Antivirus Software Within Apple Is Mandatory, But Should It Be On Your Mac? [Update]

Antivirus Software Within Apple Is Mandatory, But Should It Be On Your Mac? [Update]

Do you need antivirus or antimalware software on your Mac? Although Apple’s sales staff are quick to hype up the relative security of a Mac compared to a Windows PC, internally, they aren’t so confident. According to an Apple Store Genius speaking to Ars Technica, “Mac Defender has changed everything.”

In a piece responding to the news that there’s an explosion of malware on the Mac since Mac Defender came to town, Ars Technica asked a handful of certified Apple specialists and some anonymous Apple employees about whether or not the threat was overblown.

“MAC Defender has changed everything,” one Apple Store Genius told Ars. “We probably get 3 or 4 people with this per day. Most of them only got as far as installing the program and haven’t entered their credit card details.”

Even more interestingly, the same Apple Store genius says that while Apple publicly blusters about the security of the Mac, behind the scenes, they all use Norton Antivirus on company machines!

“This always sparks a debate at the bar on whether antivirus software is necessary on the Mac. This is difficult, as the store sells several antivirus products implying that Apple supports the idea, but as many customers point out, the sales guys aren’t shy in making the claims for Mac OS X’s security. Internally, Apple’s [IT] department mandates the use of Norton Antivirus on company machines.”

It seems that at the end of the day the hreat may be a bit overblown (after all, it’s easy enough to remove), but even so, Mac Defender has proven to be a new and unique threat to the Mac ecosystem… and it doubtless won’t be the last one as OS X marketshare soars. Maybe it’s time to considering doing as Apple does, and getting yourself some antivirus?

Update: Daring Fireball’s John Gruber has an update. It turns out that Apple does not use Norton internally.

This may be true for any Apple-owned machines running Windows, but it is not true for machines running any version of Mac OS X. I asked several Apple engineers whether any antivirus software was mandated or even recommended for Mac OS X, internally. All said no. Said one, “You couldn’t get me to install Norton on OS X if you slipped me the date rape drug.”

  • Ta

     “According to an Apple Store Genius”
    Wow, how were they able to get ahold of this guy for an interview?  :-)

  • iMunas

     I am not about the Malware for Mac, I want to tell more about Norton Antivirus. It is good piece of software and does its job well. However, at least on PC, it is resources hungry and …. if one wants to uninstall it is kind of impossible … even uninstalled it popups periodically with harassing messages “please install …”, “register”, “protect your system with….” and I was looking in different forums and found that it is almost impossible to uninstall…..
    I hope on Mac it is different ….
    Personally me I use Sophos Antivirus for Mac.   It is free, seamless, however, I could not tell is it doing its job or not as I had no warnings yet…. However, when I tried, just for testing, to scan zip file where I knew there is a PC virus, it popped up with a message about virus found.

  • Anon

    Only an idiot would install anti-virus to protect against one trojan that you install yourself.

    There is no malware problem on a Mac.

  • prof_peabody

    I just flat out don’t believe almost all of this.  Not the article, but what the anonymous “genius” is saying.  There is no evidence at all that malware is “exploding” on the Mac. None.  

    MacDefender itself is a joke.  It doesn’t even do any harm by itself and is trivial to remove.  It only attacks users who don’t know the most basic things about their computer.  If you are unable to install or uninstall an application on your own computer, then you deserve everything you get because you shouldn’t be using the computer in the first place.  

    The “answer” to stuff like this is already here anyway.  It’s called “iOS” 

  • iMunas

     I agree, however I think having an antivirus installed would help to keep an idiots Mac cleaner as well as give more time to spend on something more interesting than solving idiots problems for others.

  • Discopete

    Just out of curiosity, does Norton or any other anti-virus protection catch Mac Defender before it gets installed?  It seems like it would be tricky for that type of malware.  Also, @Munas – it’s funny that some of the messages that come from malware on the Mac are almost indistinguishable from anti virus software on Windows ;-)

  • Yacko

    The key thing here is that this is an automatic download triggered by javascript which should have alerted the user, experienced or not,  to something not kosher, the second the download window came up and you had not clicked for a download. The moment that happened, they should have tried to find it on their hard drive and trashed it and emptied the trash. But they couldn’t do it as the browser is set to automatically act on a download including using helper apps.

    Safe rules:

    1. No automatic downloads.

    2. No automatic execution or even decompression like unzipping of downlosds.

    3. No running in admin mode.

    4. No using your account or admin password unless you specifically choose to run something that needs your password.

  • Chris

     the problem is that macs are mostly for peope who want everything to be easy and don’t know a lot about computers…they can’t distinguish between fake and real antivirus or good /bad software

  • mjrmd

    What might an antivirus app be guarding against given that there are no viruses in the wild capable of entering the Unix, OS X, environment? Finding a Windows virus on your Mac with an antivirus program doesn’t count, since it would be incapable of replicating, doing damage or spreading. Trojans, like Nigerian 419 letters, phishing schemes or MacDefender, are not viruses. They are only successful with the cooperation of very naive users, gullible enough to give over passwords to total strangers.

    Unix security was built in 40+ years ago within the structure of the permissions system and the password requirrment. Apple machines are not secure because the are obscure, they no longer are. They remain impervious because of superb OS design.

  • MacGoo

    Yeah, Mac Defender is more of a “scare-ware” program than an actual virus or worm. It still requires authentication to be installed.

  • MacGoo

    For anyone reading this blog, Mac Defender should be a non-issue. We understand installing programs, and would never authenticate an install unless we initiated it. However, as Apple gains market share, its user base becomes less and less a community of enthusiasts, and more and more a community of genpop semi computer-literate users who bought a Mac because it was pretty or trendy. Sooner or later Apple will become a juicy enough target that real viruses will crop up though, so it’s good to be prepared. I use Sophos at the moment, and I’ve never detected a single threat, but it will happen eventually.

  • T1mo3

     I use Sophos A-V on my Mac its pretty good and its free!

  • Anonymous

    Apple does NOT currently require AV software on end-user machines, unless they are running Microsoft Windows.  It is optional on Macs.  Trojans are hard to protect against, since the user is choosing to install it.  Mac OS 10.6.x already warns you about running something you downloaded from a web site.  If you choose to do it anyway, you kind of brought that on yourself.  It doesn’t matter if you are running Windows, Linux, Solaris, etc.  If you have admin rights on your box, you can install whatever harmful software you like.

  • mjrmd

    Don’t you think that there is a script kiddy somewhere in the world who would love to have the bragging rights of having created the first virus to successfully attack a Mac? That’s what they live for. However, it hasn’t been done. Macs aren’t safe because no one capable of writing a virus has bothered. It’s just nigh unto impossible to do.

    Long live Unix! 

  • Billy

    If you get your internet from Comcast / Xfinity, then Norton Anti-Virus Mac is free. So why not install it, unless your biggest concern is that it will use some of your computer resources to run? http://xfinity.comcast.net/con

  • mjrmd

    Final thoughts on the subject: MacDefender, Nigerian 419 letters, phishing schemes, Trojans in general are not “malware;” They are Social Engineering Schemes, attempts to manipulate humans into divulging normally secure information through deception. Increasing general awareness about them is the only way to protect against them. 

    Sorry Norton…nothing to see here, just keep moving along.

  • DD

    Unfortunately the Mac’s reputation for malware impunity is taking a beating with this Mac Defender piece of dog doo. And while a malware scanner would help, it is not the answer. In fact, anti-malware software for Windows has never been the answer either; Yes, they protect against infection most of the time, but at what cost? Slower, balky computer operation, compatibility issues with database applications, additional financial costs etc.

    In my opinion, It is and has always been the OS maker’s responsibility to address the security flaws in their OSes. Microsoft has done a criminally poor job of it. I hope Apple does not. Yes, Mac Defender is a trojan that needs the user’s help to be installed, but Apple still has the responsibility to deal with this rather than depending on poorly written third party bloatware anti-malware programs to clean up after them. In fact Apple has a greater responsibility than MS as they have presented Mac OS as a product “For the rest of us”; indicating that you don’t have to be a techie to use the system. Not being a techie means not paying attention to things like malware. 

    I’ve been in I.T. operations and management for 25 years and have worked with a dozen operating systems and thousands of users. Non-technical users don’t understand computers easily so I have used analogies to explain things to them. The analogy that seems to work best is the automobile. It works pretty well to help users understand the various functions of their computers. An OS vendor not addressing security issues in their OS is like a car maker installing defective locks on the car’s doors which allow dishonest people to walk by, open their car door and steal their belongings.

    I don’t have malware protection on my Mac and don’t plan to. Apple better keep it that way; anything less is a betrayal of an otherwise very nicely executed platform and the attention to detail that makes it so.

  • DD

    Unfortunately the Mac’s reputation for malware impunity is taking a beating with this Mac Defender piece of dog doo. And while a malware scanner would help, it is not the answer. In fact, anti-malware software for Windows has never been the answer either; Yes, they protect against infection most of the time, but at what cost? Slower, balky computer operation, compatibility issues with database applications, additional financial costs etc.

    In my opinion, It is and has always been the OS maker’s responsibility to address the security flaws in their OSes. Microsoft has done a criminally poor job of it. I hope Apple does not. Yes, Mac Defender is a trojan that needs the user’s help to be installed, but Apple still has the responsibility to deal with this rather than depending on poorly written third party bloatware anti-malware programs to clean up after them. In fact Apple has a greater responsibility than MS as they have presented Mac OS as a product “For the rest of us”; indicating that you don’t have to be a techie to use the system. Not being a techie means not paying attention to things like malware. 

    I’ve been in I.T. operations and management for 25 years and have worked with a dozen operating systems and thousands of users. Non-technical users don’t understand computers easily so I have used analogies to explain things to them. The analogy that seems to work best is the automobile. It works pretty well to help users understand the various functions of their computers. An OS vendor not addressing security issues in their OS is like a car maker installing defective locks on the car’s doors which allow dishonest people to walk by, open their car door and steal their belongings.

    I don’t have malware protection on my Mac and don’t plan to. Apple better keep it that way; anything less is a betrayal of an otherwise very nicely executed platform and the attention to detail that makes it so.

  • DD

    Mac Defender is not a virus, true, but it is a pretty well executed social engineering attack, a trojan. It doesn’t matter if only an idiot would let it in, there are plenty of Mac users (and Windows users as well) that are idiots and they will let it in. Apple needs to look at ways to protect the idiots from this type of attack. BTW, idiots don’t know a trojan from a Greek, or rather a virus; so all malware are viruses to them.

    Remember, perception is reality. And given the tech pundits’ tendency to present things not it the true light of day, but in a way to generate maximum page views, Perception within the idiot community will quickly become “Macs can get viruses”.

  • robpickering

    Corporate Anti-Virus is required by the Payment Card Industry Data Security Standards:  “[PCI-DSS] 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (particularly personal computers and servers).”  Without it, Apple would not be able to be PCI Compliant.

  • robpickering

    MacDefender is absolutely Malware.  “Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.”

    Since it’s being used only to collect credit card numbers without actually providing any type of service, I’d consider that malicious and exploitative.

  • robpickering

     You’re full of crap.  If they didn’t require it they would be in violation of PCI DSS Security Standard 5.1.  Pretty sure they aren’t.

  • cheesy11

    arent apple computers devoid or somehow mystically protected against viruses, or is this another conspiracy about the apple takeover

  • geraldshields

    This whole discussion is ridiculous. For one thing: if this malware were to appear on the WinTel platform then the process to remove it would’ve gotten to the point where the user’s personal data would’ve needed to been saved to a external drive and the PCs Hard Drive reformatted and the OS reinstalled. That’s not the case with this on the Mac platform.

  • nthnm

     I think people are incredible stupid to think Macs are immune to getting viruses. The fact that they aren’t as widely made is the reason. I’ve had antivirus software on my Macs for the last few years.

  • Anonymous

    That only applies to machines with have access to customer’s credit card data. Corporations can either lock down all machines, or keep all systems that are involved in processing CC data totally isolated from other machines.  Guess which one Apple does.  

  • geraldshields

    What you’ve said is somewhat true: Apple should’ve set up removal process in their knowledge base, but let’s be real: Removal of this malware is straightforward and doesn’t require a reformat/reinstall

  • Andrew

    Same here, and I installed it on my girlfriends MBP. 
    Better safe than sorry…

  • robpickering

    Unfortunately, you stated, “Apple does NOT currently require AV software on end-user machines, unless they are running Microsoft Windows.  It is optional on Macs.”  Which isn’t true, as I’ve pointed out.  They have Macs that are “in scope” for PCI, and those are required to run Virus Protection, invalidating your statement, as they are not running Windows.  

  • guest

    I guess Apple is not PCI Compliant.

  • Yacko

     Or maybe it will “helpfully”, find a “virus” infected file which is actually a false positive, quarantine it and either attempt to correct it or urge you to delete it, thereby causing no end of problems. AV software can be as harmful as malware itself.

  • Yacko

    Is your computer safe from you smashing it with a hammer? Until somebody comes up with a great trick to get you to do it? It’s not about Apple, magic or computers in general, it’s about unnecessary fear and the gullibility of the individual.

    In your case, I’d say you are just two or three suggestions away from believing your computer is possessed and you must smash it with a hammer to save your soul. You do know the rapture could be as little as 24 hours away? I suggest you start getting things in order and find a hammer.

  • Yacko

     “Norton Antivirus. It is good piece of software… even uninstalled it popups
    periodically with harassing messages “please install …”, “register”,
    “protect your system with….” and I was looking in different forums
    and found that it is almost impossible to uninstall…..”

    So what you are saying is that Norton AV acts just like malware and yet you praise it. And they say Apple users are fanatics.

  • honjk

     actually,  AV software is very dangerous on a Mac,  even legit AV software,  

    you are 1 million times more likely to lose data to the AV software than you are to malware,  worse, if you install AV software,  you are guaranteed to lose data someday…   where Malware… not so much if you are simply a little above average in competence with computers. (see links)

    also AV software did not detect the new “mac defender” malware,  because it was just collecting your credit card,  you heard about it at the same time as AV software firms,  and they added definitions,  and you would have to update, and that update is the thing that is Russian roulette..   it could very easily be buggy… and cost you your data.  (see links)

    http://news.softpedia.com/news… are two to three things a Mac user needs to NEVER do:1. NEVER download AV software for the Mac, (no matter how much a website pleads and says your mac is “infected”, it is not) downloading even legit AV software is very dangerous and does not protect from the real threat, which is future trojans. (unsurprisingly this advice would have saved everyone from the latest malware that didn’t know already,  where the opposite advice taken at face value,  (to download “protection”)  would have cost you your credit card number if downloading this latest “protection” malware.2. never download Video/flash/ or codec “updates” from web sites no matter how much they plead when you are trying to view porn or other video as a mac user you do not need an “update” to view video EVER…  only use your built in Mac software updater…  and don’t even do that until weeks after Apple has issued them,  to see if people are complaining from bugs from that updater.3. never download anything from websites, that you did not go to in the first place to download something,  as a mac user you never have to download software from any random websites.now you are 100% protected from every known Malware for the mac to date, and you have a leg up from future trojans, better yet, you are also 100% protected from someone’s advice that will cost you your data someday, by downloading Sophos, or other AV software, it IS DANGEROUS to your Mac’s data.

  • honjk

    hmm,  not all links came through,  i’ll try again…

    http://news.softpedia.com/news

    —————————

  • honjk

    looks like one at a time…

     http://www.eweek.com/c/a/Secur

  • honjk
  • Nutz320

     As one commenter said in another post, no place is secure if you HAND OVER THE KEYS. That’s the crucial element.

  • Nutz320

     “Better safe than sorry…” That would be true if AVs had little effect on your system. But, as others have pointed out, AV software on the Mac has an adverse effect, slowing down the computer, you have to wait for updates and the malware is easy to remove.

  • Nutz320

     OS 9 was less common and had a TON of viruses.

  • Nutz320

     Exactly! This “malware” doesn’t act much like one. Sony’s rootkit was worse, LOL. If a reputable company like Sony does worse than a shady virus from some random Google Image, it’s just amusing. You can uninstall this trojan just like a normal app and it won’t even protest.

  • Slphilips

    No more so than “most” PC users.
    Even most computer users in offices rely on the “IT types” for all the picky stuff.

  • Slphilips

    And would you blame the builder of your house if you got robbed? Knowing that a perfectly secure is almost impossible to build economically?
    Or would you buy an alarm system, put up security lights and be sure to LOCK your doors? 

  • Anonymous

    Fortunately, I said “on end-user machines.”  As in general user desktops, not POS systems, not servers that handle CC info.  PCI requires the data, and systems handling the data are protected.  Most end-user systems don’t do that.  Sorry if I didn’t spell it out for you, but I figured if you actually knew the details of PCI, you’d get that.  My bad.

    Some companies take an extremist approach, and require ALL systems to be locked down to meet PCI requirements, but in many cases, it isn’t necessary. The original discussion was a broad statement that Apple supposedly required AV software on Macs.  In general, that simply isn’t true.  It would only be required in special cases, like special systems used for CC processing.So while you are correct that a special, limited set of systems probably do require AV software to meet PCI, I am correct in that the general end-user population isn’t required to do so.Can you live with that, or do you need everyone else on here to be wrong for you to be happy?

  • Slphilips

     Presuming that the actual question (not yet answered) in the headline was “should antivirus software be mandatory on the Mac?”, the answer is a resounding “NO” and not for any ot the reasons stated.
    IF it was mandatory it would have to be installed by Apple. IF they installed it and it somehow caused problems or somehow missed a virus they would get sued.
    They are a computer company, not a babysitter. 

  • robpickering

    So, Mr. Anonymous.  Just making sure I have this right, you know because you’ve “had to spell it out for me”.  

    Apple requires virus protection on Macintoshes.  Macintoshes that aren’t running Windows, but may have other sensitive duties related to card holder data (which incidentally is more than just Credit Card numbers).  

    So the statement “unless they are running Microsoft Windows”, which is the statement I had issue with in your original comment; is in fact, untrue.  

    Yep, I’m satisfied now.

  • Anonymous

    So… your answer would be the latter.  Got it.

  • Jrbingo1

    I fully agree. This malware scare of the moment for the Mac is just a big scare tactic perpetuated by those company’s that are seething at the opportunity to finally try and get Mac users to believe they need their product. I refuse to go buy some bogus software that I don’t need and constantly runs in the background usually recourses to help me with a malware program that you literally have to sight in and down load. Educate yourself. If your the kind of idiot that goes around downloading every pop up that tells you you need it, then you deserve to be stuck with a malware. The Mac OS literally prompts you to enter your I.D before downloading a new program including this new Mac malware. Dear god! It’s not like the malware just got there. These idiots are downloading it onto their computers. I have owned a Mac for several years and have never once needed a resource hog anti virus. Educate yourself!!!!

  • nike air max

    nike air max 2009
     Wow! Thank you! I continually necessary to write on my blog some thing like that. Can I implement a fragment of your post to my internet site? nike air max 2010

  • iMunas

     I never had Norton AV on any of my Macs. however I had it installed on PCs about 6 years ago. And, yes, even removed small Norton’s agent was working on a system to push user to get Norton AV installed.

  • honjk

     and no AV software will ever prevent you from handing over the keys,  that is the point,  AV software is worthless for future trojans,  they find out about them the same time you do.   

    and why would you install AV software for “macDefender” when you already know not to install it, or that matter any other AV software….

  • Nutz320

     Sorry if I wasn’t clear, but I was agreeing with you, was just adding another point. :)

  • Mike

     Gruber updated his update.

  • imajoebob

     “Finding a Windows virus on your Mac with an antivirus program doesn’t count, since it would be incapable of replicating, doing damage or spreading??”  Try again.  A windows virus can and will replicate through email.  I’ve received any number of messages over the years that contained a Windows virus.  Had I forwarded one of them, I may have infected someone else’s computer.  That’s why I run Sophos (I used to run ClamXav, but it started to randomly bog down my G4 processor)

  • imajoebob

     The threat to Apple isn’t to their computers, but their email.  Infected messages from Windows users can (and are) forwarded from Mac machines.  My AV picks off at least one or two a year.  If I’m Steve Jobs, the last thing I want is someone claiming (and proving) that they were infected by a message from Apple!  By running AV software Apple isn’t protecting itself against a non-existent threat to its computers, it’s protecting itself against a REAL threat to its reputation and, concurrently, its bottom line.

  • stanwol

     This appeared on my browser a few weeks ago. It immediately downloaded a zipped file. As soon as I saw the file downloading, I dragged it to the trash. I’d say that 75% of Mac owners I know would not have done this.

  • ooOOOoo

    You shouldn’t be satisfied.  The only thing you proved is that you’re a stubborn nimrod who cannot read properly.

  • LoveDudePeaceOut

    Dude, that is just not right.  

    Research shows that the more educated you are, the more likely it is that you have an Apple Computer.  I work in IT.  The issue boils down to:

    - Microsoft Beta tests its products on the public after deployment.
    - Apple releases finished products.

    At the office we use Windows like every other nimrod on the planet.  But at home – away from work – I have used Apple for seven years.   Reason?  It fricking works and it is safe. I am not at work when I am at home.  I deal with what my employer requires.  At home – I get to pick the best OS around.Before, all my home PCs got bogged down, but my MACs have always just worked.  I am not at work at home.  I want to play, make music, art, DVDs, edit photos, pay bills, shop.  I am not in the mode to Beta test an inferior product.

About the author

John BrownleeJohn Brownlee is a Contributing Editor. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his wife and two parakeets. You can follow him here on Twitter.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , , |