Is antivirus software a necessity with the “rise” of MacDefender and others?

Question

I have heard broadly about the so-called "rise" of the Mac viruses. Apparently, there is a "whole new deluge" of Mac viruses. So far, I have gotten nothing that I can see.

But I'm beginning to wonder if this is a real danger and if I should take steps to protect my computer. I know that the Mac OS is very secure - that's part of why I use it - but is antivirus needed? I'd prefer not to have to use it - I've seen many PCs with antivirus that are slow because of it - and also because of the cost. Maybe I've just gotten lucky.

So: Is antivirus software a necessity with the "rise" of mac viruses?

I'd count Apple/security experts as good sources.

Answer 1

I say no, and while MacDefender is not something I would ever install, it is an app you must install to be "infected" by it. Malware, crapware, bloatware or any other name it is not a virus which replicates itself without your knowledge or permission.

In a corporate environment you may be required to install some kind of email scanner because you will undoubtedly receive PC viruses in email from time to time - sometimes I have seen them arrive in hotmail etc. Having one may help stamp out the problem in the office but I have never encountered and never even read a reliable report of a Mac virus.

If you did want to install antivirus software, there's a good list in this AskDifferent answer - you might want to make an IT Manager happy, for instance.

Update April 2: This is also not a virus but a trojan - but it is worth knowing about. Ars Technica report on a new Trojan targeting Mac OS X

Answer 2

Good security software does not just think of viruses

Advanced Windows security software usually includes other features besides (live-) scanning the computer for infections. They also provide protection from:

• Phishing attacks (attempts to steal your passwords)
• Spyware (exploiting private information)
• ...

OSX maintains a list of malicious software which you can update automatically (System Preferences → Security & Privacy → General).[1]

If you want advanced protection by a specialized company, I'd say go for it. But if you use your computer sensibly and browse the web carefully, there is no need.

Security patches

The renown german IT website Heise says that Apple can take months to fix a known security vulnerability. Microsoft on the other hand, takes threat reports very seriously. They encourage communication with the 'community' in providing security patches. "Replies from Apple are not to be taken for granted," they say.

Third-party security companies generally provide protection from newly discovered threats quite fast.

Working in a Windows environment

At the university I exchange files via flash drives or emails on a regular basis with Windows users. Some of those flash drives have been exchanged between lots of users which led me to use antivirus software myself in order to minimize the possibility of transmitting threats.

I've been using Sophos Mac Home (free) for a long time. Sophos updates it's signature list frequently. While the live-scan does not seem to add any significant CPU load most of the time, there are cases where it impacts the use quite noticeably. I'm thinking of repairing permissions lasting more than ten minutes instead of just one or spotlight indexing.

_{1 - Heise reported that this list contains only a relatively little amont of signatures and a smart attacker can easily bypass it. As of now, this security features is rather to calm down the user than offering advanced protection. Their words are that "any virusprotection software provides better a better solution".}

Answer 3

The whole "immune to viruses" myth is completely false. When Windows controlled 90% of the market share, Apple got away with "security through obscurity." This means Macs were generally safe because the virus writers attacked the largest market, Windows; however, now that Apple has grown in popularity, more viruses have been reported, and the number will continue to increase. Since Apple has relied on obscurity, its security is actually very weak. It is easier to exploit a security hole on a Mac, but less have taken the time to do so.

Also, Macs are a bit nicer when they crash. Since there is no "blue screen of death" or scary error messages, many users never even suspect that a virus might have caused the crash.

Still don't believe me, eh? Well, considering it only takes10 seconds to hack, I'd say there are some vulnerabilities.