antivirus programs for mac ?

I would like to start this article off by noting that I am *not* a computer security expert. I am merely an everyday Mac user like everyone else.

Recently, there has been a lot of hoopla regarding Macs and their vulnerability to viruses. Apple initially recommended having one or multiple anti-virus programs running, then swiftly removed it; stating that the KB article was "old and inaccurate". It kind of shook the whole Mac mantra about how "Macs are protected from viruses right out of the box" - and that got quite a lot of Mac users comtemplating about the necessity of anti-virus programs.

This is utter personal experience: I have yet to encounter any problems with viruses on my Macs.

But the cold hard truth is that no operating system is 100% uncompromisable and viruses aren't your only worry. There are other malware like trojans and worms, spyware, user-faults and physical intervention to think about too. I'll get to that in a minute.

Let's focus on Mac viruses for a moment.

What is a computer virus? The Microsoft answer "Computer viruses are small software programs that are designed to spread from one computer to another and to interfere with computer operation." [Link to definition]. If you look here, Sophos has published a timeline of all Mac malware-related incidences. Mostly, affliction towards Mac computers were caused by Office macro worms and trojans with only a few virus outbreaks. Also, notice that you can almost count the number of incidences spanning over 20 years with your fingers. That's something to think about.

Another thing to think about is Apple's market share. Currently, Macs are only almost 10% of the total US PC market. That said, it is a very unattractive market for malware writers to set foot in because attacks would not be on a sufficiently large scale.

The third reason why there have been only so few Mac exploits is the architecture of the OS X operating system. I'm not going to go into the details because like I said, I'm not an expert. Have a look at this article and decide for yourself. In a nutshell, OS X's stronger permissions and system architecture make it hard for malware to be installed. Also, Macs do not recognize the EXE extension on which most malware are built on, making it immune to many of the popular exploits circulating on MSN Messenger.

Conclusion

There seems to be no substantial evidence that convinces me of the necessity to install an anti-virus program to run in the background, using up system resources for virus attacks which I will hardly encounter. However, you might want to consider an anti-virus if:

  • You run Windows on your Mac
  • You have networked Windows computers
  • You use Microsoft Office frequently
  • For humanitarian purposes. You wouldn't want to be the intermediary medium for virus spread from PC to PC

A good, freeware anti-virus which comes very highly recommended is ClamXav.

Besides malware, Mac are also vulnerable to spyware. Practicing "safe-surfing" is a precautionary method. Besides that, running an anti-spyware application can actually help get rid of tracking cookies. For that, take a look at MacScan, a free anti-spyware app for Mac.

Protect yourself

Aside from malware and spyware, user-foolishness is one of the more common causes of exploits. This applies to users on both Macs and Windows. For goodness sake, don't click on every link you receive on MSN Messenger.

If you're interested in keeping your Mac safe, I urge you read through and consider some of the most basic security tips listed below:

Avoid using the root account

The root account is the super-user account which is created at the time OS X is installed. Having an administrator account and a separate account for yourself and every other user may sound like a hassle but being stripped of admin rights can actually be a blessing. OS X will request for permission on every occasion it needs to alter files over on the root folder (/Library or /System) and prevent any possible malware script actions.

If you are already running on the root account, the option to remove admin rights will be bricked. Create another account and give it admin rights. Log in to that account and remove the admin rights from your user account.

To do this, open System Preferences and go to Accounts. You may have to click on the lock icon to apply any changes. Then click on Login Options.

Disable automatic login & Enable 'Require password to wake this computer from sleep or screen saver'

This will prevent any unauthorized physical intrusion to your Mac. Remember to lock your Mac when you leave it to go to the bathroom if you're in a public area; and it may be worth it to invest in a good Kensington laptop lock.

You will find these settings in System Preferences under Security.

Turn on your Firewall

Only allow the applications you trust to access the Internet (third option).

This setting is under Security -> Firewall tab.

Disable 'Open "Safe" files after downloading' in Safari

Being a little paranoid, I like to assume control of everything that happens on my Mac. And the fact that Macs were once exploited using this feature, I'd rather open the downloaded files personally, and archaically i.e. manually.

You can find this setting in Safari's preferences under General.

Enable Guest account

If your friends want to use your Mac to check their mail or surf the Web, don't let them do it on your account. Not everyone is equally tech-savvy. They may click on links which you wouldn't even look twice at. Setting up a guest account for this purpose will probably prevent you from pulling your hair out if your Mac is infected. Worst of all, it wasn't even your fault!

Plus, this will also deter others with dishonorable intentions when using your Mac like installing a keylogger or a screen-capture application.

Guest accounts can be added in System Preferences under Accounts. You may want to enable Fast User Switching so that you can switch back and forth through accounts without logging out.

Stop to think when prompted for the Administator password.

Like I said earlier, the admin password will be needed when a program is about to alter system files on the hard disk. Always stop to think and ask yourself why this program needs to alter your system files and if you trust this application's vendor. Apple made OS X this way so that changes to the system will be authorized so don't just brush it aside.

Set a different Keychain password

By default, your Keychain password is the same as your user account password. This means that if anyone knows your account password, they can enter that password and easily reveal all your internet account passwords because they are stored in Keychain Access. Having a different Keychain password will add another line of defense against this.

To do it, open Keychain Access. Under the Edit tab, click on Change pasword for Keychain "login".

What other measures have you taken to ensure your Mac's security? Any Mac gurus out there who would like to pitch in a few more ways to protect our Macs? Do you use an anti-virus and why? Let it all out in the comments.