Comments on: Apple suggests Mac users install antivirus software

Apple advises Mac users to install antivirus software in nod that even Mac users aren't immune to rising malware threats.

[ckurowic]

Even though the article clearly states "But don't read this as an admission that the Mac operating system is suddenly insecure" get ready for peecee users to start blasting OS 10 as being so.

[Lerianis]

No, we won't 'blast OS10 as being insecure'.... we will just state that NO operating system is totally secure, and leave it at that. I just got tired of hearing the BS that 'OSX can't get malware!' like it was true. THAT'S what pissed me off, in all honesty.

[AppleProLeo]

PEOPLE!

This is a pointless incorrect article. Why? Well the the point of this whole article is "Apple quietly signaled its shift with an item titled "Mac OS: Antivirus utilities"

FACT: This article has been around like as far as I can remember...years. The proof can also be found on the fact the it clearly states it's old and original article number 4454 and has been updated with Novermebr 21st with Apple's new numbering scheme. (Information just below the article title in grey)

Furthermore Apple has sold Mac Anti-Virus software in its Apple store since the day one of its retail stores, pop down to your local Apple store and ask yourself how long they've been selling them for.. They have always "recommended" the use of Anti-Virus software otherwise they would not be selling it in their stores.

A little journalistic investigation (aka a telephone call) would have helped here, CNET "journalist".

P.S

Apple hasn't quietly signaled anything, this is an Apple knowledge base article, Apple always update/change/add new articles there all the time without sending a press release, that is normal. THIS IS A NON-PRESS ISSUE.

[Penguinisto]

Yep - and an old article to boot. Judging by the number, I'd put it at 2005 or so.

And yep -don't forget the legions of ignorant Windows fanbois out there magically turning possibilities into probabilities, shouting: "OAMG! NO OS IS SAFE!!!!111!!"

Whatever.

I look at it like this:

Getting a virus on OSX is roughly the same probability as winning $100k or more on the Powerball Lottery - damned small. You may have read in the paper about someone getting it, but the odds are slim and none that you will - and Slim is leaving the room.

OTOH, getting a virus on Windows is roughly equivalent odds to finding a penny on the ground near a fast food joint's drive-thru window... damned things are everywhere.

Therein lies the diff.

/P

[Seaspray0]

I agree 100% with you, Lerianis.

[johnp67]

This news was first broken on November 25 and much earlier in April 2008

Apple Officially Recommends Antivirus Software
http://switchtoamac.com/site/apple-officially-recommends-antivirus-software.html

Apple endorses anitvirus and security software on Macs
http://switchtoamac.com/site/apple-endorses-anitvirus-and-security-software-on-macs.html

[elinormills]

Dear Readers,
I have corrected the story to reflect the fact that the recommendation was not new. I sincerely appreciate you pointing that out in the comments. I DID try to reach Apple and, as usual, no one got back to me. They still haven't responded to my attempts to reach them. I'm going to be writing a separate blog about the situation.

In the future, I'd like to be able to draw on the extensive knowledge that you readers have about this subject -- Apple and security -- as I'm also always looking for more sources to tap, so if any of you would be interested in being contacted by me on future tips and stories, or if you want to just contact me directly, please email me at elinor.mills@cnet.com.

Again, thanks for your feedback.
Elinor

[Vegaman_Dan]

Penguinisto: Just because the article is older and from 2005 in no way changes the fact that Apple recommended it back then and does so to this day- in complete contradiction to your own advice to people to not waste their money on AV products and to take no security precautions while using OS X (your advice- though questionable).

You're making excuses and ignoring the fact Apple did then and does today still recommend the use of AV products. You can dismiss it however you wish, but you are only denying reality. If you choose to disagree with Apple, then that is up to you.

[Penguinisto]

@Dan:

I've always said that A/V products on OSX are a waste. I stand by that assertion.

If you think I should purchase or download an A/V solution, I will happily do so - as soon as you can show me an OSX botnet or an active OSX virus.

[compudoc318]

Hey Penquinisto,

This is a windows virus (very common lately too) thats semi-infecting osx. It may not install, but when youre getting these popup constantly, that qualifies as an infection to me....pretty interresting.
http://www.broadbandreports.com/forum/r21345620-Rogue-AntiVirus-2009-on-a-MacBook-Pro~start=20

[AppleProLeo]

@Vegaman_Dan

While yes you are right that Apple publicly "recommends" using an Anti-Virus software it however doesn't wholeheartedly believe it. Just go to an Apple store and see if any of their Mac's are running an Anti Virus software, nor does it require its employees to be running an Anti-Virus software in it's internal machines like most other companies.

Unfortunately Apple does this because they market their products in a land where the people (try to) sue them for selling an iPhone - which doesn't live upto their speed demands - instead of just returning the damn thing.

Penguinisto is right Anti-Virus software on the Mac is a wast of time, money and speed. You see, AV software run in the background and consume CPU cycles and Memory scanning for something that does not exist. And while yes there is a chance it might one day, but until that day comes you would have wasted all that resource. Imagine if every Mac user used and Anti-Virus software since the release of Max OS X. Look how much wasted energy would have been consumed - anyone from the Greenpeace hippy land around?

Secondly an Anti-Virus software is useless until it knows about the virus, so even if you have an Anti-Virus software running it won't actually do anything until you updated it with a virus definition, which will only be available once/IF a virus is successfully released in the wild. In which case why not buy an Anti-Virus software after/IF the virus is released with the updated virus definition.

A little commonsense please people.

----

The Only time an Anti-Virus is needed on a Mac is if you want to stop the spreading of Windows viruses to other Windows users as it will catch those. But my stance on this is, it's not my responsibility to protect the computers of other especially when they won't even help themselves by having an Anti-Virus software running on their own computers or by not have having a real computer running a real OS.

Listen to the silence of all the PC Whinnies!

[solu1978]

Ohh .. Anti virus on a Mac. Mac OS X is very secure .. but it needs a Anti virus just in case.

[Lerianis]

Windows Vista is very secure as well, and the antivirus on there is a 'just in case' thing, in all honesty.

[iertry]

Vista may be secure too but I know people who have ran it without antivirus and in a few weeks their system is a wreck. It's slow, loaded with viruses etc. I've been running my mac without antivirus for 9 months and its fine.

[DrtyDogg]

@ienrtry: and I know people who have run vista for over a year now without virus protection and it's fine. What point do either of these prove? None.

[rcrusoe]

The primary reason, at this time, to run AV on a Mac is to reduce the possibility of forwarding Windows viruses to others. I've run ClamXav on my work at home Macs for years for just this reason.

However, those that deny that the day will come when Macs need AV are just being foolish.

[Penguinisto]

@rcrusoe: I wouldn't be so sure that day will come...

A/V in and of itself is a reactive defense - unless you have the latest signatures and heuristics, it's fairly useless, especially against new malware types. I've happily run OSX without A/V since OSX came out. Ditto with Linux (the last successful virus for Linux came out in 2000 or so, and there have only been a handful).

Right now, OSX and Linux (any *nix for that matter) enjoy the advantage of being hardened from the start by its architecture. Add in a bit of self-healing, and you'd have a nearly impossible nut to crack - with no need for AV at all.

What I mean by self-healing is the ability to consistently self-check the system code and repair what breaks. md5 checksums are a great foundation to build one on, and would actually take less resources than an A/V solution would.

/P

[Penguinisto]

@solu1978:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9121958

...now where's the OSX equivalent?

[CrashPad63]

I call Bullocks on this "enjoy the advantage of being hardened from the start by its architecture. Add in a bit of self-healing, and you'd have a nearly impossible nut to crack - with no need for AV at all." Penguine sometimes youre responses are so eloquent and relevant. Other times you just spew garbage. Check both build of NT and Nix, check history, check process and progression.
And please stop posting this crap. OS10 has more reportable security problems than XP and Vista. Oh Im going to Mapple Hell for that one.

[Seaspray0]

@penguin. That day has already come and passed. You should keep up with the news.

[Vegaman_Dan]

Seaspray0 wrote:

"@penguin. That day has already come and passed. You should keep up with the news. "

It's hard for him to hear with his head buried in the sand so deep. Give it up. He won't change his tune. He has to this day stated that OS X users are wasting their time on buying AV products and should not run any sort of firewall or take security precautions while online. Somewhat counter to what you'd expect a self-proclaimed security expert would say. But then again he also called OS X suitable only for consumer use and not for professionals or enterprise cusotmers, something I think a lot of Apple users might take issue with.

*shrug* Penguinisto has his own agenda and only he knows what it is truly.

[Penguinisto]

So IOW, none of you MSFT cheerleaders can show me an OSX botnet, or provide a list of active OSX viruses, right?

Thought so. ;)

/P

[Hep Cat]

Another possibility is that Apple gets a lot of questions about Anti-Virus software from PC switchers. But you didn't consider that, did you?

[jlm429]

yes, that must be why apple is recommending av software now.

[Penguinisto]

"now"? They always have.

[compwhiz4790]

@Penguinisto - They haven't always recommended av software. The article on Apple's website that this article refers to was written on November 21, 2008.

[Penguinisto]

Actually, they recently re-organized the articles... look at the article # - I'd pin it at around 2005 or so.

[jumpjetta]

Anybody else see the "Old Article 4454" tag? Likely this is not a new article for Apple. My Apple support buddies have been officially allowed to recommend any of three anti-virus packages for years.

This is a non-article.

[irish2110]

is this something that i should be worried about?? i mean...is it worth spending $70 on an anti-virus software?

[etandrib]

I wouldn't. I wouldn't recommend any of the software in that support article. As long as you are a prudent internet user and aren't in the depths of the internet you'll be fine for the time being. The anti-virus software for Macs at one point caused more vulnerabilities than it helped. I recommend the same thing I tell my parents - be careful about passwords (use encryption when possible), change them regularly, and just don't be stupid with personal information on the internet. Those will save you more time, money, and data than any $70 anti-virus software will.

[afterhours]

All three of the 'recommended' packages can fubar a Mac. Particularly the Symantec product. I make good money fixing what hapless users do to their Macs because of 'advice' from Genius Bar residents and well-meaning but ill-informed Windows users. A fairly safe bet is to use ClamXAV, and perhaps learn how to install the updates The threats are real enough, and we have an obligation to strip out Windows viri that could infect a Windows colleague. This is a pretty weak article, save for the maturation in Apple's stance. Finally we can drop the smug stupidity, and perhaps be taken seriously as a reasonable -- and solid -- enterprise machine.

[1mountaingirl]

after a very bad experience with norton.. (it completely buggered my toshiba laptop) and friends who have had similar experiences with mcafee... i will wait until AVG comes out with something...

[raven-seo]

Sounds like a couple of things are going on. First, the Apple legal team is covering their butt. Especially in light of Apple touting that they don't have (haven't yet had) viruses. Second, they're probably trying to keep the virus making companies happy. I think those are two very plausible reasons for them posting that. And sure, the Mac is overdue for a good virus spanking.

[Lerianis]

Excuse me, but NON of the anti-virus companies that are reputable 'make viruses'. That's a lie that has been totally debunked YEARS ago.

[iertry]

I'm pretty sure he means antivirus making companies lerianis

[ewelch]

No need to worry. This was also on the page:

Important: Information about products not manufactured by Apple is provided for information purposes only and does not constitute Apple?s recommendation or endorsement. Please contact the vendor for additional information.

Apple added anti-pfishing features to Safari. They are moving a long at a prudent pace. People have said for years Macs could be vulnerable. And now they seem to be enjoying a bit of misplaced schadenfreude. We all knew that maybe there was some danger for the less clued-in Internet users who might stumble on a pfishing site unwittingly.

Good to be secure. Not good to be petty and say, "I told you so," since when you said it, it wasn't important.

test

[Orion Blastar]

There is a free iAntivirus program here:
http://www.iantivirus.com/?gclid=CPHunMTzoJcCFQNbxwodfEbudg
http://www.iantivirus.com/

Also this one:
http://www.clamxav.com/

This one has a free trial:
http://www.intego.com/virusbarrier/

This is another free trial:
http://www.protectmac.com/

Gone are the days when a Unix system is virus proof, I guess even Linux and Mac OSX need an Antivirus program as well now?

[FellowConspirator]

UNIX systems have never been virus-proof per se. UNIX systems have not been targets of viruses because: until recently not many people had them on their desktops, they represented a wide variety of processors and ABIs, operators of those systems were generally more savvy and security-minded, and the simpler design of the system coupled with maturity meant much fewer avenues for attack. That actually still holds pretty true today.

BUT, UNIX systems are far more frequently attacked directly, through flaws in known protocols, open dictionary attacks, etc. Why? Well, for a UNIX system, that's generally much easier. This is the traditional way of breaking into a UNIX system.

Your chances of getting a virus on your Mac or Linux system are still close to (but not exactly) 0, and vendors don't have Mac- or Linux-specific virus definitions yet for lack of something in the wild to isolate, but they're presumably prepared for that day if and when it comes.

However, intrusion detection software would be FAR more meaningful for Mac and Linux systems, but most virus vendors don't provide that yet for Linux or Mac (though there are packages from other sources).

The main benefit anti-virus software for a Mac or Linux system is that it can detect existing Windows viruses and remove them in a safe environment. This prevents you from becoming a "carrier" and helps winnow down infections of those systems. Windows systems are quite numerous and very actively attacked. When a Windows-based bot-net goes active, everyone's Internet experience suffer, so might as well do what little your can if you aren't a Windows user.

[HlLLARY CLITON]

I don't think it is very wise for ANYONE to NOT run an antivirus app these days

[canberra_photographer]

I've run Norton AV for Mac all along because even though Mac OS X itself is very secure, web browsers and MS Office gave vulnerabilities.

[SEOAly]

Never, never, never install Norton ANYTHING onto a Mac. That is the best advice I can give any Mac user that is concerned with potential virus or malware issues that could impact a Mac user.

I love my Macs and have been a loyal Machead since I was a teenager, but I also us Windows-based PCs for work. I can't speak for the use of Norton on PCs, but what I can tell you that Norton causes FAR more problems than it could EVER solve on a Mac.

[thru9]

i've been using macs since 1996, have always had anti-virus ware on the computers. no operating system is secure, i've seen viruses on both windows and mac os... i use Intego VirusBarrier on the mac,

[etandrib]

I'd like to see that Mac virus.

[turoa76]

When I got my first Mac (of the modern era) 4 years ago I put Nortons on it. Pile of rubbish it was, and almost impossible to uninstall. Definately a 'forgotten' product. I've been running Intego ever since. Has it saved me from a virus - wouldn't have a clue. Is it worth the piece of mind? Yep, I reckon. 'nuff said.

[eyepoker]

even apple creates vulnerabilties of their own doing - accidentaly - such as shipping their systems with disfunctional firewalls and unknown bugs in quicktime (which affected windows tpp).... as well as all of the other things that needed to be patched that they never admit to but that the industry is well aware of. I think the real damage is Apple's carelessness in insisting they are imune to malware - thats certainly the messsage that is heard above all else - and its incorrect too. Any system can be compromised. This has always been the case. Apple's marketing however ran with the fact that they have a small install base and were thus an after thought to virus writers... and so the truth was they claimed it to be. So, now their are hundreds of thousands of deluded apple owners who are completely unprotected. Talk about irresponsible! And add to it all that they "quietly" suggest that you get AV software... adding insult to injury - they know its smart to get the software, they proudly proclaim they don't get viruses, and then quitely behind your back suggest that contrary to their exclamations that you should indeed get protection.... Welcome to Apple's marketing spin. "We're Virus free! (psst... buy some AV software), but don't worry about viruses! (but you should)..."... Its a funny world. MS will be up front and tell you everything. But this openess is used by smear-ists as amunition... on the other side of the coin Apple refuses to admit anything... they quietly issue patches, they quietly admit to this and that (though rarely) all while their ads loudly claim the opposite and its repeated so much that its taken as the word of God and is therefore absolutely true... . Weird how marketing warps peoples minds, but i guess thats the point of marketing...

[ordnancemarine]

MS and openess, wow what an oxymoron. Seems to me that if they were both open source the offending source code could be fixed at the source. Kind of eliminates bad code.

[etandrib]

This is an old article. It is tagged as such. It has basically just been ported from the old article system and updated. This is a non article. No policy change. No news. No story.

[jumpjetta]

Yeah, this is what I said above. Sad that people who write these "articles" don't really seem to have any knowledge of the things they are writing about... just parroting the 'blogs out there.

[ddesy]

What did you expect from a Murdoch controlled site?

[whiterabbit--2008]

I still think a virus scanner is unnecessary. I'm using a web browser with phishing/scam alert which is built-in. Scam web pages are virtually the only way a trojan could be effective. In addition, these are pretty hard to fall for. Take the porn site example given in the article: Oh yeah, I'm just going to this seedy looking web site and on it's recommendation I'll install this even more seedy looking software.

[irperez]

Boy, with the commercials Apple has been running about being "More Secure"... how many Macs are out there without virus protection.... it seems like all they need is one big trojan to make it happen and bam... all macs go down... PC's will be laughing :) We told you so!

I can see Microsoft making an Apple parody.... Hi I'm a PC and I'm a Mac (with a thermometer in his mouth); Mac, what happened???

[BtmnHatesRbn]

When a virus or malware installs on a OSX, it asks for the password, like any other installation. So, how would a virus get around that? Also, why is CNET the only morons reporting this?

[another_cissp]

?like any other installation?? Are you kidding me? Malware doesn?t install like normal programs. And you are calling CNET a bunch of morons?

[AppleProLeo]

@another_cissp

You obviously hadn't used OS X.

As things stand all previous trojan/malware on OS X required a password to install - from it 'moron' user - just like any other application.

[Goodbye Helicopter]

This Knowledge Base article is ancient.
It's not new.
It has only been updated with a new article numbering system.

[Brian]

One of these days, Microsoft will make an operating system worse than Vista and no matter what is said about the Mac, it will always be superior.

[Orion Blastar]

It is in development, Windows 7.0 aka Windows Sierra. Bloated more than Vista, more legacy issues than Vista, should have gone back to the 2000/XP Codebase if you ask me.

[thiassi]

@Orion Blastar

MS should go back to an old, insecure security model? Sounds like an awesome idea.

[Vegaman_Dan]

Wonder where Penguinisto is? I recall him calling any and all AV products on a Mac to be a waste of money and time.

Hmm.

I wonder what he knows that Apple doesn't.

[lixpaulian]

And this is really true.

Never had one and probably never will. A waste of time and ressources.

[Penguinisto]

It is a waste of money and time.

As evidence, I ask you to list all currently active and in-the-wild viruses for OSX.

Don't worry - you won't need much space ;)

/P

[cnet_user_0]

FYI: AV products are also a waste of time and money for Windows (be it XP or Vista) -- just run as standard user (not as the administrator). I got tired of Norton slowing down my Windows XP as newer versions arrived. So I tried an experiment two years ago: downgraded myself to standard-user privileges. I have never looked back to using Norton since that time. Both my Windows XP and Vista boxes are AV-free PCs working under standard-user privileges.

[Seaspray0]

Who are you going to listen to? Apple or the penguin?

[Vegaman_Dan]

Penguinisto:

Thank you for updating your comments. People can quote you from a more current posting now.

As evidence, would you like to tell us why Apple advises that users take precauctions, but you advise the exact opposite, instead promoting the lack of security precautions by end users? What do you know that Apple doesn't? I would think Apple knows a just a little bit more about their products than you do, but apparently I am incorrect. Perhaps you can contact Apple directly and have them remove this advisory since you know more about their products than they do.

Really. What else do you know about Apple that they do not know themselves? You appear to be more knowledgable about the product than they are. Care to share your source?

[Penguinisto]

My "source" is the complete and utter lack of OSX viruses and botnets.

You're more than welcome to prove me wrong by listing an OSX botnet... if you can.

/P

[AppleProLeo]

Well Vegaman_Dan you got your response from Penguinisto, which has silenced you.

Next time be careful what you wish for.

[nopinktoday]

@AppleProLeo - Wow, your actually keeping track of all this? Some people can get enough flame nowadays.