Is it generally advisable to get anti-virus software for Mac OS X?
Is it worth to buy an anti-virus software for Mac OS X?
I heard both opinions like "it's not possible to get a virus on Mac OS X" and "Mac OS X is also vulnerable against virus... "
Which is true? What is the accepted practice, if any? Under what circumstances would anti-virus be advisable?
There is anti-virus software available for Mac OS X:
- Intego VirusBarrier
- ClamXAV (Free)
- Norton AnitVirus Mac Edition
- McAfee VirusScan for Mac
- Sophos Anti-Virus for Mac (Consumer Version is free)
Is it worth it? That's largely up to you. Personally I'd say unless required there's no reason to so long as you practice "safe computing" (eg. not opening files from just anywhere, being aware of what is installed on your computer, etc.). However there are some companies that require any computer (regardless of OS) to have up to date anti-virus software installed and operational.
There are no viruses available for Mac OS X but there are several pieces of malware and trojan horses that a user must manually download and install. The anti-virus products (and actually a feature in Mac OS X Snow Leopard) will help fight against these threats but the primary defence is actually user education as the attack vector is primarily social engineering and not using any security hole.
Probably goes without saying, but if you run any version of Windows in a VM within OS X, those installs of Windows will need antivirus software on them. A surprising number of people I've worked with (including, on one occasion, a head of IT) haven't thought of that.
No, it's not worth it to buy any antivirus software for your Mac. This is for two reasons. Firstly, the number of viruses in the wold for OS X is infinitesimal. Your risk is extremely low, and what viruses do exist, are mostly proofs of concept or MS Office Macro Viruses targeting old versions of Office.
The second reason is because for what antivirus needs you do have, ClamXAV is lightweight, effective, and free. So no, it's not worth purchasing. But it is absolutely worth using, and if you can spare a few bucks for the tip jar, I'd encourage you to do that as well.
The simple fact is that malware has always existed for Mac OS (OS X and macOS), so the statement that a Mac can't get malware is patently, demonstrably and dangerously false.
A second fact is that Apple has done a good job with technology to make the macOS ecosystem largely immune to most threats. This "immune system" consists of sandboxed application design, entitlements to let developers express intent when they need out of the sandbox, signed code to prevent modifications that turn a known app malicious, App Store distribution, system integrity protection, XProtect file quarantine mechanism with a free online update service.
Historically and for many years; the scarcity of viruses, trojans and other malware that spread widely or affect a broad cross-section of Mac users has contributed to a perceived complacency about good security hygiene. The good news, is macs have a built in multi-layered defense system against virus and trojan/malevolent software. This means that most of the recent exploits rely on people unintentionally sabotaging themselves by self-defeating built in defenses. With a small investment of time, you can significantly decrease the need for additional anti-virus protection on OS X.
The calculus of whether running a specific antivirus package is a moving target (vendors typically react to bugs and threats - so what was true yesterday may not be true tomorrow). This makes general answers about the merits of software easily out-dated in a month's time (let alone the two and a half years that have passed since this question was first asked).
What hasn't changed for decades, is that each user should at least spend some time thinking about what is on their device and how painful total compromise might be to them. Based on how valuable your time is to you, it would be silly for someone that has paid IT staff to advise them to not spend $1,000 extra dollars on evaluating security to include potentially installing anti-virus software. It would also be silly for a casual home user to pay for software rather than invest some time to mitigate known risks in their behavior in response to a healthy fear of the unknown.
There are many cases where additional anti-virus protection is critically important. There are also many cases where it is totally un-needed. I would recommend anyone browse these few Apple knowledge base articles to gauge their "baseline security aptitude" and then reach out and learn more before spending any money on anti-virus software1.
- Use gatekeeper, automatic updates to apps and system files and malicious lists for quarantine.
- Protect your computer from harmful applications - the very basics
- Safety tips for handling email attachments and content downloaded from the Internet - a good primer on attachments and executable code
- Apple ID: Tips for protecting the security of your account - great tips on account hygiene, applicable for all online accounts
- Safari: Using encryption and secure connections - starts with the basics, but gets technical quickly. Perhaps better is about certificates to get started.
My only critique of the above articles would be the admonishment to frequently change passwords. This is of limited value when you start making unique passwords and don't as a matter of course enter those passwords on other computers. Changing passwords is of little use when your using them on compromised computers, since the new password is stolen as easily as the old one was.
Once you've mastered the basics, you should have absorbed the following ideas:
- how to use the OS X keychain for storing passwords
- considered or implemented having a few distinct passwords
- and have started securing your account passwords as well as your computer (by applying the tips on Securing Apple ID to other accounts)
After the basics, now it's time to think about increasing your overall security by spending money on anti-virus or a good unique password generation toolset2 to automate secure storage of stronger, unique passwords.
Without being proficient at the level of involvement in the linked articles above, spending money and potentially adding instability or slowness from anti-virus software might not make sense for many users. Furthermore, Apple is clearly intent on getting ahead of this problem with the one-two punch of the App Store model where spreading unsafe software installation practices is clearly working with GateKeeper to allow most people to have automated warnings when code is not signed to prevent tampering and assist in tracing the source of malware.
For most Mac users on Lion, the correct answer is to keep running anti-virus if you have it but not to run out and get it unless you have a good reason to spend time and money after getting up to speed on the basics of security.
Since Lion, Apple has hardened the OS faster than bad actors have been able to exploit the OS so for most people and most businesses, not needing additional software as your default option is a sane and probably correct choice.
1 especially with the likes of Mac Defender preying on people looking for legitimate anti-virus software
2 like 1Password
There is a nice article on Mac.Appstrom from yesterday about antivirus on Mac OS X (which ones and do we need them).