Graham Cluley’s blog

For too long Mac users have been told that Macs don't get infected. There were no viruses targeting Macs. Now that the Mac is gaining in popularity, now it's looking much more attractive to the denizens of the Dark Side of Coding... Apple's advertising campaign told millions that Macs are safe, they don't get viruses. But we now know that is untrue.

For Apple to remove that advisory from their website is foolhardy and arrogant. Malware authors are focusing their attention on Macs now, and for good reasons. There are more of them, and exceedingly few will have any antivirus protection. And they are owned by people who've been led to believe, "I'm Invincible!" (Remember Boris from the 007 movie, Goldeneye? If not, watch it...) They will most likely take more chances, feeling comforted by the myth of invincibilty.

They remind me of the fool in the four-wheel-drive vehicle, speeding down the snow-covered road. You know, the one who pulls out and passes you. The same one you see in the ditch, a few miles ahead...

Computers are tools, not appliances. Put on your safety goggles and watch your fingers.

I read your blog re Apple and AV recommendations. I've been running AV on my Macs for 5+ years. Currently, Intego's VirusBarrier x5 is the best and least obtrusive app I've found for OS X systems.

That said, the main reason I run AV is to catch Win-focused malware where the Mac is not affected but is simply a 'carrier' and I don't want to pass malware to colleagues on Windows systems.

I think every platform can be susceptible to infection, but I've seen scant evidence (especially from Sophos) that Macs are at any significant risk historically or currently. In fact, I have a hard time trying to find any substantive Mac-related malware alert info on the Sophos site.

Obviously, phishing and other social engineering-induced attack (email) is a threat to all platforms... it's impossible to shield users from their own ignorance, right?

In conclusion, I try to separate the fact from the FUD on this Mac malware subject. Apple should do the same for their users.

Honestly, I believe that the "common sense" argument can apply here (no AV on Macs). While you're probably in favor of the contrary, especially since you develop anti-malware for Macs, One common reason Windows users give for not having anti-virus is "I just use common sense and never open e-mail attachments". One common reason Mac users give is "Duh, Macs don't have viruses".

Now, consider that in order for malware to execute in Macs, the user needs to enter their credentials. Entering your credentials in a Mac is the equivalent of double-clicking an e-mail attachment in Windows. If you have a user who will open anything they get in e-mail, well... it's very hard to protect against a user who will ignore all security warnings they get and select "run", anti-virus or not.

Now, from personal experience, I work on a network where 4/5 computers are Mac. The worst "infection" I have seen on a Mac was where one of the power users had a Windows executable on his Desktop called "postcard.exe". Most likely he ran into a site that managed to download the file using exploits, but couldn't run the Windows installer on the Mac. If it could, it would then need to run a file with his credentials (and this wasn't a dumb user), so I don't think that user was at risk. Most users don't have administrative passwords to local machines, so very few viruses get a chance to run on our network. The argument that there aren't any viruses out there for Macs flies as far as I'm concerned, but there is still a chance that something might appear.

Bottom line, in Windows, which is a flashing target, AV is essential. In Macintosh, the anti-virus is only needed for a user who opens (and enters passwords for) whatever they get in email without question. Those are the sorts who don't need admin privileges though. In Linux, with few exceptions, the user isn't going to fall for the usual spam-click-me-for-ecard-get-drive-by-trojan tricks. AV is only really required on a system that is running an operating system that logs users in as root by default (Windows), or machines running critical services that are very high priority targets, like those which have social security numbers in them.

I've read all your Mac anti-virus pages with interest. It is indeed a shame that Apple have responded to the problem by implying that you're perfectly safe with your Mac 'as is'.

This is exactly the sort of thing that makes users complacent - indeed, the two people in the office that use Macs at home are convinced that they are 100% safe from anything and get quite heated when I suggest that this isn't the case (what do I know, I'm just the IT Manager).

The problem is that these two are the Director and the Associate Director. I have always advocated the use of virus protection etc. on any computer and will continue to do so. To use an automotive analogy: Mac users may still have a different engine to Windows folk but the bodywork these days is exactly the same.

Recently I was visiting a hardware-shop in Denmark, because I was interested in a the new Acer with flash-memory and Linux. The deputy store manager recommended strongly a Mac computer, partly because Mac machines were not targeted by viruses.

The same story has been told about Linux machines. Thank God that Sophos is protecting Linux.

I am still considering the purchase of the Acer machine or something similar from Asus.

I don't have a Mac at the moment, but after reading your blog, I remembered one thing. One of the very first viruses was on a Mac! Even Linux systems require AV.

I have a couple of Mac friends, and you're right, neither have anything, not even a firewall!!!!!

I'm surprised at the lack of security on smartphones, viruses and hush-texts can cause damage as well as general hacks.

So the iPhone is in danger, just like every other smartphone. I'm surprised no one took the challenge of being the first to specifically virus an iPhone. Just for the so-called fame of it.

I read with interest your quote on Rory Cellan-Jones' blog...

"It's no longer just black polo-neck wearing, cappuccino drinking, beardy zealots," [using the Mac platform].

A few things you should know about me:

(1) I've been using Macs since an SE30 in 1989 (and Apples since a II in 1984). I was chief technologist for my own boutique video and multimedia company back in the 90s, when things were technically difficult and success required skill and panache.

(2) I currently use Intego VirusBarrier X5, having tried pretty much every security product available in the the history of the platform. I find Intego to be a vastly superior product to anything else I've used, including anything you shill.

(3) I occasionally wear a black poloneck, but usually only when climbing the kind of gritstone edges, icefalls or serac boulders that would, in all probability, literally scare the c**p out of you.

(4) I gave up drinking coffee ten years ago.

(5) I do not have a beard, except occasionally and temporarily, when I come down from a long spell up the mountain.

So, on behalf of Mac aficionados everywhere: kindly f**k off.