AV on OSX?

Then you should remove those AVs that detects on-access.

 

He turned on-access off and used it as on-demand.

 

I mean certain products tested will detect the malware when it's run and not when is scanned

 

okay great. he starts a VM, "updates the antivirus software" and then disables network access. i wonder why the nearly purely cloud-based product didn't fare so well

and this. if wsa can't query the cloud for a file or behavioral conviction, what's the point? it's kind of how the product works.

 

Not necessary to run AV on a Mac. Its UNIX and therefore not susceptible to viruses. I've never heard of a Mac OSX virus in the wild.

 

There's quite a few trojans and keyloggers though.

 

Unix other then OpenBSD has it's weakness too. Mid page, read below header "The Crux Of The Matter"

http://www.kernelthread.com/publications/security/vunix.html



There are not many true "viruses" for windows either, anymore. Most of it is third party programs being the entry way into Windows. But this, old Mac folklore and almost dogma that Macs don't get viruses, when they CAN (but with very less frequency) get all other types of malware that can completely bypass authentication and XProtect/GateKeeper. Second paragraph, the exploit by-passed Apples GateKepper without a problem.

http://www.intego.com/mac-security-blog/pint-sized-backdoor-for-os-x-discovered/

Authentication by-pass and elevated privileges malware will pwn a Mac with ZERO knowledge of the best of users. Look at the 800,000 Macs that were taken over by a Java exploit. Granted most of us don't run Java in the browser anymore and have newer OSes that don't have Java loaded by default from Apple.

The Roger A. Grimes corollary, "what ever is most popular, will be attacked the most."

Macs have 10 to 12% world wide, so really not that popular. Which is a good thing for us Mac users. So really it is true, the Mac has some security through obscurity. "What ever is most popular, will be attacked the most".

.

 

Just don't use Java and Flash and don't install software you don't know about. See the AV comparatives test for Mac. I wouldn't install one of those crappy programs.

 

Yes, I can definitely understand why WSA, a cloud-based scanner, was the second-to-worst product in this on-demand scan test:

 

what about kaspersky its good suite even for mac best part is it block bad websites and protect against like fake flash attacks ...etc

and best part is looks

if you look for free one than you can try sophos and avast they are good free ones

http://www.kaspersky.com/security-mac

 

Adding some interesting comments on OSX security.

http://news.cnet.com/8301-27080_3-10444561-245.html
https://discussions.apple.com/docs/DOC-3291
http://www.smh.com.au/digital-life/...hat-macs-dont-get-viruses-20120703-21ei4.html

I was looking for a very nice comparison that I heard from Luis Corrons quoting on Panda Security Days in Sweden 2012. I only found something very similar to that original (with an Linux addition).
"OSX is like an unlocked barn in the middle of nowhere. Windows is like an apartment with a deadbolt and bars on the windows in the worst neighborhood in town. Linux is like a survivalist bunker in the middle of the desert."

And of course, https://shop.pandasecurity.com/cgi-bin/pp/reg=US?id=A12PMACESD1&track=54354 I have no personal experience of this Panda product since I do not own a Mac.

 

Mac doesnt have drive by self installing malware, it doesn't have worms and viruses. It doesn't have autoboot autoload USB malware, it doesn't have boot viruses and all that crap.
It has trojans and as long as you don't have Java or Flash on your Mac (which is bs nowadays cause they are so completely obsolete for 99% of all home users) they cannot install without your admin password and clicking away 2 warnings.

I use both systems and I like both. I do believe that Mac will be a target in the future but now it isn't dangerous to use it without those memory eaters.

And believe me, even if windows has bars on its windows and all, there is no point if most of standard users leave the door wide open or installing HIPSes and by clicking the wrong button allowing malware to go in and out unrecognized.

 

OS-X is far from a open barn unless your running an old version.The New Mt Lion has added new features that keep it pretty safe,as you can read here http://www.intego.com/mac-security-blog/new-security-features-in-os-x-mountain-lion/

 

What the heck do you mean OS X has no drive-by malware. Who taught you that? What do you think the Java exploit was that pwnd 800,000 mac was?

This appears to be a drive-by too.

http://www.intego.com/mac-security-blog/pint-sized-backdoor-for-os-x-discovered/

All you need is an exploit and throw it into an i-frame redirect and you have a drive-by. OS X will be attacked just like windows when someone want to do it, just like the half halfhearted successful Java flashback attack that pwned 800,000 Macs.

Add some Mac exploits to the Blackhole 2.0, Phoenix, Cool, and Sweat Orange exploit kits and you will get some Mac news. That has not been done yet, thank God. It could happen very easily, if organized crime wants too lift a finger to do so.

.

 

I agree,I bet a lot of the 800,000 Mac user that got hit where scratching there heads wondering how there macs got infected.I was not one of them thank goodness but I also use common sense and don't live on a false sense of security that my OS X is Bullet Proof.

 

To top it off, the Mac people who think OS X is SO secure, then why is it delivered with the firewall disabled? What that means when you go mobile to places like Starbucks and Panarea Bread. Panarea has a small hacker following for hackers because their whole network is "one". So a hacker in Calif. can hack Mrs. Mac laptop in Iowa that HAS NO FIREWALL enabled !!!! Throw a Mac Metasploit exploit at it and you are in.

Good stuff is coming from David Rice and the gang at Apple, but to little too slowly. Why David Rice lets all OS X machines get sold with the firewall disabled is scary. I thought that kind of stuff would be changed when Steve passed.
.

 

I love my macbook Pro but for the macbook users that have there systems on a pedestal look here and then update your systems http://www.h-online.com/security/ne...ixes-for-new-Java-Web-Start-hole-1824127.html

 

it's a rhetorical question, but it has a simple answer: usability. the OSX firewall isn't terribly user friendly. it needs work. the back-end part of it is fantastic and proven secure when configured as such. however, apple needs to improve the front-end to require less interaction, or at least make it conform to their UX guidelines, but c'est la vie.

thread is drifting out to sea.

 

I see no issue with the OS X firewall. I have 5 Mac on my home network and setup many non geek new Mac owners and have never had a call. The firewalls calls out most of the time when it wants to let a program open up a port.

It is just bad security policy on Apples part. Windows has had a firewall by default since XP service pack 1. You plain and simple don't let the whole side of a house open in a hurricane, as Apple does.

 

The Firewall should be on by default.IDK what Apples thinking is for not turning it on and I dont think its going to barrage a user with popups if it is on by default.Maybe there worried that users may experience internet connection issues so to prevent it they default it to off.IMO its like installing a real time antivirus and the engine is off by default.

 

The firewall has zero issues with the internet connection. It is all about itunes and inner file sharing. The firewall calls out when it needs to open a port and for what, so for 80% of "non tech" and I am saying here almost none of you on this board are non tech, need to ever use the "callouts of help" of the firewall. Why is ok that 100% for Windows XP, Vista, Windows 7 and now Windows 8, they have the firewall enabled as default. There is no need for "the pansy a$$ security team at Apple to disable the firewall.

I know I speaking for the choir to most on this, but "some" justify Apple's illogical move to disable the firewall , so I am beating the dead horse!! Windows has had it enabled for 25 years. Apple needs to get with the program!! ; )
.

 

I had no issues either I soon as I fired up my new mac and went through the initial setup,I immediately went and turned on the firewall to block all inbound connection and zero issues and behind a router firewall.
BTW,Thanks Blue for the explanations and agree with you.