Do Macs Need to Run Extra Antivirus Software?

by David Czepanski May 08, 2006

It was interesting to see that the “first” of the new ads released by Apple was touting how resilient the Mac is to viruses.

That’s not a bad approach to selling more Macs if you ask me. It’s no secret that Windows has been ravished by malware, spyware security holes and viruses. It’s a convincing argument to state that there were “114,000 known viruses for PCs” by the end of 2005 and NONE for the mac especially if you’re a PC user sick of fighting what must feel like a losing battle.

It’s convincing, yes, but is it true?

There’s been a great deal of media interest over the recent security issues exposed in OS X but rather than examine these here, have a read over at Daring Fireball where John Gruber has a good look at the FUD surrounding these reports and reporters.

While 114,000 actual viruses is not particularly newsworthy for Windows, a couple of potential exploits on OS X makes headline news. Seems that people do care about 5% market share after all.

You’ll read that a lot whenever you get into this debate. Macs haven’t been a target up until now because they fly under the radar; there’s more fame for a virus “author” if he writes for a larger market.

That sounds OK at first, but let’s do some very (very) rough math. Let’s say that there are 114,000 viruses for Windows which run on 95% of the computers in the world. All things being equal, if the Mac has 5% market share, there should be 1200 viruses for the Mac.

But there are not.

I know, I know, there are many more factors than that (like Windows + Mac does NOT = 100% of the computers in the world) but clearly the amount of viruses a platform has is not just a matter of market share and proportion.

Some companies are putting out some giddying “facts” about how the Mac is a target for viruses and under serious attack at the moment—a trend that they claim will most likely increase. Luckly, these same companies can sell you a solution to this problem.

Thank goodness, and where’s my credit card?

Back to the Virus ad and Apple has made a true statement. None of the Viruses written for the PC will work on a Mac running OS X. HOWEVER that’s different than saying that there are none for the Mac.

In the 14 reasons why you’ll love a Mac (14? weird number) the lack of viruses comes in at number 4. The web page claims that

In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac.

which is a little sly; it was a good month for the Mac. Threats certainly have been detected in the past; it’s just that there were none in March. The point is, there weren’t 850!

Originally, antivirus software took a different approach to what we have today. Essentially, the antivirus program took note of all the programs on your machine. If something new wanted to run, it would bring it to your attention and you could either OK it or deny it.

There are two main problems with this model

1 . Things have become a great deal more complex since this approach was first used, and today such a program would (initially) be constantly asking permission to run harmless programs. Users would become annoyed by such questions and either “turn down” the level of user intervention or just say “Accept” to every warning, eventually allowing something harmful through.

2. There would be little or no need to upgrade such a program. It would be almost perfect once fine tuned as it would pick up activity for both existing viruses and those not yet written. It would therefore be a commercial flop—no continuing revenue. Not sure if you’ve noticed but most companies are interested in making money!

I’m not a programmer and so don’t know how these things really work, but I would think that it is possible to write an OS in such a way that certain parts are locked off to potentially harmful programs. I’m sure that it wouldn’t be easy but the point is that such an OS would be very secure.

Of course you always need to have somewhere to write files to and this is where most viruses do their damage. Who really cares if your OS is trashed? Sure it’s inconvenient but you have the restore disks right?

On the other hand, if your thesis, which you have poured your very soul into, is lost to a virus… well that’s another story. Likewise, your email, personal contacts, documents, photos, music, movies; these are the things that make our computers personal computers and these are the very things that are taken away by malicious software.

And how many of us have a good enough back up of those things? If a virus was written for the Mac that trashed your home directory *right now*, would you be okay? Most likely you would spend some quality time in the corner of the room curled up in the fetal position, whimpering gently.

Let’s be clear here—while I am not a programmer, I could certainly write something that could be downloaded from the internet, would ask for admin permissions to install and wipe your hard drive. If I can do it, thousands if not millions could. Antivirus software is NOT going to help you there.

So, are we at the point where we need to run antivirus software on our Macs? I still say no but others disagree. In fact, most people consider such an attitude downright reckless.

People can say what they want but they do what they believe; in other words, actions speak louder than words.

What advice do you give other Mac users and, more importantly, what measures do you take to protect your Mac? What do you do?

Let’s leave the last comment to those folks at Apple. It’s in fine print at the bottom of the page that says how secure the Mac is…

A Mac running with factory settings will protect you from viruses much better than a PC, but it’s never a bad idea to run extra virus and security software.

Comments

  • Personally, I think antivirus software is the biggest scam around. If you’re relatively smart and secure with what you download and open on your computer (Mac or other), and if you’re running through a router or firewall, chances are nothing’s ever going to happen. Pair that with incremental backups, and I’m pretty confident in my setup, and I have both a XP machine and a Mac. Neither is running antivirus.

    If I do end up being stupid, and getting a virus on my machine, I may lose a few days’ worth of data, but probably nothing terribly important (since I backup after I do anything of major importance).

    Antivirus software and it’s damn renewing subscriptions is a ripoff - instead, why not just be SMART about what you do on your comptuer, for FREE!

    motherduce had this to say on May 08, 2006 Posts: 17
  • Ha, then my question for you, motherduce, is what happens if you back up your computer with a virus already on it. Many viruses you don’t detect immediately. And so, if you back up every few days, you could potentially back up your virus infected computer. Then, your stuff will all be lost whether you restore or not.

    swabblemeister had this to say on May 08, 2006 Posts: 6
  • Little math lesson for you.

    If the platform with 95% market share has 114,000 viruses, how many virus would you expect there to be on a platform with 5% market share? Purely by the numbers, that is.

    The answer is:

    114000 / 95 * 5 = 6000 (not 1200)

    Dogger Blue had this to say on May 08, 2006 Posts: 34
  • I’ve been using PCs running Microsoft software for close to 20 years, since the MS DOS days.

    For most of that time I had a virus scanner running, doing scheduled daily scans, email scans on sending email, on-access scans. About three years ago, I switched off all the automatic/scheduled scanning and started doing a disk scan once or twice a month.

    Why? Because the scanner was beginning to bog down my computer (compiling code without the automatic scanning showed an improvement of about 30% in compile times, presumably due to scanning new files created during compilation) and in 20 years the virus scanner NEVER showed a virus on my HD, or outgoing email, or in any document or data file I opened. And none of my monthly scans have showed any virus infections since I turned it all off.

    Sure, that doesn’t mean I never had any virus in that time, just the scanner never showed anything.

    Now that I’ve switched to Macs, I’m not going to install any virus scanner. If a Mac virus shows up, I’m apparently not in danger with my usage patterns, a scanner won’t know about it anyway, and I’ll hear about it soon enough. I’ll deal with it then.

    nilp had this to say on May 08, 2006 Posts: 16
  • Dogger Blue - whoops!! Thanks for picking up the math error. I forgot to multiply by 5; 1200 is 1%.

    Can we just say that the Mac’s market share just dropped to 1%?

    8)

    Sadly, it reinforces the point; there’s more to viruses than just market share as most pundits want to suggest.

    If it were as simple as that there would be thousands of viruses for the mac.

    David Czepanski had this to say on May 08, 2006 Posts: 25
  • As soon as Apple themselves run anti-virus software then I will consider it, too.  As of this afternoon, bringing this point to a Mac Specialist, he was quite proud that even though their computers are relentlessly used and abused by daily swarms of geeky high schoolers, none of the macs in the store, front or back, as any virus protection. He promptly ran the Activity monitor and proved it. (Albeit, they do run a shield program that restores the whole system to a pre-established state when it’s restarted.)

    My logic is as follows: If Apple has the balls enough to run a national ad touting their immunity to PC viruses; not one self-replicating Mac virus exists; and Apple’s own publicly accessible computers have no anti-virus software; then there is absolutely no need for me to give it another moment of though.

    Y’all are either screamin’ “the sky is falling” or bitching about those people. Get a friggin’ life.

    Aryugaetu had this to say on May 08, 2006 Posts: 10
  • The only reason I’d consider running a virus scanner on OS X (before any real viruses existed for it) would be if there were any risk of Windows viruses being transmitted to Windows systems.  Those I receive (rarely) in e-mail remain quarantined there until deleted, never blindly forwarded to other systems.

    How carelessly ignorant does someone have to be to manually forward/transfer virus-containing messages/files from a Mac?  And I have no sympathy for anyone who should know better than to risk downloading and opening files from dubious places that might infect their systems.  The old “if it sounds too good to be true then it probably is” adage seems applicable.

    sjk had this to say on May 08, 2006 Posts: 112
  • Luckly, these same companies can sell you a solution to this problem.

    So am I to understand that we should be skeptical of anyone touting vulnerabilities of your computer system who might have a motive for selling you a solution?

    Interesting.  Because your source as quoted above for the “114,000 Windows viruses” is….drumroll please….APPLE!  Gee, they wouldn’t be trying to sell you a solution to your virus woes, now would they?

    John Gruber has a good look at the FUD surrounding these reports and reporters.

    Because if there’s one thing Mac users do not tolerate, it’s FUD.  About Macs.  FUD about Windows on the other hand?  Just read the above article.  And every article on MDN.  And do a quick search here for articles about viruses.

    Beeblebrox had this to say on May 09, 2006 Posts: 2220
  • Links are to Apple but the numbers they quote are from Sophos.

    So am I to understand that we should be skeptical of anyone touting vulnerabilities of your computer system who might have a motive for selling you a solution?

    Not at all. You missed my point about the company selling a “solution”. It’s sort of like selling a bicycle to a fish, a vaccum cleaner to someone that only has wooden floors, a car alarm to a motorcyclist (or insert appropriate analogy here).

    The key part is “touting vulnerabilities”. McAfee and others can tout all they want but they need to make sure that they’re telling the whole story and not just generating a market for their product.

    What vulnerabilities, I wonder, do they tout?

    As for the FUD, well, everyone’s 100% biased; the sites you name are evidence of that.

    David Czepanski had this to say on May 09, 2006 Posts: 25
  • Actually, the source of 114,000 is Sophos ...

    Quote from its white paper:
    “The number of new threats has continued to grow at rates thought by some to be unsustainable. By December 2005, Sophos Anti-Virus was identifying and protecting against over 114,000 different viruses, worms, Trojan horses and other malware.”

    Of course we don’t trust anti-virus companies to be truthful, and I never caught a virus in 20 years of using MS OSs, but you’re just dismissing the figures because you couldn’t be bothered following the links on the http://www.apple.com/getamac/viruses.html web page.

    nilp had this to say on May 09, 2006 Posts: 16
  • McAfee and others can tout all they want but they need to make sure that they’re telling the whole story and not just generating a market for their product.

    Um, again.  Apple links to Sophos for PC virus numbers, but claims that there are ZERO viruses for the Mac.  However, according to Sophos, there are at least two “real viruses” on OS X.

    While two may be nothing compared to the thousands of viruses in Windows, but it’s not ZERO either.

    So it appears that Apple isn’t really giving you the whole story because they want to generate a market for their product.

    Beeblebrox had this to say on May 09, 2006 Posts: 2220
  • but you’re just dismissing the figures because you couldn’t be bothered following the links

    I did follow the links.  But Sophos wasn’t David’s source, or he would have linked directly to Sophos (and for credibility, he should have done that).  Instead he linked to Apple, believing I suppose that was good enough for his audience to accept without question.

    Beeblebrox had this to say on May 09, 2006 Posts: 2220
  • All you needed to do was ask, Beeblebrox.

    The reason I linked to Apple and not to Sophos was because a direct link to Sophos will take you to a form. Once filled in, this form allows you to download the white paper that Apple cites.

    I figured that those that wanted to could follow the link and fill in the form but to link directly to a form would turn people away.

    Some people would be happy with the link to Apple while others, wanting to dig deeper, could take the extra time and get it from the horses mouth.

    Sorry if that wasn’t clear.

    Finally, I think I addressed the ZERO virus issue in the article. I said that it was a bit sly and here’s why.

    What the website actually says is…..

    In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac.

    Someone not reading for meaning might take this as “there are NO viruses for the Mac” when what they really said was there were none in March 2006 but 850 for the PC.

    Sly indeed.

    David Czepanski had this to say on May 09, 2006 Posts: 25
  • Antivirus software has become a huge business not to consumers but to the enterprise. There is a huge risk out there that no IT manager can ignore be they Mac or PC-savvy divisions. Every end-points of the corporate network must be innoculated and firewalled. That’s millions of end-points folks. Even if you decide not to use them these “scam” companies will thrive now with XP, and more with Vista.

    There is an accepted baseline for a “well coded” application - and applies to operating systems, as well. Thirty defects (a.k.a. bugs) per thousand lines of code, a mere 3% occurence, right? Now, multiply that to tens and even hundreds of millions of code, as the biggest, most bloated Vista package surely will be and you have a nightmare scenario about to be played out…soon?

    But do we really need antivirus software for the Mac? It couldn’t hurt. What’s a few CPU % utilization for a few threads of security insurance. And for those who do not read Mac news those two OSX viruses in recent memory were more of a nuisance than a serious malware - so Apple’s count of ZERO serious viruses still applies smile

    I do think that the current AV scheme is becoming too bloated and ineffective for the creative malcoders with knowledge of the exotic loopholes in XP or OSX. Virus signatures to cover all known infections are just too much to keep track of. Go to Sophos website for the actual numbers. I am hoping for a predictive, anticipative AV system vice reactive and corrective one we use today. But that is another topic…

    Robomac had this to say on May 11, 2006 Posts: 846
  • Now, multiply that to tens and even hundreds of millions of code, as the biggest, most bloated Vista package surely will be and you have a nightmare scenario about to be played out…soon? Quotes about lairs

    Ericka Bentle had this to say on Oct 26, 2011 Posts: 64
  • Page 1 of 2 pages  1 2 >
You need log in, or register, in order to comment