« Local bands Ravyns and KIX turn up on iTunes Store | Main | Macworld surprise comes three weeks early: No Steve Jobs keynote »

Well, do Mac users need antivirus software or not?

Talk about muddying an issue.

For years most Mac users have proudly refused to buy and use third-party antivirus software, leaving that hassle to Windows users.

While security experts sometimes have criticized this attitude as irresponsible and risky, Mac users had several good reasons to ignore antivirus protection.

One reason is that OS X’s Unix foundation makes it difficult, if not impossible, for a virus to surreptitiously install itself on a Mac. A better reason is that as of today, some seven years after Mac OS X debuted, there are still zero viruses for it.

This view – that Macs don’t need antivirus software – took a sudden hit when Washington Post tech blogger Brian Krebs noted last week that Apple in fact had a KnowledgeBase article on its Web site recommending that Mac users install antivirus software.

Security experts declared themselves vindicated. Apple haters gloated. Mac users began to fret.

The very next day, Apple pulled the KB article, with Apple spokesman Bill Evans explaining to Computerworld that it was “old and inaccurate.”

Now here’s where things start to get cloudy. Evans continued: “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100% immune from every threat, running antivirus software may offer additional protection.”

So apparently Evans is saying Mac users have no need for antivirus software, but should run it anyway just in case they do. Ack!

And what about that “old and inaccurate” article Apple yanked? Here’s what it said:
“Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus-writing process more difficult.”

This “old” article was posted in 2007 and updated in 2008, so Apple can’t say it was referring to the Classic Mac OS of the 1990s. If that article is “inaccurate” now, surely it was inaccurate in 2007.

Or does it mean Apple’s 11 new security features in Leopard made that big of a difference? Because if that’s true, Apple should issue a warning to the Mac community of the risks of using earlier versions of Mac OS X.
Why the mixed signals? Cynics on the Web have theorized Apple pulled the KB article as a PR move; it was embarrassed that the public had discovered its recommendation to use antivirus software even as its advertising touted Macs as a virus-free paradise. I’m inclined to agree.

Evans’ widely quoted statement clarified little, since he comes close to contradicting the party line when he says no system is immune from all threats and suggests Mac users install antivirus software – just as the withdrawn KB article did.

With Apple leaving its customers befuddled over what they should do, it fell to tech Web sites to dispense recommendations.

It’s been said before, but it always bears repeating: while Mac users have little to fear from the sort of self-propagating viruses that plague Windows PCs, they still need to be wary of other cyberthreats.

The biggest comes from phishing schemes – attempts to fool people into divulging their passwords or credit card information. Most of these come in the form of fake e-mails from banks or retailers. The e-mails link to phony Web sites, so it doesn’t matter whether you use a Mac or Windows.

And although no viruses exist for Mac OS X, several Trojan horses lurk out there. But this variant of malware also relies on user gullibility. One usually needs to visit a shady Web site (like a porn site), where the user gets a message that they need some sort of plug-in to view the, uh, material.

Instead of downloading a plug-in, however, clicking on the link downloads the malware. Even then the user must still type in an administrator password to install it, but at that point the urgency of the moment probably has caused the desertion of all reason.

Skeptics will continue to scoff at Mac users who refuse to bow to the tyranny of the security fearmongers. But until a credible threat surfaces that requires the use of antivirus software on a Mac, I expect few Mac users will bother with it.

PS: If you’re still feeling a bit paranoid but don’t want to shell out the money to Symantec, Intego or McAfee, check out the free ClamXavMac antivirus software.

Posted by David Zeiler at 1:52 PM | | Comments (11)
                       

Comments

I can think of one reason to install antivirus software on a mac - word macro viruses. It's the only viruses I've ever seen hit a mac, and while they won't do anything to the mac, they will embed themselves in documents, meaning if you email them or otherwise share them, you are spreading them around.

Posted by: mad anthony | December 8, 2008 2:40 PM

So... having that smoke detector won't prevent the fire from starting... but if one were somehow able to start (in your all masonry and steel cube with no combustibles in it)... you'll be glad the beeping started? Is that it?


Bow to Rama of the HappyFace

Posted by: MrRational | December 8, 2008 2:58 PM

Let me see if I have this straight. I am supposed to spend money for the privilege of mucking up my Mac to help Windows users stay safe?

Is someone high?

Posted by: JohnO | December 8, 2008 7:36 PM

Well, if you do get a macro virus, you might find it hard to email attachments out, since many email systems use virus scanners on incoming mail and block attachments with viruses.

Posted by: mad anthony | December 8, 2008 11:59 PM

I can think of one reason not to install anti-virus on Mac. Word macro-viruses. Word for yonks has had the feature in it to disable the macros in documents. Why should i keep encouraging word users to keep turning it off by running an anti-virus on the Mac.

Posted by: AN | December 9, 2008 2:14 AM

I've been a Mac user for 20 years and never once had a virus, malware, or trojan horse. Why should I bother with Virus software? I back up my system through Time Machine hourly as well. It's automatic and works great.

I feel sorry for PC users, they got suckered into thinking their cheap PC was a great deal. I'm willing to pay a little more initially for the comfort of knowing my data is secure. How much is piece of mind worth?

Posted by: Sean | December 9, 2008 9:58 AM

Interesting!! I prefer McAfee antivirus!!

Posted by: Sullivan | December 10, 2008 2:57 AM

If you've never had your mac scanned with a virus scanner for a virus, malware, or trojan horse how do you know you dont have one?

Posted by: Steve | December 23, 2008 12:37 PM

for Steve: Mac users don't need to scan their machines for the simple reason viruses don't exist on current day Macs.

Over the last few years there have been 3 or 4 worms / trojans but no viruses... those tiny outbreaks affected less than 240 machines out of millions, and none caused any harm... so it's more likely to be hit by lightening than to worry about being hit by lightening.

Apple provides ALL security IN the OS, so no need for 3rd party tools to plug the gaps left by Microsoft.

Posted by: Ted Landry | December 26, 2008 12:47 AM

I also normally do not have anti-virus running on my mac, but ...

Many years ago I was working on a project, and our documents were all on a web server. I downloaded an infected file from our old server, which did not affect my mac. But when I made minor changes to the file and uploaded it again to the new server, everyone else using a wintel machine had problems with it. Then on, I found it useful to run every file I uploaded to a web server cleaned by some anti-virus program before uploading.

Thus, a mac may not be "affected" with a (windows) virus, but one does not want to get tagged as a carrier either. Just a policy of being a good neighbor.

Posted by: bifocals | December 27, 2008 8:09 AM

Dating back to the Mac 512 (or was it the SE?), I was hit only TWICE. Once intentionally to test the anti-virus software. The first time I was hit I had to check and scan EVERY disk in the house to verify we were sterile so reinfection would not happen.

It was tried on a group of us by email when a letter was spoofed with malware added, but it was windows only. I opened it right away (no fear!) and looked at it's actions. It went into the users accounts, stole the passwords along with the account, and bumped them to an address. The idiot even put their signature on the end of the code. I called up my provider (the domain it was going to) and they wanted it sent. My first thought was federal offense, but hey, they told me to send it so they could go after the violator.

A lot of not being hit is acting smart. Break the chain if you forward letters. Don't go to questionable sites. Trust established sites when downloading.

Posted by: Ed | December 27, 2008 4:40 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please enter the letter "t" in the field below:
About David Zeiler
David ZeilerDavid Zeiler follows all developments related to Apple, Inc. Having spent his early computing years on the Apple II platform, he moved to the Mac in 1993.

At The Baltimore Sun he designs pages, compelled against his will to work on a Windows-based PC.
Recent posts
Most Recent Comments
-- ADVERTISEMENT --

Baltimore Sun coverage
Technology news
Photo galleries
Categories
Blogroll
Monthly Archives
Search and subscribe


 Subscribe to this blog's feed [What is this?]

Powered by Movable Type 3.36
 
Classified | News | Maryland | Sports | Business | Entertainment | Life | Opinion | Blogs | Twitter feeds | RSS feeds
About baltimoresun.com | About The Baltimore Sun | Tribune | Get home delivery | Advertise | Privacy Policy | Terms of Service | Feedback