- Joined
- Dec 20, 2006
- Messages
- 27,042
- Reaction score
- 812
- Points
- 113
- Location
- Lake Mary, Florida
- Your Mac's Specs
- 14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
Hi Guys
I find it astonishing that mac users still believe they're completely safe. I work as a system administrator at a Swiss university. We have about 550 pc users and more than 2500 mac users. All pcs have AV software installed, where only about 150 macs have it. Now guess what. More than 80% of all recorded infections come from those 150 macs. In the past year I head to support three users that where cut off from the internet by their providers because they were sending out viruses en masse. All three are mac only users. They don't have Windows on their machines. In the 12 years I do this job, I never experienced anything like that with a pc user. How's that possible you ask? Well, these three macs obviously didn't have any AVs installed. They also didn't get their malware from pcs since it was an OSX trojan/spam proxy. They picked it up somewhere on the internet. There are websites which specifically target both operating systems. Sophos has some analysis and demo videos on their website if you're interested.
Not a bit. Sophos and their ilk have a vested interest in trying to keep the sheep in the pen, so to speak.
There are two trojans in the wild for Mac OS X at the moment. Both of them must be very deliberately installed and neither are self-propagating. They are easily avoided by either A) not downloading pirated copies of iWork '09 that contain one of the trojans - and B) Not downloading a fake video player from certain (porn) websites.
Either way, Apple wisely implemented measures that prevent their installation in 10.6, essentially making them moot.
When true self-propogating viruses or worms that are unpatched are released, I'll recommend AV software for OS X. Right now, it's more trouble than it's worth.
Another case: We use Windows pcs as printer release stations for plotters and other specialised equipment. Everyone can just plug in their usb sticks and print their files. I'm bormbarded almost daily with emails from the AV on those machines because most of the usb sticks carry some form of the Conficker worm or other autorun virus. The sticks are cleaned everytime. And yet, everytime the users come back, they have the same virus on their stick. These are almost exclusively mac users. Somehow this stuff manages to use their macs as a platform for spreading itself to external disks. Even if this particular virus does not affect the macs directly, we don't know what else they have on their machine. If it can spread, it can also download more malware. I made some tests. 18 of the scanned machines where infected with RSPlug-F.
That's a mac only virus. It doesn't exist on Windows.
You give it more credit than it deserves. It's a trojan - and again, it's not self-replicating. Also, there are no autorun viruses for Mac OS X at the present, so not sure exactly where your flash drive malware is coming from. It's possible that the files are being copied willfully to the volume, but OS X wouldn't be able to execute them.
Now think again. Do you need AVs on mac or not? If you're a techsavy and experienced user, you may have a few more virus-free years ahead. Otherwise... think again.
Nope. I'm not against taking appropriate measures, and I'm not deluded into thinking that OS X won't one day be compromised by a true virus. But that day is not today. And the AV products out there for the Mac mostly suck at the present and cause more harm than good.
As an MCSE and a network admin for a Fortune 50 company with over 10K users, I am well versed in security concerns. And I've found in my 11 years in the field that the best defense is an educated user.
So, my recommendation would be to make it very clear to your Mac users that these things can be quite easily avoided by using a bit of common sense, most namely:
1. Before you install any software downloaded from the Internet, make sure you trust the source of the software. Also, make sure you know what the program is and what it does.
2. If you install any software download from the Internet, be particularly cautious about installing it if you are prompted for your password during the installation (this means that the software wants to modify system directories or files).
3. Turn on your OS X firewall in the Security preferences pane. Go into Advanced and enable "Stealth Mode". This makes your computer invisible on any network you might happen to connect to, and therefore will make it that much more difficult for a motivated hacker to locate to do any damage to.
4. Keep your software and operating system up-to-date. When prompted to update a software package, particularly things like Java, Flash and other web-enabled technologies.
Kind regards,
Roberto
Right back at you. Take it easy.