Do we need an antivirus on OS X?

[GGJstudios]

OK … things are likely to go round in circles here, so it's time for me to unsubscribe and circle back to https://forums.macrumors.com/showthread.php?p=20470914#post20470914 as I leave …

More unsubstantiated claims. Unless and until someone can prove the existence of previously unreported threats, they remain nothing but rumors invented by individuals, and are not to be trusted.

Because it was not reported here, does not mean that others have not experienced it.

What you described has not been reported by anyone, anywhere. The chances of you being the only Mac user to experience this is 1 in more than 75 million. In other words: virtually impossible. We have nothing more than your word to go by, and you have provided no proof whatsoever that you experienced what you described.

I'm thankful that I did not get a virus: perhaps because I closed down before it completed opening.

There is no such thing as an OS X virus in the wild. None. Zero. There has never been one in the wild.

I assume that the purpose of the forum is for users to share experiences; get or give help when necessary; and, engage in discourse.

Posting experiences or asking for or giving help is one thing. Making false and misleading claims with absolutely nothing to substantiate them is something else, entirely.

From the MacRumors Rules for Appropriate Debate:

If you claim that something's a fact, back it up with a source. If you can't produce evidence when someone asks you to cite your sources, we may remove your posts. If you started the thread, then we may remove or close the thread.

 

[simonsi]

From the MacRumors Rules for Appropriate Debate:

Bravo!

Mods?

 

[Apple_Robert]

Abba has stated, that he doesn't have proof that some are asking for, in regards to his claims. It seems rather pointless to keep going over the same thing like a stuck record.

I haven't seen any post worthy of moderator deletion, much less thread deletion. The easiest thing to do, is to stop responding to the thread, if one is getting frustrated. Problem solved.

 

[simonsi]

Problem solved.

Except the misinformation will show up in searches for years. That is why the rules of debate exist.

 

[2012Tony2012]

+1 for Sophos. It helps get rid of Mac malware, and scans for Windows viruses so you're not unknowingly passing on dodgy attachments via email etc.

Many people tell you that you do not need an AV on Mac, yet they neglect to realise you should consider your windows friends.

 

[GGJstudios]

+1 for Sophos. It helps get rid of Mac malware, and scans for Windows viruses so you're not unknowingly passing on dodgy attachments via email etc.

I recommend avoiding Sophos, as it can actually increase a Mac's vulnerability, as described here and here.

Many people tell you that you do not need an AV on Mac, yet they neglect to realise you should consider your windows friends.

If you really want to consider your Windows friends, make sure they're running their own antivirus protection. It doesn't do them any good if you ensure you don't send them any infected files, but they're still unprotected from malware from every other source.

 

[kolax]

I recommend avoiding Sophos, as it can actually increase a Mac's vulnerability, as described here and here.

Don't need root privileges for software to do anything malicious with my own files. So while I appreciate what you're quoting, you can literally say that about anything, root or non root (obviously root being more dangerous).

I could write a script that doesn't need root powers to copy all your Mail emails or Messages app messages/attachments and send them to me (as they aren't encrypted yet).

 

[GGJstudios]

Don't need root privileges for software to do anything malicious with my own files. So while I appreciate what you're quoting, you can literally say that about anything, root or non root (obviously root being more dangerous).

I could write a script that doesn't need root powers to copy all your Mail emails or Messages app messages/attachments and send them to me (as they aren't encrypted yet).

Getting that script to install and execute on my Mac would be another matter, entirely. The point is, Sophos running with elevated privileges represents another possible vector through which malware could be introduced, and such a vulnerability is unnecessary when there are alternative apps that don't require such privileges.

That may not matter to you, but others should be informed of the potential risk, however small.

 

[kolax]

Getting that script to install and execute on my Mac would be another matter, entirely. The point is, Sophos running with elevated privileges represents another possible vector through which malware could be introduced, and such a vulnerability is unnecessary when there are alternative apps that don't require such privileges.

Getting that script to be executed on someone's Mac wouldn't be difficult. Hide it inside a disguised application they desire.

While you're pointing out that Sophos introduces a remote code execution possibility, the same could be said about all of Apple's services.

You should be more paranoid about a hidden script being executed when you run an application, because that's a lot more easy to exploit than Sophos.

 

[GGJstudios]

Getting that script to be executed on someone's Mac wouldn't be difficult. Hide it inside a disguised application they desire.

If they're practicing safe computing, including being careful about where they get software they install, that won't work.

While you're pointing out that Sophos introduces a remote code execution possibility, the same could be said about all of Apple's services.

Apple's services aren't 3rd party software, and are far less likely to be compromised. Also, they come preinstalled and there are no alternatives, as opposed to the user intentionally installing a more vulnerable 3rd party app instead of choosing from viable alternatives without that risk.

You should be more paranoid about a hidden script being executed when you run an application, because that's a lot more easy to exploit than Sophos.

I'm not paranoid about anything, since I use common sense and practice safe computing. I also don't install unnecessary apps that could make my Mac more vulnerable.

 

[kolax]

If they're practicing safe computing, including being careful about where they get software they install, that won't work.

I'm not paranoid about anything, since I use common sense and practice safe computing. I also don't install unnecessary apps that could make my Mac more vulnerable.

The point I'm making is safe computing doesn't really exist, because anything can get compromised. An update for a legit may contain malicious code (their repository could be compromised), and be executed without root privileges.

While you argue about root and Sophos, non-root AV software can be exploited too. It's very easy to get personal information from someone without root powers.

The only safe computing is to literally store no personal information, have no locally stored emails etc. But that isn't very practical.

 

[GGJstudios]

The only safe computing is to literally store no personal information, have no locally stored emails etc. But that isn't very practical.

You're right: That's not practical. Safe computing doesn't mean immune or impervious computing. Any software can be compromised in any number of ways and all operating systems and apps are imperfect. Safe computing is taking those steps that we know will avoid known threats and will minimize risks. There are no guarantees, but common sense suggests that if you know about a threat or vulnerability and can take steps to avoid or minimize it, it is wise to do so. So while nothing short of powering off your Mac is assured to keep it perfectly safe from malware, avoiding apps such as Sophos that run with elevated privileges and opting for an alternative that doesn't is a step in the right direction.

 

[Queen6]

I recommend avoiding Sophos, as it can actually increase a Mac's vulnerability, as described here and here.


If you really want to consider your Windows friends, make sure they're running their own antivirus protection. It doesn't do them any good if you ensure you don't send them any infected files, but they're still unprotected from malware from every other source.

And in the real world AV is mandatory, you will never be allowed to connect to any serious companies network, you will jeopardise your credibility by not managing such a simple matter, not all work, browse or play in isolation....

Q-6

 

[GGJstudios]

And in the real world AV is mandatory, you will never be allowed to connect to any serious companies network, you will jeopardise your credibility by not managing such a simple matter, not all work, browse or play in isolation....

We weren't talking about connecting to networks. Naturally, if the network requires AV, you have to do what you have to do. Many of us work very effectively and productively without connecting to other company networks.

My point remains: if you run antivirus on OS X for the purpose of protecting your friends on Windows, you're not really helping them if they don't have protection from all other sources, as well.

 

[Queen6]

We weren't talking about connecting to networks. Naturally, if the network requires AV, you have to do what you have to do. Many of us work very effectively and productively without connecting to other company networks.

My point remains: if you run antivirus on OS X for the purpose of protecting your friends on Windows, you're not really helping them if they don't have protection from all other sources, as well.

Do we need an antivirus on OS X? Yes you do, if working in a mixed environment or on a network. This point you should be very clear about a Mac in isolation is a very different affair, compared to a Mac in a network environment. Pity we all didn't regard the security of the internet as a whole, not just our own systems, I rather think think any reduction, capture of malware regardless of OS is a benefit to all...

Q-6

 

[GGJstudios]

Do we need an antivirus on OS X? Yes you do, if working in a mixed environment or on a network. This point you should be very clear about a Mac in isolation is a very different affair, compared to a Mac in a network environment.

It depends on the environment or network involved. I use Macs with no AV on a company network along with Windows users. The Windows users run AV, so the Macs don't need to. Not only is this extremely effective, not a single instance of malware has ever been detected coming from the Macs.

A more accurate statement would be: Do we need antivirus on OS X? You may, if you join a network that requires it.

 

[Queen6]

It depends on the environment or network involved. I use Macs with no AV on a company network along with Windows users. The Windows users run AV, so the Macs don't need to. Not only is this extremely effective, not a single instance of malware has ever been detected coming from the Macs.

A more accurate statement would be: Do we need antivirus on OS X? You may, if you join a network that requires it.

Equally a Mac can pass a Windows orientated virus, yet you continuously disregard this additional layer of protection. As stated without an effective AV/Malware scanner you can not be certain the system is clear of threat. Safe computing plus AV is a stronger, additional barrier to Malware like it or not..

Q-6

 

[satcomer]

The simple secret sits between the computer keyboard and the chair! This goes for OS X, Windows & Linux!

As we seen in the Sony hack was a web link inside an email sent them to site that downloaded to their computer and then email. Then set the same web link to others in the office until it made its way to an administrators email,account and that person fell for it and went to same script running web site. This way the hackers were able to get to unencrypted backups and storage units and then ersed their tracks be erasing their tracks by destroying users, administrator accounts.

Hence it proves that people are still gullible to email headers and email web links! It proves that most upper people secretly hate people and swap what they thought was secure. When will people stop using email links in web emails instead of manually going to web sites? Today it looks like the beginning of the end to the first "killer app" to exist!

Lastly as Mac user I use OpenDNS with its phishguard functions on my whole network. Plus I rarely trust web links and now even from so called trustful friends friends unless I am expecting it and I checked the whole email header. At work I use this philosophy also and most always go to web links after others have gone and looked and acted safe.

 

[GGJstudios]

Equally a Mac can pass a Windows orientated virus, yet you continuously disregard this additional layer of protection. As stated without an effective AV/Malware scanner you can not be certain the system is clear of threat..

Yes, you can, if you know that the files you're sending cannot have Windows malware attached. It is possible to know that without AV software. Even if you have antivirus installed, you cannot be 100% certain that it will detect everything that it should, as none of the AV apps have perfect detection rates. If you want to run antivirus software on your Mac, that's perfectly fine. It is false and misleading to state or imply that it is necessary for everyone running OS X.

 

[Queen6]

Yes, you can, if you know that the files you're sending cannot have Windows malware attached. It is possible to know that without AV software. Even if you have antivirus installed, you cannot be 100% certain that it will detect everything that it should, as none of the AV apps have perfect detection rates. If you want to run antivirus software on your Mac, that's perfectly fine. It is false and misleading to state or imply that it is necessary for everyone running OS X.

Nor is it right to arbitrarily state all Mac`s don't need AV, many do dependent on the environment. No AV is 100%, equally they do catch up, and right now you can only make an assumption that your systems are free of Malware as you have no way to validate the same...

As they say "pride comes before the fall"

Q-6

 

[GGJstudios]

Nor is it right to arbitrarily state all Mac`s don't need AV, many do dependent on the environment.

I have never stated or implied that all Macs don't need antivirus. I have repeatedly stated the same thing: 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing. That statement says nothing about keeping Windows computers or networks malware-free, as both have different requirements.

No AV is 100%, equally they do catch up, and right now you can only make an assumption that your systems are free of Malware as you have no way to validate the same...

I can download and install any number of antivirus apps on any Mac and still never be guaranteed that no malware exists, since none of those apps detect everything. I know mine is malware free because I know precisely what I've done with it. In addition, I have never had one symptom of OS X malware and have never had a Windows or OS X user receive a malware-infected file from me.

You appear to think that without some 3rd party antivirus app installed on OS X, you can't be sure your system is malware free. That is simply not true.

 

[Queen6]

I have never stated or implied that all Macs don't need antivirus. I have repeatedly stated the same thing: 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing. That statement says nothing about keeping Windows computers or networks malware-free, as both have different requirements.

I can download and install any number of antivirus apps on any Mac and still never be guaranteed that no malware exists, since none of those apps detect everything. I know mine is malware free because I know precisely what I've done with it. In addition, I have never had one symptom of OS X malware and have never had a Windows or OS X user receive a malware-infected file from me.

You appear to think that without some 3rd party antivirus app installed on OS X, you can't be sure your system is malware free. That is simply not true.

Yet you appear to think that you can outwit something that is not tangible, I employ both safe computing and malware detection, further securing my systems, amongst other security features .

You can only run under the assumption that your systems are clean, xProtect from Apple directly protects against some 45 variants of OS X Malware, equally it does zero for Windows Viruses, nor is it updated frequently.

If all computers connected to the internet had effective AV/Malware detection much of the current issues would cease. You need to consider if you are part of the solution, or part of the problem, denigrating a known barrier does not help at all.

Q-6

 

[simonsi]

Equally a Mac can pass a Windows orientated virus

Nope, people can pass a a Windows orientated virus from a Mac, as the virus won't run an executable it can't self-propagate but relies upon people being conned and forwarding the email....so those self-same safe computing practices will prevent this.

TBH if you are aware enough then a culture of not forwarding the latest singing-cat email will achieve more than any AV suite running on the Windows machines. Get that culture right in your business network and most problems are stopped at that point.

The human attack vector is by far the weakest.

 

[iososx]

Nope, not needed
Just practice safe computing and pay attention when asked to use your admin password

This is indeed sage advice.

Over twenty enjoyable years of very heavy computing, not just the mundane stuff, with my various fully optioned top of the line Macs...and not one security event of any type.

It just doesn't get any better.

 

[GGJstudios]

Yet you appear to think that you can outwit something that is not tangible, I employ both safe computing and malware detection, further securing my systems, amongst other security features .

There is no need to "outwit" anything. All OS X malware in the wild can be successfully avoided by practicing safe computing, and there is no additional protection that antivirus apps can offer beyond that. If you want to use them, as I said before, that's up to you. They are not needed to keep OS X 100% malware-free.

You can only run under the assumption that your systems are clean, xProtect from Apple directly protects against some 45 variants of OS X Malware, equally it does zero for Windows Viruses, nor is it updated frequently.

I don't depend on xProtect, either. Even without it, safe computing has successfully thwarted every OS X malware that ever existed in the wild.

You need to consider if you are part of the solution, or part of the problem, denigrating a known barrier does not help at all.

I'm not denigrating anything. I'm pointing out the facts that antivirus apps are flawed in their detection rates and do not guarantee protection against malware. Safe computing alone has proven to be more effective than antivirus apps in preventing OS X malware infections, and no antivirus app increases protection beyond that available through practicing safe computing. Therefore, while antivirus apps may be employed if the user desires, it is wise not to develop a false sense of security in such apps.