Should I install a security suite on my Mac? - Susan
This is one of the most heated debates on the Interwebs: should folks that have a Mac install any type of security software?
In the past, the discussion was specifically about whether one should install 'anti-virus' software on their Mac, but today's attack vector is much more sophisticated than simple 'virus' code, so the real discussion should be about general security.
The term 'virus' is used by most non-technical folks when they mean any kind of malicious software (malware), but today we are being attacked by so many different malicious programs that actual virus code is pretty low on the threat list.
Let's start by discussing some of the common claims you'll hear on the Internet:
Macs don't get viruses
One of the first viruses every written (1982), was written for the Apple II and subsequent versions of Apple's Mac OS (especially 7) have had well chronicled bouts with lots of viruses. With the release of OS X, Apple made a dramatic shift in security that made most of the past exploits useless.
In technical terms, the statement is false because viruses written specifically to attack OS X as well as various 'proof of concept' viruses have been written over the years. If you expand the term 'virus' to mean malware, then many Trojans and browser exploits exist: (here's the top 20 fro Sophos - http://bit.ly/hTz1Y3 ).
Macs are safer than Windows computers
This statement is unequivocally indisputable! The relative dangers for Internet connected computers running Windows is exponentially higher than for those running Mac OS X.
The primary data that most folks point to for the reason is the market share:
Worldwide - Windows 90.81% vs Mac 5.03% (Netmarketshare.com) US - Windows 83.37% vs Mac 11.46% (Netmarketshare.com)
The thought being that criminals and 'hackers' will go where the masses (& money) are, but there are other forces in play that contribute.
Apple's decisions to leave old exploitable OS code out of OS X essentially required malicious software authors that were targeting Macs to start from scratch. This combined with the inherent security built into OS X made it much harder to write code that could exploit and propagate malicious code amongst this smaller number of computers.
In addition, much of today's sophisticated malware is written in foreign countries (Eastern Block and Asian primarily) where pirated software is rampant. Since most malware authors are running cheap pirated Windows-based computers, it's another statistical contributor.
It's no longer about the OS!
But the folks writing malware want you to keep focusing on the Windows vs Mac discussion because they have already moved on to attacking everyone, no matter what operating system they use.
Today's exploits rely on exploiting the weakest part of any computer system: the user!
Social engineering tactics combined with exploits of unpatched browsers are leading the charge for today's sophisticated Internet-based attacks and making the OS that you're running irrelevant.
'Drive-by downloads' (slipping malicious code into your computer when you visit a malicious website) can be performed on virtually any browser (Internet Explorer, Firefox, Safari, Chrome, Opera, etc.) regardless of operating system if they are left unpatched.
So to get to your question: should you install security software on your Mac.
I'm not a big fan of installing an anti-virus program that constantly runs on Macs as it will have an impact on the performance (just like on Windows systems), but having a tool (like the free ClamXav - http://clamxav.com ) that you can manually run on occasion is a pretty good idea.
The current risk/reward to installing an active AV program on Macs is not worth it (IMHO) at the moment, but that's likely to change over time (stay tuned).
The real threats are your browser, Internet utilities and your behaviors on the Internet. If you or any member of your family engage in risky behavior (file sharing, cracked software, game cheats, adult sites, etc.) don't count on a "security suite" to save you.
Make sure to keep your browser, Adobe Flash/Reader, Quicktime and Mac OS updated with the latest security patches and consider using some of the free tools we have listed for protecting yourself against 'drive-by downloads' at http://bit.ly/fKfM0C .
Ken Colburn is president of Data Doctors Computer Services.