Parallels Desktop now a security risk? (according to CleanMyMac)

[clevins]

By the way.. the mac has built in protections...

Protecting against malware in macOS

In macOS, malware defenses are structured using the followingApp Store, or Gatekeeper combined with Notarization, and XProtect.

support.apple.com

 

[HDFan]

As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

Personally I thought that Parallels was Russia-based.

It was until 2018 when it was purchased by Corel. It is now based in Ottawa Canada.

Run Windows on Mac with a virtual machine | Parallels Desktop

Download Parallels Desktop virtual machine to run Windows on Mac without rebooting or slowing down your Mac, plus get over 200,000 Windows apps.

www.parallels.com

 

[jchap]

I received more information from MacPaw today regarding their decision to mark Parallels Desktop as "suspicious." Here's what they said:

Thank you for contacting MacPaw Customer Support!

Parallels currently have active offices in russia and this puts user's data and privacy at great risk.

Please read Yarovaya Law:

https://en.wikipedia.org/wiki/Yarovaya_law

Although the company has announced it's exit out of russia, it has not officially confirmed that there are no offices left in russia.

That's why we have to warn our users about using this app.

In other words, they've marked PD as a suspicious app largely because Parallels still has offices in Russia, not because they have specifically found any security holes or threats in the software that could be exploited by cyberattackers who have a political agenda.

FYI...

 

[planteater]

Since I first found this forum a few years ago, I’ve seen so many clowns either denying malware on Mac or downplaying it.

Everyone should do whatever they like with their computers, but to advocate against protection to people that may not know better is pretty low.

 

[jchap]

Your comment on VMware Fusion not being updated for Monterey, that's not correct. VMware 12 is out and working 100% on macOS Monterey. It's even free for personal use. So get to installing

Just as a further update, I've signed up for and downloaded VMware Fusion today, and am now running Windows 10 under VMWare on macOS 12.3.1 without any issues so far.

Seeing as how it's working so well, I wonder why I paid so much to license Parallels for each machine I used it on, when VMWare does the same thing for free (for personal use). So far, there don't seem to be any big advantages to running Parallels Desktop rather than VMWare, at least in my use case that I can see so far.

 

[gilby101]

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk.

MacPaw have done similar thing removing AdGuard from Setapp. This is a way we are getting involved in the Russia-Ukraine war. Whilst understandable, to me this seems particularly sad as many small software companies are highly multinational in their employees putting them at the forefront of international cooperation.

 

[allan.nyholm]

Just as a further update, I've signed up for and downloaded VMware Fusion today, and am now running Windows 10 under VMWare on macOS 12.3.1 without any issues so far.

Seeing as how it's working so well, I wonder why I paid so much to license Parallels for each machine I used it on, when VMWare does the same thing for free (for personal use). So far, there don't seem to be any big advantages to running Parallels Desktop rather than VMWare, at least in my use case that I can see so far.

Great hearing back from you on this. I've often wondered about the whole battle between the two. Parallels was set up as *the* one for gaming.
I guess, if that's a priority for that somebody - then I'm for it. That's never been my use case with Windows in a virtual machine on my Mac.

I was mainly using it for converting cursors to .cur and .ani and the like. Also emulation of Amiga Forever. Never did I play Halo or what ever in a virtual machine that I knew didn't work properly.

 

[gilby101]

So far, there don't seem to be any big advantages to running Parallels Desktop rather than VMWare, at least in my use case that I can see so far.

Parallels is, by reputation, superior for graphics intensive Windows games. VMware is more conservative in pushing out new features and never bends Windows or macOS licensing rules. Otherwise VMware Fusion has always been a better product - in my view!

 

[allan.nyholm]

MacPaw have done similar thing removing AdGuard from Setapp. This is a way we are getting involved in the Russia-Ukraine war. Whilst understandable, to me this seems particularly sad as many small software companies are highly multinational in their employees putting them at the forefront of international cooperation.

MacPaw recently made an app called SpyBuster that according to MacPaw's Tetiana Bronitska

MacPaw develops SpyBuster — a tool that spots apps with servers in Russia and Belarus

Details on their website if interested.. They are amping up their game.. I can't say for sure if MacPaw is on their way to the outskirts of Mac development or not.. I'm just saying that I am not installing their SetApp service anymore. Because I'm now stubborn.

 

[VulchR]

IN 20+ years of using modern (OS X/macOS based) macs, I've never used any anti virus style program. And in all that time, I've never had any infection....

You've never had an infection that you know of. Just sayin'.

 

[allan.nyholm]

I also have to clarify that when I meant that MacPaw are loud developers - I am meaning to say that their apps are loud.

The developers have a right to be loud given the situation of war in their country. I realize the naiveté coming from me as I'm sitting here in a non-war ridden country having a coffee and typing in words on a website that eventually will go away.

 

[VulchR]

I've been using PD for years, and been very productive doing so, but I never even considered the possibility it might be collecting data on me. Now I have something else to be paranoid about.

 

[clevins]

You've never had an infection that you know of. Just sayin'.

See above. The Malwarebytes scan showed... nothing. And yes, I've never seen any eveience of an infection. It's not possible to prove a negative. But feel free to a) ignore the builtin Mac protections and b) live in fear.

 

[VulchR]

See above. The Malwarebytes scan showed... nothing. And yes, I've never seen any eveience of an infection. It's not possible to prove a negative. But feel free to a) ignore the builtin Mac protections and b) live in fear.

Ha ha. I don't live in fear. I live in healthy scepticism.

 

[clevins]

Ha ha. I don't live in fear. I live in healthy scepticism.

A good way to live, especially these days.

One other reason I don't worry much about infections... I block ads and use https://nextdns.io which catches a lot of bad actors.

 

[KaliYoni]

1. I don't believe a country-by-country security policy for using software is very effective due to many factors, including the widespread use of global contract developers by software companies of all sizes, from startups to multi-nationals, the prevalence of cloud computing, and the creation and deployment of malicious software in any country with the capability regardless of its international relationships (see: NSO Group).
2. For anybody who is concerned about or at risk for spyware, iMazing has made spyware detection available for unlimited free use:
   
   

   Detect Pegasus and Other Spyware on iPhone and iPad

   imazing.com
   The tool is transparent and easy to use. I'm not any kind of activist or government official but with the ongoing onslaught of spam texts and compromised apps combined with the prevalence of zero-click attacks, I like having an additional layer of security.
3. I think anybody who believes they are a target for malware or doesn't want a single point of failure should use both Apple's built-in protection and another anti-malware application.
   For example, macOS didn't provide protection against this threat: https://labs.sentinelone.com/massiv...-goes-entirely-undetected-by-apples-xprotect/
4. My personal Mac security strategy is centered around risk management, not predictions of bad actors' behavior. I prefer spending some time up front–and money if justified–to minimize the possibility of having to deal with the fallout of an attacker putting viruses or malware on my computer. I view anti-virus and anti-malware software as a form of insurance. Yes, it sucks that I need it but I feel that having it lets me sleep better than not having it.
   
   Also, we are all human and we make mistakes, especially when we are in a rush, distracted, or tired. Relying on constant vigilance as sole protection requires perfection. I don't think any of us can reach that standard very often, especially with something that is constantly changing and morphing.

 

[gilby101]

MacPaw recently made an app called SpyBuster

For interest, I installed this a week or so ago. With default settings, SpyBuster detects 8 apps on my Mac with supposed links to Russia.

4 apps have ".ru" in embedded links. One of these it is ".running" - so we can call that a false positive.
2 apps have "ru" in the bundle id.
2 apps have a signing certificate originating in Russia.
1 app has "probable ties to Russian Federation".
1 app has an embedded IP address issued in Russia. The app is known not to connect to it.

Interesting, but it won't change my app usage (maybe a bit cautious in one case). But it does show how some widely used apps have some connection to Russia. Also allows MacPaw to vent some of their (justified) anger.

 

[jchap]

I also have to clarify that when I meant that MacPaw are loud developers - I am meaning to say that their apps are loud.

The developers have a right to be loud given the situation of war in their country. I realize the naiveté coming from me as I'm sitting here in a non-war ridden country having a coffee and typing in words on a website that eventually will go away.

Yes, I feel much the same. Many developers now based out of Ukraine or sympathetic with Ukraine are speaking out about it, in a way that sort of compromises the neutrality of what you would expect from something as utilitarian as an app.

While I find it surprising that developers choose to speak out in this way, perhaps I would feel the same if my own country of residence was under attack, my own family and safety threatened by an aggressive and opportunistic nation. So, I can't find much fault with them, or even find it in my heart to tell them to "turn the volume down," as it were.

I do think there is a sad side to all of this, though, which is that there are likely countless Russian developers who are honestly trying to make good products and make a living despite what their country is doing. Due to the actions of their nation state, their voice is being shut down, their products being boycotted, their services being refused simply because of their nationality. While there may be some precedent for Western paranoia about governmental interference and cyberattacks, this doesn't help the honest people who are living in Russia but who really do not in their heart support what their country's leadership is doing. That's where I see a slight danger in what MacPaw and similar companies are doing, by repudiating services and companies simply because they have a Russian office or some ties to Russia.

But again, this is not a political forum, and this thread was started just to question MacPaw's decision to mark a well-known virtualization app as "suspicious." We now know their answer and their motivation, even if we can't 100% agree with their reasoning. (For some people like you, it doesn't matter much anyway, especially if they don't use that service or app.)

 

[jchap]

See above. The Malwarebytes scan showed... nothing. And yes, I've never seen any eveience of an infection. It's not possible to prove a negative. But feel free to a) ignore the builtin Mac protections and b) live in fear.

To be fair, MalwareBytes isn't infallible, although it may be a very good product. There may be some malware that slips through the cracks.

 

[clevins]

To be fair, MalwareBytes isn't infallible, although it may be a very good product. There may be some malware that slips through the cracks.

"use things like Malwarebytes to catch infections"

"OK, MWB shows nothing wrong"

"it's not infallibe! You might still be infected"

That's the AV industry in a nutshell. Induce low grade paranoia and buy several products Just In Case.

 

[TiggrToo]

b) live in fear.

Do you have any sort of property insurance? Do you have car insurance above the mandatory minimums? Do you have health insurance?

If the answer to any of those is "yes", then why live in fear?

 

[jchap]

"use things like Malwarebytes to catch infections"

"OK, MWB shows nothing wrong"

"it's not infallibe! You might still be infected"

That's the AV industry in a nutshell. Induce low grade paranoia and buy several products Just In Case.

Setting aside the fact that your comments have significantly derailed from the topic of this thread, I would agree with you that there is certainly some degree of paranoia or fear-inducing behavior in what many anti-virus software companies are involved in to sell their products.

It’s much the same with any product that claims to protect people in some way from a threat. Insurance companies pose the threat of fire or loss of life or belongings to potential policyholders. Preventative medicines like vaccines are developed because healthcare professionals, lab researchers or the scientific community have determined that a threat to public health exists, and that taking the vaccine may help contain the spread of that threat or lessen its effects on infected subjects. Unemployment insurance is sold because quite frankly, people don’t want to be out of a job and out of pocket with no roof over their heads, and some people are willing to pay for the financial protection that such a policy might offer.

As a counter-proposal to your arguments, would you also be saying that no actual threats exist in our world today, either to public health or to personal security (aside from what goes on with your computer), and that every attempt of any person or organization to help mitigate the threat in some way is fear-mongering? If you want to go that far with your arguments, I think you’re just trolling.

Again, as a reminder, your comments have very little to do with Parallels Desktop, as it is not an anti-virus product. Also, CleanMyMac, the software we’ve been talking about that’s developed by MacPaw—a company that currently brands certain Russia-based software products as “suspicious” owing to the nationality of their developers or the active presence of a Russian office—is not strictly an anti-virus software product either, although it now has a malware detection component. MacPaw doesn’t really seem to tout their product as being the bees-knees or a must-have for cybersecurity anyway—the malware detection component was a function added fairly recently, and is itself based on an open-source detection engine and malware signatures, not a proprietary algorithm.

 

[phrehdd]

Some rather odd comments here about not protecting one's Mac. Yes, there is malware out there that can impact Apple devices. To say different would be at a minimum, misinformation. There are simple steps that can be done to help avoid issues without making life miserable on your Mac.

 

[TanaSilver]

I've recently noticed that CleanMyMac now flags Parallels Desktop 17 as a "suspicious" app, as shown below.

View attachment 1990124
As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.

A cursory glance of Parallels corporate info shows that they are a multinational company, now part of the Corel Corporation. Their website also shows that the company operates partially in the Ukraine and is very much in support of the Ukraine during this invasion.

View attachment 1990127

However, when I reached out to MacPaw support to find out what their reasoning is for marking Parallels Desktop as suspicious and whether there are any actual security risks, I received no reply.

What I'm wondering is whether anybody has any information on any actual reported ties that Parallels may have to Russian or Belarusian developers who are identified cyberattackers, or any specific security risks that would now leave Parallels Desktop prone to specific cyberattacks, moreso than before. While I feel terrible about the plight of those in the Ukraine whose country has been invaded by Russia, I really don't see how they can actually link Parallels to any of this.

Parallels Desktop has been a key app for me for many years now, and VMWare Fusion for Mac has not yet been made publicly available for macOS Monterey, so it really seems like VMWare is quite a bit behind the game in terms of virtualization. If it did become necessary to switch to another solution for running Windows virtualized over macOS, I'm also wondering what the other viable options (if any) would be.

In response to the original post, as someone who uses Parallels and CleanMyMac, it looks to me like Macpaw has flagged Parallels because they have offices in Russia. Judging from Parallels response to the invasion, they are just another company that has offices there and they have stepped back from Russia, as they should. I think Macpaw probably should remove them as Suspicious.

Having said that, I appreciate that Macpaw has added this feature to CleanMyMac. In support of Ukraine, I do not want to give any money or support to any company that is Russian based or if any of that money flows into Russia somehow. It does not appear that Parallels is Russian based, but I still appreciate the notification from Macpaw. I did my due diligence and am checking it out and will take any personal action based on that, but I like the heads up.

It's easy to say "Just do the function I bought you for, I don't want to hear about anything else", but I think it becomes more and more obvious every day that we all live on a shared planet that gets smaller all the time. In whatever way, however tangential to us, the horrific invasion of Ukraine by Russia effects us all. Like it or not, we all take a stand on it, even if that's by ignoring it. I don't think Macpaw is being aggressive about this at all, I think they're being responsible. Personally, I think we all have a moral obligation to push back against atrocity and oppression in whatever way we can, no matter how small. It all adds up.

As I understand it, Macpaw is based in Kyiv, and I hope their staff and families are okay. I imagine that no one in Ukraine is actually okay right now, and won't be for a very long time. I like CleanMyMac as a product, and as someone who's run a business on Macs since 1993 I appreciate the little quality of life and general utilities aspects of the app. CleanMyMac is a good product for what it does.

 

[HDFan]

It does not appear that Parallels is Russian based,

Parent company is in Canada.