Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Mac Anti-Virus: Why I Don't Use Any!
Low-end Mac ^ | October 18, 2015 | by Simon Royal

Posted on 10/18/2015 10:27:26 PM PDT by Swordmaker

Mac Anti-Virus: Why I Don’t Use Any!

Simon Royal - 2015.10.18

I had a short-lived experience using anti-virus on my Mac. Why don’t I use it anymore?

antivirus-header

Mac anti-virus has always been a talking point amongst Mac users. We sit smug behind our ‘secure’ Apple computers, poking fun at Windows users and their constant battle with anti-virus suites and malware protection.

The number of Windows computers I get asked to look at because they are running slow and the culprit are viruses and junk-ware programs that hog system resources and take over their browser is ridiculous.

In early 2014, I briefly tried out Sophos Home Edition for Mac and had every intention of keeping it installed ‘just in case’. After all, it is better to be safe than sorry. But after a few weeks, I removed it. Apart from a the test eicar virus, it detected nothing on my Mac nor any drive I plugged in to it.

I had in the early days of OS X also tried ClamXav, but I didn’t continue with this either.

There is something unnatural about having anti-virus protection on OS X. I don’t want a background process taking up system resources – however small it is. Some suites on Windows can choke a machine and bombard you with pop-ups, notifications, and updates, and that would drive me insane.

Mac users are very complacent regarding the safety of their computer. Deep down we all know our beloved machines aren’t impenetrable – but we also know that OS X with its Unix/BSD base is built in such a way that makes it very hard to get to.

Linux users are in the same boat. Their *nix base and minority operating system means most will sit with the same attitude as Mac users and use no protection even though there are a few Linux infections around.

Most of the issues surrounding OS X in the past few years have been about security, Java, or Flash – and this is handled by Apple and Adobe releasing a patch.

2012 saw 600,000 Macs worldwide infected with the Flashback Trojan – although personally I don’t know anyone who was infected by it. This is the most well known attack I am aware of.

There are dangers for OS X out there in the wild, and any Mac user with an ounce of knowledge knows this. However, until there is a real risk of my machine being seriously infected by something extremely nasty, I am going to continue to sit here without any protection – just a bit of common sense what sites and places I visit and which links I click on in emails.

The major reason for using anti-virus on a Mac is to prevent a Windows infection being spread around.

Keeping your computer clean is your responsibility – not mine. If you choose to use an operating system that requires constant looking after, that is your problem. Yes, this may seem arrogant and selfish, and it could come back to bite me when OS X gets taken by surprise, but I’m willing to take that risk.

What’s your opinion? Perhaps you are a Mac user wondering what to do, or maybe you are a Windows user looking in.

I had two Macs in my office whose UUIDs were listed as being among the infected members of the FlashBack MacBot. . . but one was a dedicated single purpose Mac that had never even been on the Internet and did not even have Java installed, and the other also did not have Java, but was on the Internet. Neither showed any signs of infection. . . or being a member of the bot, which was easy to determine.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: apple; applepinglist; mac; macantivirus; malware
"2012 saw 600,000 Macs worldwide infected with the Flashback Trojan – although personally I don’t know anyone who was infected by it. This is the most well known attack I am aware of."

There's a very good reason You don't personally know anyone who was infected by the Flashback Trojan, Simon: it was a HOAX perpetrated by Dr. Web, a Russian Anti-Virus software publisher who was trying to sell their new Mac Anti-virus for Business app. Dr. Web Claimed to have what they claimed was a honey-pot server they had built to intercept the "infected" Macs as they "called home for instructions" from the malicious server of the bad guys. . . but that was NOT actually what they had. Instead of a honey-pot, they had a server with a list of Mac UUID's of 600,000 Macs, many of which had never had Java installed—a requirement to be infected, ever been sold yet, or in many instances, even been manufactured yet! Many of the so-called "infected" Macs whose UUID's were on Dr. Webs' so-called honey-pot's list of infected Macs were found to be NOT infected, did not have Java installed (Java was not a default install on OS X), and some had not even been on the Internet to even be infected at all! In fact, NOT A SINGLE INFECTED MAC was ever found in the wild!

At the time that Dr. Web announced their finding of this 600,000 MacBot, the vulnerability that Flashback Trojan utilized had been CLOSED for over six months and Apple had the Trojan's signature in its Gatekeeper for that entire length of time. To even GET infected with this supposed Trojan, all 600,000 Macs would have to have visited an obscure Russian language website and downloaded character definitions for a Russian language role-playing game that had only had under 20,000 downloads of the game. . . but they would have us believe that under 20,000 game players of a Russian language game somehow persuaded 600,000 English-only-speaking Mac users in America and the UK (95% of the supposed infected machines were apparently located in the US and the balance were in Canada and the OK, and only 2% were Windows machines????) to connect to download malware loaded character definitions for the game???? I really don't think so.

In any case, within a week of Dr. Web's hyped announcement of 600,000 infected Macs, the number claimed had dropped to under 250,000, then later that week to under 180,000, then later to under 120,000, then under 86,000 then dropped completely off the news cycle as NO ONE FOUND any infected Macs in the wild!

1 posted on 10/18/2015 10:27:26 PM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Why I don't use Mac Anti-Virus from Low-End Mac. . . — PING!


Opinion from Low-End Mac about
not needing Anti-Virus on Macs
Ping!

The Latest Apple/Mac/iOS Pings can be found by searching Keyword “ApplePingList” on Freerepublic’s Search.

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 10/18/2015 10:30:10 PM PDT by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

I’ve been running several flavors of Linux since 1994. Have yet to have a virus infection on one of them.

Root kits? Might have had one. Not sure about that.

Never had a adware attack.

But I do not use Adobe Flash. Most of the time I only enable the minimum java needed to render the screen.

Latest install is set up to use TLS only secure shell when logging in.

Am pretty happy with this install. Debian with XFCE packages.


3 posted on 10/18/2015 10:46:08 PM PDT by Texas Fossil ((Texas is not where you were born, but a Free State of Heart, Mind & Attitude!))
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

IMO, MacKeeper has poisoned the well. Everything I have ever read and everyone I have talked to with any experience regarding the product has warned me to stay as far away from that thing as I can.

Yet almost everywhere I go online, whenever the website detects a Mac on the other end, up pops these persistent and aggravating ads that use increasingly sneaky tricks to try and get me to download and install the program.

Even if a anti-virus program for Macs came out that was solid gold, I wouldn’t trust it at this point. It may not be rational, but it’s the way I feel.


4 posted on 10/18/2015 10:53:31 PM PDT by Ronin (Blackface or bolt-ons, it's the same fraud. - Norm Lenhart)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker
I have a problem with this article, in particular where it says:
There is something unnatural about having anti-virus protection on OS X. I don’t want a background process taking up system resources – however small it is. Some suites on Windows can choke a machine and bombard you with pop-ups, notifications, and updates, and that would drive me insane.

Mac users are very complacent regarding the safety of their computer. Deep down we all know our beloved machines aren’t impenetrable – but we also know that OS X with its Unix/BSD base is built in such a way that makes it very hard to get to.

I have two things to say about this.
  1. There is nothing "unnatural" about protecting any computer against threats.
  2. While OS X is indeed built on BSD Unix, this means nothing in the case of a human engineered attack that uses the HUMAN OPERATOR as a vector.
I find the article disingenuous. That said, I don't bother with anti0=-virus on my Macs either. But I'm extraordinarily careful where I go on the internet, what I click on, and what I open in email.

These days the "BSD Unix" defense is not worth as much as it once was. And you know, Swordmaker, that I am a Unix-head at heart, and believe that it is the strongest operating system in common use, bar none.

As a System Admin, I see malware emails blocked every few minutes in my corporate firewall. Very few are the old-style direct attacks on an OS. They're almost all attacks on the users.

HUMAN OPERATORS can -- and DO -- compromise any operating system, no matter how intrinsically strong. I'm not sure I like the author's cavalier attitude regarding the real vectors in use these days -- particularly phishing and spear phishing attacks, never mind things like leaving a few infected USB flash drives in the company parking lot for employees to pick up and carry inside...

5 posted on 10/18/2015 10:57:13 PM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 2 | View Replies]

To: dayglored
Oh yeah, something else:

> I don't bother with anti-virus on my Macs either. But I'm extraordinarily careful where I go on the internet, what I click on, and what I open in email.

I believe strongly in disaster recovery preventative measures. On my Macs, I use Time Machine religiously.

And I do a complete TM backup every so often IN ADDITION to the normal incremental one, as a total snapshot of my system in case the TM archive gets eaten or corrupted.

And I use a variety of separate media -- no point having all your backup eggs in one basket.

And my main archive is a mirrored RAID-1.

Belt, suspenders, and a skyhook.

6 posted on 10/18/2015 11:13:18 PM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 5 | View Replies]

To: Swordmaker
Re: “...just a bit of common sense about what sites and places I visit and which links I click on in emails.”

I've used Windows for 20 years.

If the author used Windows, and if the author followed his own advice, he would have had almost no problems with Windows, either.

I've had 4 viruses in 20 years. Two of them after opening or downloading Adobe documents.

I currently have a virus that attacks and shuts down my McAfee firewall and gives me a pop-up that wants me to download a software program.

I've done a half dozen full computer scans, and I have no idea where this thing is hiding, or where it came from.

Intel has purchased McAfee, and a few weeks ago they shut down the McAfee Help Desk and the User Chat Room, so I don't even know how to alert McAfee to the problem.

There are many posts on Google about this pop-up, and many very complicated suggestions about how to stop it, but there is no way to verify these solutions, so I have not tried any of them.

So, obviously, Windows is not perfect, but 4 viruses in 20 years, for the most widely used desktop OS in the world, is not a bad record, either.

7 posted on 10/19/2015 12:13:39 AM PDT by zeestephen
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
It's not just the virus's in Windows, it's all the other crapware you have to worry about.

I can't tell me who much time I used to spend just cleaning up Windows, it was at least once a month. You shouldn't have to run all of these programs just to keep the system stable.

8 posted on 10/19/2015 3:03:20 AM PDT by amigatec (2 Thess 2:11 And for this cause God shall send them strong delusion, that they should believe a lie:)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

I’ve had only Macs for well neigh on to 20 years—and never a problem, as far as a virus is concerned.


9 posted on 10/19/2015 3:39:16 AM PDT by basil ( God bless the USA!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: zeestephen; Swordmaker
I have about the same experience on windows as zeestephen, about 2 or 3 viri over the decades. One was when I was phished years ago before the term was popular. Another was stupid Adobe acrobat like zee.

The author of the article doesn't have very much information on Windows security and definitely misses the main point. Which is that Windows relied on security through obscurity and MS has slowly added access control. In contrast Mac and Unix started with nearly complete access control. The main point is that defenses like least privilege and access control are open and relatively simple and meant to be scrutinized. The result is very few privilege escalations on MacOS. We talked about one in a thread once. It was a genuine threat, but easy to patch. So easy, I figured out how to patch it myself. Try that on Windows.

Another Windows problem: for performance reasons Windows had graphics code in the kernel and paths from external input to that code. Enough stupid stuff like that makes for a robust supply of potential vulnerabilities.

10 posted on 10/19/2015 3:41:36 AM PDT by palmer (Net "neutrality" = Obama turning the internet over to foreign enemies)
[ Post Reply | Private Reply | To 7 | View Replies]

To: dayglored
And I do a complete TM backup every so often IN ADDITION to the normal incremental one, as a total snapshot of my system in case the TM archive gets eaten or corrupted.

Everything you said is excellent advice, regarding being careful bringing data into the Mac, and backing up your data. I also use a mirrored RAID-1 external enclosure for my main archive where my Time Machine backup folder resides. Here is why a full TM backup is warranted every so often:

Sometimes Time Machine will have a corrupted incremental. When I have migrated data from an old drive to a new one, sometimes not all the Time Machine incremental backups get copied due to a corrupted file. Rarely happens, but it can happen. I use the Finder Copy operation to copy the backup folders between hard drives. Promptly followed by a full backup to the new backup folder. Recently upgraded to a pair of 6TB drives from 3TB in the RAID-1. I keep the old ones with the data for a while as insurance.

11 posted on 10/19/2015 5:08:17 PM PDT by roadcat
[ Post Reply | Private Reply | To 6 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson