Is it really time to run AV on your Mac?
- — 01 May, 2012 14:07
- ( 4 Comments )
No matter which way you slice the numbers, the sheer volume and variety of Windows malware makes running XP, Vista or 7 without antivirus far more risky than running any version of Mac OS X without antivirus.
If you want to pay an annual license subscription to Symantec ($60), McAfee ($70-$90), F-Secure ($50), Kaspersky ($60) or BitDefender (AU$57 for three users), you can.
Assuming the average life span of a Mac or PC is three years, that’s around $180 for software you might not want (because of cost and processing power) but may need.
The question, following the “outbreak” that supposedly busted the myth that Apple malware does not exist, is whether antivirus for Mac OSX is actually needed?
Mac users should not assume they are entirely risk free, as shown by targeted attacks against unique social groups. But does the single mass, automated malware threat called Flashback or Fakeflash really justify the case for Mac users to install antivirus?
Highly-regarded security researchers claim the emergence of that single “drive-by download”, which Windows users have faced by the hundreds if not thousands for many years new, does justify installing antivirus on Macs.
“I think the time is changing right now when it is something you have to do on a Mac,” F-Secure’s chief security researcher Mikko Hypponen told CSO Australia.
But the argument that it’s necessary for Mac users to run antivirus rests on an over-simplified debate: whether malware exists (or not) for Macs.
Forget Apple’s marketing, which implies that Macs are “virus free” because they are not Windows machines, the AV industry would like consumers to believe that the mere existence of Mac malware of the Flashback type makes running antivirus worthwhile.
In the end, users will decide whether it's worth the price based, and they currently have a range of free or ‘freemium’ products to choose from, including Avast!, ClamAVm and Sophos – although I suspect Sophos intends to monetise its freemium product in the near future.
[Update: Sophos has confirmed it has no plans to monetise its free AV for home Mac users product, and Sophos will continue to provide this tool to users for free on an ongoing basis.]
But what ever happened to the question of calculated risk? For example, the risk of death if you choose to jay-walk when it is clear there is no oncoming traffic?
Russian antivirus firm, Kaspersky, last week outlined that there are currently just 300 ‘malware’ threats (adware, spyware, virus, trojans, included) for Macs. As stated above, it’s still quite minuscule compared with Windows systems.
Get exclusive access to CSO, invitation only events, reports & analysis. 
Comments
Graham Cluley, Sophos
1
Your suspicion is incorrect. Sophos has *no* plans to monetize our free anti-virus for home Mac users. As we have explained several times on the Naked Security blog and in interviews - we made it free to raise brand awareness.
Cheers
Neal AJ
2
In my opinion, when it comes to system security it is better to error on the side of caution than to proceed based upon calculated risks. The current threats facing Mac users are being developed by a different generation of coders, who think entirely differently about programming than many seasoned coders. The same principle applies to end users, a substantial amount which are not savvy users and may fall for the maliciously automated pitch.
If the likes of Stuxnet doesn't raise enough concerns to take a security measures for Mac users, perhaps Flashback will.
Steven Klein
3
I'm a Mac-using IT consultant. And I choose to NOT bog down my computer with anti-virus software that will consume CPU cycles, disk space, RAM, and—when it's updating—internet bandwidth.
It's interesting to note that not a single Mac anti-virus app prevented Flashback infections when the virus was new.
With the exception of Flashback, all reports I've seen about OS X malware indicate that it's limited (so far) to trojans spread through so-called warez sites and porn sites. Flashback was a drive-by download spread through a Java exploit. I haven't been able to find any actual websites that have been vectors for Flashback, but given it's low rate of infection, I'm guessing it was also spread through such marginal sites.
I don't have Java on my Mac, so I wasn't even vulnerable to Flashback. And I don't visit warez or porn sites.
If malware becomes a problem for OS X, I may change my tune. But in the meantime, I'm not wasting my money or my computer's resources running software that, essentially, does nothing.
Liam tung
4
@graham, good to hear sophos wont start charging, but my favourite comment is from steven klein.
http://liamtung.wordpress.com/2012/05/02/is-it-really-time-to-run-av-on-your-mac/