Antivirus Software: Yes or No?
December 9, 2008 by Juan Magdaraog
Filed under Computers
There was hoopla recently that Apple recommended that users install antivirus software on their Macs. This prompted a lot of speculation that the Mac OS was getting less and less secure. This was proven to be false and that the recommendation was done long ago.
Still the question still begs to be asked, “do you need antivirus software on your Mac?”. Macworld has a good article published recently on that. Make sure to read through the comments as well to get both sides.
The article discusses the differences between a virus, trojan, spyware, etc…
Honestly I don’t use any antivirus software on my Mac. I should probably be a good neighbor and use it for the sake of other people but as of now I am just practicing safe computing.
My advice to computer users whether it be Mac or Windows people is to practice several safety precautions. Don’t visit sites that you’re not sure are trust worthy, don’t open attachments automatically (verify the source), don’t forward email without making sure it’s ok, don’t open email attachments from people you don’t know and other common sense things.
The Mac OS is built on a system that makes it difficult for malicious programs to take advantage of it. So while the Mac is gaining market share and more and more people are taking notice, I don’t think it’s quite as easy to write malicious programs for the Mac as it is on Windows. Thus the incidence of virus and other programs alike are smaller compared to Windows. Will there be a time that antivirus software on a Mac will be as common as antivirus on Windows? Maybe… but for now it isn’t.
My honest take is that it’s always better to have antivirus software on your computer but it’s not a must on a Mac. At least not yet.
I agree with just about everything in this blog, save for two points:
1) Safe computing is not enough for Windows users anymore, unless perhaps you use Windows Vista. Vista is not particularly susceptible to remote code execution; you can actually surf with impunity under Vista, and without security software (not recommended). If you leave UAC enabled (as I do), then any Web-borne exploit that does manage to execute will be short lived, unless you authorize it. And you’re much less likely to make this mistake with a simple privilege manager which queries you one time during the installation/launch of a program that requires admin rights, than with a noisy HIPS firewall like ZoneAlarm, Comodo, Online Armor, or Jetico; that may cry “Wolf!” as many as ten times during the installation (and later the operation) of a single program. Any one of these alerts could turn out to be a Slammer worm that just happened to find an unpatched vulnerability and bypass your firewall while you were right in the middle of dealing the usual flurry, inadvertently granting authorization in order to “get on with it.” Beyond that, malware can’t get as deep into Vista as they can into its predecessors; if you ever do get an infection under Vista, it’s much easier to remove.
If you use Windows, but not Windows Vista, then the only way you can get by without a security apparatus is if yours is a standalone computer (not connected to the Internet). There is such a thing as a cross-site scripting attack, in which JavaScript on a legitimate Web page is exploited by a third party. Until the webmaster finds out about it and removes the malicious code, a nasty surprise awaits the site’s unsuspecting frequenters. And even if you use Haute Secure, NoScript, or McAfee (with ScriptScan enabled) to block drive-by downloads, you should still keep Windows and all your applications up to date, lest you fall prey to the latest buffer overflow attack. Finally, even when you know the sender of an e-mail with an attachment, you’d do well to make a habit of saving the attachment on your desktop, and then uploading it to VirusTotal.com. It’s a lot harder for a zero-day threat to sneak by 37 scanners than one or two.
2) I believe the Mac is, in a sense, less secure than it once was; not because Apple’s standards are becoming more lax, but because of the end of the greater of two contributors to the Mac’s obscurity factor. It’s one thing that Apple is winning back a bit of market share (likely a long while still before they overtake MS, if ever), but it’s another thing entirely that the Mac now runs on Intel. While only a small handful of people had enough time on their hands to learn PPC shell for the occasional PoC sample in the past, pretty much every hacker knows Intel.
That said, some of us don’t need to emigrate away from the de facto standard in order to be secure. The third-party solutions available for Windows vastly outnumber those for the less popular platforms. Windows can be “invincible,” if you want it to be: http://invincible-windows.blogspot.com/
i always do have antiviruses actually i got three!