Sophos: malware on the Mac is real, here's a free antivirus

Emil

Posts: 152   +0
Staff

Sophos has released a free antivirus product for consumers using Mac OS: Sophos Anti-Virus Home Edition for Mac. Although commercial antivirus products for Macs have been available for some time, Sophos' offer is one of the very few free ones.

The Internet security firm took its existing enterprise antivirus software and slimmed it down to reduce complexity. Interestingly, the company has no plans to release an equivalent free version for Windows. Windows threats are in the millions while the number of strains of Mac malware is in the thousands.

Sophos says past threats to Mac users have included:

  • Websites that pose as legitimate-looking software vendor's sites, but whose downloads are really Mac malicious code.
  • Malware disguised as pirated software available for download from P2P file-sharing networks.
  • Sexy online video links that urge you to install a plug-in to view the content, but really infect your computer with a Mac Trojan horse.
  • Popular Twitter accounts, such as that belonging to former Apple evangelist Guy Kawasaki, who have tweeted out links to websites designed to infect Mac computers.
  • Windows viruses and other malware, which can come in via e-mail, the Web, or USB drive, either being passed on to Windows-using friends or colleagues, or infecting virtual installations of Windows installed on a Mac.

The UK-based firm's approach to Mac security is very interesting: the company claims all it wants to do is raise awareness. Sophos will have to run a dedicated support forum and won't even be converting users to paid-for consumer versions of its security software, which is how most security companies justify their free versions. Panda Security, which recently also released an antivirus for Mac, made a point to say Mac OS is less secure than Windows and then offered its solution for $50.

Permalink to story.

 
in my experience, mac is pretty darn secure. some of our clients have quite a few macs used in their business process and i've not seen any of them come in with malware. panda security's claims that macos is less secure than windows is absurd. you can simply argue that there are more windows threats in comparison to mac due to windows' much greater market share and this does some hold truth. however, the architecture of mac makes it it more secure and stays that way without the need for constant, bloated updates.
 
OSX is less secure than Windows 7 (I am being specific here for a reason). It's just that OSX has far less interest as being a target for hackers/virus writers/script kiddies/ etc... most security experts and hackers will tell you that if they have experience with both systems.

That being said, I have never liked Sophos's products on windows or mac. They just don't compare favorably when put side by side with their competitors. BitDefender or Dr. Web are much better pieces of software for OSX.
 
I don't agree that Mac is as secure as they think they are. With more eyes looking you're going to find more security holes. This is one of the reasons Windows appears more insecure. It could be because they have less secure programming practices, but they also have a far greater number of people looking for those security holes.

Every system is going to have security holes, especially with our society today of wanting more productive and useful software. it's an eb and flow with the devs creating new software and then going back and making sure it's secure.

Security issues are always going to be a way of life.
 
silvershad0w said:
in my experience, mac is pretty darn secure. some of our clients have quite a few macs used in their business process and i've not seen any of them come in with malware. panda security's claims that macos is less secure than windows is absurd. you can simply argue that there are more windows threats in comparison to mac due to windows' much greater market share and this does some hold truth. however, the architecture of mac makes it it more secure and stays that way without the need for constant, bloated updates.

If you took the time to read most of the threats that the company is warning against are social engineering intrusions, not some hacker trying to get into your Mac while you sleep. So if you're a Mac user who thinks his computer is safe because of "architecture" then you're even more likely to click on the link which will infect your super safe Mac. And if you're talking of clients, and are apparently in the IT field, your belief that OSX is somehow inherently secure is really curious.
 
Good to do this, the mac is getting more interesting for virus makers. And if one good virus comes out for the Mac alot of Apple users will be too ignorant (no offence) to believe it because "Macs cannot get viruses"

The Silent Trojan Horse is the best way to infect a mac at this point because the users will not believe it i think.

a Mac hacker once said that windows is safer but you must see it like this way.

Windows is a heavily guarded house in a bad neighbourhood
and
OSX is a house in the middle of nowhere without locks.
 
Who said there is no viruses for Mac? You dont have antivirus on them so you ****ing dont know.
 
gwailo247 said:
silvershad0w said:
in my experience, mac is pretty darn secure. some of our clients have quite a few macs used in their business process and i've not seen any of them come in with malware. panda security's claims that macos is less secure than windows is absurd. you can simply argue that there are more windows threats in comparison to mac due to windows' much greater market share and this does some hold truth. however, the architecture of mac makes it it more secure and stays that way without the need for constant, bloated updates.

If you took the time to read most of the threats that the company is warning against are social engineering intrusions, not some hacker trying to get into your Mac while you sleep. So if you're a Mac user who thinks his computer is safe because of "architecture" then you're even more likely to click on the link which will infect your super safe Mac. And if you're talking of clients, and are apparently in the IT field, your belief that OSX is somehow inherently secure is really curious.

Not curious. He's simply a liar :)
 
fransb said:
Windows is a heavily guarded house in a bad neighbourhood
and
OSX is a house in the middle of nowhere without locks.

It depends on who's using Windows, cause it's not always heavily guarded. :)

I don't know enough about Mac to make much of a comment, but I've got a buddy that will tell me all about how secure OSX is once I tell him about this software. One question, doesn't OSX use the same DAC methods as Linux? That's gotta count for something, right?
 
Ahhh yes, the ole OSX and Virus shabang. Free + Antivirus + OSX = Good for me. I'll try it out. currently I just use ClamX for anything although it doesn't have real time protection. Still, I browser smart enough to probably not need it. Then again with the newest Java virus that just hit OSX........I'll report on how this free Antivirus is probably tonight.
 
gLitCh32 said:
fransb said:
Windows is a heavily guarded house in a bad neighbourhood
and
OSX is a house in the middle of nowhere without locks.

It depends on who's using Windows, cause it's not always heavily guarded. :)

I don't know enough about Mac to make much of a comment, but I've got a buddy that will tell me all about how secure OSX is once I tell him about this software. One question, doesn't OSX use the same DAC methods as Linux? That's gotta count for something, right?

True but the security built-in in the OS is much better in Windows then in OS X (And then i dont mean UAC or something like it) Alsa and stuff. Microsoft knows more about security then OS X.
 
i feel like sharing this with my facebook friends who own a mac.. but then again i feel liek not sharing it, so they find out the hard way! lol..
 
Mushroom said:
Nothing bad happens to a mac, Steve jobs told me so.

Steve jobs also said "This changes everything... Again."

I guess he was referring to the virus outbreaks that macs will have in the future.

Seriously though, nothing is secure behind the hands of a human being. We're really known to break stuff. Often. A lot of stuff.
 
There is certainly a bitter side of me that wants to let all the mac users keep thinking that they're super-fortress of a virus-smasher can wade through the virtual waters of hell itself before they get a virus.
To think that Macs are more secure by nature is just ignorant. To think that they are more secure by circumstance is valid, but as Mac works towards its goal of a larger and larger market share, their users (especially the ones they tend to target- the ones who dont know how to use computers) will somehow need to deal with growing popularity of viruses and threats.
 
You'll have to excuse my laziness here, but I commented another article about this same debate and rather than rephrase it I'll just quote it.
PanicX said:
The comments here have left me daunted.
I'm guessing there's a bit of trolling going on, but wow, just wow if there isn't.

Now, I'm not an expert in security, but I'm pretty sure the basics aren't that hard or complicated for anyone here to grasp. The pedantics of which operating system is inherently more secure are too difficult to derive, as no body knows how many undiscovered vulnerabilities remain in each OS or how many will be created in the future.

If a particular OS has patched 400 vulnerabilities last year and another only patches 50 vulnerabilities, would you say the one with 50 patches is more secure? How could you know if that OS only has 50 vulnerabilities as opposed to 50,000?

Saying that my OS is better because you don't run as admin or my UAC prevents vulnerabilities or my market share is too small is naive at best. An exploit is code that uses vulnerabilities to execute code irregardless of your security design. If even 1 unpatched exploit exists for your operating system, you cannot claim your OS is secure.

The real measure of the security of an operating system is by the patch response times to vulnerabilities found and active wild exploits. The longer you're forced to remain unpatched to known vulnerabilities, the more insecure you are.

I haven't seen a vulnerability patch response time report in a few years, but the last one I came across showed ~ 4 day response time average for Linux kernel patches, ~ 45 day response time average from Microsoft, and ~ 4 month response time from Apple. (This is from memory, my apologies to fanboys if I'm off a little)

The only factor outside this that I can think of is the fact that Linux is open source and if so inclined, one could create their own patches much easier than with the other operating systems.
 
I think MAC users should seriously download and install AV in their computers, now that viruses for the MAC are being written more and more. Otherwise, the environment can get really nasty with viruses going around the MAC ecosystem without any hindrance.
 
I think that the recent security companys obsession with Mac being unsecure will make many hackers develop malicious software for it...
 
I thought some time ago that Mac was secretly bundling anti-virus into their OS. Anyone heard of this?

I've always thought of Macs as more secure because their market share is considerably lower than the PC; I didn't feel they were more secure because of their OS or design. I have had to explain this to so many end users that it makes my head spin.
 
it's all about public exposure, that's how viruses work, windows being the major target of it b/c its market share (number of ppl who use it) as compared to apple's the difference between the 2 usually made apple an undesired target.
 
While Mac is MORE secure. It isn't bullet proof. There are still viruses written for it as well as Malware. I wouldn't run any computer on the internet without some form of anti-virus anti-malware product on it.

Also for corporate setups you need some form of anti-virus at the very least.
 
antivirus for mac is like MS invented another YES asking for the same question if you really like to install this onto your OS. really useless and pickpoketing users money for nothing
 
Back