Keeping Your Mac Malware Free
By Ed Oswald | Tuesday, April 21, 2009 at 1:47 pm
(Ed: Sorry we’re a day late this week!)
My post last week on Mac botnets created quite a stir here on the site. The assertion I made (to the consternation of some) was that it was time for the Mac community to swallow their pride and download and employ anti-malware applications. While several of our readers vocally disagree, i continue to hold this position. Simply put, there are too many valid reasons to protect ourselves.
Let me be perfectly clear that I do believe that Macs will never become as malware and virus-ridden as our PC counterparts. It is all but a fact that the Mac OS operating system has been built to a higher degree of security than Windows has only recently begun to even come close to matching.
At the same time, Mac is gaining increasing popularity. Security experts have often argued that it is not only Apple’s more secure code base that immunizes it from attack, but also its small market share. Think about it: if you were writing a virus that was aiming for worldwide attention, which platform would you pick? With Apple’s increasing user base, Macs will become an ever more popular target.
Add to this that hackers are now hard at work attempting to break into the Mac. At hacking conventions, the newest craze seems to be “Hack a Mac” contests. There has been a fair degree of success — some vulnerabilities have been discovered. While Apple does have a superb track record in catching these flaws before hackers do, there could come a point where the tables will be turned.
I’d argue dropping the ball is why Microsoft has such a significant security problem. While yes, part of its troubles has to do with the fact that it didn’t it seriously until recently, hackers are one step of the company, meaning Microsoft has to rush to fix a lot of holes after the fact.
There’s one more major reason why antivirus is important, and that’s everybody else. Sounds odd I know, but Macs can become a carrier. Kind of like a insect (no negative comparison toward Mac intended here) that carries an disease from one infected animal to another, we may never know the payloads we’re delivering to our Windows friends.
In a perfect world, we’d like to imagine everybody’s running a Mac — they’re obviously not. So we’re dealing with potentially vulnerable computers every day. If we’re commonly in a mixed-OS networked environment, this is even more important.
A unprotected Mac there could essentially be considered a security risk. That’s why especially in those situations I’d highly advise antivirus software.
Three standout programs exist in this arena: Norton Antivirus from Symantec and Intego’s VirusBarrier. A nifty benefit of both programs is along with offering the programs seperately — for $50 and $60 respectively — you can pick them up bundled with the Windows versions of these apps for $70 and $80 respectively.
Both perform what is called heuristic scanning, which looks for signatures of possible malware before it may be officially added to a definition file. This is beneficial to the Mac user because its going to be fairly likely that any new threats that appear would happen without any warning.
Another item that may be worthwhile to use if you’re a Firefox user is McAfee’s SiteAdvisor toolbar. I’ve been using this for quite awhile. It adds a button to the bottom right hand corner of your status bar that changes color depending on the sites rating in McAfee’s database.
It also displays these ratings in search results, so you can search with confidence knowing you are not going to any potentially malicious site. That is offered at no charge.
So be smart, don’t be smug. Protect yourself.
(P.S. I’m interested in hearing what other virus/malware/phishing protection apps you might be using on your Macs. Let us know in the comments!)
11 Comments
Read more:
11 Comments For This Post
April 21st, 2009 at 3:28 pm
I’m not against running something like this on my Mac if it caught something. Have you ever caught anything? If so, specifically what?
April 21st, 2009 at 3:39 pm
Me specifically? No. But I think I laid out the reasoning fairly plainly and less abrasively than I may have in the post before. 🙂
April 21st, 2009 at 4:18 pm
I use no security software on my Mac. Instead I rely on a heavy dose of paranoia. 😛
April 21st, 2009 at 4:28 pm
I don’t think your post created a stir, it’s just that some people disagree with your take. Last time I checked, the discussion was civil.
I’m not running an anti-virus because I consider it useless at this point. Mac users who are constantly exchanging files with Windows users can use ClamXav. It’s free. And it has nothing to do with pride, I’m not responsible for writing the kernel or anything at all. I brought a Mac and that’s it.
Despite the Mac’s increasing popularity, the user-base remains tiny compared to the several hundreds million Windows users. It won’t change anytime soon, if ever. In a recent interview Charlie Miller said that, for a hacker, the “market value” of a Safari vulnerability is much lower than that for an IE 8 vuln “by about a factor of ten.” It pays off handsomely to attack IE 8 and Windows.
http://blogs.zdnet.com/security/?p=2941
I’m glad for all the hacking contests because the organizers are reporting the bugs to the vendors. Without these contests, there would be less incentive for researchers to examine the code for vulnerabilities. It helps make the code more secure for Mac and Windows users alike. Hopefully, it helps keep Apple on its toes. Now that the issue of anti-exploit mitigation has been brought up, let’s hope that Snow Leopard will introduce full ASLR. Apple knows it’s being watched by the press.
April 21st, 2009 at 10:31 pm
This is the last post by Ed Oswald that I will be reading. Ed goes in the pile with the likes of Rob Enderle.
Hopefully, the rest of the Technologizer will remain worth reading.
April 21st, 2009 at 11:00 pm
Thanks for your criticism sfmitch. However, I will point out for the record you have consistently been one of the first to typically comment on my posts. So obviously you’ve been reading quite a bit 🙂
April 21st, 2009 at 11:02 pm
If you’re worried about spreading things to your Windows friends unknowingly, then why pay money? ClamXAV, as already mentioned, is free, and is basically a GUI wrapped around an open source solution.
Apple considers it good enough to include in OS X Server.
Beyond that, most of the exploits in Macs revolve around browsers – use NoScript and be smart.
April 22nd, 2009 at 10:25 am
sfmitch, Enderle? that’s too far..
but come on, Ed, Norton? OK, it’s not McAfee, but clued up Windows users wouldn’t go near it… I think one of the reasons for many users’ aversion to the market leading AV products is that they don’t offer a markedly superior experience to getting a machine-bricking infection..
April 22nd, 2009 at 1:23 pm
Aktariel –
Would you not also agree a significant portion of Windows exploits also deal with the browser?
April 22nd, 2009 at 5:56 pm
You know what I don’t trust. Security software. From my experience and what I’ve read of others – security software, more often than not, causes more problems than it fixes. It also make computers significantly slower. Whether that’s a cause of the software or or OS e.g. Windows, I don’t know. What I believe is that security software is built-in obsolescence, for that matter so is Windows, so that consumers have to continually buy more protective software or new computers with Windows.
June 14th, 2009 at 4:49 pm
I got a couple of viruses in the last month, even though I had Norton anti-virus on my system and AVG – both were installed on my system by a friend. So, I am looking at anti-virus programs, I want to pay cuz my experience with free software has not been all that good. I looked at a few and liked Cyberdefender and PC Tools. I saw this how to activate video on Youtube:
I liked that Cyberdefender seems to be a more complete package, covering anti-virus, trojans, spyware, id theft protection. PC Tools, also had a nice user interface.