Norton Anti-Virus makes Mac OS X less secure?

Norton Anti-Virus makes Mac OS X less secure?

Summary: commentary Apple Macintosh users could be making themselves less secure by installing Symantec's flagship anti-virus application. On Tuesday, Symantec admitted that all versions of Norton Anti-Virus (NAV) contain a security vulnerability that could allow a malicious user to remotely take control of the computer.

SHARE:
commentary Apple Macintosh users could be making themselves less secure by installing Symantec's flagship anti-virus application.

On Tuesday, Symantec admitted that all versions of Norton Anti-Virus (NAV) contain a security vulnerability that could allow a malicious user to remotely take control of the computer. This kind of announcement is common to Windows users but this flaw also affects NAV running on Apple's OS X platform.

Symantec has not yet issued a patch to fix the issue but it has updated its scanning signatures to look for applications that try to exploit the vulnerability.

The Mac is arguably more secure than Windows for a number of reasons, including its Unix-based architecture, default password protected administration rights and lower market penetration.

Mac users have not had to face any new virus threats for a number of years. The closest they have come was the malicious Renepo script, which showed that OS X has not been completely overlooked by the hacking underground.

However, despite not being targeted by malware writers, OS X users have been inundated with warnings from analysts, security vendors -- especially Symantec -- and IT administrators who all believe a serious Mac attack is on the cards.

In March, Symantec's Internet Security Threat Report predicted that as Apple increases its market share its userbase is likely to come under increasing attack. Just a week later, research group Gartner warned businesses reliant on the Mac to guard against 'spyware infestations'. Even at the University of Otago in New Zealand, where around 40 percent of the computers are Mac systems, IT security manager Mark Borrie said that although the Mac is generally safer than Windows, it still contains vulnerabilities that will be exploited.

But how long will the OS X platform remain safe? That is a question nobody seems willing or able to predict.

Security is all about managing risks. We need to figure out how much we are willing to pay for security and how that will affect users in terms of flexibility and convenience.

Symantec's latest security vulnerability highlights the fact that introducing complex code into a computer system makes that computer less secure.

While researching this article, I asked several security experts if Mac users are more or less secure once they install Norton Antivirus.

Most, such as Jo Stewart-Rattray, director of information security at Vectra Corporation, said users would be safer with NAV installed: "This is a glitch -- a flaw, just as we see in the PC world."

This time I'm afraid I have to disagree.

As the owner of a Powerbook I am faced with a dilemma. Do I pay AU$118.15 for a flawed 'security' application that is designed to protect me from threats that do not seem to exist; or do I take sensible precautions like keeping my computer behind a firewall and staying up to date with OS X patches?

For now anyway, instead of spending my money on a copy of NAV for OS X, I will be buying a big round in the pub.

What are your views? Do you use an anti-virus application on your Mac? When, if ever, do you think we will see a serious Mac virus?E-mail us at edit@zdnet.com.au and give us your thoughts.

Munir Kotadia is a Security Journalist at ZDNet Australia.

Topics: Apple, Hardware, Malware, Operating Systems, Security, Symantec

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

9 comments
Log in or register to join the discussion
  • Never ever use Norton

    Funnily all OS X developers I know (including me) consider "Norton XYZ" to be the only piece malware for OS X... and not only since these vulnerabilities but basically since "always"

    Alex
    anonymous
  • Why would a Mac user buy NAV?

    Symantec tries to spread FUD about the Mac platform to try to drum up business - then it turns out the most vulnerable software you can run on OS X in NAV. Even if they fix this problem, who would trust them in the future?
    anonymous
  • If I was a virus writer ...

    If I was a virus writer with a sense of humour (or evil thoughts) I'd write a virus that generated a message that simply said "Error Type 11" and had an "OK" button.

    None of the Mac users would be any wiser.

    Andrew Smith
    Brisbane, Australia
    anonymous
  • Catch 22?

    Are you trying to say catch 22?

    If so, you mean Error Type 10110.

    But what do I know, I am just a Mac user. Who virus scans with ClamXAV for files that I share with my Windows computers. No need of AV for my Macs or Linux boxes.
    anonymous
  • Electric fork.

    Here in the mountains of Colorado, we rarely get tsunamis. They are so rare that, actually, there haven't been any in recorded history. But there was just an article out that described how some home owners are requesting home owner's insurance that includes tsunami damage. The article stated that these homes were often in the half-million dollar price range, and that one owner said that while his friends were laughing at him, you can never been too careful.

    There are no Mac viruses. There haven't been for years. The large majority of Mac anti-virus software purchasers are home users, people who may in fact live in half-million dollar homes, but don't know a lot about the inner workings of Macs.

    Whenever I see these stories on Mac antivirus software, I feel like Eddie Izzard, and both want to applaud the software companies for their brazen audacity and ability to hoodwink millions of Mac users, as well as stand back in shock at how easy people are duped.
    anonymous
  • Use ClamAV on OS X Server, use ClamXAV on client

    www.clamav.net

    http://www.markallan.co.uk/clamXav

    Of course, backup your data before running this, but I've used it without issue.

    Everytime the Mac OS is updated, Norton breaks, often badly. This suggests to me that they continually ignore Apple's developer guidelines. This was true of PRE- OS X versions.

    On the PC side of things, Norton completely overlooks things that are easily flagged by AVG (grisoft.com) and BitDefender (http://www.bitdefender.us )
    both of which are far superior.
    anonymous
  • You're Dating Yourself

    Error type 11s went out with OS 9 - which is why the response mad no sense.
    anonymous
  • use virus scan for mac from virex

    why cant u try your hands at virex
    anonymous
  • use virus scan for mac from virex

    why cant u try your hands at virex
    anonymous