Don't be a bonehead: Run antivirus on your Mac

Don't be a bonehead: Run antivirus on your Mac

Summary: Choosing not to run antivirus on a Mac is a boneheaded move that people choose to make based on nothing more than fanboy idealism, and has no place in the real world. Doubly so if your Mac takes on BYOD duties.

TOPICS: Apple, Security

The other day I put together a Q&A for shifting from Windows to the Mac, and under my "must have" utilities I listed an antivirus tool. While many understood the logic of this and agreed with my decision, there were some who saw this as a silly indulgence.

It's not. In fact, choosing not to run antivirus on a Mac is a boneheaded move that people choose to make based on nothing more than fanboy idealism, and has no place in the real world. Doubly so if your Mac undertakes BYOD duties.

Here's why.

I consider security to be an important part of computer ownership. Security for me means keeping my hardware safe, keeping my data secure, keeping my network safe, and keeping the people around me safe. I'm a big believer that vigilance is a vital tool in the fight against malware, and that applying security patches in a timely fashion goes a long way toward keeping a platform safe.

But I'm also fully aware of the fact that there is no such thing as secure code. Operating systems are huge, and it doesn't matter whether that code is written in Redmond or Cupertino or somewhere else, it will be riddled with bugs. Windows XP was out for more than a decade, and saw three service packs and countless patches, but the bugs just kept coming. Patched bugs represent just the tip of iceberg when it comes to the actual vulnerabilities present in the code we are exposed to and use on a daily basis.

If you believe that your operating system is secure, you're deluding yourself. And if you try to tell others that your operating system of choice is better than someone else's, you're trying to delude others and don't be surprised if people think you're foolish.

When it comes to malware, I don't want it landing on my systems, I don't want it inhabiting my systems, and I don't want to pass malware on to others. That's the plan, and I work at achieving that by taking a three-pronged approach:

  • Vigilance and care in what I download and install, where I visit on the web, and who I allow to access my system.

  • Apply patches in a timely manner. Not installing a patch – unless you have a very good reason – is pure insanity.

  • Keep an antivirus running to scan files and live on or pass through my system.

The final stage is important not only because it protects my system from malware – and believe me when I say that Mac malware does exist, just not in the same numbers as malware for Windows – but it also scans for Windows malware, which prevents me from passing on nasties to other people. A little RAM and some CPU cycles is a small price to pay to get an independent eye cast over the bits that flow into my Macs. OK, I only seem to catch Windows malware, but even quarantining that helps to keep my network safe, and prevents me inadvertently sending bad code to others.

I understand that antivirus can be expensive, but I can't understand the mentality behind spending hundreds – if not thousands – of dollars on hardware, and then paint a big bull's-eye on it for hackers and other online ne'er-do-wells. And even if your Mac purchase has left you strapped for cash, there are many free alternatives available to choose from.

So don't be a bonehead, and run antivirus on your Mac

See also:

Topics: Apple, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Please review Mac anti-virus products

    You have links to several Mac anti-virus products, but which is best? Please do a review of them.
    • BTDT

      Stay away from Intego, and Norton! I currently have MacScan; the main problem with it is that when it scans, you can't do ANYTHING with your Mac until the scan is done. I've set mine to scan at 11:59 P.M. on Saturday night.
      • Huh?

        What does MacScan have to do with Intego? Intego is consistently ranked in the top spots in testing. Also, don't do scheduled scanning with any antivirus product, it isn't necessary. Real-time scan is all that you really need. Lastly, asking a piece of software to filter through potentially millions of files for tens-of-thousands of potential threats and then complaining that it takes some CPU time to do so seems a little harsh...
    • Since ZDNet doesn't know how to allow editing,

      here is a link you might find interesting:
    • None.

      None. No antivirus required - included in OS. Bitdefender, if concerned over possible malware.
  • .Mac used to offer free virus tools.

    If I remember correctly, it was McAfee Virex; but apparently Apple decided that allowing sufficient access to the core OS to let it do its job would, ironically, make it more susceptible to attacks.

    I guess they should know. Like most Mac users, I've never used an antivirus and I've never had a problem.

    Now let me bask in the hysterical wrath of your screaming vengeance.
    • "Never had a problems"

      If you decide to play Russian Roulette and don't shoot yourself the first few times, it still doesn't mean it's a sensible thing to do. So just because you have "never had a problem" it doesn't mean you're safe.

      Also, just because you "never had a problem" doesn't mean (a) you haven't passed on a Windows virus to someone else, or (b) that you haven't already been infected with a Mac virus - if the virus was well written and you haven't got a virus scanner, how would you know? It might be logging all your keystrokes right now.
      • The problem is...

        ... a virus scanner/cleaner would, according to Apple, open up my system to the same viruses, malware they aim to identify/prevent.

        Come on guys, even people who've been using Mac for 30 years (me, just 25) would tell you they never had a problem.
        • Incorrect

          Antivirus does not open you up to infection. Malware can disguise itself as an antivirus if you are out and about downloading any old 'free' download link on the web, but Apple in fact recommends legitimate antivirus for OSX.

          As a side note, my computers (and I do have a lot of them) have been malware-free for over a decade, regardless of operating system.
        • That argument applies to iOS, not OS X.

          And it is a correct statement.
      • It is their resposibility

        for Windows users to have their own anti-malware software rather then depend on everybody else.
      • Russian Roulette is the wrong analogy

        Here's a more correct one: Just because you haven't been hit by a rogue bullet the first few times you were walking through the Hamptons without a bullet proof vest on doesn't mean it's a sensible thing to do.
        • hmm

          Problem is that a bullet-proof vest won't help when you're walking through a minefield. Viruses are an old threat (and on the mac, were never a threat). The biggest security risks today are poor password policy linked to a breach of a server containing your details, social engineering, and (other) web-related problems. Browsers seem most likely to be exploited via Flash; enable click-to-run and be paranoid about keeping Flash up to date. Also Java. Disable javascript execution if you use Adobe's PDF readers, but most OS X users won't be using Adobe's PDF reader.
          Nothing has ever convinced me that antivirus on OS X is worthwhile. It is harmless to run it, and I have always had it on my mother's mac, and in five years not a single threat has been detected (or occurred). I have occasionally used it on my Macs (and never on my Linux machines), but while I am a sophisticated user with an advanced risk-minimisation approach, I do not see OS X anti-virus as part of that.
      • Anti-virus

        I don't use anti-virus on Windows either post-XP, and have never had any issues. Plus, I've heard that anti-virus doesn't really do the job anymore, and so you need an entire security suite bogging down your system. I say F that - common sense, along with adblock/Flashblock goes a long way.

        I suspect I might get bitten eventually, and if that happens, so be it. Like having your identity stolen, it'll suck having to clean up the mess, but it's not the end of the world.
    • DITTO

  • iPad?

    Adrian, what about iPads?
  • Common knowledge

    Look, people. There has N-E-V-E-R been a more exploitable operating system than OSX in all of history. Despite owning 93% LESS market share than Windows, it is still far more insecure. Apple's approach when it comes to security is totally abysmal and embarrassing. Worse, Safari is the most lethally insecure browser in existence. This combination is the equivalent of leaving your doors unlocked with a big "Rob Us" sign in neon lights in the worst part of the ghetto. We've seen this first-hand when Apple spent an unheard-of FIVE MONTHS wrasslin' Flashback Trojan Horse to the ground. Worse, it struck multiple times! Pro-Mac sources have been recommending ClamXav at the very least for YEARS. Yet, foolish and ignorant Mac users (are there any others?) continually believe the myth of Macs being just shy of bulletproof. Remember, these are the same computers that fell FIRST, on the FIRST day of every single Pwn2Own challenge for five years straight, before anything else.
    • They all fall

      Yet the plonkers who toss themselves at Pwn2Own go for the shiniest kit (Apple if you didn't know). Why go for a sad generic PC when you can hack to get a Mac?
      • The price cash was $10000 - $15000

        For the first whitehatter to take down any one of the challenges.

        With that kind of cash on the table, I'd imagine that prudent whitehatters would go for the easy exploits first.

        And they did. They went after the macs. The easiest targets. Every. Single. Year.
        • If you haven't noticed...

          Pwn2Own doesn't mean anything. In 2012, a PC running Chrome was the first to fall. I suppose that means Google Chrome is horrible?