CSAMC anti-virus report issues
I have my MC managing about 200 hosts all running McAfee VirusScan 8.0.
When I run the Application deployment Report for Anti-Virus Installations, not all of my nodes show up in the report. I know for sure that these nodes have McAfee installed and are getting updated everyday.
Anyone else have this issue or know of a solution?
thx
michaelsip4 wrote:
I am currently using my Mac with No Anti-Virus
currently I have no AV on
Outside of Detections, what are the safest and most stable av products for a mac (outside of none), ...
It is erroneous to assume a Mac has no protection against viruses and malware. OS X already includes everything it requires. Installing any product that cleverly attempts to circumvent Apple's built-in malware protection often causes problems that will cost you time and money to fix. This support website contains thousands of reports of such misery.
"Peace of mind" may convey subjective health benefits but as far as protecting your Mac, it will accomplish exactly nothing.
Read:
OS X Mountain Lion: Protect your Mac
OS X Mountain Lion: Protect your Mac from malware
OS X Mountain Lion: Keep your information safe
OS X About Gatekeeper
About file quarantine in OS X
Keep your Mac updated with software updates from Apple. Windows requires its own anti-virus protection and is a separate subject.
(My Internet and Familys Internet and Download Usage is Intelligent).
That is the best strategy. No "anti-virus" product can possibly replace your own common sense.
Similar Messages
-
Is anyone else experiencing the same? WiFi is running fine, disabled all the Anti-Virus, still barely runs.
2013 27" iMacI'm having the same issue, mine says prepairing to backup. I let it run for 12 hours and it never performed a backup. I have a Mac Book Pro
-
Since I upgraded to Windows 8.1, Thunderbird freezes up and goes into "Not Responding" mode repeatedly every few minutes. My research indicates that it is a problem with compatibility with antivirus software, which obviously is needed with an e-mail program. How can this problem be solved, or is there an antivirus program that works seamlessly with Thunderbird and Windows 8.1?
Personally I use ESET NOD32. It is not cheap, but it is unobtrusive and appears to get the job done. Originally I was drawn there for their server protection, but since I no longer have windows servers that need is gone, but I see no reason to change.
Previously over the years I have used;
* Norton (Found it just to much embedded into the operating system. Something went wrong with it and Windows would not boot.
* Microsoft Security Essentials. Any application using large data files was unworkably slow. That included Thunderbird.
* AVG It was just clunky and I did not like it.
But the big issue these days is the products are not just anti virus, they are suites including firewalls, password managers/vaults and often spam and scam tools. It is usually these later tools that cause the most issues with the firewalls blocking anything but known versions of known software and spam tools that mess up because it has not had enough testing.
Basically your on your own in selecting a product5. I can not recommend one. But I seriously question the need for mail scanning. Especially after that remarkable admission by Symantec regarding Norton's not scanning mail.
Thunderbird does not run any scripts in mail, nor does it do anything with attachments before you open them and then it decodes them and places them in the temp folder where any good anti virus will scan them.
Personally I suggest anti virus rather than security suite software. Especially so if you use Chrome or Firefox browsers and they both use Google lists of known malware and phishing site to block inadvertent visits.
Windows has a firewall, your modem (over 90%) has one as well, those firewalls block ports, protocols and route traffic. Do you also need one that blocks programs?
Mozilla products have a password manager, do you need another? And so the list goes on. -
I just switched over to Mozilla Firefox letest version 3.6.13 (before I used Google Chrome). It's running fine BUT ....
if firefox is open and at the same time there is an (automatic or manual) update of my anti-virus SW (I use VIPRE) the update is done but afterwards my PC is blocked. Looking to the running processes I see that "System Idle Process" takes 98%. I can't do anything else with my PC, it reacting VERY slowly. To stop it I have to END firefox using "ctl-alt-del". It makes me nervous.
With other browsers (used IE and Google Chrome) or in case I dont use firefox there is no issue at all.I just switched over to Mozilla Firefox letest version 3.6.13 (before I used Google Chrome). It's running fine BUT ....
if firefox is open and at the same time there is an (automatic or manual) update of my anti-virus SW (I use VIPRE) the update is done but afterwards my PC is blocked. Looking to the running processes I see that "System Idle Process" takes 98%. I can't do anything else with my PC, it reacting VERY slowly. To stop it I have to END firefox using "ctl-alt-del". It makes me nervous.
With other browsers (used IE and Google Chrome) or in case I dont use firefox there is no issue at all. -
Interval Since Last Panic Report: 209275 sec
Panics Since Last Report: 1
Anonymous UUID: B29E4ED8-E695-459A-B922-5E2DED9D42A2
Wed Aug 1 06:58:39 2012
panic(cpu 0 caller 0xffffff80002c473a): Kernel trap at 0xffffff800031b53f, type 14=page fault, registers:
CR0: 0x0000000080010033, CR2: 0x00000000000000d0, CR3: 0x0000000020b00023, CR4: 0x00000000000606e0
RAX: 0x000000000000000d, RBX: 0x0000000000008000, RCX: 0xffffff8014516b20, RDX: 0x0000000000008000
RSP: 0xffffff80f057baf0, RBP: 0xffffff80f057bb30, RSI: 0xffffff80131caf80, RDI: 0x0000000000000000
R8: 0x0000000000000000, R9: 0x0000000000000000, R10: 0xffffff80131cafb8, R11: 0x0000000000000000
R12: 0xffffff80e9ca1b00, R13: 0xffffff8015a7f000, R14: 0xffffff80131caf80, R15: 0x0000000000000000
RFL: 0x0000000000010282, RIP: 0xffffff800031b53f, CS: 0x0000000000000008, SS: 0x0000000000000010
CR2: 0x00000000000000d0, Error code: 0x0000000000000000, Faulting CPU: 0x0
Backtrace (CPU 0), Frame : Return Address
0xffffff80f057b7a0 : 0xffffff8000220792
0xffffff80f057b820 : 0xffffff80002c473a
0xffffff80f057b9d0 : 0xffffff80002da0cd
0xffffff80f057b9f0 : 0xffffff800031b53f
0xffffff80f057bb30 : 0xffffff7f80ae55e4
0xffffff80f057bcb0 : 0xffffff800053d509
0xffffff80f057bcf0 : 0xffffff8000582f84
0xffffff80f057bde0 : 0xffffff80005893e6
0xffffff80f057bed0 : 0xffffff80005897c9
0xffffff80f057bf60 : 0xffffff80005ccfe8
0xffffff80f057bfb0 : 0xffffff80002da5e9
Kernel Extensions in backtrace:
com.sophos.kext.sav(8.0.4)[898EB02E-4A1D-1F59-6625-C0466041D6C4]@0xffffff7f80ae 3000->0xffffff7f80ae7fff
BSD process name corresponding to current thread: InterCheck
Mac OS version:
11E53
Kernel version:
Darwin Kernel Version 11.4.0: Mon Apr 9 19:32:15 PDT 2012; root:xnu-1699.26.8~1/RELEASE_X86_64
Kernel UUID: A8ED611D-FB0F-3729-8392-E7A32C5E7D74
System model name: MacBookPro8,2 (Mac-94245A3940C91C80)
System uptime in nanoseconds: 51418744072298
last loaded kext at 3635848934754: com.seagate.driver.PowSecDriverCore 5.1.1 (addr 0xffffff7f809df000, size 172032)
last unloaded kext at 3695866490895: com.apple.iokit.IOSCSIBlockCommandsDevice 3.2.0 (addr 0xffffff7f808c1000, size 86016)
loaded kexts:
com.sophos.kext.sav 8.0.4
com.apple.filesystems.smbfs 1.7.2
com.apple.filesystems.afpfs 9.8.1
com.apple.nke.asp_tcp 6.0.1
com.apple.driver.AppleHWSensor 1.9.5d0
com.apple.driver.AppleMikeyHIDDriver 122
com.apple.driver.AudioAUUC 1.59
com.apple.driver.AppleHDA 2.2.0f3
com.apple.driver.AppleMikeyDriver 2.2.0f3
com.apple.driver.AppleUpstreamUserClient 3.5.9
com.apple.driver.AppleMCCSControl 1.0.26
com.apple.driver.AppleIntelHD3000Graphics 7.1.8
com.apple.driver.AGPM 100.12.42
com.apple.driver.SMCMotionSensor 3.0.2d6
com.apple.kext.ATIFramebuffer 7.1.8
com.apple.driver.AppleSMCPDRC 5.0.0d0
com.apple.iokit.IOUserEthernet 1.0.0d1
com.apple.iokit.IOBluetoothSerialManager 4.0.5f11
com.apple.driver.AppleSMCLMU 2.0.1d2
com.apple.Dont_Steal_Mac_OS_X 7.0.0
com.apple.driver.AudioIPCDriver 1.2.2
com.apple.driver.ACPI_SMC_PlatformPlugin 5.0.0d0
com.apple.driver.AppleMuxControl 3.0.16
com.apple.driver.AppleLPC 1.5.8
com.apple.ATIRadeonX3000 7.1.8
com.apple.filesystems.autofs 3.0
com.apple.driver.AppleUSBTCButtons 225.2
com.apple.driver.BroadcomUSBBluetoothHCIController 4.0.5f11
com.apple.driver.AppleUSBTCKeyboard 225.2
com.apple.driver.AppleIRController 312
com.apple.AppleFSCompression.AppleFSCompressionTypeDataless 1.0.0d1
com.apple.AppleFSCompression.AppleFSCompressionTypeZlib 1.0.0d1
com.apple.BootCache 33
com.apple.iokit.SCSITaskUserClient 3.2.0
com.apple.driver.XsanFilter 404
com.apple.iokit.IOAHCISerialATAPI 2.0.3
com.apple.iokit.IOAHCIBlockStorage 2.0.3
com.apple.driver.AppleUSBHub 4.5.0
com.apple.driver.AppleFWOHCI 4.8.9
com.apple.driver.AirPort.Brcm4331 530.4.20
com.apple.driver.AppleSDXC 1.2.0
com.apple.iokit.AppleBCM5701Ethernet 3.1.2b2
com.apple.driver.AppleEFINVRAM 1.5.0
com.apple.driver.AppleSmartBatteryManager 161.0.0
com.apple.driver.AppleAHCIPort 2.3.0
com.apple.driver.AppleUSBEHCI 4.5.8
com.apple.driver.AppleACPIButtons 1.5
com.apple.driver.AppleRTC 1.5
com.apple.driver.AppleHPET 1.6
com.apple.driver.AppleSMBIOS 1.8
com.apple.driver.AppleACPIEC 1.5
com.apple.driver.AppleAPIC 1.5
com.apple.driver.AppleIntelCPUPowerManagementClient 193.0.0
com.apple.nke.applicationfirewall 3.2.30
com.apple.security.quarantine 1.3
com.apple.driver.AppleIntelCPUPowerManagement 193.0.0
com.apple.security.SecureRemotePassword 1.0
com.apple.driver.DspFuncLib 2.2.0f3
com.apple.driver.AppleSMBusController 1.0.10d0
com.apple.iokit.IOSurface 80.0.2
com.apple.iokit.IOSerialFamily 10.0.5
com.apple.iokit.IOFireWireIP 2.2.4
com.apple.driver.AppleHDAController 2.2.0f3
com.apple.iokit.IOHDAFamily 2.2.0f3
com.apple.iokit.IOAudioFamily 1.8.6fc17
com.apple.kext.OSvKernDSPLib 1.3
com.apple.driver.ApplePolicyControl 3.0.16
com.apple.driver.AppleSMC 3.1.3d8
com.apple.driver.IOPlatformPluginLegacy 5.0.0d0
com.apple.driver.AppleSMBusPCI 1.0.10d0
com.apple.driver.AppleGraphicsControl 3.0.16
com.apple.driver.IOPlatformPluginFamily 5.1.0d17
com.apple.driver.AppleBacklightExpert 1.0.3
com.apple.iokit.IONDRVSupport 2.3.2
com.apple.kext.ATI6000Controller 7.1.8
com.apple.kext.ATISupport 7.1.8
com.apple.driver.AppleIntelSNBGraphicsFB 7.1.8
com.apple.iokit.IOGraphicsFamily 2.3.2
com.apple.kext.triggers 1.0
com.apple.driver.AppleThunderboltDPInAdapter 1.8.2
com.apple.driver.AppleThunderboltDPAdapterFamily 1.8.2
com.apple.driver.AppleThunderboltPCIDownAdapter 1.2.4
com.apple.driver.AppleUSBBluetoothHCIController 4.0.5f11
com.apple.iokit.IOBluetoothFamily 4.0.5f11
com.apple.driver.AppleUSBMultitouch 227.1
com.apple.iokit.IOUSBHIDDriver 4.4.5
com.apple.driver.AppleUSBMergeNub 4.5.3
com.apple.driver.AppleUSBComposite 4.5.8
com.apple.iokit.IOSCSIMultimediaCommandsDevice 3.2.0
com.apple.iokit.IOBDStorageFamily 1.6
com.apple.iokit.IODVDStorageFamily 1.7
com.apple.iokit.IOCDStorageFamily 1.7
com.apple.iokit.IOSCSIArchitectureModelFamily 3.2.0
com.apple.driver.AppleThunderboltNHI 1.5.5
com.apple.iokit.IOThunderboltFamily 2.0.0
com.apple.iokit.IOUSBUserClient 4.5.8
com.apple.iokit.IOFireWireFamily 4.4.5
com.apple.iokit.IO80211Family 420.3
com.apple.iokit.IOEthernetAVBController 1.0.1b1
com.apple.iokit.IONetworkingFamily 2.1
com.apple.iokit.IOAHCIFamily 2.0.8
com.apple.iokit.IOUSBFamily 4.5.8
com.apple.driver.AppleEFIRuntime 1.5.0
com.apple.iokit.IOHIDFamily 1.7.1
com.apple.iokit.IOSMBusFamily 1.1
com.apple.security.sandbox 177.5
com.apple.kext.AppleMatch 1.0.0d1
com.apple.security.TMSafetyNet 7
com.apple.driver.DiskImages 331.6
com.apple.iokit.IOStorageFamily 1.7.1
com.apple.driver.AppleKeyStore 28.18
com.apple.driver.AppleACPIPlatform 1.5
com.apple.iokit.IOPCIFamily 2.6.8
com.apple.iokit.IOACPIFamily 1.4
Model: MacBookPro8,2, BootROM MBP81.0047.B27, 4 processors, Intel Core i7, 2.2 GHz, 8 GB, SMC 1.69f3
Graphics: AMD Radeon HD 6750M, AMD Radeon HD 6750M, PCIe, 512 MB
Graphics: Intel HD Graphics 3000, Intel HD Graphics 3000, Built-In, 512 MB
Memory Module: BANK 0/DIMM0, 4 GB, DDR3, 1333 MHz, 0x0198, 0x393930353432382D3037332E4130304C4620
Memory Module: BANK 1/DIMM0, 4 GB, DDR3, 1333 MHz, 0x0198, 0x393930353432382D3037332E4130304C4620
AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0xD6), Broadcom BCM43xx 1.0 (5.106.198.4.20)
Bluetooth: Version 4.0.5f11, 2 service, 11 devices, 1 incoming serial ports
Network Service: Wi-Fi, AirPort, en1
Serial ATA Device: TOSHIBA MK5065GSXF, 500.11 GB
Serial ATA Device: MATSHITADVD-R UJ-8A8
USB Device: FaceTime HD Camera (Built-in), apple_vendor_id, 0x8509, 0xfa200000 / 3
USB Device: hub_device, 0x0424 (SMSC), 0x2513, 0xfa100000 / 2
USB Device: BRCM2070 Hub, 0x0a5c (Broadcom Corp.), 0x4500, 0xfa110000 / 5
USB Device: Bluetooth USB Host Controller, apple_vendor_id, 0x821a, 0xfa113000 / 7
USB Device: Apple Internal Keyboard / Trackpad, apple_vendor_id, 0x0252, 0xfa120000 / 4
USB Device: hub_device, 0x0424 (SMSC), 0x2513, 0xfd100000 / 2
USB Device: IR Receiver, apple_vendor_id, 0x8242, 0xfd110000 / 3Yes. "BSD process name corresponding to current thread: InterCheck"
Apparently InterCheck is the Sophos scanner.
Uninstall Sophos > http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/Removing-Sophos-An ti-Virus-for-Mac-Home-Edition/td-p/37
Then restart your Mac. Hopefully no more kernel panics.
According to the Sophos system requirements, you should be able to run Sophos on Lion v10.7
If you want to have anti virus software installed, you can download ClamXav from the App Store. Might have better luck. -
Security Issues with uploading files into APEX - How is anti-virus handled?
Hi APEXers!
We have been using APEX 3 for some time and are now migrating to APEX 4. We have a request for a new application that will require uploading spreadsheets. From other developers, I know it can be done in a few ways. The only thing we have done before is limitied - storing them in BLOBs.
With the Websheets in APEX 4, users could load them directly into the database.
But the anti-virus issue has always been unclear. For the apps that we are allowing to upload to BLOBs, they are small user, internal apps so we hope that our enterprise desktop software will stop a bad file before it gets uploaded.
We have gotten some questions about allowing outside-our-network people to upload spreadsheets or maybe even the public. So far, our security people have just said no - but I wondered what everyone else is doing?
Are there any White Papers or articles on this? My general impression is that anti-virus software has to be installed at the server level to deal with this.
If anyone can provide some guidance, I would appreciate it as I have to figure out what to tell the development team requesting to do this.Do you have to take excel format? CSV would be a lot safer.
You might take inspiration from this:
http://stackoverflow.com/questions/3363767/how-do-you-virus-scan-a-file-being-uploaded-to-your-java-webapp-as-it-streams -
Every time I have FF updates there are major compatibility issues with anti virus, Adobe Flash, Java, & HP printer. This happens whenever Firefox has updates unless I wait 3-4 weeks to update. Impossible to live with these issues constantly.
It's 6 weeks between Firefox version updates, not 8 weeks.
Firefox doesn't force developers to create add-ons for Firefox, it is their choice. If they aren't up to the challenge of the fast release schedule, maybe they need to rethink their commitment to add-ons for Firefox and quit the game if they can't keep up with it. -
Password issue - disks missing and can't install new anti-virus -- HELP!!!
Hi,
I've got a Mac Mini and since I moved it appears I lost the Mac disks. I've got some serious issues with the Mini's web-browsing slowing down, maybe virus issues and I need to renew my subscription to my anti-virus to hopefully correct the issue. It appears that I need to know the password, which I never set, but I need one to log-in.
What I understand is that I can reset the password to be able to install my anti-virus, but what I'm seeing is that I can't do it without the disks. How in the world do I correct this issue??? You help will be greatly appreciated.
Thanks,
JimBoWelcome to Apple Discussions!
There are two issues here, the first being your password. If you can't remember your password and really do need to reset it, you will need your MacOS disk. If you have lost this, it would be wise to get a replacement - you can get these from Apple. Since there are other occasions you might need the original install disk, it's not just for an occasional password reset that you would do well to have one on hand.
It's not clear, however, in this situation why you would suddenly need a password. You say you did not originally set one, which is unlikely since it's one of the first steps in the initial set up of the system. It is of course possible to set a blank password, in which case the password will remain blank of course. The password would be required every time a major install or update was being run.
The second issue is the web-browser slowing down and your thought that this may be virus issues. This is highly unlikely. While there are a few potential Trojans which can gain access to MacOS, none seem to be in wide circulation. There are no viruses. More likely if you're noticing performance issues in your web browser is that you are suffering something more akin to cache issues or possibly a small amount of free drive space. Depending on which antivirus product you already have, it may even be that which is the cause, since this type of software typically adds considerable load to the CPU when running.
That isn't to say antivirus software is a bad idea, because it is better to be prepared than taken by surprise and have no defensive software in the event that MacOS becomes targeted. It's also beneficial to have it if your Mac is in a mixed environment where otherwise you could pass infections unknowingly to Windows systems.
In this situation I would be inclined to do some basic system maintenance using a tool such as YASU, but even that would require your password in order to run. As such, I would first try to clear your browser caches (in Safari, you'll find 'Empty Cache' halfway down the Safari menu) and obtain a replacement install disk from Apple to enable you to get full control of your system if indeed you have a password set and don't know what it is. -
I downloaded 4.0 and which is incompatible with my firewall and Anti-virus. This is a security issue to me which needs to be addressed before I attempt to update Firefox again. Please address this issue. I am using Norton 360 Premier Edition.
Update: Symantec have released an update for Firefox 4 compatibility, for details see http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20100720113635EN&ln=en_US
-
Do I need to have any type of anti-virus or malware, spyware protection for my Macbook Pro?
My Macbook is a year old. When I bought it, I was told by several people that I would not need any type of anti-virus software or anything to protect my computer because Mac did not get infected that often. However, I have had people today tell me that I do need protection for my computer. My Mac runs about as good as the day I got it, but I really don't want anything to happen to it. If I need to get an anti-virus, or malware/spyware software, what programs would y'all recomend? I am just looking for information. Thanks!
1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
If you find this comment too long or too technical, read only sections 5, 6, and 10.
OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software ClamXav— nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices. -
DO I need Anti-Virus for my Macbook Pro w/Retina Display?
I am currently awaiting a MacBook Pro w/Retina Display and I am having an ongoing discussion with some work colleagues, since the Flashback Trojan appeared to infiltrate Mac's back in early 2012... DO I need Anti-Virus.. My argument is no, but everybody elses is yes!
I would love to see some indepth feedback to send my PC lovers running!
Thanks in advance.
Regards,
Joe1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. This feature is transparent to the user, but internally Apple calls it "XProtect." The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
For more information about Gatekeeper, see this Apple Support article.
4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” "player," "archive extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
Pirated copies or "cracks" of commercial software are likely to be infected.
Software of any kind downloaded from a BitTorrent or from a Usenet newsgroup is unsafe.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
5. Java on the network (not to be confused with JavaScript, to which it's not related) is a weak point in the security of any operating system. If a Java web plugin is not installed, don't install one unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.
Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, even supposing that they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. Windows malware attachments in email are almost always easy to recognize without computer assistance.
8. The greatest danger posed by anti-virus software, in my opinion, is its effect on human behavior. When people install such software, which does little or nothing to protect them from emerging threats, they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default. -
I recently bought a macbook pro two weeks ago and with my previous laptops (they were windows) ive always had to get anti-virus software. Do i need security for my macbook pro?
1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
If you find this comment too long or too technical, read only sections 5, 6, and 10.
OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
5. The built-in security features of OS X reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use one of the free anti-virus products in the Mac App Store — nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
8. An anti-malware product from the App Store, such as "ClamXav," doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
An anti-virus app is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
Anti-virus software may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use the software unless a network administrator requires you to do it.
The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have the disadvantages mentioned in section 7.
9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices. -
Is an anti-virus needed for a new macbook pro?
Is an anti-virus needed for a new macbook pro with retina display?
1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
If you find this comment too long or too technical, read only sections 5, 6, and 10.
OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use one of the free anti-virus products in the Mac App Store — nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
8. An anti-malware product from the App Store, such as "ClamXav," doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
An anti-virus app is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
Anti-virus software may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use the software unless a network administrator requires you to do it.
The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have the disadvantages mentioned in section 7.
9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices. -
Please advise on security software/anti virus barrier
Hi there,
I would just like to know which security software/antivirus woks best with mountain lion?
cheers1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software ClamXav— nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default. -
Hi looking for a bit of free anti - virus and firewall for osx 10.8.2
hi looking for a bit of free anti - virus and firewall for osx 10.8.2 any pointers also any one used Mac cleaner ?
1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. This feature is transparent to the user, but internally Apple calls it "XProtect." The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
The following caveats apply to XProtect:
It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
It can easily be disabled or overridden by the user.
A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
For more information about Gatekeeper, see this Apple Support article.
4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore reduces to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
“Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
5. Java on the network (not to be confused with JavaScript, to which it's not related) is a weak point in the security of any operating system. If a Java web plugin is not installed, don't install one unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.
Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
Why shouldn't you use commercial "anti-virus" products?
Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so can corrupt the Mail database. The messages should be deleted from within the Mail application.
ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. If you don't need to do that, avoid it. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
8. The greatest danger posed by anti-virus software, in my opinion, is its effect on human behavior. When people install such software, which does little or nothing to protect them from emerging threats, they get a false sense of security from it, and then they may do things that make them more vulnerable. Nothing can lessen the need for safe computing practices.
9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use.
Maybe you are looking for
-
Default GL account upon goods issue to maintenance order based on activity
Hi all, There's a scenario here in Plantation Industry that we require to default GL account upon goods issue to maintenance order based on activity type assigned in the order instead of only posting to consumption account, is there anyway in OBYC or
-
SOS..How to execute an Oracle Stored procedure
Please help me. I need to execute an oracle stored procedure from a JSP. I'M using Jakarta Tomcat and I dont have the Oracle Jbo tags and no BC4j tags. Anyone have an example using standar tags or directives???. This an emergency call..!!!!!!
-
HT1296 Syncing issues between iPhone and Outlook contacts
I'm trying to sync my Outlook 2010 contacts with my iPhone (iOS6.1.3) using iTunes (11.0.1.12). I no longer have the option under the iTunes Info tab to "Sync contacts from" so I can't select Outlook. At one point, it was there. It now states that
-
Hi there, quick question relating to the iPhoto library: I still see all photos on the HD, however they don't show up in iPhoto anymore (at least a huge part of them seem to have fallen through the cracks). I read a few posts regarding doing a rebuil
-
I'm trying to add music from my pc to my iPhone from iTunes. I keep getting the message that my phone can't be seen. I can see it in iTunes, how can I get it to synce?