back to article Speculation mounts over AVG plans for OS X client

AVG bosses aren't saying much, but there's new evidence the anti-virus maker is seriously considering building an application for the Mac. A job posting on the company's website seeks a senior software developer who is familiar with the OS X platform. Responsibilities for the full-time position include the following: …

COMMENTS

This topic is closed for new posts.
  1. Pavlovs well trained dog
    Pint

    computers

    I love my Macs

    But they're computers.

    Designed by people, running software written by people

    they have flaws.

    The costs (fiscal, processor, etc) of running AV are minute

    The costs of a rebuild - not to mention other implications - after a malware attack are huge

    cost benefit analysis = no brainer.

    Simple

  2. Jimbo 7

    interesting ....

    It's thin ice to walk on. Even if you have one MAC developer only, you are going to spend more than $100k/year on salary alone. With current virus situation under OSX (and as MS user I'm really jealous) nobody is going to buy this product (almost nobody). If however viruses pop up, then this might be very good investment from AVG side.

  3. Ben Gibson
    Thumb Up

    <TITLE>

    It's good to see that they are not leaving stupidly late, perhaps OS X anti viral education can be up before the virus poo slinging begins in too much earnest.

  4. Anonymous Coward
    Welcome

    Tombo

    >cost benefit analysis = no brainer.

    Yes but if you don't account for the probability of catastrophe, you're spending billions and billions of dollars incase our Sun explodes and rains down cheeseburgers topped with mustard gas.

    But corny point aside, I run ProtectMac AV on my Mac just because I'm paranoid. (I switched to Mac after getting Keylogged without even knowing it and it never getting caught by AV/Spyware proggies). I could probably get away for years without it though.

  5. Anonymous Coward
    Anonymous Coward

    @Jimbo

    Sorry to contradict, but I'd be putting an AVG client on my G5 (assuming they make a PPC version) I'd also put AV on my Linux boxes assuming some good stuff were available. There is no point waiting until viruses are out there and spreading, before getting AV. Also, it would give my Windows boxes a little more protection.

  6. Anonymous Coward
    Anonymous Coward

    What is portation?

    Just a question. Excuse my ignorance.

  7. Mat Child

    so.

    the big counter argument about MAC OS being relatively virus free compared to windows was it's lack of large-scale presence making it less interesting to the malware writers.

    This was often dismissed by many as not being so, it's just because it's MAC OS is better.

    However as MACs increase their presence so does the presence of malware for MAC to the point where a not insignificant player in the windows anti virus market see it's time to dip it's toe in.

    Coincidence?

  8. ElReg!comments!Pierre
    Happy

    Re: computers

    I don't have macs, however my computers run software written by people, too. The costs of running an AV (on *my* personal machines) are far from negligible (My CPU use barely gets south of 70-80%, on any machine, ever, and I have trouble avoiding excessive swapping already. Not to mention the monetary cost). I keep backups and know my systems quite well (I built them, after all), so the costs of a rebuild would be almost negligible. Not to mention that the way my systems are built, even the worst of malware problem is very unliquely to compromise anything but user data (I typically have *two* backups of these). Oh, and I don't run untrusted code. Especially not with any kind of privilege.

    Now ask me what antivirus I have... a no-brainer, really.

    The machines I take care of at work -especially the luser-exposed ones- are a different problem entirely.

  9. Kevin Davidson
    FAIL

    Cost benefit analysis

    You may want to recalculate including the number of times AV signature updates have wrongly identified Windows system files or third party software as malware and crippled PCs all over the world. Or the hours of productivity lost as your AV software gobbles up CPU time. Or the regular uninstalling, reinstalling and babysitting Norton needs just to allow your computer to work without it randomly crapping out and blocking all your email or preventing VPN connections.

    And how much time would be lost reimaging a Mac using NetRestore or Deploy Studio or even a Time Machine backup?

    Not saying don't run AV software, but be aware it has real costs. And they don't work - you can bet the vxers test their viruses against the latest AV software so there is a guaranteed window between release and signature updates when that virus will spread and infect computers.

  10. Anonymous Coward
    FAIL

    wide open

    After watching a fully patched Mac pawned in 2 seconds this year I no longer trust Apple for my security.

  11. Shades
    Jobs Horns

    Cue the Mactards...

    "We don't need no anti-virus," they will smugly cry "ALL virususes are written for Micro$haft boxes."

    Well, sorry guys you're all becoming victims of your own success. Your only protection thus far has been scale and now you can no longer rely on that. The ONLY reason PCs have more malicious software written for them is NOT <can of worms>because they are inherently less secure</can of worms> its simply because there's more of them. If the percentage of PC/Mac ownership were suddenly reversed then, with current Mac owner attitudes, the volume of malicious software targeting Macs would be far, far greater than that currently of PCs. Every Mac owner I've ever met seems to have the unshakeable belief that their pride and joys are somehow protected by an in-built, by design superiority! As far as I can see nothing is going to change the Mac owners superiority complex any time soon.

    Software companies and Mac owners should be investing in anti-virus software for the Mac NOW otherwise problems created due to malicious software will be far, far greater than that of the PC. Whether or not that Mac owning superiority complex will allow owners to believe that their machines are not infallible is another matter entirely.

  12. Shades
    Joke

    @ElReg!comments!Pierre, Re:Re: Computers

    "The costs of running an AV (on *my* personal machines) are far from negligible (My CPU use barely gets south of 70-80%, on any machine, ever, and I have trouble avoiding excessive swapping already. Not to mention the monetary cost)."

    I'd uninstall Norton then if I were you! ;-)

  13. Anonymous Coward
    Anonymous Coward

    @ ElReg!comments!Pierre

    Me to. I'm using an extremely restrictive software restriction policy that prevents anything not specifically allowed by a hash to run. Its enforced down to libraries and while its a pain in the ass when installing new apps mine it completely avoids the need for AV software.

    I do have a copy of clamwin, but its only ever used to scan incoming files. And no, I wouldn't recommend setting a system up this way for a user, but its more than secure enough for a sysadmin.

  14. Not Terry Wogan
    Black Helicopters

    As I gaze into my crystal balls...

    The fog is lifting! Here are my predictions:

    1) Histrionics about viruses on OS X will steadily increase and be amplified over the next few years.

    2) The fearmongering will be unwittingly bolstered by hapless bloggers and the mainstream press, being manipulated by press releases and the sinister industry rumour mill.

    3) All this will happen as the Windows antivirus vendors start seeing their profits eroded by Microsoft's free antivirus software and become desperate to flog their shoddy wares in new markets.

    Cross my palm with silver to continue, or alternatively perhaps someone could hire me as yet another fraudulent tech futurologist.

  15. Antidisestablishmentarianist

    Always

    I've always had AV software (Intego) on my Mac. Why risk an infection just so you can be a smug git.

  16. Anonymous Coward
    Black Helicopters

    Conspiracy theory

    What's the betting the number of viruses for OS X increases exponentially as soon as the first AV software hits the market?

  17. Mike Moyle
    FAIL

    @ Shades

    re: Cue the Mactards...

    Curiously, as near as I can tell, every Mac user (myself included) posting here is saying that they're smart enough to be using AV software even though the risk at the moment is quite low. The only people who aren't are apparently Windows users who are too smart to ever be caught out by the VXers.

    You might want to rethink your post, or at least turn around -- the smug-bank appears to be rolling in from the opposite direction.

  18. Sean Timarco Baggaley
    Stop

    Meh.

    In 27 years of building, administering and even programming computers, I've only ever had one virus. It was the "Ghost" virus and came free with a cover-mounted disk from ST Format. Circa 1990-ish, I think.

    I've never been stupid enough to let untrusted code run on my computers since.

    Education is the best medicine. AV software is just sticking plasters for the ignorant.

  19. ElReg!comments!Pierre
    Happy

    @Shades

    "I'd uninstall Norton then if I were you! ;-)"

    I see what you did there. Well done sir.

    However, the 70-80% charge I was mentioning was *without* antivirus... as, you see, I don't run any on *my* *personal* machines...

  20. Kevin 6
    Jobs Horns

    @Mike Moyle

    Mactards are generally the most smug people on the planet. They believe OSX is made by some superior being and has no security holes what so ever and love to flame people who disagree.

    About a year back mactards flamed me to high hell when I said it is only a matter of time before malware pops up for the mac they were saying something similar to that there will never going to be a virus on OSX or any malware. And that the reason was not due to OSX being a niche market at the time, it was due to it being the most secure OS ever made and will never need a AV.

  21. Anonymous Coward
    Grenade

    Overhead

    I recently became concerned about the amount of internet traffic that went through our home network gateway computer even when no user was actively using the net. Eventually I uninstalled the anti-virus programs on all the user machines, and the traffic dropped back to what was expected. This is the sort of behaviour one supposes one would experience on getting recruited by a botnet, and I see no reason to put up with it from a "legitimate" program.

    These knobbly hand grenades haven't been used since WWII, or maybe Korea. Forty years ago the US army was using fragmentation grenades that employed a coil of heavy piano wire, indented every quarter inch, wrapped around the high explosive core to get a much more lethal fragmentation effect. These components were enclosed in a smooth ovoid tin can. I don't know what they are using now, but it surely doesn't look like this antique.

  22. proto-robbie
    Jobs Halo

    Bring it on...

    I am sorry, but you Mu$tards out there just don't understand.

    We are protected from on high by our good shepherd Steve; yes he of the preloved liver, and he will bestow upon us system upgrades at a time of his choosing which will smite all the ungodly keyloggers right up their back orifices and drive them back, back and back again, unto the very gates of Redmond itself. Once he's done all today's patents anyway.

  23. Darkhorse

    Antivirus doesn't always work anyway.

    I ran McAfee on my PC and still got a virus, what does that tell you.

    I'm running Kaspersky now.

  24. Robert Forsyth

    Not just Windows popularity over MacOS X

    It is not just Windows popularity over MacOS X that causes it to have more malware. Windows was easier to infect, since the main account runs with admin rights. Until Vista (or XP SP2) MS did not design Windows with security in mind, it was added after the embarrassment of several RPC route infections keeping corporate IT departments busy - it wasn't long ago, have you forgotten?

    My daughter has a game that will not save its progress on her limited account - obviously this is not a major problem for the maker of the game or they would have fixed it by now.

    That is not to say Apple have not done some stupid things, that encourage users to download and run/install dodgy software.

  25. Robert Forsyth

    AV bolt the door after the horse has bolted

    Most anti-virus software seems to act too late - trying to fix after an infection as their primary strategy.

    Monitoring for infection would seem useful.

    Surely securing the system to stop infection, would be a more useful strategy.

    Also, how is a user suppose to answer a question like "Program XYZ wants to access the internet, allow, block, always allow, always block, allow this one time?" And if you always allow, and then it gets infected, what now?

  26. Jeff 35
    Black Helicopters

    They forgot a key job role...

    ...Develop virii for the OSX platform.

    You gotta develop your own market. Just look at what the makers of tamiflu did when they developed swine flu.

    /yes, I know I'm paranoid. Still doesn't meant they aren't out to get me.

  27. Anonymous Coward
    Anonymous Coward

    Aaw, this is one of those days Windows users have been waiting for such a long time

    I'm not a Mac user myself but I'm still not convinced the danger is that big (note I did not say there isn't any danger). To me it seems a solution desperately searching for a problem so I tend to agree with the poster who connected this to the potential market loss caused by MS getting into this business.

  28. Anonymous Coward
    Anonymous Coward

    I'm with Sean and Robert

    AV software robs valuable CPU time and locks the stable door a long time after the horsey is in the dog-food chain.

    The predominant problem on windows that requires the use of AV is the fact that the default account setup has always been Admin. If it were basic user there wouldn't be nearly as much success with viruses and (more so) trojans. Macs have an automatic "you downloaded this from the internet do you really want to run it" warning to forewarn you that you might be about to get fucked over. The only area you'll damage is your own little sandpit. Most AV software has a success rate in the 80%-95% range so there's the 5% that can still get you.

    Viruses and trojans rely on what's in front of the computer not what's installed on it. I have no intention running AV software on a Mac or Linux and, due to how the machine is used, I have precious little need to.

  29. Glen 9
    Black Helicopters

    AVG vs Norton

    It's at time like this that I prefer to be a Windows user instead of a Maccer. I know the world (wide web) is a dark and dangerous place so I take adequate precautions and run AV and all because if I didn't I would expect it would be dead within an hour of surfing the internet. Poor unsuspecting mac users waiting for a killer virus to come along before bothering to do anything. Like building defenses and castles and such after you have been invaded and destroyed.

    Norton is paranoid that every thing is out to get it so ends up killing itself and what it's trying to protect by working too hard. AVG sits there reasonably until a threat comes along. I currently have Firefox, AVG, iPlayer and Spotify open and using an average of 2% CPU which goes to 20% during a scan. Np.

    Helicopter because I will be in my (metaphorical) one laughing at the Mac fan boys when they realise that they have lived a lie and wake up and find their hard drive's been wiped.

  30. Anonymous Coward
    Thumb Up

    Will it sell?

    Mac users are a self righteous bunch who think nothing can trouble them, so it's the Devil's own job to convince them that AV is a good and necessary thing on all platforms.

    I say that as Mac owner, I don't run MS anymore but I brought a lot of lessons learned from that platform. I run a free AV on my OSX, not perfect but suitable for the threat level as it stands on OSX right now. N=My data is too precious to let some piece of scum virus writer mess up my stuff, 'cos Lord and saviour of computing Mr Jobs thinks his OSX platform is unbreakable!

    Better safe than sorry.

  31. Ty
    Jobs Halo

    hahah you funny bunch!

    Listen, numbskulls.

    OS X 8 years - NO viruses.

    (Go look up Trojan. It is NOT a virus numbnuts)

    There are 120000+ Windows viruses and not ONE Mac OS X virus.

    Do the maths.

    OS X is secure against viruses (so far)

    There is NO point in AV software on a Mac - you are looking for something that does't exist.

    AVG are jumping on the bandwagon and taking advantage of IGNORANT PC to Mac switchers.

    You sorry Windows zealots are jumping at this little glimmer of hope for a Mac virus! Sorry - you have a long wait.

  32. Toastan Buttar
    Black Helicopters

    I think there's a market here

    I don't run AV software on any of my net-connected machines at home (Windows XP SP3 x 2, Nintendo Wii, Nintendo DS and an Elonex OneT). The Windows machines rely on Limited User Accounts for safety and this configuration has served me well for over 2 years.

    I was having a look through an Elonex forum and a question that pops up quite regularly is whether you can download or purchase AV software for the OneT. It runs a weird flavour of Linux on a non-x86 CPU ! So if people think that AV software is required for a fringe machine such as this, and you combine this with the fact that trojans DO already exist for the Mac, I reckon there's a ready market which can be exploited with judicious paranoid advertising.

  33. CheesyTheClown
    Happy

    AVG Outlook mail for Mac viruses?

    First of all, WHO CARES?!?!?! There are tons of companies out there who consider making Mac software at some point. The real shock should be "You mean they don't have one already"... or "I'm a Mac user, who the heck is AVG and why does it matter, I have a Mac they don't have viruses.... I think"

    I would sincerely hope that AVG has dozens of Mac developers doing nothing more than dissecting all Mac virus threats that are out there so that AVG would block Mac viruses from getting past their windows product. Just because your computer is protected from Windows viruses doesn't mean you should be forwarding mail with Mac viruses to other people.

    In my experience, the false security Mac users feel as opposed to the general paranoia Windows users experience makes Mac OS X one of the least secure operating systems ever since all a virus needs to do in order to install on a Mac and do damage is to ask the user for permission and 99 out of 100 times, they'll get it.

    It's the responsibility of paranoid Windows users to protect the innocent and unsuspecting Mac users who actually believe their "Hi, I'm a Mac" commercials from themselves. I hope AVG takes that seriously

  34. Anonymous Coward
    Anonymous Coward

    RE: Not just Windows popularity over MacOS X

    "It is not just Windows popularity over MacOS X that causes it to have more malware. Windows was easier to infect, since the main account runs with admin rights. Until Vista (or XP SP2) MS did not design Windows with security in mind, it was added after the embarrassment of several RPC route infections keeping corporate IT departments busy - it wasn't long ago, have you forgotten?"

    It's still the case with both Windows and OSX, although both of those only expose the admin privileges if you re-enter your password.

    Most viruses now target user naivety rather than specific holes. It doesn't matter whether you're running with your admin privileges already on or whether you're behind something like UAC - if you interactively run a program that requires admin privileges then you'll give it those privileges.

  35. imposter
    Alert

    I'm not with Sean and Robert

    In theory Windows has UAC on vista, and 7, and XP is ancient. And on top of that, have you ever tried gaming without admin rights? Have fun with that. Installation, writing log files, failing to do so, crashing or not loading.

    I'd guess that macs and windows aren't that different in security terms. At the end of the day the weak point is the end user. I've had 2 or 3 viruses breach my browsing habits, one was from another PC on the network which I thought I wasn't on (whoops) which *is* utterly compromised, one was from a legitimate site that got hacked, all of them get cleaned up by my AVG free. I use a few security add ons in firefox but mostly I avoid really dodgy sites and I suspect I'm a hard target to social engineer (though to say I'm impossible would be the same level of hubris the less educated mac owner experiences). Ther biggest weakness of any OS is the user. Not having admin rights is great in theory but in principle it's a lot of hassle to do anything. The biggest hole to close up is the user either way, and as such, mac users security is compromised by their propaganda. The standard (non reg reading sort,) lusers are cocky by and large, but they are getting viruses. And it will become more and more important to secure their system, ideally before it's an epidemic.

    Virus software isn't perfect, but it's a damn site better than nothing and for a careful user usually *will* stop everything.

  36. Alexis Vallance
    FAIL

    Zzzzzz

    Yawn. Yawn. Yawn.

    Market share blah more users blah been saying same thing for 8 years blah.

    Getting boring guys. This thread is just full of the self rightous who like nothing more than to proclaim the end is nigh.

  37. Anonymous Coward
    Happy

    Blah, blah, blah

    Predictable self-justifying output from the Windoze crowd.

    I understand that you've bought the system, installed the antivirus, upgraded the antivirus, paid for the upgraded antivirus, installed some more antivirus because "my system's running slowly, it must be a virus", paid geeks-on-wheels to "remove the virus", watched your expensive multiple antivirus and firewall solutions be deinstalled, paid for geeks-on-wheels, paid for their recommended antivirus, and on, and on, ad nauseum, BUT, you know, that's your choice, don't try and blame us or attempt to justify your actions (and expenditure) to us, we just don't care.

  38. Anonymous Coward
    Megaphone

    My thoughts

    I first came across anti virus software in the early 90's and was surprised when I read Norton's list of virus types. There where so many that they listed as not being seen in the wild yet? So how did they know about them? I came to the conclusion that perhaps they where writing code for infection, what better way to create a market than to create a threat.

    Ultimately it comes down to the user and how they use the machine they are sitting in front of. I think that in the past, a lot of irresponsible people could not afford or want a Mac, because you can't play games on it (their cry). And a PC is cheaper. (Look mom I'm a computer expert as I've bought and plugged in some components...designed to be plugged in) . These same people are also unwilling to pay for authentic software, so off they go to get cracked copies, which they circulate to all the other freetards, together with its payload, and together with a flawed OS like Windows you have the scene set for mass infection.

    I've seen so many people in the corporate environment try to open every type of attachment regardless of where it came from, failing (but not failing to install the virus or Trojan), and then sending it on to other people to see if they can open it?

    I firmly believe that the user is the weakest link. Its not helped by an operating system that allows easy installation of any software. In this respect I think that the user base of OS X is more responsible, as if they can afford the kit, they can afford the authentic software. A recent case was of the appearance of either Iworks or Ilife on the torrents, It had a Trojan embedded in it. Since both of the programs only cost £69 each, the freetards got what they deserved. Russian proverb "only free cheese is in mousetrap"

    I moved from windows to OS X about 3 years ago and would never go back. Even Norton, Zone Alarm and others failed to protect the machine, when Laurel and Hardy are your castle guards what chance do you have? At least with OS X the castle has a few less open doors.

    It always makes me laugh when they have these so called contests to break into a machine. Oh look he cracked it in less than two minutes! (by using the carefully scripted strategy that he worked on for months in advance?). Funny how they always target the Mac? nothing to do with the fact that they get to keep the machine they cracked? After all who'd want a machine running MS? resale value next to nowt.

    So as a happy OS X user I use ClamXav occasionally, and for my Parallels & Windows partition (must have my fix of DoD), AVG, as it's just not good form to forward on Windows virus's and Trojans.

    People are stupid and too trusting these days. In the past, the Bear, Lion, Wolf, or Local murderer, would have got the trusting idiot, hence keeping the idiot gene reduced in the overall gene pool. These days you see them every where, idiots breeding out of control, covered in tattoos and piercing, baseball caps on back to front (the original IQ minimiser) and they all look like Gregory McCalium

  39. Anonymous Coward
    Go

    For those concerned about PC resources being swallowed by AV...

    Consider the Yoggie GateKeeper products which are hardware solutions and I believe available for WIn and Mac, possibly *nix to? Not the cheapest granted but a viable alternative I think...

  40. Peter Mc Aulay
    Thumb Down

    AV software is snake oil

    AV software has always caused more trouble for me than actual viruses. I've had to deal with major virus damage exactly once, back in 1992 when I was hit by the Tequila virus. I've had to clean up OS damage from broken AV software at least ten times, and the countless other little annoyances and the constant performance hit was never popular either. To me this is simply not worth the bother any more. And then there's the confidence inspiring experience (not) of all the virus-infested PC's I've seen which do have AV software running, sometimes even up to date! I've been AV software free for 5 years now and somehow the world has failed to end :)

    Properly securing your box and network and paying attention while you work is by far the best protection, no matter what OS you run. Tis free, too.

  41. Shades
    FAIL

    @Mike Moyle

    No, no, no. When did I mention Mac owning Reg commentators? I said people *I* know, not people I don't. I even qualified this with the statement "Every Mac owner I've ever met,". However, contrary to your comment there still appears to be quite a few Mac owners, even here on ElReg no less, that have the belief that the Mac is imbued with some miraculous god-given power of impenetrable self preservation. It's not these (Reg reading, knowledgeable?) users we have to be particularly worried about its the common-or-garden users being allured by the shiny "cool" factor of the Apple brand. Users that are being handed down the invulnerable attitude, users that will refuse to give AV a second thought... until its too late.

    Still, the lure of writing malicious software for Macs will not solely be the machines themselves, it will be the attitudes of those machines owners. Even having AV software will only get you so far, how exactly does it prevent social engineering based attacks when (certainly many) owners have been led to believe they can click on anything with impunity? Without proper preventative measures AND early education it is these users that will find themselves in a far worse situation than their PC owning counterparts. Apple themselves are even permeating the air of invulnerable superiority... Compare how many Apple geniuses will extol the virtues of AV software with those in the PC world? (not *the* "PC World", they'll just try to flog you Norton... then try to sell you more RAM or a bigger HDD because your PC has just suddenly ground to a halt!) Well, if they do I've never met one.

    Personally, I don't actually see any smug-ness coming from the other direction, I see, having learnt the hard way, words of caution. Instead of listening to the voices of experience Mac owners, being highly disdainful of anything a PC owner has to say (about their chosen religion), see this as some kind of personal attack upon their machines.

    Where's the "Failed Fail" icon?

  42. Toastan Buttar
    Troll

    @Ty

    "There are 120000+ Windows viruses"

    ...and how many represent any kind of threat against a fully-patched Windows computer running XP-onwards ?

    "(Go look up Trojan. It is NOT a virus numbnuts)"

    I know that, you know that, and 99.9% of we Reg commentards know that. The important thing is that it's a nice scary word to use when advertising your AV product to mainstream computer users.

  43. ThomH

    Apple's major anti-virus advantage...

    ... is that whatever happens, they'll always be too arrogant to ship a machine with anti-virus software pre-installed. Which should eliminate 90% of the real-world issues with anti-virus software, i.e. the manufacturers install whatever's cheapest, let it throw in every single one of it's tenuous marketing-led latest features and don't care at all about the end result. It's not a problem for anyone who reads this site and is therefore capable of maintaining a Windows installation, but it is, I think, the main reason why anti-virus software has such an awful reputation.

    That said, maybe it'll go the other way around and having to actually compete on shelves for every user will lead to a manifold increase in useless system hogging marketing-led features and a desire to create a "just works" as commonly misunderstood Apple installation will make them all non-optional?

  44. Jess

    but..

    Antivirus software only reliably protects against known threats. There are no viruses for OS X yet. So you install a piece of software with an empty database, hoping that if a virus comes, the signature will get to you first.

    But then a real Mac Virus would be such news, that you'd get as much warning as you'd need.

    (I run firefox/noscripts or netsurf on any system I use and plain text email, I'm always behind a router, be interested to know any vectors an OS X (or linux for that matter) virus would use)

  45. James O'Shea Silver badge

    Mac a/v

    I've used Macs since 1984. There was a time when every Mac under my control had a/v software installed: that was in the 1980s and 1990s, when there actually were viruses and other serious malware out for Macs. At one point there were actually more assorted malware for Macs than for PCs... (Any of you lot remember 'Scores'?) and some of 'em were literally written by script kiddies (anyone remember the VIR and WDEF viruses, written by a 14-year-old in New Jersey and which were so widespread as to make it onto CDs shipped by at least two major software houses and one major Mac magazine?) (No, I'm not making that up...) When Apple set up what would become .Mac and then MobileMe, one of the items they used to attract users was a free install of the Virex a/v system. (Someone commented that Apple is too arrogant to ship a/v with their boxes. On past behaviour, they most certainly would make a/v software easily available... for free.)

    Over time the malware swarms went away... and not because of marketshare. Entire classes of malware were rendered inoperable by changes in the APIs for System 6. More were obsoleted with System 7, and lots more with OS 8, and pretty much the lot with OS 9. The last serious Mac malware was the autostart worm of 1998... which was easily blocked (turn CD autostart off and it couldn't install...) and which in any case went tits-up on contact with OS X.

    For a long time I used John Norstad's free a/v tool, Disinfectant, which handled all known Mac malware except for Microsoft Office macro malware. I also used Virex. Disinfectant was discontinued after about 10 years of use, in 1998. Virex was kept up to date... except that it didn't have anything to do. And, worse, starting with Virex 7.x, it would eat incoming email if it thought that there was malware in it, and it had very strange ideas about what was and wasn't malware. (The guys at Virex never got that fixed; the last version I know of no longer scans incoming email.) I dumped Virex and since have (on occasion) used ClamXav... which takes a Very Long Time(tm) to scan, and has never found anything.

    If, and it's a big if, there is again a real malware threat for Macs, the way it was in the 1980s and early 1990s, I would again install a/v. Norstad is still writing code, I'm sure that he could deliver a modern version of Disinfectant in a very short time... if it were necessary. I might install AVG for Mac; I use AVG on my WInboxes, and it's fairly reliable there. But first I'd have to be convinced that there was an actual threat, and that using the a/v software was of a greater value than the problems it causes... such as the way Virex ate the email. Last week I spent time fixing my mother's machine, she had made the error of installing Computer Associate's Internet Security Suite on her machine... and CA ISS would, randomly, Do Something(tm) while downloading new virus definitions or while scanning for malware (and its scan speed was almost as bad as ClamXav...) which would cause Windows to crash and restart. I repeat: the a/v software would crash the system. On occasion as often as three times a day. CA ISS has been replaced by AVG and the problem has gone away. (CA non-support said that the problem was caused by a conflict with another a/v system. They couldn't explain how this could be given that AVG was installed on the system _after_ CA ISS was deleted...) I have no desire to have a/v software pull that kind of crap on my Macs... and right now there is no reason to install a/v software because there is no current threat.

    It's really that simple. There's no threat, so why install a/v?

  46. Anonymous Coward
    Anonymous Coward

    RE: Stuff

    "I moved from windows to OS X about 3 years ago and would never go back. Even Norton, Zone Alarm and others failed to protect the machine, when Laurel and Hardy are your castle guards what chance do you have? At least with OS X the castle has a few less open doors."

    OSX and Windows are as secure as each other. For a while, Vista was more secure then OSX (supported NX bit, ASLR). In fact, I would say that sudo is a fairly insecure tool - since by default it caches your credentials for a number of minutes, a piece of malware could actually infect your machine after you've run a legitimate program. At least UAC in Windows doesn't do this at all.

    It's important to remember that most infections are caused either by malware that has exploited an already-patched hole in a horribly out-of-date system, or by a luser running a dodgy program, which can affect ANY OS.

    For the record, I own a Mac and use both OSX and Windows. I'm amazed at how many people blindly accept Apple's marketing line that OSX is inherently more secure than Windows. With the SDL, Windows is a lot more secure now than it has ever been.

  47. Ebeneser
    Alien

    Re: Mac/av

    James O'Shea sums things up nicely.

    You've got three view points:

    1) Knowledgeable about the reality of the situation and lack of threat

    2) Ignorant of reality, and scared of what might happen

    3) Vested interests in making sure that viewpoint 2) is encouraged as much as possible in order to profit from it.

    Sounds a bit like Al-Qaeda and the threat from muslim, extremists.

  48. James O'Shea Silver badge

    and another reason...

    another story elsewhere in El Reg illustrates exactly why it's not a good idea to install a/v software in the absence of a real threat... Once again, a/v software, from McAfee this time, has decided that system files are malware and is deleting or quarantining or otherwise preventing them from operating, with disastrous results. If there was a real threat, then perhaps the risk of a/v software running amuck might be justified. In the absence of a real threat, though...

    It should be noted that McAfee are the vendors responsible for Virex on the Mac, and Virex is the a/v system that used to eat email. A quick trip to <http://www.mcafee.com/us/enterprise/products/system_security/clients/virusscan_for_mac.html> might prove edifying. Click on the 'datasheet' button and see what happens. And note that apparently Virex, all these years later, _still_ can't scan incoming email. They had to delete that feature a _long_ time ago 'cause it would eat _all_ email, not just email with malware, and apparently they have never been able to make it work, 'cause it ain't mentioned on the site. Meanwhile, email scanning is still a feature of McAfee for Windows. <http://home.mcafee.com/store/package.aspx?pkgid=276>

    But, hey, Mac users have no a/v antibodies...

  49. Mike Moyle
    FAIL

    @ Shades

    Re: @Mike Moyle #

    "By Shades Posted Friday 3rd July 2009 10:38 GMT

    No, no, no. When did I mention Mac owning Reg commentators?"

    ...My bad -- When you started your post with:

    "Cue the Mactards...

    We don't need no anti-virus," they will smugly cry "ALL virususes are written for Micro$haft boxes."

    Well, sorry guys --> you're <-- all becoming victims of --> your <-- own success. --> Your <-- only protection thus far has been scale and now --> you <-- can no longer rely on that. "

    I (apparently foolishly) thought that when you said "you", you were using the second-person plural and referring to the people to whom you were speaking, rather than to the people that you don't mention until better than half-way through your post.

    Silly me...

    As to your second point, that "contrary to your comment there still appears to be quite a few Mac owners, even here on ElReg no less, that have the belief that the Mac is imbued with some miraculous god-given power of impenetrable self preservation"; you will, I trust, grant that AT THE TIME THAT I POSTED, the only people IN THIS THREAD who were claiming that they didn't use AV software WERE non-Mac users and that -- as I stated -- the mac-users posting to that point WERE using AV software despite the currently low threat level.

    If you're going to go outside of the article and thread that you're commenting on for ammunition (and I will acknowledge that, in other threads, there have been people who HAVE made the claims that you say), then I'll mock your prescience in all things Mac by referring to all of the posters here since the Reg began who have claimed that "Apple will be dead in a year".

    ...It's as least as logical...

    Where's the "Failed Failed fail" icon?

  50. ElReg!comments!Pierre
    FAIL

    @ Shades and Mike Moyle

    I think you'll both find that there a considerable amount of difference between "my OS is inherently secure and I don't need AV" and "my _systems_ are inherently secure and I don't need AV". Mac OSX, Windows, and even many Linux distros are _not_ secure "out of the box". But they can be made somewhat secure. Maybe not completely bullet-proof but secure enough to make any half-arsed signature-based AV software a bloody security _hazard_ (not to mention the strain on resources).

    That is all.

    Where's the "Failing bucket of failed fail" icon? :-P

  51. James O'Shea Silver badge
    Grenade

    @shades et al

    There is, simply, no significant threat for Macs. There are trojans... most of which hang out on porn sites pretending to be codecs. There ain't nothing, on _any_ site, that I want to see badly enough that I'd download a codec from j-random-site; I've got Perian, Apple's MPG-2, and Flip4Mac installed, if something needs a codec that's not in there I don't need to see it. There are other trojans which pretend to be installers for such things as various Adobe and Microsoft products; I either already have those products, installed from disc, or I don't want them, I'm not about to steal them. There are phishers; I don't click on 'click here' lines in email sent from places I don't have accounts with (Paypal, Bank of America, Barclays...) and if I do have an account there (MobileMe) I check the headers; I suspect, for example, that Apple is unlikely to be sending me something stating that my account is about to expire, in June, when I _know_ that it expires in December, and that Apple is _extremely_ unlikely to be sending out such notices using MSOE 6 from a server in St. Petersburg, Russia. And I have my accounts set up in bookmarks in a browser which does not use ActiveX and has scripting turned off except for the scripts _I_ want to run. If I want to go and check an account, I launch the browser, select the bookmark, do what I need to do, and then shut it down. I do _not_ 'just click' There aren't any exploits where a browser on a Mac (or on Ubuntu) can be hijacked merely by going to the wrong site; there are several where some guys try... and I get to see an .EXE file attempt to download in plain sight and utterly fail to install 'cause .EXEs can't run on OS X and I don't have WINE turned on in Ubuntu. And I have a proper firewall, including Little Snitch on Macs, which checks each and every outgoing TCP/IP connection and squeals if it's not approved. (Hiya, Adobe and Microsoft products, no you _CAN'T_ phone home, I won't let you except where, when, and how _I_ specify.) And I'm running as a standard account, not as admin, or, heaven forbid, root. The only way stuff gets installed is if it pops up a dialog and asks for my admin username and password... and I'm not entering that stuff unless _I_ started the install. Please note that all of this, except Little Snitch, is free, and Little Snitch is shareware and cheap. And I could use the free version if I was cheap, and willing to restart Little Snitch every three hours.

    I haven't had a Mac virus on any system I'm responsible for in well over a decade (not difficult, the last serious Mac malware was the autostart worm from 1998 and that thing never got onto any of my machines 'cause I was running with proper security even in the days of OS 9...) and have not had a Windows virus beyond items emailed to me and detected and destroyed as soon as they arrived for almost as long.

    But Mac users don't have a/v antibodies... Yeah. Right. A/v systems ain't coming onto _my_ Macs unless and until there is a real-world threat out in the wild which poses greater danger than the known drawbacks of a/v software. Little Snitch, for example, has used a whole 0.91 seconds of CPU time since I last rebooted this particular Mac, at around 12:35 Eastern time on Friday; it's now Monday, 15:50 Eastern. It currently is eating a whole 4.25 MB of RAM out of the 4 GB of RAM on this machine. And it doesn't do things like delete system files (or my email!) while it does do exactly what I want it to do, no more, no less. The day that a/v software can do that is the day I install it short of a real, verifiable, real-world threat. Which does not exist. Meanwhile, a/v software is even as I type eating people's system files...

    If anyone wants to waste CPU cycles and RAM 'protecting' themselves against a non-existent threat, well, I can't stop them. (Hey, guys... if a real threat ever does appear for Macs, why do you think that current a/v systems will be able to detect it, and if detected, actually do anything about it? Wouldn't the a/v systems be completely clueless until someone gets hold of an example of that threat and can devise a fix for it?) I personally will not waste time, or especially money installing a/v on systems which are not threatened. If this makes me smug, so be it. I've been smug for well over a decade now and see no reason to change.

  52. James O'Shea Silver badge

    a/v strikes again

    CA a/v just ate WinXP system files. Gee. What a surprise.

    But Mac users don't have a/v antibodies...

This topic is closed for new posts.

Other stories you might like