Is it generally advisable to get anti-virus software for Mac OS X?

https://apple.stackexchange.com/questions/141

16-10-2019
|

Question

Is it worth to buy an anti-virus software for Mac OS X?

I heard both opinions like "it's not possible to get a virus on Mac OS X" and "Mac OS X is also vulnerable against virus... "

Which is true? What is the accepted practice, if any? Under what circumstances would anti-virus be advisable?

Solution

There is anti-virus software available for Mac OS X:

Intego VirusBarrier
ClamXAV (Free)
Norton AnitVirus Mac Edition
McAfee VirusScan for Mac
Sophos Anti-Virus for Mac (Consumer Version is free)

Is it worth it? That's largely up to you. Personally I'd say unless required there's no reason to so long as you practice "safe computing" (eg. not opening files from just anywhere, being aware of what is installed on your computer, etc.). However there are some companies that require any computer (regardless of OS) to have up to date anti-virus software installed and operational.

There are no viruses available for Mac OS X but there are several pieces of malware and trojan horses that a user must manually download and install. The anti-virus products (and actually a feature in Mac OS X Snow Leopard) will help fight against these threats but the primary defence is actually user education as the attack vector is primarily social engineering and not using any security hole.

OTHER TIPS

Probably goes without saying, but if you run any version of Windows in a VM within OS X, those installs of Windows will need antivirus software on them. A surprising number of people I've worked with (including, on one occasion, a head of IT) haven't thought of that.

No, it's not worth it to buy any antivirus software for your Mac. This is for two reasons. Firstly, the number of viruses in the wold for OS X is infinitesimal. Your risk is extremely low, and what viruses do exist, are mostly proofs of concept or MS Office Macro Viruses targeting old versions of Office.

The second reason is because for what antivirus needs you do have, ClamXAV is lightweight, effective, and free. So no, it's not worth purchasing. But it is absolutely worth using, and if you can spare a few bucks for the tip jar, I'd encourage you to do that as well.

The simple fact is that malware has always existed for Mac OS (OS X and macOS), so the statement that a Mac can't get malware is patently, demonstrably and dangerously false.

A second fact is that Apple has done a good job with technology to make the macOS ecosystem largely immune to most threats. This "immune system" consists of sandboxed application design, entitlements to let developers express intent when they need out of the sandbox, signed code to prevent modifications that turn a known app malicious, App Store distribution, system integrity protection, XProtect file quarantine mechanism with a free online update service.

Historically and for many years; the scarcity of viruses, trojans and other malware that spread widely or affect a broad cross-section of Mac users has contributed to a perceived complacency about good security hygiene. The good news, is macs have a built in multi-layered defense system against virus and trojan/malevolent software. This means that most of the recent exploits rely on people unintentionally sabotaging themselves by self-defeating built in defenses. With a small investment of time, you can significantly decrease the need for additional anti-virus protection on OS X.

The calculus of whether running a specific antivirus package is a moving target (vendors typically react to bugs and threats - so what was true yesterday may not be true tomorrow). This makes general answers about the merits of software easily out-dated in a month's time (let alone the two and a half years that have passed since this question was first asked).

What hasn't changed for decades, is that each user should at least spend some time thinking about what is on their device and how painful total compromise might be to them. Based on how valuable your time is to you, it would be silly for someone that has paid IT staff to advise them to not spend $1,000 extra dollars on evaluating security to include potentially installing anti-virus software. It would also be silly for a casual home user to pay for software rather than invest some time to mitigate known risks in their behavior in response to a healthy fear of the unknown.

There are many cases where additional anti-virus protection is critically important. There are also many cases where it is totally un-needed. I would recommend anyone browse these few Apple knowledge base articles to gauge their "baseline security aptitude" and then reach out and learn more before spending any money on anti-virus software¹.

Use gatekeeper, automatic updates to apps and system files and malicious lists for quarantine.
Protect your computer from harmful applications - the very basics
Safety tips for handling email attachments and content downloaded from the Internet - a good primer on attachments and executable code
Apple ID: Tips for protecting the security of your account - great tips on account hygiene, applicable for all online accounts
Safari: Using encryption and secure connections - starts with the basics, but gets technical quickly. Perhaps better is about certificates to get started.

My only critique of the above articles would be the admonishment to frequently change passwords. This is of limited value when you start making unique passwords and don't as a matter of course enter those passwords on other computers. Changing passwords is of little use when your using them on compromised computers, since the new password is stolen as easily as the old one was.

Once you've mastered the basics, you should have absorbed the following ideas:

how to use the OS X keychain for storing passwords
considered or implemented having a few distinct passwords
and have started securing your account passwords as well as your computer (by applying the tips on Securing Apple ID to other accounts)

After the basics, now it's time to think about increasing your overall security by spending money on anti-virus or a good unique password generation toolset² to automate secure storage of stronger, unique passwords.

Without being proficient at the level of involvement in the linked articles above, spending money and potentially adding instability or slowness from anti-virus software might not make sense for many users. Furthermore, Apple is clearly intent on getting ahead of this problem with the one-two punch of the App Store model where spreading unsafe software installation practices is clearly working with GateKeeper to allow most people to have automated warnings when code is not signed to prevent tampering and assist in tracing the source of malware.

For most Mac users on Lion, the correct answer is to keep running anti-virus if you have it but not to run out and get it unless you have a good reason to spend time and money after getting up to speed on the basics of security.

Since Lion, Apple has hardened the OS faster than bad actors have been able to exploit the OS so for most people and most businesses, not needing additional software as your default option is a sane and probably correct choice.

¹ especially with the likes of Mac Defender preying on people looking for legitimate anti-virus software

² like 1Password

There is a nice article on Mac.Appstrom from yesterday about antivirus on Mac OS X (which ones and do we need them).

Another possible reason install an antivirus software on a mac could be the protection of systems running other operation systems in a heterogenous network. A virus or malware could reside on a mac drive for several time, until it is activated by an other system, on which it can run.

Therefore it may make sense to install anti-virus software on all computers in a network, to keep the whole network clean.

Arriving lately after the legitimate rising of this question I'd like to add here a return on many years and many OSes regular attacks.

There is no Tchernobyl frontier (in 1986, French government announced publicly that the Tchernobyl radioactiv cloud wouldn't cross the country frontiers. Since this official public lie, I name with this metaphor any form of false official security barrier) to protect MacOS X: we live under the same probability
(all operating systems are born equal with approximately the same coding errors ratio:
they are written by us humans who are error prone).
There are many attacks targeting specifically Symantec AntiVirus for 2 reasons (I'm refering here to the huge number of external attacks I see on our external firewall targeting 2967/tcp and 38293/udp = ports used by Symantec anti-virus.):
- (too many security defaults) × (too many people using it) = good target for cybercriminals
- many versions of Symantec AntiVirus failed to install or run on a case sensitive filesystem which is the sign of a weak quality control.
To say it bluntly, a vulnerable anti-virus (Symantec) installed on a robust operating system (MacOS X), may render this last one vulnerable.
Many attacks are targeting directly us (the human seated behind the keyboard), either through booby trapped web servers or HTML formatted E-mail hidding URL toward these booby trapped web servers

The 2 best anti-viruses I'm using on many versions of MacOS X are:

As their name lets guess it, they are based on the same engine. It is pretty good quality software, updated very quickly, and running also on many other Unixes. On some new crapware detected clamav included them within less than 72 h where commercial products took a quiet week (just enough time stop to get many thousand computers infested).

I also appreciate Sophos, because it is running on different OSes, does install and run on a case sensitive filesystem (which is the sign of a serious quality control).

I personally use Sophos. The company I work for uses Sophos with 20,000+ computers, and the Mac version is free for consumer use. I have not had any problems with it running on my machines. It scans relatively quickly, and runs faster & better than any Norton product I've ever used.

Apple is excellent and keeping up with patching the few Mac vulnerabilities that do arise, so anti-virus isn't necessary as long as your not foolish enough to fall for blatant trojans.

HOWEVER if you have a Windows PC with which you share files, it may be worth running anti-virus on your mac to prevent yourself from unintentionally spreading Windows viruses (which are otherwise harmless to Macs).

Note that all anti virus programs for mac are either a hoax or simply check for Windows viruses to prevent unintentional spreading of viruses while file sharing.

Viruses are so 80's. The big money is user information, this is where big companies make a lot of money, like Google Ads. Also Known As Spyware.

Viruses started as a joke, a prank, a way for coders to have fun. Viruses flourished on Microsoft platforms like DOS and Windows because Microsoft never really cared about its customers other than how to sell more and make more money.

MacOS X is a Unix based OS. Unlike Windows, a file cannot do whatever it wants. If it tries to modify your hard disk in any way, outside the home folder, it needs permissions. Permission you give. That makes life, for a virus, seriously hard. Because the goal of a virus is not just to infect your files, that means nothing, it's there to infect your system to infect your OS. To take control of your OS. That's the end goal.

It's not impossible to hack an OS like MacOS X, but Apple is not stupid and, unlike Microsoft, it cares - because safety and reliability is what it sells.

I have owned an iMac for 7 years and I've never had the problems I had with Windows. I see little reason to install a piece of software that will slow down my CPU and offer me zero benefits.

There is no such thing as safety, safety is an illusion. As a matter of fact I have caught viruses on Windows several times using an anti-viruses that was full updated.

If you want real safety, disconnect from the internet and install nothing. This is the only way to be sure.

What seriously annoys me, and one of the big reasons I left Windows for good, was that Microsoft created this culture of "getting a virus is what happens for an OS" like its something normal. It's not normal, it's a serious flaw in the design of the OS, a flaw that survives because customers tolerate it as "normal".

Do not install anti-viruses, you paid for your OS, demand from its publisher to deliver an OS that does what is reasonable to expect to keep you and your files safe. Viruses and malware are unacceptable.

Do you need an Antivirus Software on OS X?

Yes, yes you do need some sort of antivirus app for your Mac OS X and my reason for saying that is simple. Viruses exist for every known Operating System. It is true that Apple’s Operating system for Macs is safer and more naturally protected against Viruses but the REAL truth is that Mac systems are not as popular as the Windows OS so those that make viruses don’t see a need to program viruses for Macs when most desktop users in the world still operate on a Windows OS. So my point is, it is better to get a good Antivirus for your Mac computer now because sooner or later, as OS X becomes more user friendly, more and more viruses will appear...

That's how I look at it too, you can never be too safe.

Licensed under: CC-BY-SA with attribution

Not affiliated with apple.stackexchange