Macworld Forums: New to Mac and stickler for security antivirus, antispyware programs - Macworld Forums

I know there is threads on this (read a few) but I really need to know what's out there as far as virus and anti spyware protection. I did some searches and found a few decent looking options but lets post the top ones in this thread and how important they might be to the ever so secure MAC. The more people get it the more holes that will become apparent so lets be proactive and get moving on this. I hope some good recommendations can come from this particular thread. Thanks in advance for your help.

Not sure what your responses will be, but I doubt you will get much variety. Simply put, there is no credible threat to the Mac (not MAC, by the way; that implies something else.). Therefore, there is no compelling reason to attempt to protect yourself with such software, at this time.

That said, if for some reason you are still interested, there is a discussion of various anti-virus programs here.

As jroller stated, there is no credible threat to OS X so all you will accomplish by running anti-virus is wasting system resources on software that is attempting to protect your Mac from threats that cannot impact your system in the first place. Would you waste money on vaccinating yourself against a disease that can only be contracted by your dog?

Now while few of us here would say that taking preventative measures is a bad idea, there is not a single malware security package on the market that can protect you from unknown threats. Fighting virtual maladies is no different from fighting biological threats; no doctor can treat an illness with which medicinal science is unfamiliar and no treatment exists for that which has yet to be diagnosed. Anti-virus software is not a magic potion and like its medicinal equivalent, so you can no more be protected from unknown malware than you can be inoculated against unknown diseases.

To date, there is not a single malware threat to OS X. As such, when the first real threats do surface there will not be a single anti-malware utility that will recognize those threats let alone offer you any protection against them. So until there is a known threat, you are much better off exercising common sense computing than wasting money and system resources on snake oil.

You are looking to buy flood insurance for a house in the desert, moejondo .

If you are running Paralsys or VMWare Fusion on the Mac, you are supposedly vulnerable to Windows malware -- you might consider getting Intego's Internet Security Barrier X5 DP (Dual Protection)
http://www.intego.com
-- it has BitDefender for the Windows partition, and VirusBarrier X5 for the Mac partition. The regular (non-DP version of) Intego ISB X5 has an anti-virus for the Mac partition, and protection for known Mac Trojan Horse malware. It does not have IPv6 capability, so turn-off its Anti-Spyware, and use Little Snitch v2 Anti-Spyware (see below).
It includes a program called "Washing Machine", that clears-out cookies, web-caches, etc.
At least consider getting (and buying a license for) Little Snitch v2 for your outgoing traffic (Anti-spyware).
Although difficult, try to turn off any IPv6 traffic using Little Snitch v2 .
If you are not using wireless, use Little Snitch to block traffic to IP=10.x.x.x , but if you do this, beware that a DSL modem cannot be used in "bridged"-mode.

Oh, and by the way, as a first line of defense, you might want to change the default password on your modem/router !

Apple has an interest in promoting the "never-been-hacked" mantra, but your Mac is NOT impervious, it is just many more magnitudes less-likely that your Mac will be hacked than a WinTel machine.
Message was edited by: rsblanchard

First things first, the Mac is not invulnerable (nobody here claimed it was) and for some types of attacks it is no more secure than a PC. For example, if you are using your Mac to do some online banking you have to be worried about (some) of the same threats as PC folk because cross-platform web browsers have cross-platform vulnerabilities. Rather than being concerned about viruses and spyware (like keyloggers) you need to be more concerned about DNS spoofing at your ISP or cross-site scripting vulnerabilities.

The DNS vulnerability is best solved by using a reliable DNS service--I like OpenDNS myself, but it has been a little flaky for my liking lately. Please take this as an anecdote regarding my personal experience--I have no way of knowing if the problem was really OpenDNS or something with my Internet service provider (ISP) In general, a large open-source based service like OpenDNS has every chance of being less susceptible to problems than a small ISP because the ISP may or may not have effective security measures in place to protect their systems.

To address the scripting vulnerabilities I like to use Firefox with NoScript so that my browser is only allowed to run scripts when I specifically give that site permission. I may want to allow my bank to run scripts when I log in remotely, but there is no reason for most other sites I use to have scripting ability on my computer.

There are some very good antivirus programs that will run the Mac and look for PC viruses (like ClamAV--I like software that is 'free' for personal use). If you do share a lot of files with PC users or if you use your Mac as a network file server then it makes perfect sense to run the antivirus software on a machine that can't actually be infected by the viruses. It is also faster to run an antivirus program locally on a machine instead of over a network or especially a wireless connection. However, my favorite PC antivirus program is Kaspersky and I don't think they make a Mac version yet. My workaround is to use VMWare Fusion to set up a virtual machine and then run the antivirus/antispyware software within that virtual machine. As long as you have enough disk space it works great.

Better yet, if the virtual machine does get infected you can revert back to the most recent snapshot. Or even work with a copy and delete it if becomes infected--just make another copy from the master. Virtualization software is also a good solution to the problem PCs have with conflicts between various antivirus programs--you can install each antivirus tool in a different virtual machine. The virtual machines just have to have network access to periodically scan the file storage area. When the virtual machines are located on the same physical platform the virtual 'network' access is very fast. I strongly prefer running Windows applications in a virtual machine rather than sharing low level access to the same hard drive under Boot Camp. A virus in the PC area could conceivably damage the low level information required for the Mac side to boot. In contrast, under a virtualization solution like VMWare, Parallels or VirtualBox (competing Sun product that is free for non-commercial use) the damage is limited to the PC partition on the virtual machine and any networked volumes where the virtual machine has write/delete access.

- Mike