Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Do I need an antivirus program?

Sep 13, 2011 2:54AM PDT

Good afternoon,

Discussion is locked

- Collapse -
Answer
Not yet
Sep 13, 2011 10:40AM PDT

Not yet is the best answer that can be given. That is subject to change at any point in the future, but as of right now, it's not necessary.

Imagine you're sitting on a tropical beach, just enjoying the day. Off in the distance you can see some storm clouds brewing, but there's no telling when, or even if, they'll ever make it to your beach. So while it would be prudent to be prepared to head back to your hotel room, for the time being there's no particular reason not to continue enjoying your time on the beach.

- Collapse -
Answer
Thanks
Sep 13, 2011 11:22PM PDT

Hey Jimmy,
You are quite poetic. Thanks for the explanation.

- Collapse -
Answer
Yes
Sep 16, 2011 3:15PM PDT

I switched to Mac about 4 years ago and never had a virus problem like the pc format, until this summer. I received my first virus back in June. I removed it with a free program called sophos. Still had to manually track down part of the virus. Happened again in July, same virus. Still, 2 issues in 4 years over the daily problems with the pc is much better.

- Collapse -
Sophos is a joke
Sep 16, 2011 11:05PM PDT

Sophos is a joke, even on Windows. It has to be one of the single worst AV programs I've ever seen. It combines the general drain on the system like McAfee with a much less effective detection rate.

And for that matter, I'm unaware of any viruses that actually exist for OS X. Outside of maybe a couple proof of concept types. There was the whole Mac Defender thing a while back, but that was more malware (and pretty toothless) than anything. It also seems to have largely died out.

- Collapse -
antivirus
Sep 16, 2011 11:24PM PDT

Thanks Yogi and Jimmy. I appreciate both your replies. I know there will always be different opinions to a question but I like to hear them all. It's like a good debate; you 'gets the info and makes yer churses'.

- Collapse -
I think we would all be interested
Sep 17, 2011 12:02AM PDT

in knowing exactly what "virus" Sophos said it found.

- Collapse -
Not sure if it's a virus, but...
Sep 17, 2011 4:28AM PDT

Somehow I fell victim to "Mac Defender" and it plagued my computer with pop-ups and was in general a nuissance. I am glad I down loaded "Sophos". It got rid of the problem and runs like new. It worked for me.

- Collapse -
Two things
Sep 17, 2011 6:25AM PDT

Two things

1: Mac Defender was malware, and pretty toothless malware at that

2: Are you sure it was Sophos that cleared it up and not the update Apple released to target that specific bit of malware?

- Collapse -
Details, please
Sep 17, 2011 5:13AM PDT

To believe your assessment (Sophos is a joke), we need information. As is, it contradicts the reviews on the web. What is "drain on the system"? I am writing on a laptop that has Sophos scanning (full scan mode) in the background. Activity monitor shows 2.5-4.5% CPU usage. In my book, it is negligible. The only problem I potentially have with Sophos is that during the last three months it shows no updates available. ClamXav always updates when activated. The same is with iAntiVirus. However, Sophos scans the entire drive rather than some "critical files" as the other two popular programs do. Another weakness pointed out in some review is that Sophos rescans the scanned files again if interrupted and then resumed. But these look like minor to me. In general, Macs have no viruses, I agree with you on that, of course. But there some Trojans out there, such as DNSchanger and the likes. True, without the user's assistance, one cannot get those. However, not everybody is computer-smart and tech-savvy, so things happen. Therefore, there is a need to have some software available to remove these malware programs if, God forbid, we get them. This is why I would favor some kind of anti-virus program even on a Mac. It does not mean that it has to always run. But in case of some strange slowdowns or other suspicious events, it never hurts to scan your drive.

- Collapse -
Did you consider
Sep 17, 2011 10:05AM PDT

Did you consider some of the more hidden elements of performance drain on a system besides CPU use? Like how much does it block I/O operations? Forget the CPU use, how much of an overhead is there every time you move some file around? What about hidden kernel tasks that may be running which aren't immediately evident?

While second hand info, it comes from a source I would consider to be very reliable, and that is with the Windows version of Sophos, the thing actually uninstalls itself and then reinstalls for every update.

And DNSchanger wouldn't really be a trojan. Trojans are programs that create some kind of back door for another program to come in from. That's why they're called trojans, they're named after the greek myth of the trojan horse where a bunch of greek soldiers hid inside a giant wooden horse left outside the gates of troy. Then when night came, they slipped out and massacred the city and opened the gates for the rest of the greek troops assembled outside. DNSchanger has some trojan like qualities to it, but it's really much closer to a virus. Mostly I'd classify it as rather low risk malware.

And I am not saying that Mac users can go wander around the greater Internet with impunity and not expect anything bad to happen eventually. There are plenty of social engineering threats out there which don't really care what OS you're using. However, I would stand by the statement that right now there is no need for any AV program on the Mac. Like I stated in the very beginning, that is subject to change at any moment, but fact is Mac OS X is about 10 years old now and the likes of DNSchanger is about the worst it's had to contend with in that time. When there are some real threats along the lines of what Windows users live in fear of daily, we can certainly revisit the need for AV programs. In fact, if/when it does actually happen, I'll probably be among the first to start telling people to get an AV program. Until then, in lieu of any real serious threat, I will continue telling people that there's no particular need for them. And that the "free" version of Sophos is a pretty transparent attempt on their part to try and capitalize on the fact that there's probably a couple million Mac users around the world that don't currently have an AV program. They're trying to gain mindshare, and hoping to upsell some of these people on their paid product, which is basically just snake oil at present. The only real reason AV companies make Mac versions of their products at all is to cash in on poorly written corporate policies, mandating all computers have an AV program installed, regardless of need.

- Collapse -
Fair enough
Sep 17, 2011 7:03PM PDT

Although the reviews on Sophos are generally quite favorable.

- Collapse -
There are plenty
Sep 17, 2011 11:20PM PDT

There are plenty of good reviews for registry cleaning/fixing programs on Windows, doesn't make them any less of a scam. Reviews alone doesn't really amount for much. If I have 10 people, who are complete morons by any objective or subjective measure, writing 10 reviews of a program, how useful is that? I've even seen a number of astroturfed reviews, where some company apparently pays a bunch of sites to write glowing reviews of their products. It's generally easy to tell, because they'll all have the same general format, hit on the same key talking points, etc.

Then there's also the fact that once reputable AV companies have resorted to cheap tricks recently. Like AVG launching an AV program for Windows Phone 7, which A) has sandboxed programs, B) has no known threats, C) even if there were any known threats, see A, D) only scanned user accessible files because user level programs cannot access the system files, and finally E) was apparently covertly collecting all kinds of data more detailed than what caused the big brouhaha with Apple over the summer.

It is a truly sad sentiment that we live in a world where when companies no longer feel that they compete based on the merits of their product, resort to these underhanded methods rather than actually IMPROVING their product, or even just simply ceding defeat in a market. No, we get endless patent lawsuits going back and forth over elements that are so broad and vague that you could sail a large navy through them, companies paying for fake reviews, creating completely useless products that do little more than spy on unsuspecting users. That is the world we live in however, sad as it may be. You can't even trust reviews anymore without reading a decent sample of them and making sure they aren't just the same basic draft review with a few minor changes here and there.

- Collapse -
One thing
Jun 4, 2012 4:03AM PDT

I would have to agree with this if all you're worried about is your Mac. But if you also have a Windows machine that you transfer files to, or friends and family using Windows to whom you send files, would it not be a good idea to have something to scan those files? And if anyone has any recommendations, I would like to know what they are.

- Collapse -
For the most part
Jun 4, 2012 5:36AM PDT

For the most part, that's all Mac AV programs do, is just check for Windows related malware. You might occasionally see an AV program for Linux/Unix, but dig a little deeper and you find they're intended for use with email servers to scan attachments passing through the system.

But at least for the time being, no Windows malware can infest a Mac (running Mac OS X), so unless we're talking about something like VBA macro based malware, which became an issue again with Office 2010, there's really nothing to be gained. Any Windows system you pass the files to should have an AV program installed that will pick up and eradicate the malware. So it's essentially inert while on the Mac. It won't hurt anything to have a Mac AV program get rid of it, but not sure it really justifies the resource overhead of an AV program just for that.

- Collapse -
Thanks
Jun 4, 2012 11:07PM PDT

OK, thanks. I wasn't worried about my Mac getting infested, although I do keep my eyes open. And I really only have one person that I worry about. The rest are pretty savvy. Happy

- Collapse -
AVAST! for Mac works really well.
Jun 16, 2012 12:44PM PDT

I personally am using the free version of AVAST! for Mac.
Not only does it scan the data stream going to and from your Mac, it also alerts on known malware sites. Useful if you click on a link that looks OK, but is a fake.

Aside from the malware site warning, so far it has only found win32 viruses, but I feel confident that it would handle Mac viruses as well. (I have used it on PCs for many years.)

- Collapse -
And so
Jun 16, 2012 1:28PM PDT

And so if there are presently only maybe a very small handful of threats capable of infecting a Mac, what exactly is being gained? Win32 based threats cannot affect a Mac, so outside of informational, there's no real benefit for the detection of those on a Mac. If I am not running Windows, why do I care about Windows specific threats? Doesn't it make more sense to be paying attention to the threats specific to whatever platform I happen to be running? Be it Mac OS X, Linux, some other Unix flavor, or Windows.

To quote the late great George Carlin when making fun of airline announcements: "Please check around your immediate seating area, for items you may have brought on board." ... Well, I may have brought my arrowhead collection. I didn't, so I'm not going to look for it! I'm going to look for things I brought on board! Which would greatly enhance my chances of finding them, wouldn't you say?

Also, at this point, I would think that it seems worth pointing out that threads that have been largely dormant for some time are suddenly active with people who have nothing but rosy pictures to paint for Mac AV programs. Smells an awful lot like an astroturfing campaign, and so I would suggest anyone else to take that possibility into consideration when reading comments in this (and other) discussions. I'm sure if I had the inclination to do so, I could find near identical comments being posted on several different message boards under a number of different aliases.

- Collapse -
At least I don't become one of the unknowing throng who spre
Jun 16, 2012 2:51PM PDT

At least I don't become one of the unknowing throng who spread the viruses that sleep on their computers.

It is like one of the problems the Department of Homeland Security worries about:
Smallpox is largely wiped out, with the only viable samples stored in labs. Because of this, inoculation programs have pretty much been done away with. This makes smallpox one of the perfect weapons for bioterror.

I've wiped out hundreds of copies of viruses that were resident on my machine. True, almost all were Windows viruses, but they were still using resources. So, I know that I am being a good netizen.

As far as your accusation of astroturfing goes, I will let you know that I am a retired engineer who just started tracking this forum to see what goes in the world of Mac. My primary background is PCs, and you can search for my comments on many sites. My comments are purely my own.

I have seen my comments copied to other sites (usually with the identification) and would appreciate it if you let me know if you see them mass duplicated under other names.

What I'm starting to wonder is why you are so much against using AV programs on Macs (or Linux, for that matter). Could it be that you have some vested interest in keeping these machines vulnerable?

- Collapse -
What I'm starting to wonder
Jun 16, 2012 11:33PM PDT

What I'm starting to wonder, is why it is any time someone tries to present a reasoned argument against a position, everyone immediately jumps to the conspiracy theory idea that the person arguing against the position is somehow secretly benefiting from it.

Someone goes to a Mac forum and says that in some specific scenario Microsoft wasn't to blame, and all of a sudden you're some giant Apple hating Microsoft apologist. And if you go to a Microsoft forum and say how in this, this, and that way the iPhone is better than Windows Phone, then it's just kind of the reverse of the other example.

Why can't people, like yourself, just grow up and take the time to actually parse a somewhat nuanced argument? Then maybe, and I know this is probably asking for a lot, engage the more rational parts of your mind and come up with an intelligent, nuanced, and reasoned response. As opposed to a rather childish, "You must be part of some conspiracy because you think differently from me!" Though you do help at least demonstrate the truth of the research that shows engineers can be among the most superstitious people... Which is kind of ironic, since engineering is about as logical a profession as there is, yet engineers are more likely to believe in all kinds of crazy things than pretty much anyone else, just like highly intelligent people are more likely to become members of cults. Go figure.

I have said numerous times, over a span of a couple of years, that at some point it will absolutely be necessary to have a Mac AV program. I'm a little amazed it hasn't happened already to be honest. However, AT PRESENT there are no real threats for the platform, so what's the point of an AV program? If all you are finding are Windows specific threats, which cannot affect/infect a Mac, what benefit exactly are you getting from the AV program? Seems to me, it's purely informational and maybe a warm fuzzy feeling akin to picking up a piece of litter and throwing it away. Which is fine, but just recognize that it's just the fulfillment of an emotional need on your part, and that there's absolutely no utility being gained.

Right now the only real possible threat AV programs could protect against on a Mac are VBA viruses for MS Office. Which are really kind of a minor threat to begin with, since they can only affect things like your Word documents. You might think losing your graduate thesis is more than a minor threat, but bigger picture it's trivial compared to say a botnet where your computer might be implicated in conjunction with some criminal act. Every other threat Mac AV programs might protect against are all Windows specific.

- Collapse -
Benefit vs. being responsible
Jun 17, 2012 4:09AM PDT

I'll address your response in the order of the items given.

1. My question re: do you have a hidden interest. This was in response to your prior statement "Smells an awful lot like an astroturfing campaign . . ." If you are so sensitive about others questioning your veracity, don't question theirs.

2. There ARE and have been malware attacks that affect Macs. Most are circumvented by normal precautions. When working at a military lab, though, we used extraordinary means to protect the Macs (as well as other computers). When the risks are higher than just the normal hackers, you do everything in your power to protect the systems.

3. Benefit vs Responsibility. If I send out a copy (forward) of an email that contains malware, am I any better than the person who originated it? I'm certainly behaving irresponsibly. One reason that the AV writers give away copies of their products is being good netizens; they are behaving responsibly. (It certainly doesn't hurt that they also get a certain amount of good will, but they are really demoing their product. Even Microsoft demoed Windows 7 for free.)

What is the cost of being a good netizen, and stopping the spread of malware that comes to you? If the package comes at no cost, there is no monetary cost. If you choose a package with a small footprint, you take a miniscule performance hit and you give up a small amount of storage.

If you aren't willing to pay this price, that's your choice. But remember the old tag line "If you are not part of the solution, then you are part of the problem." I prefer to not be part of the problem.

- Collapse -
That's a lovely
Jun 17, 2012 11:49AM PDT

That's a lovely false dichotomy you've got going there. At least that's a logical fallacy you don't see quite as often, so credit where credit is due.

If you want to volunteer to pick up litter on the side of the road, my hat's off to you, and indeed it would be a better world if more people would do such a thing... However, presumably every other Windows user is going to have some sort of AV protection running, and if not, well then they have plenty of other issues before you might have passed along some bit of malware via email.

Anyway... On your first point... All of a sudden, seemingly out of nowhere, there's a flurry of posts on previously dormant threads, all of which seem to have absolutely nothing good to say about Mac AV programs. They lack any real substance to back up that opinion, and all seem to follow a reasonably similar format... At least given the general lack of content. I was merely pointing out that such patterns are typical of an astroturfing campaign, and suggesting that people take comments lacking any real substance with a grain of salt.

On your second point... At what point have I ever said there wasn't? At least as of right now, Apple has been able to provide a built-in malware remover for every bit of Mac malware to come out. Is it a viable long-term solution? Not even close, but it does work for the present time. Remember that part about nuanced from earlier? As of right now, there is no real need for a Mac AV scanner. That could change ten minutes after I post this, ten days, ten months, maybe ten years, I don't know. I just know sooner or later there will be a convergence of someone talented and motivated enough to make it happen, and when that day comes then we can most definitely revisit the need for an AV program on Mac OS X. Until that point in time however, there is really little to no need for those programs.

I already covered your third point by saying it's a false dichotomy, so no need to go over that again. Except there is another amusing quote from the late great George Carlin that is somewhat topical: "Lead, follow, or get out of the way!" You know what I do when I see a shirt like that? I obstruct!

- Collapse -
I use Sophos - love Sophos
Jun 16, 2012 5:03AM PDT

I use Sophos and love Sophos. What I like about it more than anything else is not only does it clean my Mac drive, but it cleans all my other drives, such as my external drive I use for extra storage, and my Windows drive. Not bad for free.

- Collapse -
The question still remains
Jun 16, 2012 10:46AM PDT

The question still remains: Do you really need Sophos? Or any other AV program.

Some day, that will be an unequivocal yes, but right now it's still no. Sophos, Symantec, Kaspersky, and all the rest are just trying to get ahead of the game and milk the Mac gravy train for a while before they have to start delivering an actual useful product. Right now they can just slap any old thing together, sell subscriptions for it that are completely useless, and let the money roll in.

That's what the freeware versions are designed to do. Create good will and make you think about wanting to buy the paid version for the next set of useless crap you don't need.