Internet security on Mac Leopard
I have just bought my first Macbook and am enjoying the experience but am slightly nervous as I am used to using a PC and getting bombarded by email about viruses, trojans, spyware, malware etc and having to purchase and continually update my security.
Now here I am on a Mac with apparently no security to speak of other than the firewall in my Netgear router...... I have heard some say "Macs don't get viruses!!! or Malware" Yeh, where were you born............ I don't believe it.
Can someone who is a true Mac expert give me some decent advise? I am happy to buy McAphee or Norton but which is best......... or are they both rubbish?
Come on Mac community............ HELP!!!
Now here I am on a Mac with apparently no security to speak of other than the firewall in my Netgear router...... I have heard some say "Macs don't get viruses!!! or Malware" Yeh, where were you born............ I don't believe it.
Can someone who is a true Mac expert give me some decent advise? I am happy to buy McAphee or Norton but which is best......... or are they both rubbish?
Come on Mac community............ HELP!!!
Comments
BTW, been on macs forever and have NEVER had a virus of any sort. i run this software only if I am so bored that it sounds like fun.
... Yeh, where were you born............ I don't believe it.
...
I'm not feeling you. What is your point? Let us be clear. The only reason to run antivirus software on your Mac is to disinfect files that you receive from your Windows-using family, friends, and colleagues. It prevents you from acting as a carrier of Windows viruses. Antivirus software cannot protect you from MacOS X viruses because there aren't any. It's not for lack of trying.
I'm not feeling you. What is your point? Let us be clear. The only reason to run antivirus software on your Mac is to disinfect files that you receive from your Windows-using family, friends, and colleagues. It prevents you from acting as a carrier of Windows viruses. Antivirus software cannot protect you from MacOS X viruses because there aren't any. It's not for lack of trying.
How about spyware and other nasties?
How about spyware and other nasties?
No spyware. I have no idea what you mean by "nasties."
Their is very little malware on the Mac. Just like on the PC social engineering is the biggest threat and the best defence is to think twice about anything untrusted. This is flawed though as it doesn't protect you against flaws in Web Forums/trusted sites that have been hacked. However it is probably good enough.
I have been using PCs since 1982 and have fallen victim to one virus and I am ashamed to say that I opened the script when not paying attention. I fell victim to social engineering.
I don't use OS X much but I did have a virus once on a shared machine using System 6 (a long time ago). Pre-OSX Macs had around 40 viruses in the wild. A low number compared to Windows although greater than Linux.
The first OS X virus was the OSX/Leap-A worm http://www.sophos.com/pressoffice/ne...acosxleap.html (a handy timeline on this site is useful to share with fanbois when they claim there is no malware on the mac).
and there have been a few more since http://www.sophos.com/blogs/sophoslabs/v/post/4811
You are confusing administrative privileges with root privileges. Macs ship with the root account disabled by default. There is no reason for a Mac user to ever enable the root account. All global software can be installed using an administrative account. Anything that requires root can be done by an administrator using the sudo command. No MacOS X GUI application or utility requires root. Make sense now?
No, I'm talking about downloading a malicious application and installing it after being asked for the admin password. To the extent that Macs are vulnerable to malware, this is pretty much it, and there's simply nothing any OS designer can do to keep people from actually going out of their way to install something, short of putting some "think about it" obstacles in the way ala passwords and warning dialogues.
Naturally, it would be foolish for Mac users to imagine that they are somehow immune to such exploits, but again that's not what the OP was actually asking about.
Just use common sense. Don't go around downloading and installing everything. Don't go clicking on links you don't know where it'll take you, which is other than being malicious could be a goatse mirror.
If you regularly exchange files with Windows through dual booting or another machine you have a choice: (1) if it's your own PC and you trust your security on it do nothing (2) if it's someone elses or untrusted then run Clam or some other scanner. On demand scanning is sufficient.
Their is very little malware on the Mac. Just like on the PC social engineering is the biggest threat and the best defence is to think twice about anything untrusted. This is flawed though as it doesn't protect you against flaws in Web Forums/trusted sites that have been hacked. However it is probably good enough.
I have been using PCs since 1982 and have fallen victim to one virus and I am ashamed to say that I opened the script when not paying attention. I fell victim to social engineering.
I don't use OS X much but I did have a virus once on a shared machine using System 6 (a long time ago). Pre-OSX Macs had around 40 viruses in the wild. A low number compared to Windows although greater than Linux.
The first OS X virus was the OSX/Leap-A worm http://www.sophos.com/pressoffice/ne...acosxleap.html (a handy timeline on this site is useful to share with fanbois when they claim there is no malware on the mac).
and there have been a few more since http://www.sophos.com/blogs/sophoslabs/v/post/4811
A bit of clarification...
There have been no viruses for OS X. None.
The links provided above are to articles written by Sophos, an Anti-Virus software company. It is their goal to convince you that the danger is high and that you should buy their product. In order to do so, they're playing semantic games with the definition of the word virus.
The links above point to what I would call "trojans" even though Sophos addresses this point and disagrees. They would like to call the programs in question "viruses". In both instances, the malware comes in the form of a file that the user must open (execute). To me, this makes them "trojans" because the user must manually invoke the software in order for that software to do damage. The software disguises itself as something else so that you let down your defenses (open/execute the file).
Sophos tries to claim that these aren't trojans, but in my mind Sophos is purposefully trying to confuse people into thinking these programs are true "viruses" that can infect your system without you initiating that infection. This is not the case. The malware in question can not harm your computer unless you are fooled by the trojan gambit used to deliver it. This makes the malware "trojans" rather than "viruses". There are not yet any viruses for OS X.
I think the reason there are no real malware apps out there for Macs is due to two major factors:
1 - There are tons and tons of unpatched Windows machines out there, just waiting to be "pwn3d". Some are machines that are not correctly receiving updates due to past failed updates, and some are just owners who don't know and/or care about security. Thus they are a far easier and widespread target.
2 - Since OS X is built on a UNIX foundation, Macs set strict permissions for every file, data stream, process -- you name it, which Windows doesn't implement to nearly the same extent. Privlege escalation requires the user to enter credentials. Thus it's a lot more difficult to read/write critical files without alerting the user that something's trying to change them.
I watched the Sophos videos and I think the points they were trying to make is: A) There is malware for the Mac so don't believe people who say otherwise
Here's another write up of Mac security
Intego has shown that they are very effective when it comes to Mac security (tho this article is a little out of date).
http://www.macworld.com/article/5074...barrierx4.html
http://itmanagement.earthweb.com/sec...y-Software.htm
dfiler:
I watched the Sophos videos and I think the points they were trying to make is: A) There is malware for the Mac so don't believe people who say otherwise
Here's another write up of Mac security
Intego has shown that they are very effective when it comes to Mac security (tho this article is a little out of date).
http://www.macworld.com/article/5074...barrierx4.html
The vast majority of people lauding the safety of using OS X, are doing so by pointing out that there have yet to be any viruses for OS X. There will always be malware at least in the form of trojans. About this there doesn't seem to be any debate.
It seems that pointing this out enrages some people though. These are the same people that are obsessed with platform wars in a Ford vs Chevy kind of way. They feel the need to argue that there is still danger even though that was never in dispute. This creates a strawman argument that goes nowhere.
What is in dispute is the nature of that danger. It has become popular in the last few years to stir the pot by writing articles about how OS X users aren't safe from malicious software. The writers know that these articles will generate tons of traffic because of the Ford vs Chevy nature of the topic. The fact that there has yet to be a true virus makes it a quite riveting subject. When the first one finally materializes, it will be all over the news. People will be gobbling up every detail and then commence making new proclamations about whether it is the start of a trend.
What hasn't happened though is Mac OS X machines and users falling victim to malware in any significant numbers. Articles continue to be written on the subject but as of yet, malware has hurt very few Mac users. A quick google on the subject bears this out. Most of what turns up are Anti-Virus company propaganda and articles claiming that there is a theoretical danger. It's hard to find an actual mac user who has fallen victim to a trojan or other malware. And there are zero OS X users who've had a virus.
No really, go ahead and google some of this supposed malware for OS X. What do you find? Actual users who've fallen victim? It's pretty damn hard to find even one report!
So rather than listening to these Ford vs Chevy people telling you to worry about Mac malware. Instead set up a more rigorous backup schedule. The risk of malware is totally blown out of proportion. Users shouldn't give one thought to that until they've got a bullit-proof backup plan, installed smoke detectors and an home alarm system. More data is lost on Macs due to hardware failure, accidental deletion, house fires and burglary... than due to OS X malware.
That's why this topic is so ridiculous when presented to average users as something to take action on. They have far bigger dangers to worry about. When the first OS X virus hits, it'll be on CNN, Fox News, the BBC, the New York Times, etc. It will be in every paper and on every TV news station. So until you see that story, worry about other stuff.
Worms spread without user interaction, like traditional viruses and Trojans rely on social engineering, OS X is affected by both and the users are sitting ducks because they sit around saying "Mac is immune to viruses.", "Mac is more secure".
Windows Vista and 7 both have more sophisticated security policy management than Linux or OSX (I am a former Unix developer writing this on Linux who works in security for a telco/ISP so far from a Microsoft worshiper). Windows is hardened and sophisticated in it's approach. The biggest step was Vista and Internet Explorer 8 is the most secure and sophisticated browser on the market. Vista isn't popular because users were used to not having to "log in as root" to carry out changes to the system. Internet Explorer 8 is popular by default but not widely used by techies as they don't trust the brand after years of IE stagnating. Windows 7 is a small step back from Vista in UAX but overall remains very good.
The point of this isn't to say OS X is in a bad position but just to point out that there is a lot of ignorance and bias in the discussions and that OS X users should practice safe surfing and not rely on "the mystical security blanket of Steve Jobs"
A worm is a sub-type of the virus class and there are OS X worms therefore OS X has been hit by worms.
Apart some OS vulnerabilities that are generally quickly patched, taking away any exploit motivation, what else do you have in mind? Social engineering perhaps?
A worm is a sub-type of the virus class and there are OS X worms therefore OS X has been hit by worms. Most Windows malware these days are trojans with the occasional worm (no different from the mac except in scale). These days when someone says "I got a virus" on a PC they mean a "Worm (type of virus/Trojan (not a type of virus).
Worms spread without user interaction, like traditional viruses and Trojans rely on social engineering, OS X is affected by both and the users are sitting ducks because they sit around saying "Mac is immune to viruses.", "Mac is more secure".
Windows Vista and 7 both have more sophisticated security policy management than Linux or OSX (I am a former Unix developer writing this on Linux who works in security for a telco/ISP so far from a Microsoft worshiper). Windows is hardened and sophisticated in it's approach. The biggest step was Vista and Internet Explorer 8 is the most secure and sophisticated browser on the market. Vista isn't popular because users were used to not having to "log in as root" to carry out changes to the system. Internet Explorer 8 is popular by default but not widely used by techies as they don't trust the brand after years of IE stagnating. Windows 7 is a small step back from Vista in UAX but overall remains very good.
The point of this isn't to say OS X is in a bad position but just to point out that there is a lot of ignorance and bias in the discussions and that OS X users should practice safe surfing and not rely on "the mystical security blanket of Steve Jobs"
What are you trying to accomplish with this post? It comes across as motivated simply by the desire to insult Mac users.
First you offer a definition of worms and viruses as if it will help people understand the situation. But in fact you're just confusing anyone who isn't already informed. By reading your definition, OS X users are less likely to know the nature of the threat. The reason why we say there have been no true viruses for OS X is because there is no other way to make a particular point. That all Mac OS X malware relies on a trojan horse delivery mechanism. There have been no viruses that can infect an OS X user's computer without that user first triggering the virus on their own accord. It is important for users to understand this distinction because it is the first step to knowing how to not fall for trojan horse gambits.
Next you turn to an OS X vs other operating systems pissing contest. That may interest some people but the discussion here is about OS X and whether AV software is advisable. By turning this into an OS holy war, you've completely sidestepped the issue of assessing what dangers lurk in store for OS X users and how likely that danger is to manifest.
At the end of the day, OS X users have virtually nothing to fear from malicious software. They are far more likely to lose data due to accidental deletion, hardware failure, burglary, power surges, or house fires. Yes, the risk is actually so low that a whole list of other issues are more worthy of attention. The risk is so low that almost no attention is warrented, yet.
If a OS X user truly wants to better protect their machine and data, they should concentrate on backups. Malicious software is pretty much a non-issue at this point no matter how much the my-OS-vs-your-OS people want to claim otherwise.
It seems most people think it will never happen to them. Forgive me if I think thats a little ostrich like.
I continue to look for a solution to my concern.
Thanks everybody