Virus on my mac, anything I can do?

How is antivirus software pointless when there is Mac malware in the wild?

There is one piece of malware. Use a specific removal tool rather than having a program constantly running.

For the technical user, regardless of operating syste, I believe antivirus software is fast becoming unneeded outside of what OS's provide.
 
I agree it's arguable whether to use AV or not, but surely prevention is better than waiting for a removal tool? What are you supposed to do in the meantime? Have Apple even acknowledged the problem exists yet?
 
Last edited:
I agree it's arguable whether to use AV or not, but surely prevention is better than waiting for a removal tool? What are you supposed to do in the meantime? Have Apple even acknowledged the problem exists yet?


Yes. And they've issued updates to fix the problem
 
How is antivirus software pointless when there is Mac malware in the wild?

Most AV software for the Mac actually managed to not spot Flashback anyway.

There is no in-the-wild viruses for OS X. Therefore (at the moment) running AV on your Mac is just security theatre.


I agree it's arguable whether to use AV or not, but surely prevention is better than waiting for a removal tool? What are you supposed to do in the meantime? Have Apple even acknowledged the problem exists yet?

The Java vulnerability has been patched by Apple. A little too slowly mind you and I do wish Apple would be a lot quicker at patching known vulnerabilities.

Like I said above at the moment it's just security theatre running AV on OS X Mountain Lion will make this even more the case with Gatekeeper and other baked in security features.

Yes it shouldn't have gotten to the point where a drive-by attack could infect OS X but it's being turned into a storm in a teacup by AV makers and the anti-Apple blogosphere.
 
A little too slowly mind you and I do wish Apple would be a lot quicker at patching known vulnerabilities.

Yes it shouldn't have gotten to the point where a drive-by attack could infect OS X but it's being turned into a storm in a teacup by AV makers and the anti-Apple blogosphere.

A 600k botnet is not a storm in a teacup. A fuss needs to be made by consumers and the security industry otherwise Apple will not change their ways. OSX needs prompt patching and a pro-active approach to Java security, similar to the way Chrome does it. http://www.favbrowser.com/google-chrome-blocks-java/
 
A 600k botnet is not a storm in a teacup. A fuss needs to be made by consumers and the security industry otherwise Apple will not change their ways. OSX needs prompt patching and a pro-active approach to Java security, similar to the way Chrome does it. http://www.favbrowser.com/google-chrome-blocks-java/

I'm not going to argue that Apple need to sort out the speed at which they patch vulnerabilities* as they have always been far too slow at doing so. However I'm standing by my opinion that this has been whipped into a frenzy by the AV and anti-Apple blogosphere.


* Not installing Java or Flash by default doesn't really count. However like I said in a post above they have added some good security features in Mountain Lion. One of which should have stopped Flashback from ever becoming an issue had it been in Lion.
 
The clue is in what you wrote. Trojan, not Virus. Also that loophole (thanks Java!) has now been closed.

It's still a virus in another name (and I was talking about the fake anti-virus programs which started surfacing a year or so ago as the first that bypassed the requirement for the admin password)

Also that loophole was fixed ages ago and apple didn't even bother to issue the fix to mac users until last week.
 
Yes. And they've issued updates to fix the problem

They've issued an update for Java, which is analogous to just stemming the flow - what about the existing customers that are already infected? Have they specifically acknowledged the problem and do we know whether there will be a removal tool pushed out soon?
 
Most AV software for the Mac actually managed to not spot Flashback anyway.

There is no in-the-wild viruses for OS X. Therefore (at the moment) running AV on your Mac is just security theatre.

Up until a few days ago, anybody suggesting there was a 500,000-strong Mac botnet in existence would have been laughed off the forum.

I don't see how running antivirus software on OSX can be considered "theatre" when it's just one component of keeping malware off any computer? I don't see it as any more or less theatrical than installing security updates or enabling the firewall?
 
I don't see how running antivirus software on OSX can be considered "theatre" when it's just one component of keeping malware off any computer? I don't see it as any more or less theatrical than installing security updates or enabling the firewall?

Because Flashback has been the only in-the-wild drive by style Trojan (still needs to trick users into entering the admin password though) and most of the Mac AV products missed it.

That's why it is essentially security theatre. Enabling your Firewall on OS X is completely different and not comparable.

The focus of the press should be Apples slow and disorganised response. That's the real issue here.
 
I have NOD32 running on my MBP as I had a spare license so I though why not. I can't remember it ever warning me of a virus. I do remember when I used to use Windows every now and again it would pop up that a virus had been blocked. Make of that what you will. I agree that Apple should have responded faster and it was a poor response.
 
Because Flashback has been the only in-the-wild drive by style Trojan (still needs to trick users into entering the admin password though) and most of the Mac AV products missed it.

That's why it is essentially security theatre. Enabling your Firewall on OS X is completely different and not comparable.

The focus of the press should be Apples slow and disorganised response. That's the real issue here.

The Trojan installed regardless of whether you entered the administrators password or not, so this security boundary failed. If "most" Mac AV software missed it then logically that implies that "some" actually did detect it? So for some users running antivirus software on their Mac wasn't theatre at all - it actually did its job and they are not infected? Would you agree that this is a reasonable statement?

I also don't understand how enabling the firewall is not comparable to running antivirus software? Of course, they are doing very different jobs, but both in the name of security and privacy surely?

It is absolutely your prerogative to decide whether antivirus is the right solution for your own computers and even I have sugggested in the past that it might not be worth it for some users. The problem is people broadly writing off antivirus software as pointless to the point of ridicule, because it's not true.
 
Back
Top Bottom