Well, I'll disagree pretty much with everything but maybe the last sentence. None of the current crop of Antivirus software protects OS X from any of the adware, malware or crapware that exists in the internet, AFAIK.
Sure it does. I don't routinely use an anti-virus myself, but occasionally I'll run the free BitDefender scanner if I've stumbled upon something seedy in my browsing. In fact, I just did this before the holidays as I was looking for an Android emulator and stumbled upon something that didn't quite look legit. Sure enough, BitDefender flagged the .dmg file.
Yes, malware in the broadest sense exists. Stuff that creates popup ads, hijacks browsers, etc. But again, nothing truly malicious like one finds in the Windows world. No bots, no key loggers, no disk wipers, no ransomeware.
This is simply untrue.
Thousands of Macs infected with OS X botnet malware controlled via Reddit | TUAW: Apple news, reviews and how-tos since 2004
Ventir Trojan Intercepts Keystrokes from Mac OS X Computers | The Mac Security Blog
https://blog.malwarebytes.org/fraud-scam/2013/07/fbi-ransomware-now-targeting-apples-mac-os-x-users/
Are they found in the same kind of volume as on Windows? No. But they're out there - and for ordinary users, every bit as damaging as a "true" virus.
If you don't want the popup/browser hijack malware, then you can get AdBlock+ or Ghostery, but they are not antivirus, they are blockers of all sorts of things crawling the internet into your browser. And AdwareMedic can kill those pests if you do get them.
Sure, if you're savvy and aren't annoyed with playing with plug-ins to get pages to display properly at times. Also, you can do the same for safe browsing on a Windows box.
But that's not virus, not in any way, shape or form.
Again, does it have to be a "virus" to be crippling to a user? You are looking at the world through the eyes of an enthusiast. As a knowledgeable user, you are quite safe without any form of anti-virus. YOU do not represent the majority of Mac users, many of whom have come to the platform seeking refuge from this kind of stuff.
I agree that anti-virus is by-and-large unnecessary. Apple has it covered to some extent with XProtect. However, it is disingenuous to continuously trot out the line "there are no viruses for Mac OS X!" every time someone asks about one. My entire point is that viruses are not the only damaging malicious software that impacts the Mac.
ClamXAV is OK, but again, all it can possibly search for is Windows viruses. There is no known vector by which OS X can be attacked. Note that I said "no known" not just "no." Sooner or later someone will find a vector to get into OS X for malicious purposes, but until that happens, no Antivirus developer can write any detection software because like the virus developer, the antivirus developer doesn't know of any vector to use or protect. So, right now, every AV package on the OS X environment is useless, protecting against nothing.
Yes, I know about the Java insecurities and the Flash insecurities, but those are not OS X, they are third party problems. I have neither installed on my machines, and I strongly recommend against both of them. The perceived benefits of them do not outweigh the security risk downsides.
Does it matter whether the vulnerability is in OS X, Flash or Java? To the ordinary user it's irrelevant - a matter of semantics. Again, you are savvy - and that's great, but YOU don't represent the average user.
As to not having an attack vector on OS X? That's baloney. As long as there are uneducated users willing to download and install stuff, there is always an attack vendor, no matter how well-crafted the OS is. Beyond that, many vulnerabilities have been discovered in OS X. They've been patched, yes, but OS X is not bulletproof by any means.
https://www.google.com/#q=os+x+vulnerability+discovered
As for tricking the user into installing something truly malicious, there is simply no way to protect against stupidity. It's useless to even try. And I know of no AV package that will find malicious software that was "legitimately" installed by the user. You let Genieo install, you get what you permitted. And if you turned off the protection because you didn't like the prompts from OS X about installing things, then you get what you deserve for leaving the door unlocked. It's not breaking and entering if I don't have to break to enter.
I do agree with you here, but that's why I am a fan of educating users as opposed to dismissing their concerns with the "there are no viruses for OS X" statement.
Now if you want to protect your Windows buddies, you CAN use an antivirus package, but it's going to slow down your own machine and they should be protecting themselves. And all it's going to detect are Windows viruses that cannot do any mischief on OS X. I warrant that 99% of what it finds is in emails that show up infected with Windows viruses. So you can be a good guy, suffer the performance hit and do your bit to protect your buddies, but be fully aware that AV is doing NOTHING to prodect OS X.
Not necessarily true if the we're talking about malware in general. The OS X anti-virus packages are fully capable of detecting, quarantining and/or removing installed malware on OS X.
And I didn't jump up and down. I simply made a factual, true statement that there is no NEED for antivirus software at this time. And I'll stand on that statement. And as for your statement about few true viruses for Windows, the last time I looked Symantec was reporting just over a million viruses (not counting variants--if you include variants, the number is over 17 million). I'm not sure what you think is "few" but if you think a million is a "few," can you send me a few dollars?
Symantec is grouping general malware into those estimates, because as I've pointed out many times, just because something doesn't meet the rigid definition of a "virus", doesn't mean it can't be damaging.
And I think you'll find that even today on Windows, most of what's floating about is the same kind of malware that you see on OS X from time to time. YES, there is a lot more of it. YES, you are far more likely to encounter it on a Windows machine. YES, the user can be trained to avoid much of it. But by and large, malicious software that meets all the criteria for a virus is becoming somewhat of a rarity. Malicious software that falls under the broad category of "malware" is of course, another story.
So, I'm going to continue to "trot out the line" that there is no need for Antivirus unless and until a true virus vector is found and malicious code detected. And I will continue, as I have, to suggest AdBlock+, AdwareMedic and Ghostery to block the popup crapware if asked.
At the end of the day, I am simply asking that we not dismiss people's concerns about security with the "there are no viruses for Mac OS X" line. As far as I'm concerned, whether it's a virus, adware, ransomware, trickware, trojan or worm, it really doesn't matter to the average Joe who just wants to use his computer safely. So, educate however you like, but educate - do not dismiss.