mac av

Discussion in 'other anti-virus software' started by larryb52, Jan 29, 2012.

Thread Status:
Not open for further replies.
  1. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,126
    i don't own a mac but a friend of mine just got one, apple told him he didn't need an av, I think yea of course, any thoughts here...
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    This is a subject I run hot and cold on, and I have a pair of Mac mini's so I'm speaking as a user.

    There are a couple of factors arguing against the "need". Intrinsically, the OS is implemented with a decent level of security from the start. Second, the majority of application that users will install have been downloaded from the app store which is a centralized and curated source.

    That said, typical users are generally their own worst enemy with regards to security since they're somewhat naive regarding the seedier elements frequenting the web and society in general. They are more likely to fall victim to the types of scenarios exemplified by the MacDefender and related incidents in which the user actively participates in the installation of the malware. This is a scenario in which the intrinsic design of the OS and availability of curated content really doesn't help.

    Finally, there's the question of whether the users ISP offers free AV coverage for Mac's (for example, Comcast offers Norton free to Comcast subscribers - PS - just looked and noticed that the version of Norton provided by Comcast does not support Lion), so it's not always cash out the door.

    For a somewhat typical user with access to a free solution, I see little downside and would generally recommend it. If there's no free option, I'd dig deeper with respect to how savvy that user is and their usage style.

    My issue with those who are strident opponents to an AV on a Mac is that with their experience, background, and technical savvy, they're probably right - they don't need an AV, but that doesn't necessarily speak to the majority of Mac users out there.
     
  3. gregd

    gregd Registered Member

    Joined:
    Oct 23, 2009
    Posts:
    75
    Mac and Comcast user here and the version of Norton offered by Comcast works just fine on Lion.
     
  4. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I'll confirm that is the feedback from some users, but "not supported" is the official stance. I haven't looked into all of the implications of this, but for a casual user, I generally don't recommend going the unsupported route.

    My own recommendation, if on Lion, is to use a version that is verified to work on and is supported on Lion
     
  5. DavidCo

    DavidCo Registered Member

    Joined:
    Jul 9, 2005
    Posts:
    503
    Location:
    UK
  6. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,126
    thanks to all for your suggestions,
     
  7. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    If the MAC is used to purchase online + banking I would indeed install an antivirus solution. Better safe than sorry. I have used Eset and Kaspersky both good paid solutions, the latter buggy.
     
  8. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    220
    I have been pwnd once for sure and the second time I feel it was about a 80% I was. I wiped and used a previous clone. The first time Intego caught an Unix Arc Bomb Trojan that was relentless on trying to downloading a second payload, even after a reboot. Every 5 minutes it would try to download a different numbered file each time but my Intego VirusBarrier X5 at the time was warning me. I tried to clean/repair it, but it did not work. Again, wipe and reimaged. If I did not have Intego's VirusBarrier I would almost guarantee I would of just gone on while it had full control without a clue.

    Second time downloaded a security podcast through iTunes from a white/gray hat pentester/hacker and the computer was slow and just acted weird. I had and increase in temp and the drive was working away like it was doing something it shouldn't. This includes from what I could tell more network bandwidth by use of router light more active then normal. Wipe and reimage and back to the normal working computer with less network bandwidth use.

    It is 2012 nd all it will take is a Safari/Firefox vulnerability and an i-frame redirect and it will be millions of Mac taken over with almost no one ever having a chance because the nieve Mac genius at the Mac store says Macs never get attacked. I myself ding around on some seedy hacker sites so I run both Intego and Sophos. They run well together. All you need to do is consider each program safe to each others do not scan files and it has worked out great.

    Yes, Macs need AV with real-time scanning. Not just on-demand like ClamXav or all the AV sold in the App Store that DOES NOT hook the Kernel.

    .
     
  9. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    I wrote a research paper on this about a year ago...

    ...the sad reality is, if you do some digging, you'll find the inconvenient truth that Macs not only ship with more vulnerabilities than Windows, but OS X also doesn't even come close to the level of security (both in functionality and in exploit mitigation mechanisms) that Windows offers.

    So with the truth in mind, I don't see how Mac users can use their OS as a justification for not needing an antivirus software. I am not trying to start an argument here, as the argument tends to lead into opinion when in reality I am speaking on the facts, not opinion. Macintosh OS X is not a quick fix diet pill for internet security. No OS is or ever will be. It is essentially the same argument as those who claim they are safe because they don't use X browser over Y browser.

    EDIT: ESET was one of most respectable companies to design a security suite recently for Mac. It has an elaborate user education functionality to it, that which their Windows versions do not have. I wonder why...probably because they realize that the # 1 threat to Mac users is the falsified sense of security through obscurity.
     
  10. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    220


    While you were right one year ago. OS Lion is now just a tad more secure the Windows 7. I heard that corporate pentesters could hack Leopard and Snow Leopard with ease, but Lion was kicking their but. It seems David Rice did some good over at Apple. Java and Flash open the door to every platform.
    .
     
  11. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    I would be very interested in seeing some links to corroborate and further elaborate on that. No offense to you, but I highly doubt Lion will maintain being "a tad more secure than Windows 7," especially if the primary improvements are based on code security (which they likely are).

    When I gave Windows 7 (or Vista) the good remarks, it was based on the big picture, and the fact that Windows 7 Starter gives you more application control (through parental controls/app restriction) than Mac does. With Windows Professional, you have access to Group Policy Editor, and Software Restriction Policies (let alone AppLocker).

    With the "one size fits all" mentality Apple has, I severely doubt they will ever implement something that complex, customizable, and robust into their operating system. Even if their code right now is a tad bit more secure (which still I highly doubt; ever heard of Microsoft EMET?), they don't have the powerful tools that Windows has, such as the ability to turn your system into a default-deny, locked down machine with just a few clicks.

    EDIT: I just did some research, and the two most impressive improvements are application sandboxing (which is essentially the same as protected process levels with User Account Control) and full Address Space Layout Randomization which I believe is a bit more secure than what Windows 7 incorporates currently. You are correct in these aspects, but unfortunately, code mitigation is only one part of security, and Windows still does a heck of a lot more overall than Mac does. And, of course with Windows, there are a lot more security features built in that can almost eliminate the need for antivirus in the first place (though people don't use them correctly or often at all).

    But hey, I'm open minded. Let me say this my friend, thanks to you, you've opened my mind. I just started taking Mac OS X seriously tonight. I never thought the day would come. I may actually considering buying one in the future...maybe. (Of course, Apple will still have to follow my Norton Rule which states that you must maintain excellence for half as many years as you've sucked before I'd consider buying.)
     
    Last edited: Feb 4, 2012
  12. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    220
    I heard this from either Carlos Perez, Lead Vulnerability Researcher at Tenable Network Security on Tenable's Podcast or Pauldotcom dot com's Podcast, or on Securabit Podcast from the researchers from GFI or Viper that are on that Podcast. I could not find were they said it about 3-4 months ago.

    http://blog.tenablesecurity.com/podcast/

    http://www.securabit.com/





    Let's hope with Jobs passing, David Rice has more control over security issues at Apple. I think Jobs let him do only so much.


    http://www.linkedin.com/pub/david-rice/0/686/7b3

    http://www.tuaw.com/2011/01/23/david-rice-heading-to-apple-as-global-security-lead/

    http://www.geekonomicsbook.com/biography.aspx




    .
     
    Last edited: Feb 4, 2012
  13. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Thanks for the information.

    Reading my previous response it sounded a bit argumentative and I just wanted to state that that is not my intent...I am definitely for Mac finally becoming more robust and secure.
     
Loading...
Thread Status:
Not open for further replies.