Apple Products and Virus Protection
July 2, 2014 4:35 AM   Subscribe

Just wondering if I should be doing more to protect my Apple Products for viruses and malware, etc. Should I be more proactive?

We are PC based at work, so our IT support team has several virus protection and malware stuff that they manage and update regularly.

At home, I have a PC laptop, a MacBook Air, and Apple iPhone and iPad Air. On my PC at home, I use various virus protection scans, malware scans, etc, to ensure that I try and keep my PC as clean as I can.

I don't have anything on my MacBook Air (or iPhone and iPad Air). I have read over the years that Mac's rarely get viruses, they hardly get attacked, their market share is so small that hackers don't target them, etc, so I am wondering if I should leave everything as is, and do nothing, or should I be more proactive and try and protect my MacBook Air (and maybe do something to protect my iPhone and iPad Air, if this is even possible?)

Just curious. My MacBook Air was quite expensive and I would like to protect this investment.
posted by dbirchum to Computers & Internet (17 answers total) 12 users marked this as a favorite
Yes. Macs get viruses too. Use Sophos for Mac, it's free.

Do you need it? Yes. The chance of you getting a virus is low, at least if you're sensible, but the cost is high. Maybe you type passwords on your mac that are quite important (your primary mail account, online banking, etc.)
posted by devnull at 4:48 AM on July 2, 2014 [2 favorites]

Two tips to stay secure -

1) Make sure you keep your Mac up to date with regular software updates - don't put off the system updates, especially. Run Software Update once a day.

2) Pay close attention where you download software from. Stick to the software vendor/project's official web page, or install it from the App Store. Torrented apps may be trojans, popular freeware from odd software repositories are likely trojans.

AV software isn't really needed for the security of the Mac, Apple typically keeps ahead of the AV makers in securing their systems and locking down avenues of exploitation before they can be widely exploited, but AV software does do a good job of cleaning up files from PC's that are infected that could infect other PC's if passed along.
posted by Slap*Happy at 5:11 AM on July 2, 2014 [1 favorite]

There has never been a "true" virus for the Mac that I've ever heard of: There are proofs of concept and demonstrations, and there's malware that requires the user to type in their own password to proceed (don't do that), and there's annoying bundled software that brings along terrible browser toolbars - but if you pay attention to what you're intentionally installing on your own system, you should be fine. Saying "install Mac antivirus anyway" isn't like vaccinating against an unlikely infection; the hypothetical path of attack for a true Mac virus is unknown, so all antivirus can do is try to watch out for purely theoretical enemies coming along paths determined by educated guesswork.
posted by Tomorrowful at 5:18 AM on July 2, 2014 [4 favorites]

As for the iPhone and iPad, you should keep up with OS software updates. There's nothing more you can or need to do. The OS is quite locked down and the App Store is curated. I haven't ever heard of a malware attack on iOS.

(Perhaps it goes without saying, but this assumes you haven't jailbroken your iOS devices. If you've jailbroken them then all bets are off as far as security.)
posted by alms at 5:26 AM on July 2, 2014 [1 favorite]

I know Apple employees on the Apple campus. They do not run virus protection on their Macs. You won't find it on the Macs in their stores (and if any Mac was a candidate…).

I don't run it. I don't ask my users to.

Be more worried about good backups.

This is good advice.


Malware detection.

If you got a true virus on your system you would be famous.

iOS malware: Be safe and you'll be fine. If your running App says it needs access to your Address book maybe you need to think about why and look into the app. As far as I know no popular apps have had malware. Some of the ones that have had it didn't do much to the device (most likely just stole your Address book).
posted by cjorgensen at 5:54 AM on July 2, 2014 [5 favorites]

Are you using Time Machine? As well as backing up your files, it takes snapshots of your system, so in the very unlikely event that you get a virus you can just roll back to when you didn't.

Personally, I think Time Machine is one of the best parts of OS X. Simple to use, unobtrusive, gets the job done. I'd focus your energies on setting that up, if you haven't already.
posted by Georgina at 6:02 AM on July 2, 2014 [1 favorite]

Just wondering if I should be doing more to protect my Apple Products for viruses and malware, etc. Should I be more proactive?

I'm on my Mac for hours a day and all over the internet. Never had a virus problem. I do get alerts from websites that my PC is unsafe and unprotected and I should download this PC virus protection software RIGHT NOW BEFORE YOU LOSE EVERYTHING. I just laugh.

posted by Brandon Blatcher at 6:09 AM on July 2, 2014 [1 favorite]

There's a lot of optimistic misinformation in this thread. Don't forget about trojans, worms, bots, zero days, other security holes in software. Oh well. Here are 600'000 reasons straight from the horse's mouth: Apple drops virus immunity claim for Macs.
posted by devnull at 6:27 AM on July 2, 2014 [1 favorite]

Apple did that after there was a proof of concept virus. It seemed prudent. There still hasn't been a real attack of any significance.

You are correct though. People are parsing their words (I did). There are differences between trojans and bots and viruses. Most exploits on a Mac have nothing to do with Apple. They are in Java or Flash or Acrobat. This is why Apple stopped shipping these in the OS. They got tired of the zero day exploits in their golden masters (pre zero day?).

If you leave Gatekeeper enabled and practice even modicum safety you'll be fine. Don't install software you don't trust. Only get software from sites you trust. Don't install anything to speed up your mac or clean it. Stay away from shifty things. Don't run as an admin.

I don't install Flash on my personal boxes. I then enable the developer menu and tell the world Safari is an iPad. Way better surfing experience for the most part, though some sites do insist on giving me the mobile version. I also don't install Java on my personal boxes.

I worked for a Fortune 500 company and we had virus policies for the macs off and on and I would say every single time they forced one on us it ended up negatively impacting the performance of the mac. It became the virus. You couldn't get me to put it on a mac these days, but if I had a gun to my head I'd probably pick ClamXav, but only after thinking long and hard about whether or not I'd survive the bullet.

The last malware I remember was Mac Defender. Which ironically hit people trying to install antivirus software.
posted by cjorgensen at 6:49 AM on July 2, 2014

Another thing I'll mention quickly is that the majority of malware on the mac has just been an annoyance. It usually just messes with your usage of the Mac or maybe moves some files to the trash (or deletes them).

Hell, I could create a shell script with:

rm -rf /*.*

and it's technically malware. I'd say if you ran that you get what you deserve.
posted by cjorgensen at 6:53 AM on July 2, 2014

Not necessary as they won't protect you from Java and Adobe assaults. Keep up to date, don't fall for free anything, bee aware where you are downloading from and you will be fine. One caveat though, some companies policies require "due diligence", which means you most likely need to have an AV software installed and running if you are using your Mac for business.
posted by Gungho at 8:36 AM on July 2, 2014

There's a lot of optimistic misinformation in this thread. Don't forget about trojans, worms, bots, zero days, other security holes in software.

Here's the deal, tho - running AV packages on a Mac won't necessarily protect you; it's unproven mostly because Apple generally keeps ahead of the malware devs, and has more resources to toss at the problem than Sophos or whoever.

AV on the Mac is mostly a tiger-repelling rock.
posted by Slap*Happy at 10:03 AM on July 2, 2014 [1 favorite]

Show us your source.

OK. Here you go. As the article illustrates, Apple is very pro-active in defending their platform, even to the point of ticking off large scale users and major devs. This stands in contrast to some other notable system vendors we could both name. Here's a quick and dirty overview on Apple's File Quarantine and Xprotect.

Twenty years of doing this stuff for a living, and I've seen more compromised Solaris systems than hacked Macs.

Tell you what, show us your source that shows malware is a day-to-day threat for Mac users, and independent studies that show third party AV is more effective than simply turning on Gatekeeper and running Software Update on the regular. Most claims that Apple's built in security is insufficient and causes operational problems come from AV developers or research firms paid by same, not admins at large installations.

(Oops, this was in reply to a justly skeptical, if kind of rude, challenge to my post above. Not gonna asks the mods to delete this, as it dives a bit more deeply into the tech end of the original question.)
posted by Slap*Happy at 6:07 AM on July 3, 2014 [2 favorites]

Been running computers at home and work on a wide variety of OS'es since the 80's, including businesses where security is a serious issue. I've never had any antivirus on a Mac and I've never had any problems even where Macs were running 24/7 without any particular firewall protection.
posted by mzurer at 6:14 AM on July 3, 2014 [1 favorite]

One of the things I like to do when I get into this debate with a diehard person that says Macs are just as susceptible to viruses as PCs is to hand one of these guys a Mac and ask for them to get it infected. It's the build I give some of my users: Non-admin local account, default security settings in place, firmware password.

We generally have to agree on what infected means. I ask them to document their steps in case they succeed. What I plan to do if anyone ever manages to actually do this is to then see if the AV software this person is in siting I need would have actually stopped the attack.

I managed a fleet of 300+ Macs for a decade. We had tens of thousands corporate-wide. As mentioned above, we ran AV programs off and on depending on corporate's current policies and our current VP's comfort with non-compliance.

The last virus I ever had on a Mac was prior to system 7.6 and was in 1992.

To be fair, if you take the same basic precautions on a PC you won't get hit either. Microsoft has a fine AV program (free) and if you stay patched and run with recommended settings you'll be fine. The only difference is a lot of what is "best practices" on a Mac is essential on the PC. There's no way you could get me to run as an elevated user on Windows. There's no way you could get me to run without AV.
posted by cjorgensen at 8:15 AM on July 3, 2014 [2 favorites]

OSX is built on top of BSD, and is as susceptible to attacks as any *nix system can be...especially after using the system over time (where little things like opening new services, installing 3rd party browser plugins, and bypassing built in security can occur to get something done in a rush).

There has never been a "true" virus for the Mac that I've ever heard of...

Just off the top of my head, Flashback was fairly recent and substantial. And while it required someone to be fooled into installing a fake flash plugin, it was a method not unlike what we've seen on Windows and should serve as a warning of things to come as Apple products gain more popularity...not necessarily something Apple was able to patch out indefinitely, and not something Apple will always be able to handle right away. The problem with this kind of thinking is that it is ignoring a huge multi-billion dollar/yr cybercrime industry. The moment online criminals find ways to siphon money off of Apple users is the moment OSX and iOS become new low hanging fruits. It's nothing personal, they tend to latch on to new sources of revenue like fads and don't care what technology is being exploited. And yes this goes for iOS as well...just the fact that iOS can still be jailbroken should be troublesome...because if we can do it to enjoy more features of our phones, so can attackers to enjoy silently root-kitting and recording our activity and reliance on the devices for financial transactions and access to our email (which of course, is often linked to our bank accounts).

That being said, neither security through obscurity or antivirus is the end-all/be-all of protecting yourself online. Anti-virus in particular should be there only as a last line of defense no matter what OS you're using. What's more important is keeping up on preventative measures and techniques. For OSX in particular, your Achilles' heel for now is 3rd party browser plugins. A vulnerable Java, Flash, Reader, etc can essentially leave you open to OSX targeted attacks, where escalation could be hidden behind an innocuous software update prompt. Granted, it's not as prevalent as Windows based attacks (again, low hanging fruit), but that does not mean as a result OSX is's just often overlooked. Vulnerabilities in OSX do exist.
posted by samsara at 8:59 AM on July 5, 2014

Just off the top of my head, Flashback was fairly recent and substantial. And while it required someone to be fooled into installing a fake flash plugin, it was a method not unlike what we've seen on Windows

Not a virus. A Virus has to be self replicating and not require any input from the user. Flashback required the user to accept and allow an installation. This is Social Engineering.

The moment online criminals find ways to siphon money off of Apple users is the moment OSX and iOS become new low hanging fruits.

But they can't. That's why Macs don't have virus problems. Not because the mac market is too small to bother with, and not because most virus developers use Windows... mac OSX is not perfect, but it is practically virus proof. Unlike Windows, with Mac OS X you don't have access to root/admin account by default.
posted by Gungho at 10:02 AM on July 9, 2014

« Older Solo dining in Copenhagen   |   At what point on the the graph do automation and... Newer »
This thread is closed to new comments.