AV on OSX?

Discussion in 'other anti-virus software' started by ncage1974, Mar 8, 2013.

Thread Status:
Not open for further replies.
  1. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Then you should remove those AVs that detects on-access.
     
  2. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    He turned on-access off and used it as on-demand.
     
  3. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    I mean certain products tested will detect the malware when it's run and not when is scanned :)
     
  4. m0unds

    m0unds Guest

    okay great. he starts a VM, "updates the antivirus software" and then disables network access. i wonder why the nearly purely cloud-based product didn't fare so well :rolleyes:

    and this. if wsa can't query the cloud for a file or behavioral conviction, what's the point? it's kind of how the product works.
     
  5. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,415
    Not necessary to run AV on a Mac. Its UNIX and therefore not susceptible to viruses. I've never heard of a Mac OSX virus in the wild.
     
  6. AVusah

    AVusah Registered Member

    Joined:
    Dec 24, 2012
    Posts:
    274
    There's quite a few trojans and keyloggers though.
     
  7. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    Unix other then OpenBSD has it's weakness too. Mid page, read below header "The Crux Of The Matter"

    http://www.kernelthread.com/publications/security/vunix.html



    There are not many true "viruses" for windows either, anymore. Most of it is third party programs being the entry way into Windows. But this, old Mac folklore and almost dogma that Macs don't get viruses, when they CAN (but with very less frequency) get all other types of malware that can completely bypass authentication and XProtect/GateKeeper. Second paragraph, the exploit by-passed Apples GateKepper without a problem.

    http://www.intego.com/mac-security-blog/pint-sized-backdoor-for-os-x-discovered/

    Authentication by-pass and elevated privileges malware will pwn a Mac with ZERO knowledge of the best of users. Look at the 800,000 Macs that were taken over by a Java exploit. Granted most of us don't run Java in the browser anymore and have newer OSes that don't have Java loaded by default from Apple.

    The Roger A. Grimes corollary, "what ever is most popular, will be attacked the most."

    Macs have 10 to 12% world wide, so really not that popular. Which is a good thing for us Mac users. So really it is true, the Mac has some security through obscurity. "What ever is most popular, will be attacked the most".

    .
     
    Last edited: Mar 13, 2013
  8. Bigabe

    Bigabe Registered Member

    Joined:
    Feb 12, 2011
    Posts:
    58
    Just don't use Java and Flash and don't install software you don't know about. See the AV comparatives test for Mac. I wouldn't install one of those crappy programs.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, I can definitely understand why WSA, a cloud-based scanner, was the second-to-worst product in this on-demand scan test:

     
  10. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    what about kaspersky its good suite even for mac best part is it block bad websites and protect against like fake flash attacks ...etc

    and best part is looks :D

    if you look for free one than you can try sophos and avast they are good free ones

    http://www.kaspersky.com/security-mac
     
    Last edited: Mar 14, 2013
  11. swejuggalo

    swejuggalo Registered Member

    Joined:
    Mar 1, 2013
    Posts:
    13
    Location:
    sweden
    Adding some interesting comments on OSX security.

    http://news.cnet.com/8301-27080_3-10444561-245.html
    https://discussions.apple.com/docs/DOC-3291
    http://www.smh.com.au/digital-life/...hat-macs-dont-get-viruses-20120703-21ei4.html

    I was looking for a very nice comparison that I heard from Luis Corrons quoting on Panda Security Days in Sweden 2012. I only found something very similar to that original (with an Linux addition).
    "OSX is like an unlocked barn in the middle of nowhere. Windows is like an apartment with a deadbolt and bars on the windows in the worst neighborhood in town. Linux is like a survivalist bunker in the middle of the desert."

    And of course, https://shop.pandasecurity.com/cgi-bin/pp/reg=US?id=A12PMACESD1&track=54354 :) I have no personal experience of this Panda product since I do not own a Mac.
     
    Last edited: Mar 14, 2013
  12. Bigabe

    Bigabe Registered Member

    Joined:
    Feb 12, 2011
    Posts:
    58
    Mac doesnt have drive by self installing malware, it doesn't have worms and viruses. It doesn't have autoboot autoload USB malware, it doesn't have boot viruses and all that crap.
    It has trojans and as long as you don't have Java or Flash on your Mac (which is bs nowadays cause they are so completely obsolete for 99% of all home users) they cannot install without your admin password and clicking away 2 warnings.

    I use both systems and I like both. I do believe that Mac will be a target in the future but now it isn't dangerous to use it without those memory eaters.

    And believe me, even if windows has bars on its windows and all, there is no point if most of standard users leave the door wide open or installing HIPSes and by clicking the wrong button allowing malware to go in and out unrecognized.
     
  13. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Last edited: Mar 14, 2013
  14. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226

    What the heck do you mean OS X has no drive-by malware. Who taught you that? What do you think the Java exploit was that pwnd 800,000 mac was?

    This appears to be a drive-by too.

    http://www.intego.com/mac-security-blog/pint-sized-backdoor-for-os-x-discovered/

    All you need is an exploit and throw it into an i-frame redirect and you have a drive-by. OS X will be attacked just like windows when someone want to do it, just like the half halfhearted successful Java flashback attack that pwned 800,000 Macs.

    Add some Mac exploits to the Blackhole 2.0, Phoenix, Cool, and Sweat Orange exploit kits and you will get some Mac news. That has not been done yet, thank God. It could happen very easily, if organized crime wants too lift a finger to do so.

    .
     
    Last edited: Mar 14, 2013
  15. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I agree,I bet a lot of the 800,000 Mac user that got hit where scratching there heads wondering how there macs got infected.I was not one of them thank goodness but I also use common sense and don't live on a false sense of security that my OS X is Bullet Proof.
     
  16. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    To top it off, the Mac people who think OS X is SO secure, then why is it delivered with the firewall disabled? What that means when you go mobile to places like Starbucks and Panarea Bread. Panarea has a small hacker following for hackers because their whole network is "one". So a hacker in Calif. can hack Mrs. Mac laptop in Iowa that HAS NO FIREWALL enabled !!!! Throw a Mac Metasploit exploit at it and you are in.

    Good stuff is coming from David Rice and the gang at Apple, but to little too slowly. Why David Rice lets all OS X machines get sold with the firewall disabled is scary. I thought that kind of stuff would be changed when Steve passed.
    .
     
    Last edited: Mar 14, 2013
  17. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
  18. m0unds

    m0unds Guest

    it's a rhetorical question, but it has a simple answer: usability. the OSX firewall isn't terribly user friendly. it needs work. the back-end part of it is fantastic and proven secure when configured as such. however, apple needs to improve the front-end to require less interaction, or at least make it conform to their UX guidelines, but c'est la vie.

    thread is drifting out to sea.
     
  19. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226

    I see no issue with the OS X firewall. I have 5 Mac on my home network and setup many non geek new Mac owners and have never had a call. The firewalls calls out most of the time when it wants to let a program open up a port.

    It is just bad security policy on Apples part. Windows has had a firewall by default since XP service pack 1. You plain and simple don't let the whole side of a house open in a hurricane, as Apple does.
     
  20. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    The Firewall should be on by default.IDK what Apples thinking is for not turning it on and I dont think its going to barrage a user with popups if it is on by default.Maybe there worried that users may experience internet connection issues so to prevent it they default it to off.IMO its like installing a real time antivirus and the engine is off by default.
     
    Last edited: Mar 16, 2013
  21. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    The firewall has zero issues with the internet connection. It is all about itunes and inner file sharing. The firewall calls out when it needs to open a port and for what, so for 80% of "non tech" and I am saying here almost none of you on this board are non tech, need to ever use the "callouts of help" of the firewall. Why is ok that 100% for Windows XP, Vista, Windows 7 and now Windows 8, they have the firewall enabled as default. There is no need for "the pansy a$$ security team at Apple to disable the firewall.

    I know I speaking for the choir to most on this, but "some" justify Apple's illogical move to disable the firewall , so I am beating the dead horse!! Windows has had it enabled for 25 years. Apple needs to get with the program!! ; )
    .
     
  22. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I had no issues either I soon as I fired up my new mac and went through the initial setup,I immediately went and turned on the firewall to block all inbound connection and zero issues and behind a router firewall.
    BTW,Thanks Blue for the explanations and agree with you.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.