Sophos Anti-Virus For Mac [Review]



A few days ago, computer company Sophos released a free anti-virus application for OS X.

According to the experts at Sophos, your Mac is vulnerable to malware – it’s just that there isn’t very much of it around. Yet.

But as Macs and OS X get more popular, that might change. So Sophos thinks it’s time you protected your computer.

So what does Sophos Anti-Virus for OS X do, exactly?

The install requires that you use an installer, rather than a simple drag-and-drop to the Applications folder. On first run you’re presented with a very minimal interface: a new icon will appear in the Menu Bar and Sophos tells you “As long as the icon stays black, you’re safe.” Right. OK then.

If you like to keep your Menu Bar clean (minimalists, raise your hands!) you can remove this icon from the Menu Bar. The basic anti-virus functions will still be running in the background. I’ve left them running there for a day or so and not noticed any difference – there was no apparent severe impact on system resources, and Activity Monitor showed the Sophos processes weren’t making significant demands on CPU.

You can ask the application to scan your local drives, or you can right- or control-click on any file or folder, and ask it just to scan that item (the installer puts a Sophos scanner in your Services menu). I scanned my entire hard disk, which took about three hours.

The question which remains, and which will always divide opinion (feel free to share yours in the comments) is whether you need virus protection on your Mac.

Sophos goes to great lengths to convince you that you do, with videos like this…

…but the examples they’re giving in that video don’t look to me like viruses; they look like trojans and dodgy scripts embedded in web pages. But Sophos is using the word “viruses” to mean “malware”, because for many non-computer-literate people, that is what it means.

This, I think, is where the arguments about Mac security can get heated. People who know about security know that officially speaking, a virus makes copies of itself and infects more computers without human intervention. But the vast majority of ordinary people don’t make that fine distinction – if it’s bad for their computers, they’ll call it a “virus” even if, technically speaking, it’s a trojan.

Sophos is using that same language shorthand to talk to those same people. It’s using “virus” to mean “malware” because that’s what ordinary people do.

There’s no doubt that OS X has security vulnerabilities, whatever name we use for them. I asked Sophos security expert Graham Cluley if he could identify an actual documented virus, in the traditional sense of the word, seen in the last year or so.

He said: “Not viruses, no. The main threat for Macs is trojans, and that’s the same for Windows computers as well.

“Too many people can get taken in by a tweet or a link they see somewhere. A little social engineering is all it takes to persuade someone to click something.”

He confirmed that Sophos uses the word “virus” to mean “malware,” for the simple reason that, in Cluley’s words, “My Aunt Hilda has only ever heard of ‘viruses’, so that’s the language we use.”

By releasing this software, Sophos is not trying to say that Macs are prone to viruses, even though it uses that word throughout its marketing for the product. What it really means is that Mac users are just as likely to fall for the social engineering tricks used to spread malware via the internet as Windows users are, and that its product is one way of protecting yourself from that danger.

Cluley summed up: “I use Macs myself at home. There’s no doubt that they are exposed to less of a threat than Windows PCs. We just want to keep it that way.”


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.