Apple iMac G5 and Anti-Virus software....

Similar Messages

• Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

  Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

  Welcome to Apple Support Communities
  OS X has got its own security systems, so you don't need any antivirus. Furthermore, they will only slow down your computer. If you want more information, read > http://www.thesafemac.com/mmg
  If you want an antivirus, install ClamXav, but you don't need an antivirus

• What is Apple's position on Anti-virus software for the mac?

  I have started replacing my customers PCs with iMac's and Mac-Mini, and I have always operated on the assumption that anti-virus software is not necessary, but I fear that my opinion might need revisiting.  So I would pose the question again, does the community and/or Apple have an opinion on the need for Anti-Virus, Malware and all the other nasty inflictions.  If you, as a group or individually do recommend, what product would you recommend?  Thank You --- Bill Shaw - Kansas City, Mo.

  This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an attacker who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware. Starting with OS X 10.7.5, there is another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications that are downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Applications certified in this way haven't actually been tested by Apple (unless they come from the Mac App Store), but you can be sure that they haven't been modified by anyone other than the developer, and his identity is known, so he could be held responsible if he knowingly released malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe. Note, however, that there are some caveats concerning Gatekeeper:
  It doesn't apply to software that comes packaged as an installer. Treat all third-party installers with caution.
  It can be disabled or overridden by the user.
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to applications downloaded from the network. Software installed from a CD or other media is not checked.
  For more information about Gatekeeper, see this Apple Support article. Notwithstanding the above, the most effective defense against malware attacks is your own intelligence. All known malware on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. [Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.]
  “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
  Java on the network (not to be confused with JavaScript, to which it's not related) is always a potential weak spot in the security of any operating system. If a Java web plugin is not installed, don't install it unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the filesystem. Malware gets into the system by being downloaded, not by materializing from nowhere.
  In order to meet that nonexistent threat, the software duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability and poor performance.
  By modifying the system at a low level, the software itself may create vulnerabilities that could be exploited by malware attackers.
  ClamXav doesn't have these drawbacks.

• Do imac's need anti-virus software?

  Hi there, I am new to imac, I recently just replaced my windows 7 laptop with the new imac 21.5 inch. I have heard some very different opinions on this topic and to be honest I dont know which way to go. Is it necessary to have anti virus software/internet security protection on my imac? Previously to purchasing my my imac I used Kaspersky Pure. My sister still uses Windows 7 and has Kasperky Pure also. So whats the right thing to do? Anti Virus or not? I just want to make sure I do the right thing.. and since Im new to imac I thought the best thing to do was to ask for some expect advice.
  Thanks

  Mostly there is no need. Apple provides malware protection updates automatically if something appears that represents a threat. In recent years there haven't been any serious concerns.
  Helpful Links Regarding Malware Protection
  An excellent link to read is Tom Reed's Mac Malware Guide.
  Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
  If you require anti-virus protection I recommend using ClamXav.

• Since download of Firefox Hello desktop & laptop both on Windows 7 are very slow even after refresh, download history removed and anti virus software turned off

  Since download of Firefox Hello my home desktop & laptop, both on Windows 7, are very slow to open. I have refreshed firefox, removed download history and turned off the anti virus software in extensions. All the plugins are up to date. Can we revert back to Firefox without Firefox Hello?

  Firefox Hello is simply a wrapper for technology already in Firefox, it doesn't negatively impact performance if you aren't using it. Are you saying that your entire computer is slow or just Firefox?

• Are there solutions to Compatibility Issues with Thunderbird, Windows 8.1 and Anti-Virus Software, e.g., MacAfee?

  Since I upgraded to Windows 8.1, Thunderbird freezes up and goes into "Not Responding" mode repeatedly every few minutes. My research indicates that it is a problem with compatibility with antivirus software, which obviously is needed with an e-mail program. How can this problem be solved, or is there an antivirus program that works seamlessly with Thunderbird and Windows 8.1?

  Personally I use ESET NOD32. It is not cheap, but it is unobtrusive and appears to get the job done. Originally I was drawn there for their server protection, but since I no longer have windows servers that need is gone, but I see no reason to change.
  Previously over the years I have used;
  * Norton (Found it just to much embedded into the operating system. Something went wrong with it and Windows would not boot.
  * Microsoft Security Essentials. Any application using large data files was unworkably slow. That included Thunderbird.
  * AVG It was just clunky and I did not like it.
  But the big issue these days is the products are not just anti virus, they are suites including firewalls, password managers/vaults and often spam and scam tools. It is usually these later tools that cause the most issues with the firewalls blocking anything but known versions of known software and spam tools that mess up because it has not had enough testing.
  Basically your on your own in selecting a product5. I can not recommend one. But I seriously question the need for mail scanning. Especially after that remarkable admission by Symantec regarding Norton's not scanning mail.
  Thunderbird does not run any scripts in mail, nor does it do anything with attachments before you open them and then it decodes them and places them in the temp folder where any good anti virus will scan them.
  Personally I suggest anti virus rather than security suite software. Especially so if you use Chrome or Firefox browsers and they both use Google lists of known malware and phishing site to block inadvertent visits.
  Windows has a firewall, your modem (over 90%) has one as well, those firewalls block ports, protocols and route traffic. Do you also need one that blocks programs?
  Mozilla products have a password manager, do you need another? And so the list goes on.

• Malware and Anti-virus software

  Recently, there has been news about a particular trojan that infects the Mac using a gap in the Java software.  I haven't heard or seen much about it on the support communities or the security software websites, other than Sophos.  Apparently the problem has been solved for the later versions of OS X, but I am curious if versions prior to 10.6 are affected?  Does anyone know?

  John L Lewis wrote:
  Recently, there has been news about a particular trojan that infects the Mac using a gap in the Java software.  I haven't heard or seen much about it on the support communities
  Considering that there are around a dozen or more threads on the subject, some of them running to 100s of posts, I find that a little surprising!
  In theory, yes you can be infected. It's difficult to say what's the best way to stop it as there have now been so many variations, but the latest one uses a Java vulnerability to install a downloader which then 'phones home' and presumably loads the main malware package.
  Turning off Java in all browsers via the preferences settings should be sufficient to stop that variation (the latest update isn't available to anyone on 10.6.7 or earlier).
  Earlier versions have used JavaScript to attempt the same, giving fake Adobe Flash installers or fake ssl certificates or other other means to try to get you to enter your admin password and give the trojan access.
  Unfortunately JavaScript (which has nothing whatever to do with Java) is widely used and essential for many sites, so disabling it completely really isn't an option.
  However, FireFox with the NoScript extension gives you a good degree of control over what you allow to run, and the AdBlock+ extension can disable many of the fake ads used to induce you to download.
  Little Snitch is also very useful - it warns you of any processes attempting to dial out, and can give early warning if a downloader has slipped by your guard.
  One of the more comprehensive threads is here; https://discussions.apple.com/message/18036792#18036792
  That gives various terminal commands that may be useful in determining if there's any infection.
  One symptom of earlier versions was menu items turning to number strings.
  As for AV software, it's not really worth the bother as the detection is so far behind the curve you're almost certain to see symptoms before the AV definitions have caught up. Also, most AV applications are worse than the malware in terms of slowing your system and some are downright damaging (stay away from Norton in particular).

• Cannot connect to Itunes, status bar goes about half way and stops. I have tried all the fixes other people have used, no joy. Running Vista with the most recent Itunes installed. Disabled fire wall and anti virus software. Once again, I have tried it all

  Itunes won't connect, status bar goes about half way and stops, then times out. I have tried all fixes posted, you name it, I have done it. Running Vista and current version of Itunes. Can connect to Internet with any other app. Using Firefox, their latest version if that matters.
  I have seen this is an on going problem throughout the Itunes community. All I can say is 'Bad Form Apple, Bad form.'

  One more odd thing.  The itunes diagnostics believes my windows firewall is on which is it not (believe me I've checked/double checked etc) AND believes itunes is not enable in windows firewall which it is, if ever I turned WF on.  How can itunes get this wrong?  I mean, if itunes believes its being blocked, maybe that's why I'm being blocked...has anyone heard of this?

• Malware and Anti-virus

  My company has a policy that we can use our personal laptops as long as it has some form of anti-malware and anti-virus software on it.
  I am fairly new to the mac world, 18 years of working with government issued windows laptops. Could someone point me in the right direction.
  Thanks.

  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download for Tiger and Leopard from (on no account install Norton Anti-Virus on a Mac running OS X):
  http://www.clamxav.com/
  The new version for Snow Leopard is available here:
  http://www.clamxav.com/index.php?page=v2beta
  (Note: ClamAV adds a new user group to your Mac. That makes it a little more difficult to remove than some apps. You’ll find an uninstaller link in ClamXav’s FAQ page online.)
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  This was published on July 25, 2008:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further development was the Koobface malware that can be picked up from Facebook (already a notorious site for malware, like many other 'social networking' sites like Twitter etc), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
  http://www.securemac.com/
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
  If you think you may have acquired a Trojan, and you know its name, you can also locate it via the Terminal:
  http://theappleblog.com/2009/04/24/mac-botnet-how-to-ensure-you-are-not-part-of- the-problem/
  As to the recent 'Conficker furore' affecting Intel-powered computers, MacWorld recently had this to say:
  http://www.macworld.co.uk/news/index.cfm?email&NewsID=25613
  Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
  1. Avoid going to suspect and untrusted Web sites, especially p'orn'ography sites.
  2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program. A recent example is of malware distributed through innocent looking free screensavers: http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bund led-with-spyware/6560?tag=nl.e589
  3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through an AV application.
  4. Use Mac OS X's built-in Firewalls and other security features.
  5. Stop using LimeWire. LimeWire (and other peer-to-peer sharing applications and download torrents) are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications. Similar risks apply to using Facebook, Twitter, MySpace, YouTube and similar sites which are prone to malicious hacking: http://news.bbc.co.uk/1/hi/technology/8420233.stm
  6. Resist the temptation to download pirated software. After the release of iWork '09 earlier this year, a Trojan was discovered circulating in pirated copies of Apple's productivity suite of applications (as well as pirated copies of Adobe's Photoshop CS4). Security professionals now believe that the botnet (from iServices) has become active. Although the potential damage range is projected to be minimal, an estimated 20,000 copies of the Trojan have been downloaded. SecureMac offer a simple and free tool for the removal of the iBotNet Trojan available here:
  http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg
  Also, there is the potential for having your entire email contact list stolen for use for spamming:
  http://www.nytimes.com/2009/06/20/technology/internet/20shortcuts.html?_r=1
  NOTE: Snow Leopard, OS 10.6.x, offers additional security to that of previous versions of OS X, but not to the extent that you should ignore the foregoing:
  http://www.apple.com/macosx/security/
  Apple's 10.6.4 operating system upgrade silently updated the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook.
  http://www.sophos.com/blogs/gc/g/2010/06/18/apple-secretly-updates
  Finally, do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X.

• Anti-virus software for Tiger

  I understand that Virex is not compatible with Tiger. Any recommendations on a similar program for virus protection?
  Thanks.

  It isn't needed - at the present time anyway.
  Check Macs, viruses, and anti-virus software.
  If you insist, check ClamXav which is free (donationware).

• Who can recommend a functional anti virus software for imac and macbaook

  Alarm! Great problems with Internet Banking!
  Access closed by bank because of "Trojaner" on my imac. Can't believe.
  Who can recommend a good anti virus software for imac, macbook and even ipad?
  Thanks for helping
  Eva

  ClamXav.
  You will find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
  https://discussions.apple.com/docs/DOC-2435
  The User Tip (which you are welcome to print out and retain for future reference) seeks to offer guidance on the main security threats and how to avoid them.
  More useful information can also be found here:
  http://www.reedcorner.net/mmg/

• Should I protect my iMac with anti virus software and if yes what do you recommend thanks

  should i prtect i mac with anti virus software?

  If desired, use ClamXav. Any Mac OS X antivirus software which people actually charge for, as opposed to free downloads, should be avoided.
  (70900)

• Once and for all: Do I need anti-virus software for my Mac?

  I've always heard that you don't really need anti-virus or anti-spyware software for Macs - but I do wonder that there has to be viruses about that would affect Macs?
  I do alot of creative and professional work on my Mac. The data on it, means a **** of a lot to me, and I'd hate for my Mac to be infected with something horrible.
  Could anybody please tell me if I really do need anti-virus or anti-spyware software for my iMac? And if I do, which one do you recommend? (Ideally I would want it to be cheap and not hog lots of system resources)...
  Thank you!

  Hi
  I can only give you my personal experience on this one.
  The short answer is "no". I've been using macs for the past 4 years, my partner for many more. Neither I nor she have an anti virus program installed.
  We both use firewall on both the os x setup and via our router. I tend to install the security updates posted by apple after they are released and check the forums to be aware of any potential problems.
  A much better idea is to back up your important projects etc on a regular basis to dvd and external hard disk.
  I have one experience of anti-virus software on the mac:
  About 2.5 years ago i thought i had a virus - my diskspace was being eaten up at a very very fast rate - and i was worried. Found out that the os update from 10.3.2 to 10.3.5 had an incompatability issue with the mcafee shock game controller driver (obscure eh!)
  Anyway, after this experience and deleting the driver which i no longer needed, i decided to err on the side of caution and tried out both mcafee and norton. Both of which slowed down my system and norton especially caused problems when i was running logic pro etc. really really annoying.
  Once i'd got over my "insecure" stage and having spoken to other mac users i realised anti-virus software was causing many many more issues than resolving any - and besides since then i have still had no problems and have never come across any viruses on mac os x.
  It all depends on what makes you feel safer. Personally i wouldn't recommend ant-virus programs... i wonder if anyone has any positive experiences of anti-virus software on the mac?
  that's my 0.02 pence

• What's the best internet anti virus software for iMac?

  Hi
  Was wondering if anyone could give me advice on what anti-virus/internet security software shall I get for my iMac?
  Thanks a lot!

  None. Have a look at these links from The Safe Mac, klaus1 and John Galt. They provide useful, informed opinion on the merits, or otherwise, of installing anti-virus software on a Mac:
  http://www.thesafemac.com/mmg/
  https://discussions.apple.com/docs/DOC-3030
  https://discussions.apple.com/message/23885605?ac_cid=tw123456#23885605 (see John Galt's response).

• Anti Virus Software for iMAC

  I have just taken delivery of my new iMAC and what Anti Virus Software would one recommend or NONE at all ? I see on reviews Intego Mac is highly rated

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.         
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. Beyond XProtect, Gatekeeper, and MRT, there’s no evidence of any benefit from other automated protection against malware. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free softwareClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.