Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Virus/anti-spam software

macintosh tech said:
If anything does hit you would be in the same boat as it is more than likely your defintions would not be up to date enough to catch it. If anything major happens, all the AV makers are going to have to scramble around to stop it. They are just sitting and waiting on the Mac side. This quote from the ClamXav site: "Today, the number of viruses actively attacking OS X users is...NONE!"

You are not being protected, the Windows users you send attachment to however are being protected. The AV software does no good outside of that. We can all sit around and wait for a strike, but I guarantee that the first big one that hits is gonna get you like it will everyone else.
Click to expand...

So... what you're saying is that antivirus software on any computer (Windows or Mac) is pretty much useless since when a virus first hits you're not going to be protected as the definitions won't be updated?

macintosh tech said:
The best practice is smart computing habits. Don't download from shady sites, stay off Limewire and the likes. So IMO, no, AV software should not be used unless you often need to scan things for Windows viruses before passing them to a Windows user.
Click to expand...

I am connected to a network with around 4,500 other machines (Mac & Windows) and share a lot of files with Windows users. Hence why I have AV software

macintosh tech said:
P.S. Don't use fear tactics to justify your use of AV software.
Click to expand...

I'm not. I'm practising safe computing.

Anyone who spends money on AV software for a Mac (and for a Windows machine, let's face it :p) is an idiot. Downloading free AV software when you are potentially at risk from viruses or from spreading viruses is sensible in my opinion.
 
grapes911 said:
Some might disagree with me, but you should not use an admin account for normal day-to-day activities. I have an admin account and a normal limited user account. It is much safer this way. By the way, the default account you create during install is an admin account. That is a big security hole as far as I'm concerned.
Click to expand...

It's not a security hole at all. Whether you are logged in as admin or a normal user doesn't matter if you authenticate with the admin user or your normal user.
What would be a security hole is granting a user root access without prompting, which doesn't happen in OS X at all (or Unix for that matter).

I tried running a normal user and an admin user on Tiger and quickly found out that this is not a very efficient way of working. A lot of applications need admin privileges to open or run (MAMP, Parallels and some other production apps) and will crash if run by a normal user.
What I recommend is simply having a clean admin user (named admin for instance) that you can always log in with besides your normal user if your normal user gets corrupted. Both users can be admins and you don't have to constantly type both admin name and password when authenticating.
 
grapes911 said:
But seat belts actually protected against something. AV software on the Mac does not, so I will not spread false truths. There have been some worms back in classic and some trojans in OS X, but never an actual virus.
Click to expand...

Mac anti-virus software is more like putting seat belts on your sofa. I'm not saying that it is impossible to be killed by a car crashing into your living room, but chances are it won't happen to you.
 
thomasp said:
So... what you're saying is that antivirus software on any computer (Windows or Mac) is pretty much useless since when a virus first hits you're not going to be protected as the definitions won't be updated?
Click to expand...
No. A lot of windows viruses work in similar ways and current windows AV software prevents (or at least warns) about many viruses not even written yet. This is not true for a Mac. Since no virus has ever been in the wild, its hard to prepare for future viruses because no one knows how they will be written or how they will act.



I am connected to a network with around 4,500 other machines (Mac & Windows) and share a lot of files with Windows users. Hence why I have AV software
Click to expand...
I don't understand your hence. A Windows virus will do absolutely nothing on your machine. Seems like a waste to me.



I'm not. I'm practising safe computing.
Click to expand...
No you are not. You are practicing overprotected computing. If that's what you want to do then fine, but don't try to convince me that it makes any sense.

Anyone who spends money on AV software for a Mac (and for a Windows machine, let's face it :p) is an idiot. Downloading free AV software when you are potentially at risk from viruses or from spreading viruses is sensible in my opinion.
Click to expand...
But on a Mac, you are not "potentially at risk", so there is a huge hole in your logic.

Jiddick ExRex said:
It's not a security hole at all. Whether you are logged in as admin or a normal user doesn't matter if you authenticate with the admin user or your normal user.
Click to expand...
It does matter. As an admin you can move apps to the applications folder without authenticating. You cannot do this was a normal user. I'm sure there are other folders like this as well.
I tried running a normal user and an admin user on Tiger and quickly found out that this is not a very efficient way of working.
Click to expand...
I've been working that way for years. Its never been a problem for me.

gnasher729 said:
Mac anti-virus software is more like putting seat belts on your sofa. I'm not saying that it is impossible to be killed by a car crashing into your living room, but chances are it won't happen to you.
Click to expand...
I like the analogy.
 
rfruth said:
Never a virus (very few but not 0) I don't know what your smoking but pass it this way !

http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html
Click to expand...

I've got to say, seeing an article at Sophos.com containing lines like this...

Sophos.com said:
Apple Mac users need to be just as careful running unknown or unsolicited code on their computers as their friends and colleagues running Windows.
Click to expand...

...followed by a plug for Sophos AV software....

Sophos.com said:
Sophos protects all Macs, whether standalone, mixed network or Mac network. Try our products for yourself with a 30-day free trial.
Click to expand...

I can't help but not be worried much about it.
 
grapes911 said:
It does matter. As an admin you can move apps to the applications folder without authenticating. You cannot do this was a normal user. I'm sure there are other folders like this as well.I've been working that way for years. Its never been a problem for me.
Click to expand...

I will repeat what I just said: Some apps do not work without admin privileges and will not ask for authentication, like the MAMP.

An easy test of course would be to run OS X with a normal user and an admin user and see if gives you problems. If it does, then go on to the admin/admin model.
I did this because I was sick and tired of logging in and out and switching users to copy simple files or the like, but it of course depends on the usage.

grapes911 said:
No. A lot of windows viruses work in similar ways and current windows AV software prevents (or at least warns) about many viruses not even written yet. This is not true for a Mac. Since no virus has ever been in the wild, its hard to prepare for future viruses because no one knows how they will be written or how they will act.
Click to expand...

True.

grapes911 said:
I don't understand your hence. A Windows virus will do absolutely nothing on your machine. Seems like a waste to me.

No you are not. You are practicing overprotected computing. If that's what you want to do then fine, but don't try to convince me that it makes any sense.

But on a Mac, you are not "potentially at risk", so there is a huge hole in your logic.
Click to expand...

You need to think out of box for this one. His 'hence' was because even though he himself is not able to get viruses, nothing is stopping him from spreading them if he mails on an infected word document or the like.
Even macs are not free from macro viruses :)
Having some kind of antivirus software is helping the overall network and is not overcomputing by a long shot.
 
The moral

I think the moral of the story is.... If you're gonna download from Lime Wire, surf porn and click on all the popups, try out every software known to man, even if you have no clue what it does, and anything within these lines, then get an AV software.

But if you have a bit of sense about your computing habits, and keep the above to a minimal or not at all, then you should be OK for the most part.
 
It looks like other people have cleared up the questions from my comments, thank you.

And to the post above, sure you can get AV software for the Mac. At the end of the day, when the first virus hits we are all screwed. Even those who have AV software. The only advatage you would have is having the app on your machine to download a definition to fix it, whenever that comes.

I guarantee you that if a virus hits, many people will download some kind of AV software. At this point, there is simply no need.

thomasp said:
I am connected to a network with around 4,500 other machines (Mac & Windows) and share a lot of files with Windows users. Hence why I have AV software.
Click to expand...

Yes, and you need it. Suggesting that others need it who are not in the same situation is what I am going against here. There is simply no point. And it isn't a requirement for safe computing on a Mac as things stand today.
 
I actually was thinking about this one time. It's fairly simple to hose a Mac OS box with a Windows virus.

Step 1: Write a virus that affects Windows in Boot Camp and tells it to look for and wipe out other partitions on the disk. Alternatively, have it try to look for the "Shared Folder" on VMware or Parallels (I believe it's turned on for both by default) that connects to the Mac OS volume and erase everything the user has access to (which, assuming you're an admin, would be a lot of stuff on the disk).

Step 2: Pass the virus along.

Step 3: Profit!

As for spyware, that's only really a matter of time. Most spyware gets on people's machines by kids who download P2P apps. Or installing the latest "cool screensaver". All you have to do is get the user to quickly type their password in while installing a new app and bam -- you got your keylogger on their box. As more people turn to Macs, this will be more profitable for the people who create spyware.

You don't need to take the "traditional" route to kill a box.
 
SilentCrs said:
Step 1: Write a virus that affects Windows in Boot Camp and tells it to look for and wipe out other partitions on the disk.
Click to expand...

And that's where you end your little quest.

Out of the box, Windows can't see or deal with HFS+ formated volumes. So you better make step one, "find a free way to cope with HFS+", and then continue your steps.
 
yellow said:
And that's where you end your little quest.

Out of the box, Windows can't see or deal with HFS+ formated volumes. So you better make step one, "find a free way to cope with HFS+", and then continue your steps.
Click to expand...
But he is right about the Mac shared folders that Windows can see from Fusion/Parallels.

I turn off those default shares. I share a Windows folder that I can reach from the Mac side. If I really need to share a Mac folder I want to reach from the Windows side, I make it a dedicated folder that I'm not worried about hosing, but I certainly don't share my user directory.
 
RaceTripper said:
But he is right about the Mac shared folders that Windows can see from Fusion/Parallels.
Click to expand...

That depends quite a bit on the level of control and protection the user allows within the Parallels application.
IIRC, the security option is set to "med-high" by default? I must assume there are some safeguards in place to disallow traversal of the file structure on the Mac side. About the limit of the possible damage would be to erase the contents of the shared folder, unless one was really stupid and chose the root of their hard drive as the "shared folder" (assuming that's possible). It usually not possible to protect people from themselves, otherwise, IT support jobs would be much fewer in number. ;)

I am unfamiliar with VMWare Fusion.
 
yellow said:
That depends quite a bit on the level of control and protection the user allows within the Parallels application.
IIRC, the security option is set to "med-high" by default? I must assume there are some safeguards in place to disallow traversal of the file structure on the Mac side. About the limit of the possible damage would be to erase the contents of the shared folder, unless one was really stupid and chose the root of their hard drive as the "shared folder" (assuming that's possible). It usually not possible to protect people from themselves, otherwise, IT support jobs would be much fewer in number. ;)

I am unfamiliar with VMWare Fusion.
Click to expand...
That was my point.

I use Fusion. It works pretty much the same way. You can setup Mac folder shares in the Fusion settings for the Windows VM.
 
yellow said:
And that's where you end your little quest.

Out of the box, Windows can't see or deal with HFS+ formated volumes. So you better make step one, "find a free way to cope with HFS+", and then continue your steps.
Click to expand...

That's funny. When I go into Boot Camp I see the HFS volume as an unrecognized partition. You can erase unrecognized partitions fine -- Windows doesn't care. That's why, in the original Boot Camp beta instructions, they asked you to be careful not to delete the wrong partition.

I mean, think about it. If I take an HFS+ disk out of a Mac Pro and stick it into a PC tower, I can erase it in Windows in two seconds.

You don't need to read a partition to do damage to it.
 
SilentCrs said:
That's funny. When I go into Boot Camp I see the HFS volume as an unrecognized partition. You can erase unrecognized partitions fine -- Windows doesn't care. That's why, in the original Boot Camp beta instructions, they asked you to be careful not to delete the wrong partition.

I mean, think about it. If I take an HFS+ disk out of a Mac Pro and stick it into a PC tower, I can erase it in Windows in two seconds.

You don't need to read a partition to do damage to it.
Click to expand...

But that's only one kind of attack, and one of the least interesting ones to a hacker. Hackers want to put invisible processes on your machine to gather information about you and take control of your machine for DDoS attacks, spam networks, etc.

That said, I'd still be hard pressed to go through with Boot Camp for that reason. :eek:
 
nando2323 said:
I think the moral of the story is.... If you're gonna download from Lime Wire, surf porn and click on all the popups, try out every software known to man, even if you have no clue what it does, and anything within these lines, then get an AV software.

But if you have a bit of sense about your computing habits, and keep the above to a minimal or not at all, then you should be OK for the most part.
Click to expand...

I disagree. On a Mac, even if you download from Limewire, surf porn, etc., you still will not get a virus because none exist for OS X. Keeping P2P and porn to a minimum have nothing to do with it. Sense is only required when installing applications. Do not install any application that is not from a trusted source. That is all the sense you need.

The moral of the story is this: The only reason to run AV software on a Mac is if you are sharing files with Windows users and you don't want to pass on an infected file to them.

If you are not doing this activity, or don't care about passing on such files since all Windows users should be protecting themselves, then you have no need to run AV software.

I do not run, nor have I run, any AV software in almost 4 years.
 
I read this thread today, then while I was browsing the net for info on Apple's Time Capsule, I stumbled upon this and thought it might be relevant to the thread. I have no opinion myself on the article as I don't even yet own a Mac (soon, but not soon enough).

Here is what the article says:

"Security researchers at SecureMac say they've spotted Mac OS X malware in the wild capable of taking firm control of a victim's computer. The company says that distribution of the Trojan currently appears limited, though its warns it could escalate soon."

"With the rise in popularity of Apple's (Nasdaq: AAPL) Mac computers and the OS X operating systems they run, dangerous malware , viruses and Trojans are now being targeted for the Mac, too. The most recent case in point comes courtesy of a security advisory released by SecureMac. The advisory warns that multiple variants of a new Trojan horse -- out in the wild -- is ready to run roughshod all over OS X 10.4 and 10.5.

SecureMac notes that while the Trojan, which is based on AppleScript and currently called "ASthtv05," is only being distributed from a hacker Web site at the moment, discussion has been edging into how it could be distributed more widely."

There is more to read and here is the link:

http://www.macnewsworld.com/story/Tiny-Trojan-Trots-Into-Mac-OS-X-Turf-63504.html

I'm not trying to fuel the fire, just thought it might be an interesting read/discussion.
 
dbardwell said:
Hi! I received my refurbished 24" 2.8 GHz a few days ago and purchased separate RAM (4 GB) and installed it yesterday. Today I partitioned the hard drive so I can use a couple of MS programs using Windows XP SP2. So far so good. I purchased the Mac Extreme router and set up high-speed wireless today. After all that, I still feel uncomfortable without any virus/spyware protection. I've looked at Net Barrier X4 or X5 from Intego and also MacScan 2.5 and Avast! Mac Edition. Does anyone use any of these or have any recommendations?
Thanks
Click to expand...

Are you running AV and spyware software on the Windows XP installation? That would be your first line of defense.

Mac's are also vulnerable to virus's, but there has been little effort made in developing them. Windows is a much bigger target.

Sooner or later somebody will develop an iPhone virus or malware. When that happens you may see an increase in Mac virus's in the wild due to the OS similarity.
 
gehrbox said:
Are you running AV and spyware software on the Windows XP installation? That would be your first line of defense.

Mac's are also vulnerable to virus's, but there has been little effort made in developing them. Windows is a much bigger target.

Sooner or later somebody will develop an iPhone virus or malware. When that happens you may see an increase in Mac virus's in the wild due to the OS similarity.
Click to expand...

Ah the good ole security through obscurity argument...

I think the first assumption here is that if there are viruses for Macs, we are going to have the same model as Windows for protecting ourselves against them. I think it is more likely for their to be a first party solution in the way of security patches, etc.
 
Eraserhead said:
Not on AppStore they won't. That's the advantage of it being closed.
Click to expand...

Concerning Malware - The AppStore is only one method available to get apps on an iPhone. Apps under development may themselves open the door to infection or backdoor access.

Virus's do not require access to the AppStore. New holes are found all the time in OS X security. The potential is there, just not the interest.
 
macintosh tech said:
Ah the good ole security through obscurity argument...

I think the first assumption here is that if there are viruses for Macs, we are going to have the same model as Windows for protecting ourselves against them. I think it is more likely for their to be a first party solution in the way of security patches, etc.
Click to expand...

So you think Apple is going to protect you from all forms of malware and virus's by providing security patches? I suppose there is some excuse for the following then:

http://www.computerworld.com/action...articleId=9072959&taxonomyId=89&intsrc=kc_top
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back