Spyware and virus on Macs

[blubarb]

Hi all

I so often hear that there are "no known viruses or spyware for the Mac", but if this is true, then why do commercial scanning products exists for Mac? Recently I downloaded a trial version of a popular scanner and it found 17 cookies it wanted to isolate as spyware -- I am confused, help!

Cheers

[CAlvarez]

Why do a lot of useless products exist?

Cookies are not spyware.

[pink]

Two good reasons for using antivirus software:

- You avoid serving as an "inapparent carrier" e.g. for email-viruses. Some say that you just prolong the life of inferior (because susceptible) systems by removing viruses from mail attachments and thus prevent them from being eradicated, but I think this is simply a matter of netiquette.

- There are no known viruses, but, with increasing popularity of OS X, there will be. So the situation is similar to the question if to back up or not (once the hd is broken, it is too late).

Personally, I fell safe running ClamXAV (freeware) once in a while.

cheers, pink

[lostduck]

Spyware is a software that collects information without the user's consent. At this time, there are no spyware applications for MacOSX, nor virii. So you can trash that demo you got. Every browser offers you the option to remove all the cookies.

I beg to differ from Pink: adding software to protect windows users is totally optional, and in my opinion simply not my problem. The fact that "there will be" virii for MacOSX is an opinion, not a fact. Personally, I feel perfectly safe without running anything other than this OS. If things change, I shall adapt.

[cwtnospam]

Quote: Originally Posted by lostduck I beg to differ from Pink: adding software to protect windows users is totally optional, and in my opinion simply not my problem.

I take this one step further. I believe that Mac users protecting Windows is harmful not only to the Mac platform (it encourages Windows users to remain Windows users) but harmful to computing technology because it helps keep an inferior product from its rightful demise, thereby negating the positive effects of Evolution.

Some would say that the Mac market share isn't large enough to affect Windows this way, but just look at corporate networks where Macs are forced to run AV software. Any cost analysis will include the costs of running this software as part of the cost of running the Macs, but it really is part of the cost of running PCs. This artificially tilts the balance in favor of the inferior platform, making it harder for the Mac to gain traction in that market.

I'll run AV software if and only if there is a known credible threat to the Mac in the wild.

[CAlvarez]

Quote: there will be.

Interesting assertion. Can you back it up with any facts?

[cwtnospam]

Quote: Originally Posted by CAlvarez Can you back it up with any facts?

Excellent question! I had deliberately let that one slide because I felt my response would be too long.

Oh, and yes, cookies are not spyware!

[JDV]

You know, every now and then, I detect in these discussions that tinge of arrogance that tends to make me cringe. MANY of the Windows viruses are Word macro viruses, to which Macs are -not- immune (even if every single one of the many Mac users disabled Office's Macro capability, which experience shows--by posts from this forum--doesn't always happen). Suppose, for the sake of argument, however, that no Mac user ever did suffer from the inconvenience of this plague. In a mixed environment, the Mac could serve as a "carrier" of such a virus to other machines. The requirement that every machine be equipped with anti-virus software in a shared environment may or may not be necessary, but it does seem like a -reasonable- policy if their mail system doesn't already strip viruses from e-mail attachments.

CAlvarez, every other operating system on earth has suffered from worm/virus/trojan at some point or another; there is nothing unique about Apple's implementation of BSD that makes it inherently immune; if there is, I should be most interested in knowing just what it is. Now, that isn't to deny that there aren't severe problems with the Windows OS which makes it more vulnerable (and Vista may or may not be an improvement). But one can't but notice the very much increased traffic in security updates for OS X from Apple. I have to assume that they are patching potential security risks in these updates, which would seem to imply the theoretical vulnerability of some part of the OS, even if there is no existent exploit in the wild.

Lastly, who knows what effects the move to an Intel platform might bring along with it? I believe one reason the PPC Mac was a hard target is that the hacker community had less expertise or fewer compilers for PPC code. There's LOTS of people who can compile for x86 processors. It might change the landscape.

Now, I respect those who want to wait until there is a tangible threat to take action, though I take exception to lostduck's attitude that it is "simply not his problem." But there is simply no a priori grounds to believe in the invulnerability of OS X; if it hasn't been exploited--good! But what "facts" would convince you, Carlos?

Joe VanZandt

[cwtnospam]

Quote: Originally Posted by JDV In a mixed environment, the Mac could serve as a "carrier" of such a virus to other machines. The requirement that every machine be equipped with anti-virus software in a shared environment may or may not be necessary, but it does seem like a -reasonable- policy if their mail system doesn't already strip viruses from e-mail attachments.

If your Mac's are vulnerable to macro viruses and you a) are experiencing trouble with them and b) don't know how to deal with them, then I suppose AV software could be useful.

What I object to however, is the idea that Macs should be treated as some sort of typhoid Mary simply because PCs are so incredibly vulnerable. If you have a mixed environment, then by all means be sure that ALL of the PCs use up to date AV software, but don't shift the burden to Macs!

It's a PC problem, and the solution is to either not use the PC or secure the PC.

[pink]

Thanks, Joe, I have nothing to add here.

cheers, pink

[Craig R. Arko]

Like most other things involving technology, one has to make tradeoffs.

I choose to monitor my system manually, since it seems to me so much of the malware spreads through social engineering, and I've learned to be pretty cautious over the years.

I contrast this with the known destabilizing influence pretty much any piece of antivirus software (at least since Disinfectant) has had on the machines where I've installed it. They've been known to do fun things like delete the entire mail store, because a single item may have an attachment they didn't like.

When the cure remains worse than the disease, you take your chances with the disease.

[ArcticStones]

Quote: Originally Posted by Craig R. Arko Like most other things involving technology, one has to make tradeoffs... When the cure remains worse than the disease, you take your chances with the disease.

That is a pretty astute point!

In my 12-13 years as a Mac user, I have had a virus once.
I received a Word macro virus from a professional client who knew their system was contanimated -- but neglected to inform me when they sent documents.

Microsoft Support was very helpful in providing instruction for removing the virus.

The funny thing is, the source of this virus was supposedly Microsoft itself, which was using it for testing purposes, but accidently gave it a far wider distribution in the wild.

[ThreeDee]

I just saw the title of this topic.

In my head:

Quote: Oh no! Not again!

[cwtnospam]

Just so we're clear, here's an easy way to stop 99% or more of Word macro viruses.

[ArcticStones]

Quote: Originally Posted by cwtnospam Just so we're clear, here's an easy way to stop 99% or more of Word macro viruses.

That is ingenious! Never heard of that before, but it was so obvious when I saw it. Done. Thanks!

[Wee_Guy]

I think i heard somewhere that anti-virus software can actually end up having a negative afect on Macs. I'm not sure where i heard this though, maybe it was here.

[yellow]

The only AV software that I've ever used and thought "this is more trouble than it's worth", is Norton AV.

[JDV]

Steps like this are, of course, just as effective in Windows as on the Mac, and those of us that know how to accomplish this have usually done this--on our PCs as well as Macs. It's good advice, and only very occasionally does one need to modify normal.dot after it is set up properly. But this is self-defense (a good skill to have!)--the viral code is still contained in the document and can be sent to others who may be less sophisticated. If this were an unmentioned asian country, we would simple execute all the hackers (though not the pirates) and that would be that. But so far, this perverse activity shows little sign of slowing down.

BTW, ThreeDee's reaction wasn't that much different from mine...we HAVE flogged this poor horse to death. But it didn't prevent me from posting, obviously.

Joe VanZandt

[vntgntks]

I think you heard about Norton which is very malicious to Macs. In answer to " then why do commercial scanning products exists for Mac?" Because there is money to be made from people who incorrectly believe that their Mac needs protection. AV SW works by constantly updating the latest viruses as and when they are detected. A good virus will spread world wide in a matter of a day or less. If and when that first Mac OSX virus appears, there will be no protection for any Mac because the AV authors have not been able to create it.
Running AV SW on a Mac is a total waste of time, money and System Resources. I have used Macs for well over 20 years and have never had a virus, not one. I back up daily and am online 24/7. If it ever happens, I will reconsider. But until then I guess I believe in unprotected techs!
Richard

[CAlvarez]

Quote: CAlvarez, every other operating system on earth has suffered from worm/virus/trojan at some point or another; there is nothing unique about Apple's implementation of BSD that makes it inherently immune; if there is, I should be most interested in knowing just what it is.

It cannot be 100% immune, but if we say Windows is 50% then it is 99.9% because of the vast difference in the security model. The fact that bugs are patched is no indicator of vulnerability.

Quote: But what "facts" would convince you, Carlos?

I don't know, since I don't think it's a provable statement. And of course you can't prove a negative like this, so the best we can say is that more attention could lead to finding an opportunity for exploit. There is no way to say that it will.