Blog Post

Antivirus Software On Your Mac: Yes or No?

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Just over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated software. While there had been a few scattered OS X virus reports, this trojan had the most destructive potential to date.

Since that rumble last year, the Mac security front has been relatively quiet. This begs the question that has been on many people’s minds and one I get asked on a daily basis: “Why don’t Macs get viruses?”

Of course, we know the question isn’t valid. Macs can be attacked as evidenced earlier. Even Apple suggests running some kind of antivirus software on your Mac and included one with a .Mac subscription. Additionally, numerous security flaws are found and Apple releases regular security updates to patch them up.  So, a better question might be “Why don’t Mac users have to worry about malware like Windows users do?” I suspect a relatively small number of readers have active antivirus software running on their Mac, despite Apple’s recommendation. For purposes of simplicity, we’ll lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.” Here are the common responses given and my take on them.

Macs Aren’t Popular

Why do people rob banks? That’s where the money is! (Sutton’s Law). Because Windows-based computers represent around 90 percent of the market, virus writers get more bang for their buck. Not only does a Windows virus spread farther and faster due to its numbers, but the people writing viruses are more likely to have Windows machines upon which to code. And the banks are running Windows as well, so Windows is where the money is.

Of course, when Apple introduced Intel-based computers, some were concerned that Macs would get PC viruses because they were running the same chips. The chip switch was a legitimate concern, but for a different reason. If cheap PCs could be turned into Macs, the enemy could use that to their advantage and begin diversifying. Hacking the Mac OS to run on a PC would provide an easy way for malware writers to explore the MacOS.

However, as the Mac’s popularity has increased, we haven’t seen a rise in viruses for the Mac. Popularity is a weak rationale.

Macs Don’t Maintain Backward Compatibility

Since 1984, Apple has made multiple shifts in its operating system strategy. First there was the shift from 68K processors to PowerPC, and then the shift from Classic to OS X, and then finally the shift from PowerPC to Intel based processors. That old copy of MacWrite or NetTrek won’t run on your new MacBook without major emulation and other chicanery. On the other hand, WordPerfect 5.1 for DOS runs great on a Windows 7 PC with just a minor tweak.

Microsoft, in order to maintain compatibility with older products, has never fully excised old code and flaws in its operating system. Apple has been willing on at least three occasions to completely abandon old software and start from scratch. Because Apple controls the hardware and the software and has a much smaller installed base, it is better positioned to make these drastic moves.

Ironically, Macs used to get tons of viruses in the System 7 days. I fondly remember “Disinfectant,” and countless viruses spread via floppy disk. As the Classic OS evolved, less and less viruses worked until finally OS X rewrote the OS book. Which leads to the final reason for the dearth of Mac nasties.

Macs Were Designed with Security in Mind

Since Apple knew about Mac viruses, it was able to redesign the operating system with safeguards in place to prevent malware outbreaks. The proper use of the Administrator account and password was the most important key in preventing the spread of any Mac viruses. For those unfamiliar, on a Windows XP PC, programs can install automatically without an administrator name and password. While Vista and Windows 7 ask permission sometimes, you can still easily install programs (and therefore viruses) without intervention from a user.

Alternatively, Mac programs requires someone with Administrator privileges in order to install most software. In my day job as a computer repair tech, countless Mac clients can’t even remember their own password, so they are extremely unlikely to accidentally install some software. Windows PCs are usually infected by clicking on some kind of link followed by Windows automatically installing a virus in the background without user consent or intervention. This idea is as foreign to Mac users as a .dll file.

Because Apple has a quicker schedule in updating and patching its operating system, any flaw that is found and acknowledged by Apple can easily be patched via an update or the next operating system. Getting Apple to acknowledge some of these flaws is a different story, though Snow Leopard provided protection against the trojans discovered last year.

[polldaddy poll=2649759]

Should You Run Mac Antivirus Software?

Good question. Apple said at one time it recommended antivirus software (though later it recanted), yet most Mac users don’t. The risks of a virus on your Mac are slim and protection software is perceived as slowing down computers and being generally buggy. Unlike most other software, virus protection requires a yearly fee to keep protection active. If you stay away from the red light district on the Internet, you are much less likely to get a virus. Make sure your system password is a good one and hard to guess. Be wary of any software you download and check the source. That’s why you get the warning now whenever you download a program from the Internet. Common sense is your first line of defense.

Personally, at home, I have ClamXav installed. It’s a free program that will scan your Mac to determine if you have a virus, but won’t pre-emptively protect you from getting one. It’s an “on-demand” versus an active scanner. I update and run it every so often after I hear of some new threat.

For my work computer, I have Intego VirusBarrier installed. The program is unobtrusive and has little or no impact on the performance of my Mac mini. Because I work with a large number of clients, I can’t always guarantee that they haven’t downloaded an Internet Nasty and I don’t want to catch what they have on their computer.

The choice is yours whether to run antivirus software. The reasons why Macs don’t get many viruses are as much based on luck and market conditions, as they are on inherent security. At the very least, besides a good administrative password, a Mac on the Internet should have a copy of ClamXAV on it that can be run at the first sign of trouble and updated after a suspected outbreak. Furthermore, remember that “social engineering” threats, like phishing emails that attempt to steal your passwords can affect Mac and Windows users equally. Stay on your toes and never respond to unexpected emails that try to scare you into visiting a website that requires your password or other personal information.

62 Responses to “Antivirus Software On Your Mac: Yes or No?”

  1. Rajesh G

    I’ve got a very different problem with my iMac. My applications and some movies files are deleting by its own. I don’t understand why it is happening.
    Can you people known about this problem.
    Please help!!!

  2. KrashTestDumby

    Obviously, anyone who owns a Mac and has never heard of Charlie Miller should be very, VERY glad he’s just another former NSA employee and not a vicious person – if you land your Safari/Mac on one of his pages, he could easily own your Mac’s operating system:

    In March of 2010, Charlie identified 20 (count ’em, TWENTY) security vulnerabilities on Mac’s:

    Security experts and former hackers-turned-security-expert all agree with Charlie:

    Hear about HellRTS virus directly from Apple – be careful what you click:

    Have you and your Mac been to any good Torrent sites, lately?

    Have ya had a problem watching a video on your Mac, lately? Do you need a new CODEC to watch that video you’re trying to watch on the Internet? CAREFUL!

    Have you spell checked anything, lately:

    Oops. Mac’s CAN and DO get viruses. Kind of puts a hole in the “Mac’s don’t get viruses” thing, don’t it?

  3. As Bitdefender just released their antivirus for mac, I was just browsing around the internet to get an idea about antiviruses for mac….

    I have to say I more or less agree with Paul and disagree with C.Martin, it is more or less proved that W7 is more secure than OSX because SL failed to implement some modern security features in OS, OSX being safe just because of it’s market share …

    Anyway, I just wanted to point something I didn’t see mentioned here. For me, as a professional using Macs (for almost 30 years) in a world of people using Windows (and having myself used and installed Windows on 100th of machines), the main issue is avoiding to send viruses to my Windows clients, because Macs can propagate Windows viruses. As an example, I tried Bitdefender, it found 2 Trojan on my Mac, of course they are harmless on my mac, but idea of hosting malware in my machine is not pleasant … Not to mention, if you work in a mixed environment, the requirement of running antivirus software in certain companies …

    The pbm of Intego is that it does not find Windows viruses in your OSX environment … so it’s useless. Bitdefender does, Kespersky does, I don’t know about Avast, iAntivirus …

    I think virus on mac will happen, you know, s… happens ! Unless (or because) one thinks that antivirus companies are writing viruses … the current rise of antivirus products is a sure sign, in my opinion, of viruses coming soon to a mac near you :)

    And please excuse my english …

  4. ‘Small’ number of targets is Not the issue anymore. It’s been 9 years since 10.0 came out and that was the argument. But no more. If it were easy, somebody would have written more than 1 or 2 items by now.

    I’d also like to add the “bragging rights” issue. Just like the fastest car, biggest fish or smartest kid; the bad guys out there that write the malware, one would have done it so as to be able to brag about it within that world. Just hasn’t happened yet

  5. No, I don’t run any because I don’t think there’s a need for any – yet AND anymore.

    Before Snow Leopard, I occasionally used anti virus software, which obviously never found anything. With Snow Leopard and the built in anti malware, it automatically deals with all of the current active malware.

    In fact, I went on and tried some malware samples. Antiviruses like Sophos, Symantec and McAfee couldn’t detect the malware because it was packed. I had to contact them so that they could update the definitions.

    On the other hand, the Snow Leopard anti malware had absolutely no problem dealing with the samples.

    So I think that with Snow Leopard Apple has extinguished the need for anti malware software.

    And I don’t care about Windows users. They already have antivirus software installed. If theirs isn’t good enough (not like any of them is good but whatever), it’s their problem.

    And about VirusBarrier: Sorry but you’re wrong, it DOES affect resources, and quite a bit.

    If you try to look through all processes, you’ll see that VirusBarrier will use about 300MB of RAM.
    Tasks such as backups and rendering will be slowed down too.

    The only antivirus which could be considered ‘light’ is iAntivirus. But it still slows down the Mac, especially at startup, and may have some CPU issues.

    So, I don’t think Mac users should waste money and resources on antivirus software. The built in is more than enough.

  6. The “Macs Aren’t Popular” argument can’t explain one thing: back in the 1980’s there were dozens of viruses for the Mac. Yes, at a time when Macs had a smaller market share than now, there were lots of viruses (I still have an old floppy with a collection of a bunch of them on it).

    The Mac operating system of that day was quite susceptible to viruses, so people bothered to create them (and old timers like me remember the day when responsible Mac owners all ran anti-virus software).

    Over time, Apple got its act together and people quit writing viruses for the Mac, it was too hard and Windows was too easy. Microsoft had/has a terrible time, because lots of their scripting software (stuff businesses run under Word and Excel to automate their workflow) was predicated on a secure network: it wasn’t invented with the Internet in mind and it took a long time to secure an unfortunate design.

  7. You can actually have ClamXav watchIng one or more folders actively. That way it can work almost as an “on access” scanner. I have it watching downloads and desktop folders.

  8. Under “Macs Aren’t Popular” you state that Windows makes up 90% of the market share. In the same section you also state that Mac popularity is rising. Looking around at my friends, I agree with the latter.
    I’ve been hearing for over a decade that Macs only make up 10% of the market and I have never believed it. Maybe 20 years ago but I’m willing to bet that Macs make up far more than 10% of the market. I think people confuse how many computers are sold compared to how many computers are being used. In my office experience, the life span of a Windows machine is 2 to 4 times less than that of a Mac. Yes, more Windows machines are being purchased but those machines are replacements, not new additions.
    I would like to see more accurate stats on just how many Macs are sitting on a desktop as compared to a PC. Compare that to how many replacement Macs are purchased as compared to replacement PCs. Compare that again to how many Macs are filling new office positions as opposed to PCs. In my office I see new PCs rolling off the trucks every few months but there are no more employees now than there were before.

  9. Nicholas

    > countless Mac clients can’t even remember their own password, so they are extremely unlikely to accidentally install some software…

    WTF? Do you think that most MacOSX users are lobotomized or sth? Do we just run “iWhatever” crap mother Apple pushes to us and have a stupid smile in our faces?

    In my macbook I’ve already installed countless “*.pkg” programs that needed the admin password for the install process, and still it I find it “extremely unlikely to accidentally install some software”. Common sense is enough in most of the cases…

  10. Yes. Only the most deluded fanboy thinks OS X is immune or more secure by virtue of design. The popularity argument *is* the reason. Despite the success of Mac, Apple is still less than 5% worldwide marketshare. The additional share just isn’t worth hacker’s additional time, especially with so much low hanging fruit still available among that 90% Windows world. Where popularity is now favoring Apple, like iPhone, we’re starting to see it become worthwhile for hackers to bother, and the ease with which they’re able to compromise the OS.

  11. The best AV for business for Mac/Windows and 30 other flavors of OS is Sophos. It’s the most intrusiveness, and minimal on CPU, but powerful. Obviously they have more support for Windows with things like encryption, and firewall support, but the best part of Sophos is their ULA permits companies to be able to offer an installer for their staff for free for home use. They also offer charity licensing.

    I am a big fan of Sophos at an enterprise and SMB level.

  12. Duskrider

    It’s not like the Windows virus scanners are in the least bit effective at catching new viruses (heuristic analysis = marketing BS) so I too refuse to get caught up in the “you’d better have a virus scanner or you’re an idiot” marketing crap for my Mac. IE: If they are a waste of money on a Windows machine, they are a HUGE waste of money on a Mac.

    Education and a modern OS, coupled with users installing all patches, is the only path towards virus-free computing. That applies to Windows and OS X – in fact, all OS’s.

    I manually run scans with Clam on my Macs once in a blue, just to be sure, but that’s it.

    100% of the last several hundred Windows machines that I’ve had to clean of malware and viruses had virus scanners on them. That equals 100% FAIL.

    Don’t give in to the panic that the anti-virus companies would love for you to fall for. That only helps them, not you.

  13. It is ridiculous and stupid to run an anti-virus program on the Mac.

    IF — and this is incredibly unlikely — IF a genuine virus were to ever appear on the Mac, the entire media would pounce on it like if Michael Jackson returned from the dead. Everyone on earth — even the Amish — would know about it, WEEKS before there was even the remote possibility that you might “catch” it. Apple would be all over it, ClamAV would be updated etc and in short you’d have plenty of time to download a preventative software thing for free.

    Macs don’t even need their software firewall on, for pity’s sake. They’re FAR more secure than Windows and I *will not* let that stupid Windows mentality infest this community.

    Run naked, run free.

    Now if you’ll excuse me, I’m off to cruise some dodgy web sites where Windows fears to tread. BWAHAHAHAHAHA!

    • Noel Farkingweigh

      Ok, so I’m breathing life into a 8-month dead troll, but somebody might stumble across this like I did and read your nonsense. “Macs don’t even need their software firewall on”?? Say WHAT? You do realize there is a big freaking difference between malware resiliency (real or imagined) and network security, right? Forget virus writing. You go ahead and turn off your firewall and invite some plain old fashioned port scanning and poking for fun (and oh yea, PROFIT). I don’t care if you’re running Windows, MacOS, Linux, UNIX, or freaking IBM Z/OS on the mainframe in your momma’s basement. You don’t stick your wire in the Internet hole without wearing a condom. Don’t need a firewall on a Mac?? Jeez, and I thought I was a fanboy…

  14. Having come from the System Administrator world, I was running ClamXav back on early versions of Tiger. I switched to iAntivirus in early 2009 and have never detected a virus under either version. I also run MacScan weekly. You might say that I am very careful, but I use my Macbook pro laptops at work and home and even loan them out to others.

    Better safe than sorry. I also run time machine and still do weekly superduper backups, and it has saved me many times. It even allowed me to run my system without any changes when the boot drive crashed last year until I could swap a new drive in.

  15. Gazoobee

    Dave, you have no idea what you are talking about here. Most of this is just rehashed old copy.

    For starters this: “…For purposes of simplicity, we’ll lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.”” is like saying “for the purposes of simplicity we will call rats and horses, … dogs.”

    Secondly, Apple doesn’t exactly recommend you use anti-virus they say: “Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.” which is decidedly different.

    You are basically just pulling things out of your bum here and writing a lot of wild supposition based either on stuff you read or nothing at all. It’s not new, it’s not informative, and it’s only partially accurate in some cases.

    • It’s more like “For purposes of simplicity we’ll lump rats, horses and dogs under the term mammals” — seriously, this article is about malware in general, not one specific type of malware, so why not lump them together. Or would you rather see “viruses, worms, spyware, malware and trojans” repeated 20 times in the article?

      I think you are just being negative for the fun of complaining (gotta love the internet for that!)

    • Gazoobee

      @ Jason: You are wrong. The article isn’t about “malware in general” if it has a title that goes “Antivirus Software on the Mac …”. The author merely is changing the entire basis of the debate at the end of the third paragraph which is either deceptive or poor writing. Since he was too lazy to put the fold in and too lazy to correct the mistake (now a day later), I have to assume he’s just a bad writer.

      If the question is “Should you use anti-virus on the Mac?” then the answer is “No, let’s wait until the first virus appears or seems imminent.” (Hasn’t happened yet). Even if you consider this an article about “malware in general” he also doesn’t talk about the horrible performance of anti-virus products on the Mac, and the giant hit to your system if you use them. He doesn’t actually give the user any real advice.

      This could be a PC World type article. The one they trot out every season with slightly changed wording that essentially says. “To be safe, use anti-virus.” It’s just filler. It contains no analysis to speak of, and no real arguments at all.

      As a Mac user for many years and a technician responsible for repairing them, I don’t recommend anyone bother with “anti-virus” programs which do nothing, and don’t raise your safety significantly at all. Even the dumbest user is much better off being trained against the social element of malware attacks. Relying on anti-virus is likely to make them *less* safe.

    • I know they say don’t feed the trolls (really Gazoobee, you hate everyone on here yet keep coming back)

      Last time I checked 30 seconds ago there aren’t seperate programs to protect against: viruses worms, spyware malware and trojans” All antivirus programs provide limited protection against all these threats.

      The quote you refer to was removed by Apple as invalid.

      What is supposition in this article???? And if it’s wild supposition then it’s obviously something new.

      I know I know don’t feed the trolls.

    • @Jason,

      Don’t presume to correct someone when you clearly don’t understand the topic. Gazoobee’s criticism of the article was quite correct. Dave Greenbaum’s decision to “lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.”” is simply bizarre, not to mention incorrect. For starters, there is a huge difference between trojans, viruses, worms and spyware. Second, there is already a term which is used to “lump” them all together and that’s called “malware”. Malware is the superset of each subset. To use a subset (virus) to include a much larger superset (malware) is both incorrect and illogical.

      • Steve, both you and Gazoobee are being picky. Ok, he’s technically incorrect by using “viruses” instead of “malware”, but consider that the article is evidently aimed at general users rather than technicians and geeks – most people understand the concept of viruses far better than that of malware. And since most antivirus will combat all malware rather than just viruses, you’re making a moot point. He could call them “small purple things from mars” as long as he was talking about “Anti-small purple things from mars software” and everyone knew what he meant. Who cares that he’s using the wrong terminology.
        And the point of the article is to discuss whether it’s worth using Anti-malware software on macs or not. Whether his opinion is right or wrong, it’s worth shedding light on the subject periodically so people are aware of the issues. They can make their own decisions as long as they know the potential implications.

        Brian – fellow Troll-feeder ;)

  16. mike2078

    Norton killed the internet on the mac of a friend… no wireless connection was possible as long as norton was installed…

    I don’t believe all this threatening of anti-virus developers… Macs are safe. Until some virus proves me wrong personally ;)

    The best tip is to stay away from danger like file sharing and cheap prnsites… I had no security on my WinXP machine for years. Never caught a virus.

  17. I don’t think we really need anti-virus on the Mac… yet. I do think that Apple needs to get on the ball about this though and build something into a future revision of the OS. I mean even Microsoft has finally gotten around to taking these threats seriously and began to at least offer their users an optional download to deal with these issues. I would much rather use a first party solution than something from a third party anti-virus company since these companies are often pretty shady.

  18. I spent hundreds of dollars on Norton AV for OS 9 and it gave me NOTHING but grief. When the virus is not as bad as the protection, you need to rethink you computing life.
    For OSX, I have never had a virus and I do not interact with Windows users so could care less if I have a Windows infection.

    • Yes you do need to change your look/way at computing since 99.9% of the time you get an infection you where asking for it.

      And it’s nearly impossible to not interact with windows users.

      While the Mac is not affected by windows virus’s its still not nice to unknowingly spread them.

      That’s why virus total is very highly useful.

  19. I don’t run anti-virus. Every month or so I run MacScan, which doesn’t check for viruses, but checks for malware and removes tracking cookies etc. I do this just for good measure and its never brought up anything except advertising cookies (which is expected).