

Can you explain how this could could work, maybe provide a link to a place that explains it.

 

[simonsi]

I'm pretty sure this is technically impossible.

I think this is impossible as stated on a Windows platform, and certainly impossible as of now on a Mac platform. There are also a multitude of mail clients running on Windows and Mac platforms, is the claim that they are ALL open to this attack method??? ( I know its not your claim)

Unless links/documentation/examples are forthcoming this is just internet-rumour of the worst kind.

----------

Regarding email attachments, you no longer have to open them to be infected. Some very bad ones are set up to open as soon as you look at the email: you don't even have to open the email much less the attachments.

So you do, or don't have to open the email? If you haven't opened the email what client(s) need to be running to be attacked? Any? Are all of the possible clients compromised?

 

[GGJstudios]

So you do, or don't have to open the email? If you haven't opened the email what client(s) need to be running to be attacked? Any? Are all of the possible clients compromised?

I'm pretty sure you already know that the claim is completely false and there is no evidence of any kind that such malware has ever existed in the wild.

Unless links/documentation/examples are forthcoming this is just internet-rumour of the worst kind.

Exactly! Except I doubt even useless links/documentation/examples will be forthcoming.