Should Mac Users Run Antivirus Software? 450
adamengst sends in an article from TidBITS in which Macintosh security expert Rich Mogull explains why he doesn't use antivirus software on the Mac, and why most Mac users shouldn't bother with it either. The article also touches on the question of when an increasing Mac market share might tip it over an inflection point into more active attention from malware writers. (Last month Apple had 14% of PC sales, but 25% of dollar value.)
False Sense of Security Trumps Logic (Score:4, Interesting)
What's my explanation for your perfectly good logic? Mac users have a false sense of security (see ensuing posts about Mac security totaling Herculean proportions).
I already *don't* run AV on a PC (Score:5, Interesting)
Well tell me why I really need to? I mean I have it installed, but I certainly don't have that stupid active scanning thing turned on. So when I open a file, my computer really needs to open it twice? Bull.
I get my mail from gmail (so attachments already scanned there). I use FireFox (so little chance of infection there). I do scan things that might possibly contain a virus -- anything from a usenet newsgroup or from P2P (which is only a few executables ever anyway); And I do let it scan the whole thing once a week (and never finds anything I didn't already know about, of course).
And you know what? My old computer running Win2K runs faster than most any new computers out there with AV turned on. To date, I've never been bitten by any viruses.
Depends on user (Score:3, Interesting)
If a user is careful about not downloading programs from random sites and installing those, as well as careful in opening email attachments.. i think one should be good to go without antivirus on most of the OS's not only OS-X
OTOH, if one just open every email attachment (s)he gets.. then even antivirus can not help sometimes (e.g. against some new vulnerability)
doesn't hurt (Score:5, Interesting)
There are differences between Windows/*nix (Score:2, Interesting)
For a *nix environment, even if malware got in through the user's browser, it still needs an escalation of privleges to do real bad harm. Without it, the damage is largely contained to the data in the user's directory.
Re:Then Rich Mogull Ain't No Security Expert (Score:5, Interesting)
Wrong Question (Score:5, Interesting)
Bringing the Anti-virus & Registry Cleaner snake oil salesmen to the Mac isn't going to do anyone any good.
Having said all that I used to use clam but never reinstalled it when I move to Leopard...
OS X Server does by default (Score:5, Interesting)
Still, many people interact with Windows from their client Macs too, but not everyone. Windows is not a part of my life, for instance.
Apple obviously felt it necessary to include an AV suite for the server release. They've tailored it for the OS, so why not ship it by default with the client release as well? Perhaps because they feel it isn't necessary, and they're choosing to err on the side of fewer wasted cycles for the majority of their users? I suspect that if a bona fide threat to OS X ever does appear ClamAV will be made available for the client release via Software Update the next day.
Re:Then Rich Mogull Ain't No Security Expert (Score:3, Interesting)
So true. People don't seem to understand how antivirus software works.
A while ago, we were one of the first to be hit by those trojaned flash banner ads that have started popping up everywhere. Our users were posting comments like "don't you run antivirus?" Like there is a single AV product in the world that can identify a flash banner that was maliciously constructed.
I ended up writing my own antivirus flash banner inspector that decompiles the banner and checks for specific strings. It can only detect banner ads that match those strings I have put in there. It works just like any antivirus companies product would.
Eh, I don't know about that (Score:5, Interesting)
Now that aside, the other problem I find is that while their prices are often comparable for a system at a given point, they don't actually offer what many want. The towers are a good example. Yes, actually, their towers are fairly competitive pricewise when you spec out a similar Dell workstation with dual quad cores, lots of registered ECC RAM capacity, and so on. However the problem is what if I don't want that? What if I want a single quad core (or dual core), non-ECC RAM, and so on? There's plenty of cases where this is a much better option.
Let's say I don't have software that scales up to 8 cores. This is fairly common these days. So let's say I'd like a quad core with 4GB of RAM. If I go the Apple tower route, $2800 is the price for that. That isn't unreasonable, since it is a single Xeon, with support for a second one, and registered, ECC RAM, which is really expensive. However, Gateway (or I suppose MPC now since they bought Gateway's business division) would be happy to sell me a E-6610Q with similar specs (HD, video, etc) for about half that ($1300).
Now the thing is, the sort of system I listed is quite useful. We buy a good number of them here (that's why I know about it) for research. There's a lot of cases where someone wants a system that has a good processor, plenty of RAM (we often get 8GB even, which is still cheap) but just really doesn't have use for a full on workstation class system. This is even more true now that processors have gone multi-core. While 8 cores is great, there are just a lot of things that are hard to write to make use of that many. So if you aren't using more than 4, the second processor, and all the associated cost, isn't useful.
That is the main reason I'd say Apple isn't competitive on price. A mid range tower is something that there is a whole lot of market for, but they just don't sell. If you don't want an all in one, your only option is super high end. If you don't have a need for the extra hardware, that is just money wasted.
Same goes for people at home. For example I like to play games. An all in one wouldn't work for me. Sure, I could get a similar monitor (24" widescreen), CPU (Core 2 Duo) and RAM (4GB) to what I have. However I can't get the graphics card I have, and I can't ever upgrade it. That is a show stopper right there, since the core of the system will last a good deal longer than the video card. It'd be a waste to buy a new system when only one component needs updating. Likewise the monitor will outlast the system, again a waste to upgrade.
That's my objection to the argument that Apple is a good value for equivalent hardware. That is true in a narrow sense sometimes, but given that they don't have a solution for a large number of people, it isn't true over all.
Re:It's called a "Disk Image" (Score:2, Interesting)
I'm willing to concede the point that viruses and trojans will eventually hit the mac. However, I don't believe that the sense of security we feel is false. It's based on, in my families case, 12 years and counting without a single infected mac. whereas my younger brothers computer was loaded down and had to be reformatted and reinstalled 2x in the first year he had it.
Anecdotal? Yes! Compelling? Also Yes!
Comment removed (Score:4, Interesting)
I think slashdot Mac users are more vulnerable (Score:3, Interesting)
Running AV to tick off a checkbox. (Score:5, Interesting)
One reason I can see putting AV on a Mac is so people (and companies) can check this box, saying that all their machines that handle customer data have antivirus protection installed, even if the utility is just triggered from a cronjob that does a scan down the filesystem for infected Windows files every so often.
Historically, before OS X, Macs did have some viruses, although relatively few of them were malicious. Before Word macro viruses became common, John Norstead's Disinfectant was one of the more used anti-virus utilities that offered not just scanning, but in memory protection.
Re:AV madness (Score:3, Interesting)
This is exactly how many bars, nightclubs, and restaurants operate. They have a list of "undesirables" (usually with pictures) who have caused problems in the past who aren't allowed in. Bouncers and maître d's are supposed to know the faces on the list.
It's not perfect, but blocking 95% of the problem is better than blocking nothing.
Re:Good idea (Score:3, Interesting)
Recently I converted a friend to the Mac. She was at her brother's house, and wanted to download pictures off his camera. He offered to get the CD for drivers, and she said she didn't need it. His reply was that she had become "one of those smug Mac users." She said she then realized why people like me are always dismissed by people like you. Its like you can't believe that my reality is what it is, and has been for a long time. Do I take security seriously, yes. Strong passwords, SSL connections, and other ways. A good security policy does not have to include AV ware. And until there is some report somewhere of an actual in the wild Mac virus/adware/malware attack, I will continue to run my Macs without any third party "solutions" that often do far more harm than good to your mac.
So don't worry about me too much.
oh, and there is a reason to leave to doors unlocked. to remind yourself to not always live in fear.
Re:AV madness (Score:3, Interesting)
Actually, I do want that solution, and I've advocated it before. What is important, though, is that you can choose your own trust providers (so that the control is not all in a single entity's hands).
Interestingly, this is pretty much what things like apt-get give you. Provided you only install software through apt-get, you get to choose your trust providers (by adding repositories to sources.list), and you can then only install software that has been approved by them.
It works for me. I have about 20000 packages to choose from. They cover my needs. All of them are free software, and none of the ones I have installed have displayed malicious behavior. Did I mention that apt-get also graciously handles dependencies, and makes keeping the system up to date really easy and quick?
Re:It's called a "Disk Image" (Score:3, Interesting)
Re:Nay! (Score:2, Interesting)
I am yet to come across a single case of Dells (or IBMs for that matter) being "cheap" in the sense you mean to use here. They last as long as Macs do. In fact, my home file server is an eight year old Dell running Debian with a stack of USB drives. We have done upgrades over the years - new USB card, bigger USB drives as our storage needs have expanded, etc. But it is yet to cost me an arm and a leg like my wife's Mac cost her when she tried to "upgrade" her Powerbook. Turned out it was cheaper to buy a new machine than do a hardware upgrade. For the same specs, Macs are consistently more expensive, even now when they use same / similar Intel chips as the rest of us. And don't even get into hardware upgrades - its not even funny.
I would have bought your argument if we were windows users - Mac OSX beats windows XP hollow in terms of stability, etc. But our household converted to a complete non-windows situation years ago, and Linux, as far as apps I need in my work are concerned, beats Mac OSX. GNU apps are updated as an afterthought in fink and the entire idea of a closed source OS that could be spying on you for commercial purposes is so last century.
So, if being funnily snooty is what floats your boat while trying to hide the hurt of overpriced hardware that Steve sells, go ahead, but don't think for a second that you are fooling too many of us. My father taught me long ago that paying more for less or the same to appear cool to some shallow friends is adolescent stupidity and most rational people want no part of that.
Mac being higher quality than the competition is an argument strangely akin to the experience that Hillary claims as her own. False, accepted by the uncritical and self-serving at the same time.
Yes, I have anti-virus apps on my Macs. (Score:2, Interesting)
http://www.vmware.com/security/advisories/VMSA-2008-0005.html [vmware.com]
The worst stuff from email with sends all of us junk that hopefully that the mail server will filter out most malware but your system will need to filter any leakers that pass through the mail server.
We have been under the radar of most of the malware writers but as Mac gets more popular we will get a dose of Windows malware pain sooner or later.
Re:Nay! (Score:3, Interesting)
My girlfriend's Dell laptop for example - the plastic feels cheaper, it's bigger and clunkier than more expensive systems, there is some kind of high-pitched inductor/capacitor chirp when you move the mouse around which is incredibly irritating, the screen has a very poor viewing angle, the speakers are too quiet to watch a DVD with when there's traffic on the road outside, etc. etc. I'm not saying it's not worth the money that it costs, it was a very cheap model - but if you think you are somehow getting a no-compromise high quality product at the very cheap end then you're simply not looking hard enough at the products you're buying.
Re:Eh, I don't know about that (Score:5, Interesting)
I'm speaking from years of experience here.
As for price competition, they are competitive. What you're talking about is selection. They aren't competitive in selection. Often a lack of finding what you want ends up with you either spending money on stuff you don't need or getting less than you wanted. Hence the complaints.
OTOH, there's a lot to be said about less selection -> better OS stability. Microsoft's been complaining about the variety of machines they've had to support for decades now.
The selection's the price you pay for a Mac. The price argument is unfair and inaccurate. But on selection, I doubt any mac user's going to argue with you
Re:I already *don't* run AV on a PC (Score:3, Interesting)
Still not confident enough to go commando like you, though.
Re:No (Score:3, Interesting)
So one of the doctors brings his Windows notebook in and plugs it into the hospital network. It's infected by a worm, which quickly infects all the Windows machines in the hospital, no user interaction required. Instant nightmare. The virus more or less took down the network (the only effect us Mac users noticed). Diagnostic imaging was in a shambles. All without anyone even getting the chance to exercise some self control.
Re:Running AV to tick off a checkbox. (Score:3, Interesting)
Virus scanners really are awfully invasive. If there's ever a virus signature for it to match then you can turn it back on.
The problem is (Score:5, Interesting)
1) There is a major segment of the market that Macs don't cover. Basically anyone who doesn't want an all-in-one, but doesn't want or can't afford a high end workstation. They have no offerings for that market. If I was the weirdo for wanting that, I'd be ok with it, but that is the major market out there. There's a whole lot of reason to want a computer like that. For example in our instructional labs, we can't afford high end workstations, not when we are getting 50 computers, nor do we have a need for that power. However an all-in-one is a bad idea. Why? Because monitors last a lot longer than computers. One of our labs has undergone two upgrades to the computers but is still using the same monitors. Eventually they'll have to be replaced, but LCDs last a good long time.
This is a real good thing, because generally it is a situation like "You have $50,000 to spend on the lab." Ok, that's $1000 per computer. Well, $150 not spent on a monitor is $150 that can be spent on a faster processor or more memory and so on. No reason to replace a perfectly good monitor just because the computer is out of date. It is a non-trivial part of the budget that would have to be spent on even a fairly small monitor.
2) All the arguments that macs are "good value for the money." No, they aren't for most people. Most people don't want a workstation, if they did, that'd be the big sales from most companies. However there is very little software that can even make use of all that, let alone people who use it. It isn't a good value to most people so the argument is bogus. It is like trying to argue that an BMW R8 is a "good value" for a normal car. No, it's not. It may be a good value for a performance luxury car, however most people aren't after that. While it may well justify it's $100,000+ price tag, that doesn't change the fact that it is $100,000 and more car than most people need or can afford.
That has always been one of Apple's value problems is this bundling of things people don't need. It isn't that nobody needs them, just that most peopel don't need them. However it raises cost a lot and thus makes it not a good deal for the majority of people. I wouldn't call a Precision Workstation a good deal over all either. If you need those features, ok you get a good price for them, but it still is high priced. You pay a big premium for things like 2 processors and more than 8GB of RAM. It isn't a case where 8GB = $X and 16GB = $2*X. It is more like 16GB = $5*X or $8*X. You aren't doubling the cost to get these things, you are more than doubling it. What's more, they don't double performance. 8 cores are not twice as fast as 4 other than very special cases. As I said, there's precious little that can use all that, and even some of the apps that can (like say a good DAW) don't really have a use for it in most situations. Likewise getting more RAM doesn't help performance unless you actually have apps that need it. Just having more sitting there doesn't help.
There are plenty of cases with PCs where I give the advice of "Don't go above this unless you really need it because it incurs a big premium." The problem with Macs is, you just don't have that option. You want a tower? You get a bunch of expensive hardware, need it or not. Thus it really isn't a good value for most people.
Re:Nay! (Score:3, Interesting)
At the time I bought it, my band mate purchased a Windows machine because it was more economical. He saved somewhere between $350 - $500, compared to my Mac purchase, which was $1300.
In the 10 years that have passed, he has purchased at least four or five new computers, plus sound cards, video cards, it's always something. Don't know how many weeks a year he spends re-installing his system, running antivirus, trying to keep up with the Security Patch of the week, etc. Whenever I asked him if he had a copy of a song that we were working on, his system was inevitably crashed.
I'm still using the same machine. Use it every day. Do a lot of multi-track audio, graphics, web development and the occasional cross-platform client-server relational database development. Bought a bigger hard drive, went through a few monitors, maxed out the RAM (and no, this does NOT void your Apple warranty). It has never required service, although I do open it every third year or so just to blow out the dust. It does 100% of what I need it to and 97% of what I want it to. Ran an antivirus on it once this decade, but I've been using Macs since 1986 and I've never seen an infected Mac.
Never had a single day of downtime in 10 years. I gave the beta version of OSX a shot when it first appeared, didn't like the way it ran on that machine and reinstalled OS9. Never had any real system problems prior to that event or since. Haven't bought any software since 2000, except for ProTools, which I got for half-price from my friend because it just didn't work right on his Windows machine. Five albums worth of material later, no problems to report.
I'm really not trying to be a fanboy, not trying to be smug. If you prefer PCs, then buy them. I'm not going to try to convince you to come over to the "think different" side. You either want to or you don't. Business compatibility issues might also dictate the choice.
The price comparison between Macs and PCs changes drastically when you consider the lifespans of the two machines. Then factor in the time spent trying to keep them running (almost zero for the Mac). Time is money, you know. Unless you can buy at least four budget PCs for less than the price of a Mac, you're going to spend far, far more than the "rich guy".
This is why Apple's market share has always remained so low. They last forever. Truly dead Macs are almost as rare as virus-infected Macs. If you're basing your decision solely on cost, a Mac is much cheaper in the long run. Good tools cost more and last longer.
I'd think it comes down to whether you intend to play games or do some kind of work where your data is important and downtime is an expense, as opposed to an inconvenience.