62 Comments

Summary:

Just over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated software. While there had been a few scattered OS […]

shield_thumb

Just over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated software. While there had been a few scattered OS X virus reports, this trojan had the most destructive potential to date.

Since that rumble last year, the Mac security front has been relatively quiet. This begs the question that has been on many people’s minds and one I get asked on a daily basis: “Why don’t Macs get viruses?”

Of course, we know the question isn’t valid. Macs can be attacked as evidenced earlier. Even Apple suggests running some kind of antivirus software on your Mac and included one with a .Mac subscription. Additionally, numerous security flaws are found and Apple releases regular security updates to patch them up.  So, a better question might be “Why don’t Mac users have to worry about malware like Windows users do?” I suspect a relatively small number of readers have active antivirus software running on their Mac, despite Apple’s recommendation. For purposes of simplicity, we’ll lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.” Here are the common responses given and my take on them.

Macs Aren’t Popular

Why do people rob banks? That’s where the money is! (Sutton’s Law). Because Windows-based computers represent around 90 percent of the market, virus writers get more bang for their buck. Not only does a Windows virus spread farther and faster due to its numbers, but the people writing viruses are more likely to have Windows machines upon which to code. And the banks are running Windows as well, so Windows is where the money is.

Of course, when Apple introduced Intel-based computers, some were concerned that Macs would get PC viruses because they were running the same chips. The chip switch was a legitimate concern, but for a different reason. If cheap PCs could be turned into Macs, the enemy could use that to their advantage and begin diversifying. Hacking the Mac OS to run on a PC would provide an easy way for malware writers to explore the MacOS.

However, as the Mac’s popularity has increased, we haven’t seen a rise in viruses for the Mac. Popularity is a weak rationale.

Macs Don’t Maintain Backward Compatibility

Since 1984, Apple has made multiple shifts in its operating system strategy. First there was the shift from 68K processors to PowerPC, and then the shift from Classic to OS X, and then finally the shift from PowerPC to Intel based processors. That old copy of MacWrite or NetTrek won’t run on your new MacBook without major emulation and other chicanery. On the other hand, WordPerfect 5.1 for DOS runs great on a Windows 7 PC with just a minor tweak.

Microsoft, in order to maintain compatibility with older products, has never fully excised old code and flaws in its operating system. Apple has been willing on at least three occasions to completely abandon old software and start from scratch. Because Apple controls the hardware and the software and has a much smaller installed base, it is better positioned to make these drastic moves.

Ironically, Macs used to get tons of viruses in the System 7 days. I fondly remember “Disinfectant,” and countless viruses spread via floppy disk. As the Classic OS evolved, less and less viruses worked until finally OS X rewrote the OS book. Which leads to the final reason for the dearth of Mac nasties.

Macs Were Designed with Security in Mind

Since Apple knew about Mac viruses, it was able to redesign the operating system with safeguards in place to prevent malware outbreaks. The proper use of the Administrator account and password was the most important key in preventing the spread of any Mac viruses. For those unfamiliar, on a Windows XP PC, programs can install automatically without an administrator name and password. While Vista and Windows 7 ask permission sometimes, you can still easily install programs (and therefore viruses) without intervention from a user.

Alternatively, Mac programs requires someone with Administrator privileges in order to install most software. In my day job as a computer repair tech, countless Mac clients can’t even remember their own password, so they are extremely unlikely to accidentally install some software. Windows PCs are usually infected by clicking on some kind of link followed by Windows automatically installing a virus in the background without user consent or intervention. This idea is as foreign to Mac users as a .dll file.

Because Apple has a quicker schedule in updating and patching its operating system, any flaw that is found and acknowledged by Apple can easily be patched via an update or the next operating system. Getting Apple to acknowledge some of these flaws is a different story, though Snow Leopard provided protection against the trojans discovered last year.

Should You Run Mac Antivirus Software?

Good question. Apple said at one time it recommended antivirus software (though later it recanted), yet most Mac users don’t. The risks of a virus on your Mac are slim and protection software is perceived as slowing down computers and being generally buggy. Unlike most other software, virus protection requires a yearly fee to keep protection active. If you stay away from the red light district on the Internet, you are much less likely to get a virus. Make sure your system password is a good one and hard to guess. Be wary of any software you download and check the source. That’s why you get the warning now whenever you download a program from the Internet. Common sense is your first line of defense.

Personally, at home, I have ClamXav installed. It’s a free program that will scan your Mac to determine if you have a virus, but won’t pre-emptively protect you from getting one. It’s an “on-demand” versus an active scanner. I update and run it every so often after I hear of some new threat.

For my work computer, I have Intego VirusBarrier installed. The program is unobtrusive and has little or no impact on the performance of my Mac mini. Because I work with a large number of clients, I can’t always guarantee that they haven’t downloaded an Internet Nasty and I don’t want to catch what they have on their computer.

The choice is yours whether to run antivirus software. The reasons why Macs don’t get many viruses are as much based on luck and market conditions, as they are on inherent security. At the very least, besides a good administrative password, a Mac on the Internet should have a copy of ClamXAV on it that can be run at the first sign of trouble and updated after a suspected outbreak. Furthermore, remember that “social engineering” threats, like phishing emails that attempt to steal your passwords can affect Mac and Windows users equally. Stay on your toes and never respond to unexpected emails that try to scare you into visiting a website that requires your password or other personal information.

You’re subscribed! If you like, you can update your settings

  1. I don’t run anti-virus. Every month or so I run MacScan, which doesn’t check for viruses, but checks for malware and removes tracking cookies etc. I do this just for good measure and its never brought up anything except advertising cookies (which is expected).

  2. I spent hundreds of dollars on Norton AV for OS 9 and it gave me NOTHING but grief. When the virus is not as bad as the protection, you need to rethink you computing life.
    For OSX, I have never had a virus and I do not interact with Windows users so could care less if I have a Windows infection.

    1. Yes you do need to change your look/way at computing since 99.9% of the time you get an infection you where asking for it.

      And it’s nearly impossible to not interact with windows users.

      While the Mac is not affected by windows virus’s its still not nice to unknowingly spread them.

      That’s why virus total is very highly useful.

  3. Thanks for the info. I always wondered if I should at least have some sort of anti-virus/anti-malware software on my machine.

    ~Bri

  4. I don’t think we really need anti-virus on the Mac… yet. I do think that Apple needs to get on the ball about this though and build something into a future revision of the OS. I mean even Microsoft has finally gotten around to taking these threats seriously and began to at least offer their users an optional download to deal with these issues. I would much rather use a first party solution than something from a third party anti-virus company since these companies are often pretty shady.

  5. Norton killed the internet on the mac of a friend… no wireless connection was possible as long as norton was installed…

    I don’t believe all this threatening of anti-virus developers… Macs are safe. Until some virus proves me wrong personally ;)

    The best tip is to stay away from danger like file sharing and cheap prnsites… I had no security on my WinXP machine for years. Never caught a virus.

    1. As opposed to expensive prnsites?! :P

      1. Yeah- high budget porn sites (that is ones requiring expensive memberships) have to protect their customers like any other major company- duh.

  6. Dave, you have no idea what you are talking about here. Most of this is just rehashed old copy.

    For starters this: “…For purposes of simplicity, we’ll lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.”” is like saying “for the purposes of simplicity we will call rats and horses, … dogs.”

    Secondly, Apple doesn’t exactly recommend you use anti-virus they say: “Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.” which is decidedly different.

    You are basically just pulling things out of your bum here and writing a lot of wild supposition based either on stuff you read or nothing at all. It’s not new, it’s not informative, and it’s only partially accurate in some cases.

    1. It’s more like “For purposes of simplicity we’ll lump rats, horses and dogs under the term mammals” — seriously, this article is about malware in general, not one specific type of malware, so why not lump them together. Or would you rather see “viruses, worms, spyware, malware and trojans” repeated 20 times in the article?

      I think you are just being negative for the fun of complaining (gotta love the internet for that!)

    2. Gazoobee

      Very good point.

      This site is becoming the “Weekly World News” of Mac sites.

    3. @ Jason: You are wrong. The article isn’t about “malware in general” if it has a title that goes “Antivirus Software on the Mac …”. The author merely is changing the entire basis of the debate at the end of the third paragraph which is either deceptive or poor writing. Since he was too lazy to put the fold in and too lazy to correct the mistake (now a day later), I have to assume he’s just a bad writer.

      If the question is “Should you use anti-virus on the Mac?” then the answer is “No, let’s wait until the first virus appears or seems imminent.” (Hasn’t happened yet). Even if you consider this an article about “malware in general” he also doesn’t talk about the horrible performance of anti-virus products on the Mac, and the giant hit to your system if you use them. He doesn’t actually give the user any real advice.

      This could be a PC World type article. The one they trot out every season with slightly changed wording that essentially says. “To be safe, use anti-virus.” It’s just filler. It contains no analysis to speak of, and no real arguments at all.

      As a Mac user for many years and a technician responsible for repairing them, I don’t recommend anyone bother with “anti-virus” programs which do nothing, and don’t raise your safety significantly at all. Even the dumbest user is much better off being trained against the social element of malware attacks. Relying on anti-virus is likely to make them *less* safe.

    4. I know they say don’t feed the trolls (really Gazoobee, you hate everyone on here yet keep coming back)

      Last time I checked 30 seconds ago there aren’t seperate programs to protect against: viruses worms, spyware malware and trojans” All antivirus programs provide limited protection against all these threats.

      The quote you refer to was removed by Apple as invalid.

      What is supposition in this article???? And if it’s wild supposition then it’s obviously something new.

      I know I know don’t feed the trolls.

    5. @Jason,

      Don’t presume to correct someone when you clearly don’t understand the topic. Gazoobee’s criticism of the article was quite correct. Dave Greenbaum’s decision to “lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.”” is simply bizarre, not to mention incorrect. For starters, there is a huge difference between trojans, viruses, worms and spyware. Second, there is already a term which is used to “lump” them all together and that’s called “malware”. Malware is the superset of each subset. To use a subset (virus) to include a much larger superset (malware) is both incorrect and illogical.

      1. Steve, both you and Gazoobee are being picky. Ok, he’s technically incorrect by using “viruses” instead of “malware”, but consider that the article is evidently aimed at general users rather than technicians and geeks – most people understand the concept of viruses far better than that of malware. And since most antivirus will combat all malware rather than just viruses, you’re making a moot point. He could call them “small purple things from mars” as long as he was talking about “Anti-small purple things from mars software” and everyone knew what he meant. Who cares that he’s using the wrong terminology.
        And the point of the article is to discuss whether it’s worth using Anti-malware software on macs or not. Whether his opinion is right or wrong, it’s worth shedding light on the subject periodically so people are aware of the issues. They can make their own decisions as long as they know the potential implications.

        Brian – fellow Troll-feeder ;)

  7. Having come from the System Administrator world, I was running ClamXav back on early versions of Tiger. I switched to iAntivirus in early 2009 and have never detected a virus under either version. I also run MacScan weekly. You might say that I am very careful, but I use my Macbook pro laptops at work and home and even loan them out to others.

    Better safe than sorry. I also run time machine and still do weekly superduper backups, and it has saved me many times. It even allowed me to run my system without any changes when the boot drive crashed last year until I could swap a new drive in.

  8. It is ridiculous and stupid to run an anti-virus program on the Mac.

    IF — and this is incredibly unlikely — IF a genuine virus were to ever appear on the Mac, the entire media would pounce on it like if Michael Jackson returned from the dead. Everyone on earth — even the Amish — would know about it, WEEKS before there was even the remote possibility that you might “catch” it. Apple would be all over it, ClamAV would be updated etc and in short you’d have plenty of time to download a preventative software thing for free.

    Macs don’t even need their software firewall on, for pity’s sake. They’re FAR more secure than Windows and I *will not* let that stupid Windows mentality infest this community.

    Run naked, run free.

    Now if you’ll excuse me, I’m off to cruise some dodgy web sites where Windows fears to tread. BWAHAHAHAHAHA!

    1. Ok, so I’m breathing life into a 8-month dead troll, but somebody might stumble across this like I did and read your nonsense. “Macs don’t even need their software firewall on”?? Say WHAT? You do realize there is a big freaking difference between malware resiliency (real or imagined) and network security, right? Forget virus writing. You go ahead and turn off your firewall and invite some plain old fashioned port scanning and poking for fun (and oh yea, PROFIT). I don’t care if you’re running Windows, MacOS, Linux, UNIX, or freaking IBM Z/OS on the mainframe in your momma’s basement. You don’t stick your wire in the Internet hole without wearing a condom. Don’t need a firewall on a Mac?? Jeez, and I thought I was a fanboy…

  9. It’s not like the Windows virus scanners are in the least bit effective at catching new viruses (heuristic analysis = marketing BS) so I too refuse to get caught up in the “you’d better have a virus scanner or you’re an idiot” marketing crap for my Mac. IE: If they are a waste of money on a Windows machine, they are a HUGE waste of money on a Mac.

    Education and a modern OS, coupled with users installing all patches, is the only path towards virus-free computing. That applies to Windows and OS X – in fact, all OS’s.

    I manually run scans with Clam on my Macs once in a blue, just to be sure, but that’s it.

    100% of the last several hundred Windows machines that I’ve had to clean of malware and viruses had virus scanners on them. That equals 100% FAIL.

    Don’t give in to the panic that the anti-virus companies would love for you to fall for. That only helps them, not you.

  10. I’ll use one if it’s free, doesn’t take up to much resources and has a good UI.

    Knowing what you’re doing online is usually be enough.

Comments have been disabled for this post